11-01-2016, 06:27 PM
hi everyone,
i will try to make it short,
couple of years ago, it was possible to unhash(crack the hash) the pattern(gesture),pin code,password of >= android devices (up to 5.1), following this post https://hashcat.net/forum/thread-2202.html
when Android Marshmelo came out they changed the way on how the password are stored
after looking up online i came across this post https://nelenkov.blogspot.co.il/2015/06/...oid-m.html which explain pretty much everything
he provided half python script which i reproduce > m-pass-hash.py http://pastebin.com/G3Fq68H4
i tried to reproduce what he did to understand how it work with out success, i put the same pattern
* * * > * * * 1 2 3
* * * * * * 4 5 6
* * * * * * > 7 8 9
should be Z from left to right (1235789), i attached the gatekeeper.pattern.key to this post if some one want to have a look at it, the hex of the file iswhen reproducing with the python script the signature that i got was fc56c929801ec5fda681d75e81fe56594158ae547d8ce6aad019664e5ad99513 (which is a part of the hex of the file)
i would like to know how its possible to get the hash out of it to start cracking it,
the file were located in /data/system/gatekeeper.pattern.key (its a Samsung galaxy 7 edge)
i know that the salt is inside locksettings.db , value is -8111172969313216963 after converting its 8F6F5328C455D63D lower case 8f6f5328c455d63d
(just to mention, the attachment didnt work with .key in the end so i changed it to txt, feel free to remove the .txt after downloading it.)
u can download the python scrypt module from here https://pypi.python.org/pypi/scrypt/
UPDATE 1, i decide to also add gatekeeper.password.key (remove the .txt from the attachment)
the salt is the same, the gatekeeper.password.key is the pin code , the password of it is 1234
i will try to make it short,
couple of years ago, it was possible to unhash(crack the hash) the pattern(gesture),pin code,password of >= android devices (up to 5.1), following this post https://hashcat.net/forum/thread-2202.html
when Android Marshmelo came out they changed the way on how the password are stored
after looking up online i came across this post https://nelenkov.blogspot.co.il/2015/06/...oid-m.html which explain pretty much everything
he provided half python script which i reproduce > m-pass-hash.py http://pastebin.com/G3Fq68H4
i tried to reproduce what he did to understand how it work with out success, i put the same pattern
* * * > * * * 1 2 3
* * * * * * 4 5 6
* * * * * * > 7 8 9
should be Z from left to right (1235789), i attached the gatekeeper.pattern.key to this post if some one want to have a look at it, the hex of the file is
Code:
02 22 F2 14 12 FF E8 BA 5A 00 00 00 00 00 00 00 00 B4 A3 6D B1 AC D2 43 FA FC 56 C9 29 80 1E C5 FD A6 81 D7 5E 81 FE 56 59 41 58 AE 54 7D 8C E6 AA D0 19 66 4E 5A D9 95 13 01
i would like to know how its possible to get the hash out of it to start cracking it,
the file were located in /data/system/gatekeeper.pattern.key (its a Samsung galaxy 7 edge)
i know that the salt is inside locksettings.db , value is -8111172969313216963 after converting its 8F6F5328C455D63D lower case 8f6f5328c455d63d
(just to mention, the attachment didnt work with .key in the end so i changed it to txt, feel free to remove the .txt after downloading it.)
u can download the python scrypt module from here https://pypi.python.org/pypi/scrypt/
UPDATE 1, i decide to also add gatekeeper.password.key (remove the .txt from the attachment)
the salt is the same, the gatekeeper.password.key is the pin code , the password of it is 1234