Breaking Samsung Android Passwords/PIN
Hi. I have a problem decoding my phone's pin.

The pin is: 4870
My device is LG G2 (D802) and Android version is Stock 5.0.2.

As being said in the topic:
Location of password.key is: /data/system/password.key
The file contained this hash: 7baad69b719fe341bfb23b500abd1bf6730702453556ba277abc4b98422e97b18b3f34b1

Location of SQLite database containing Hash salt is: data/system/locksettings.db -> locksettings/lockscreen.password_salt
The salt was: -1615050273476347751

So, using first 40 bytes of hash (the sha1 part): 7baad69b719fe341bfb23b500abd1bf673070245

and Hexing the signed salt integer gives me: e99630554b0b7899

so hashConfusedalt is: 7baad69b719fe341bfb23b500abd1bf673070245:e99630554b0b7899

I saved above in a text file called "sha1-salt.txt".

Also /data/system/device_policies.xml indicated:
<active-password quality="196608" length="4" uppercase="0" lowercase="0" letters="0" numeric="4" symbols="0" nonletter="4" />

Using Hashcat Win v0.49, i executed:
hashcat-cli64.exe -a 3 -m 5800 sha1-salt.txt ?d?d?d?d

and it couldnt decrypt it.

Am I doing anything wrong?

Messages In This Thread
RE: Breaking Samsung Android Passwords/PIN - by euphoria360 - 05-25-2015, 03:30 PM