Jump to content


Photo

[Payload] Android Brute Force 4-digit pin


  • Please log in to reply
32 replies to this topic

#21 DrDinosaur

DrDinosaur

    Hak5 Zombie

  • Active Members
  • PipPipPipPipPip
  • 140 posts
  • Gender:Male
  • Location:Honolulu, Hawaii

Posted 26 December 2012 - 10:22 PM

Will it continue to go deep into the brute forcing even with a different pin lock screen? For example the Galaxy S3 might have a different login screen for PINs than the Nexus because of touchwiz. Does that affect the payload at all? Would it press the wrong numbers or keys because of a different key layout?

Rawr. 


#22 Xcellerator

Xcellerator

    Hak5 Zombie

  • Active Members
  • PipPipPipPipPip
  • 208 posts
  • Gender:Male

Posted 27 December 2012 - 08:09 AM

It's not based on the layout of the interface. The payload is based on the manual entry of the pass code by the keyboard, ie literally pressing 1-2-3-4. As long as the new models support USB keyboard by default, then I can't see any reason why it wouldn't work.

#23 JDale

JDale

    Hackling

  • Active Members
  • Pip
  • 10 posts
  • Gender:Male

Posted 28 December 2012 - 02:52 PM

Hi All,
I have a Motorla ME863 cell phone and after a few xmas drinks was a pratt and changed my 4 digit number pass code ....and yup you guessed it ...promptly forgot the damm thing.

Is there anyone in the UK southeast / Berks/Bucks/ London area that can help me fix without having to do a factory reset ?

Many thanks in advance for all and any help

Rgds

JD

#24 JDale

JDale

    Hackling

  • Active Members
  • Pip
  • 10 posts
  • Gender:Male

Posted 28 December 2012 - 03:03 PM

Just to add, it is the Chinese version (purchased august 2012) and not the usa version so the gmail backdoor does not work, as china blocks gmail, facebook etc

#25 Xcellerator

Xcellerator

    Hak5 Zombie

  • Active Members
  • PipPipPipPipPip
  • 208 posts
  • Gender:Male

Posted 29 December 2012 - 11:56 AM

If it has USB keyboard support, get yourself a ducky or a Teensy board, and brute-force it. If it doesn't support USB keyboard, then you're kinda stuck. (As far as I know, anyway...)

#26 Bountyhunter50

Bountyhunter50

    Hak5 Zombie

  • Active Members
  • PipPipPipPipPip
  • 151 posts
  • Gender:Male
  • Location:The Desert
  • Interests:Pentesting, Wifi and System wide.

Posted 09 January 2013 - 08:48 AM

I saw Darren's bash code, (I'm not gonna lie I was intimidated) but after running it, COOL!!! Now I Just need to find a willing test subject (Locked in for 2 yrs on my iPhone :unsure: )


Bitmessage

 

BM-2cXhfdYS4g8drmvXnqy3hMbyNgyjhqm2Nf

 

or

 

BM-2cWFvftq9nfMP3vXu9cNzYbyPZCNxWUbis


#27 Martinus101

Martinus101

    Newbie

  • Active Members
  • 3 posts

Posted 26 January 2013 - 01:44 PM

Love the shows!

Question: Is this the only way to do this? I would think to connect the phone to a normal computer and run the needed scripts from there will do the same?

Question: What kind of software OS is running on the chip?



#28 midnitesnake

midnitesnake

    Hak5 Ninja

  • Ducky Moderators
  • PipPipPipPipPipPipPip
  • 814 posts
  • Gender:Male
  • Location:Earth
  • Interests:Ducky, Pineapple

Posted 26 January 2013 - 02:05 PM

Q1: No see above.

Q2: The chip is a micro-controller, not an actual full-blown OS, its pre-programmed with a set of instructions triggered/executed by a series of interrupts.


DuckyDecode: http://code.google.c.../ducky-decode/

Ducky Definitive Guide: http://goo.gl/XGIw1k


#29 beka

beka

    Newbie

  • Members
  • 1 posts

Posted 30 January 2013 - 03:28 AM

Just playing around with the Android 4 digit pin code and a Samsung Galaxy S2.

I noticed the S2 (maybe it depends on the version) didn't respond to the ENTER key on a external keyboard while in "standbye" mode. It will respond to the ESC key so if you have this problem change the DELAY 5000\nENTER to DELAY 5000\nESC.

If you want to playaround with the rubber ducky script, first give it a try with an external keyboard. Maybe your timeout settings are different so you need to change the delay settings.



#30 ed_ed

ed_ed

    Newbie

  • Members
  • 1 posts

Posted 13 February 2013 - 07:18 AM

This could work incredibly well when "Quick unlock" is enabled in Android's security settings, anyone tried it out yet?



#31 JDale

JDale

    Hackling

  • Active Members
  • Pip
  • 10 posts
  • Gender:Male

Posted 13 February 2013 - 11:16 AM

Been trying to the Ducky with paylaod script to brute force 4 digit phone lock, it times out after 3,000 attempts of 10,000 ???

Any thoughts as to why it stops at 3,000 when the script is for 10,000

Thanks in advance



#32 ersoncokaj

ersoncokaj

    Newbie

  • Active Members
  • 5 posts

Posted 02 November 2013 - 06:35 AM

Can someone please tell me how to insert the payloads in the USB Rubber Ducky and does anyone have the payload for EFI PIN's (4 digits)



#33 Hak 5 ish

Hak 5 ish

    Newbie

  • Members
  • 1 posts

Posted 22 April 2014 - 11:47 PM

Can someone please tell me how to insert the payloads in the USB Rubber Ducky and does anyone have the payload for EFI PIN's (4 digits)

 im looking for the same. I have the code for Teensy 3. but i cant seem to get the payload to work correctly on the rubber duck. 

 

 

These links list the codes used for the teensy 3 For EFI brute forcing and icould pin brute forcing.. Can someone PLEASE take a look at it and see if it need to be edited to work on the rubber ducky

http://orvtech.com/e...ook-pro/#UPDATE

http://orvtech.com/e...uta-pin-icloud/






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users