Giter Site home page Giter Site logo

vaginessa / frost.crackpin Goto Github PK

View Code? Open in Web Editor NEW

This project forked from aksalj/frost.crackpin

0.0 2.0 0.0 531 KB

CrackPIN: ARM binary to break Android FDE 4-digit PINs

Home Page: http://www1.cs.fau.de/frost

License: BSD 2-Clause "Simplified" License

Makefile 1.90% C 98.10%

frost.crackpin's Introduction

CrackPIN

##ARM binary to break Android FDE 4-digit PINs

PINs are still the most frequent screen lock in use today. Since long PINs are too inconvient for most people, people commonly use short PINs of only 4 digits. That is concerning, because in Android the screen lock PIN necessarily equals the PIN that is used for disk encryption.

In 2012, Cannon et al. presented details about Android's encryption system and gave instructions on how to break it with bruteforce attacks against the PIN. They published their findings in form of a Python script that breaks Android encryption on an x86 PC after the userdata and metadata (crypto footer) partition have been retrieved. See script.

Basically, we re-implemented the Python script in C and cross-compiled it for ARM so that we can perform bruteforce attacks directly on the phone without the need to download the user partition first. To this end, we make use of the PolarSSL library for Android, an open source library similar to OpenSSL but more light-weight and easier to integrate.

We statically link our PIN cracking program with the PolarSSL library as Android does not support dynamic linking out-of-the-box.

  • Setup your cross-compiling environment and configure the Makefile, i.e., change ${NDK} to an appropriate path.

  • Get PolarSSL library:

  • Get the source from http://polarssl.org. Enable PBKDF2_C in include/polarssl/config.h (disabled by default).

  • Cross-compile it manually for Android/ARM; Alternatively, simply use the pre-compiled libpolarssl.a, that is shipped with this package.

  • Run make. The crackpin binary should appear in the bin directory.

  • Boot your scrambled telephone into a rooted recovery image with ADB support, e.g., into clockwordmod recovery. Then upload crackpin:

    adb push crackpin /etc/

  • Run crackpin (this may take a while):

    adb shell /etc/crackpin

  • On success you see something like:

      > adb shell /etc/crackpin
  	 
  magic number: D0B5B1C4
  major version: 1
  minor version: 0
  footer size: 104
  flags: 0
  key size: 16
  failed decrypts: 0
  
  encdek: 8789f6d998899713a4fb755ff29922d7
  salt: 54f422d3ce6e1f2bc2828963d59e0f1e
  
  ...trying 0000
  ...trying 0100
  ...trying 0200
  ...trying 0300
  ...trying 0400
  ...trying 0500
  ...trying 0600
  ...trying 0700
  ...trying 0800
  ...trying 0900
  ...trying 1000
  ...trying 1100
  ...trying 1200
  ...trying 1300
  ...trying 1400
  ...trying 1500
  ...trying 1600
  ...trying 1700
  ...trying 1800
  ...trying 1900
  ...trying 2000
  ...trying 2100
  ...trying 2200
  ...trying 2300
  
  KEK: bc0eca8b4f30edd0bf0892637b94affb
  IV:  ecfcfbe7a3c0c87c5e9e4a56891a680c
  DEK: 490af890f7d9d3b29155e80a786a509b
  
  	    PIN: 2323

##Contact:

Tilo Müller ([email protected])

http://www1.cs.fau.de/frost

frost.crackpin's People

Contributors

aksalj avatar eod avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.