(04-04-2013, 12:22 PM)gat3way Wrote: Hm, how do you practically extract that? I am trying to extract it from Samsung Galaxy S3. Of course /data/data and /data/system are not readable by the adb user and it would require to root the phone. But then we have one problem: even if USB debugging is enabled, you can't connect to the phone while locked to upload the new image. Another problem is that you might be required to unlock the bootloader (haven't done that so not 100% sure) which according to what I read will erase user data including the hashes.
Please correct me if I am wrong.
It is possible to root without unlocking boot loader therefore you won't lose any data, works on unpatched samsung devices see the Exynos Kernel Exploit linked below
http://forum.xda-developers.com/showthre...?t=2050297
another method
http://forum.xda-developers.com/showthre...?t=1894717
You could possibly craft an APK which obviously will require root privileges allowing you to grab the data. Won't exactly be 'undetected' if the user already has a rooted phone, if the phone can be exploited then you could probably make it undetectable.