LATEST NEWS

Bypassing Android PIN / Pattern lockscreen using adb

img
Jul
28

Hey guys, just wanted to share how I would bypass the android lockscreen on rooted devices that have usb debugging enabled.

It has always been a security issue for rooted devices, which mostly are on custom roms and there are hardly any control for us to be aware of this.

If you’re looking for non-rooted device bypass, you might search for bugs such as the Skype Lockscreen bypass or Viber lockscreen bypass. (Tango was hacked, followed by Viber, which was also hacked a few days ago, and led to data theft )

If you have added a phone number to your Google account, it is also possible to hack your account using gmail and a locked android device. (i might cover this later since it is a different kind of security issue).

This is a normal lockscreen on most android devices.

Lockscreen

Install android sdk on your PC, and set up your phone drivers and download platform-tools to get adb

So basically,

1) connect your phone to your PC

2) Open cmd where adb is installed, normally C:/Program Files/Android/SDK/platform-tools/.

3) type adb shell , followed by  su  to get root permission

4) type rm /data/system/gesture.key  for pattern lock or rm /data/system/password.key  for PIN.

adb

5) type reboot if the lockscreen doesn’t change to slide. (My Nexus 4 instantly changed to slide after the files have been deleted.)

Your device will reboot and the slide screen will show instead of the PIN Screen. If you are using gesture, just slide in whatever combination, it will unlock the phone.

Note: This can also be achieved using a file manager, booted under recovery mode, provided you are using TWRP or ClockworkMod Recovery.

 

Well now, how do we avoid this kind of bypass?

I’m not sure about other mods but I’m using CM Mod for my nexus 4. They actually have some sense in security for modded roms. The official kernel released by google doesn’t restrict how root access is being handled. In CM Mod, you have the option to limit this permission, and you can actually set a password to allow root access.

Root Access  Superuser PIN

 

check out this link for more information. (http://www.cyanogenmod.org/blog/security-and-you)