Hello folks,
idk if anyone of you guys had a hard time with the same annoying 'feature' on ics roms which forces you to set a PIN/password/pattern lock when you try to install enterprise certificates into your credential storage.
As for myself I need some of these certs to log into the WLAN at my university (which is 802.1x protected). But I don't feel the need of locking my phone.
So I exploited this to go around setting a password for the secure lock screen.
-------------------------------------------------------------------------------
Prerequisites are a rooted phone, a root file browser or adb tools and apparently your certificates.
I tested this on AOKP build 38 and 39 on a rooted HTC Sensation XE and will check this on two other devices the upcoming week.
UPDATE: seems to work even easier, I made the changes inline since the previous workaround did not work in every case.
Step 1:
Download the certificates to your SD card and/or install directly via browser/email etc. Do as you are asked and set up a PIN/password/pattern lock. Remember it
Step 2:
now with your root file browser go to /data/misc/ and recursively copy the folders keychain and keystore to a save place.
These are the folders containing the certificate files.
(See [System settings > security > Trusted credentials] for installed certificates)
With adb tools you can for example do this:
Code:
adb shell
su
cp -R /data/misc/keychain /sdcard/certificates/
cp -R /data/misc/keystore /sdcard/certificates/
Step 3:
Go to [System settings > security] and click [Clear credentials] at the bottom of the menu. Now your previously installed certs are wiped and you are free to set the lock method to [none], [slide] or [face lock] again.
Step 4:
Finally fire up your root file browser again, set /system as read/write and copy the in Step 2 backed up directories back to /data/misc/. They are now installed as the before but since CertInstaller.apk does not get involved, noone forces you to lock your phone.
in adb shell:
Code:
cp -R /sdcard/certificates/* /data/misc/
Now you should be able to find your newly added certificates in the System list under [System Settings > Security > Trusted credentials] in the [User] tab and thus be able to log into your desired WLAN.
I hope this helps some people out there. When I get deeper into developing maybe I will find a 'cleaner' method for this.
have a good night,
.eXa
Thank you for sharing! I have been really looking for this kind of hack.
Sadly I can't use it as my certificate has a different structure: it seems to install 3 files in /data/misc/keystore/
The files are 1000_USRCERT_Polimi ; 1000_USRCERT_Polimi and .masterkey
I tried copying these files to the new directory and even changing the file extension but it did not work.
I don't know if this issue is rom or certificate related.. anyway I am using a stock rom on samsung galaxy s3.. perhaps samsung manages differently certificates..
Have you any clue on this? Thank you!
hey, thanks for the reply.
alright, I figured something new, maybe try the updated version of the tutorial and pls tell me if that works for you.
greetings
.eXa said:
hey, thanks for the reply.
alright, I figured something new, maybe try the updated version of the tutorial and pls tell me if that works for you.
greetings
Click to expand...
Click to collapse
You were fast! and I think you made it: I can now select the certificate in the wifi options dialog (so it's correctly installed).. but I can't test the access to the network until monday.. Anyway I am convinced that it made the trick and it was really simple, I must say.
Thank you so much , this will be useful to many people!
Your trick helped me only partially. It allowed me to install the certificates just fine. But as soon as I try to connect to any 802.1x protected Wi-Fi network, the phone bugs me again with setting the screen lock. So I need a workaround for accessing the key storage.
I tried it and sadly it does not work: it asks me a password to activate the credential storage.. only problem is that I never set a password for it so I can't insert it and use the certificate. Too bad but I think it depends on the certificate.. anyway thank you very much for the help provided!
so, back from vacation.
@grgur: in your setup it is the 802.1x wlan that forces you by corporate policy to lock your phone. i am still trying to figure this out, i will try and search the system where stored wlan access points are stored. update will come as i find a solution to this.
@grievous: which version of android are you on? try clearing your credential storage first, then set up the password and then add the certificates. after that proceed with my tutorial.
since i am in the middle of learning for my exams i have really no time to go on with my android studies... it seems like in the long haul someone has to "fix" the app that handles phone lock and device policies. i know who the bad boy is but i am lacking time right now, so hopefully i get this done by the end of august.
i'll keep you up to date with my progress.
greetings
Is there a one-click fix for this yet? Bloody annoying...
Working great on stock rooted JellyBean nexus 7. Muchos grazis!
As soon as i go back to university (politecnico di milano) i will use your suggestion! Has anyone already tried with polimi wifi network?
.eXa said:
@grievous: which version of android are you on? try clearing your credential storage first, then set up the password and then add the certificates. after that proceed with my tutorial.
Click to expand...
Click to collapse
pippodream said:
As soon as i go back to university (politecnico di milano) i will use your suggestion! Has anyone already tried with polimi wifi network?
Click to expand...
Click to collapse
I was using a samsung stock rom 4.0.4 and the tutorial worked but when trying to connect again it asked me for a credential pwd (that I never set). Now I'm on CM10 so there should be no problem. As soon as I get to Polimi I'll try
doesn't work for me (SGS2 AOKP JB)
Hi!
I've tried to apply this solution to my device (SGS2 AOKP JB), but after clearing the credentials and copying back the keystores/keychains the user credentials cannot be found (Trusted credentials > User is empty).
Could anyone please help me with this one?
Thank you in advance.
zsszabolcs said:
Hi!
I've tried to apply this solution to my device (SGS2 AOKP JB), but after clearing the credentials and copying back the keystores/keychains the user credentials cannot be found (Trusted credentials > User is empty).
Could anyone please help me with this one?
Thank you in advance.
Click to expand...
Click to collapse
I have the same problem. And unfortunately I didn't find solution for that.
Wysłane z Android 4.1.2 za pomocą Tapatalk 2
In fact i was really searching for this i will try this tomorrow !
Sadly exchange with client certificate refuses to work after trying this hack It says that it can't found the cert it needs..
I have found the permanent solution !!!
I hope this will solve everyone's problem here.
These are the steps I have done after installing Eduroam certificates from my university:
1. Obviously I have installed CA
2. I had to choose which lock screen style will I use (I only could have choose between pattern, PIN, and password), it doesn't matter which lock screen style you choose between those three.(FYI I have chosen pattern)
3. After that I have failed to swipe my lock pattern correctly 15 times
4. The "Unlock with your Google account / unlock with your PIN/password" screen appeared.
5. Choose the "Unlock with your Google account" and type in your username and password
6. After that the "Choose your lock style" screen appears. DO NOT CHOOSE ANY OF THEM, since swipe still can't be chosen
7. Just press back to exit this menu.
8. Lock your screen and unlock it ---> You have swipe unlock enabled along with the CA certificates !!!
bubr3g said:
I have found the permanent solution !!!
I hope this will solve everyone's problem here.
These are the steps I have done after installing Eduroam certificates from my university:
1. Obviously I have installed CA
2. I had to choose which lock screen style will I use (I only could have choose between pattern, PIN, and password), it doesn't matter which lock screen style you choose between those three.(FYI I have chosen pattern)
3. After that I have failed to swipe my lock pattern correctly 15 times
4. The "Unlock with your Google account / unlock with your PIN/password" screen appeared.
5. Choose the "Unlock with your Google account" and type in your username and password
6. After that the "Choose your lock style" screen appears. DO NOT CHOOSE ANY OF THEM, since swipe still can't be chosen
7. Just press back to exit this menu.
8. Lock your screen and unlock it ---> You have swipe unlock enabled along with the CA certificates !!!
Click to expand...
Click to collapse
It won't work for me. After 10 failures it says that I have to wait 30 seconds for another try. I have Samsung Galaxy SII with Omega v21 (based on Samsung-stock Android 4.2.1).
TrojanPL said:
I have the same problem. And unfortunately I didn't find solution for that.
Wysłane z Android 4.1.2 za pomocą Tapatalk 2
Click to expand...
Click to collapse
Same thing here. Although files are backup up, there is no certificate showing up on the list. It would be great if someone found a solution, this lock is driving me nuts.
Hi, this seems almost too easy, and it's more of a workaround than a solution, but it works:
Try to login to your network
Accept the request to set up the mandatory screen lock and set one up (any kind)
Connect to your network
Go into Android settings/Security and change the screen lock type to None
Your network credentials are now saved and there is no longer a screen lock.
astarothcy said:
Hi, this seems almost too easy, and it's more of a workaround than a solution, but it works:
Try to login to your network
Accept the request to set up the mandatory screen lock and set one up (any kind)
Connect to your network
Go into Android settings/Security and change the screen lock type to None
Your network credentials are now saved and there is no longer a screen lock.
Click to expand...
Click to collapse
The last time I tried this with my CyanogenMod install, removing a pattern/password/pin was not possible because of the certificates. Only after removing the certificates, the screen-lock-type could be changed to a non-pattern/pin/password type.
Related
Hi,
Android 4 / ICS has a good security feature: full device encryption. But it's implementation has a big usability problem: you have to use the same password for device encryption as on the lockscreen. Meaning you have to enter the complicated encryption password every time you want to access your phone
Chosing an easy password would make encryption worthless and Android limits the lowest complexity allowed for encryption.
Technically these passwords are two completely separate things. It's just the Android UI that mingles this. So it's time to hack and separate what should be separate!
Here is how to do it, rooted phone needed:
Make a backup
Enable USB debugging that you have a backdoor if something goes wrong
Install the prerequisites: SL4A including Python4Android
Switch your SuperSU or superuser to grant su by default. You will have to accept lots of commands otherwise, and I had problems with the dialog of my SuperSU doing this
Install my pin_change.py program in the sl4a/scripts directory on your phone, it is attached to this post. Maybe you have to rename the extension to .py (had to rename it due to forum restrictions)
Start pin_change.py through SL4A
It will make a backup of your current password and allow you to set a new numeric pin
Reboot your phone, the lockscreen caches the old settings otherwise
Disable USB debugging and switch your superuser settings back
That's it, you can now use an easy pin on your lockscreen.
Maybe you are missing the sqlite3 command. pin_change.py will check for it and notify you if it is not there. The easiest way to get it is the "Sqlite installer for root" app on the market.
pin_change.py allows to restore the backup or to set a new pin. You should restore the backuped password before you change your encryption password through the Android GUI.
I tested this on a Samsung Galaxy SII and a HTC Sensation, both EU models running a 4.0.3 from the manufacturer. I just rooted them, no custom roms.
The only thing I could find was that the vpn account data is encrypted too and you now can't enter the password anymore. So you have to redo you vpn setup, no big deal.
Just to make it clear: this allows you to use a numeric pin for unlocking where e.g. the Samsung Galaxy S2 requires a alphanumeric password. This tool does not (yet?) allow to use a pattern to unlock.
You do this on your own risk, no warranty, this script may brick your phone, drink all your beer or eat little children. So be careful.
When you use a numeric pin on your lockscreen, someone could use fingerprint locations to guess your pin code. So you should make sure that noone can make enough tries till he finds the correct pin.
Here is how to limit the number of failed pins:
Install Tasker
Install Secure Settings
Open Tasker and Create a new Profile
Context based on state - Plugin - Secure Settings
You can configure it to the desired number of failed login attemts
New Task - Misc - Reboot - Shutdown
I have set the failed login attempts to two. After that the phone instantly switches off. When switching it on again, everything is encrypted and you have to enter the long and complex encryption password. Voila, we are secure!
While I'm at it - one more hint about device encryption:
When I first tried to encrypt my Samsung Galaxy S2, it started and showed a green robot. After about a minute it rebooted and that was it - no encryption.
I activated adb logcat to see what was going on. Lots of other stuff and finally this:
Code:
E/Cryptfs ( 73): unmounting /data failed
E/Cryptfs ( 73): Error enabling encryption after framework is shutdown, no data changed, restarting system
I thought a bit about it and had the idea that maybe the external sdcard is still mounted and that mountpoint creates this problem. I was right - removing the external sd solved it.
robberknight said:
Hi,
Android 4 / ICS has a good security feature: full device encryption. But it's implementation has a big usability problem: you have to use the same password for device encryption as on the lockscreen. Meaning you have to enter the complicated encryption password every time you want to access your phone
Chosing an easy password would make encryption worthless and Android limits the lowest complexity allowed for encryption.
Technically these passwords are two completely separate things. It's just the Android UI that mingles this. So it's time to hack and separate what should be separate!
Here is how to do it, rooted phone needed:
Make a backup
Enable USB debugging that you have a backdoor if something goes wrong
Install the prerequisites: SL4A including Python4Android (Sorry, I was not allowed to link it, not enough rights in the forum - so search for it)
Switch your SuperSU or superuser to grant su by default. You will have to accept lots of commands otherwise, and I had problems with the dialog of my SuperSU doing this
Install my pin_change.py program in the sl4a/scripts directory on your phone, it is attached to this post. Maybe you have to rename the extension to .py (had to rename it due to forum restrictions)
Start pin_change.py through SL4A
It will make a backup of your current password and allow you to set a new numeric pin
Reboot your phone, the lockscreen caches the old settings otherwise
Disable USB debugging and switch your superuser settings back
That's it, you can now use an easy pin on your lockscreen.
Maybe you are missing the sqlite3 command. pin_change.py will check for it and notify you if it is not there. The easiest way to get it is the "Sqlite installer for root" app on the market.
pin_change.py allows to restore the backup or to set a new pin. You should restore the backuped password before you change your encryption password through the Android GUI.
I tested this on a Samsung Galaxy SII and a HTC Sensation, both EU models running a 4.0.3 from the manufacturer. I just rooted them, no custom roms.
The only thing I could find was that the vpn account data is encrypted too and you now can't enter the password anymore. So you have to redo you vpn setup, no big deal.
Just to make it clear: this allows you to use a numeric pin for unlocking where e.g. the Samsung Galaxy S2 requires a alphanumeric password. This tool does not (yet?) allow to use a pattern to unlock.
You do this on your own risk, no warranty, this script may brick your phone, drink all your beer or eat little children. So be careful.
Click to expand...
Click to collapse
I need a little noob help here, using Samsung Galaxy SII on ICS 4.0.3. I don't have much experience with Python, only installed it to make this script work.
Running pin_change.py I get the "sqlite3 command not found" error. Now I guess I have to install the thirdparty.tar.gz from the Python for Android (Google Code) website, but I have no idea what to do with the downloaded file. Could you please help?
szakeetm said:
Running pin_change.py I get the "sqlite3 command not found" error. Now I guess I have to install the thirdparty.tar.gz from the Python for Android (Google Code) website, but I have no idea what to do with the downloaded file. Could you please help?
Click to expand...
Click to collapse
Just do as I wrote, you don't need no thirdparty.tgz:
robberknight said:
Maybe you are missing the sqlite3 command. pin_change.py will check for it and notify you if it is not there. The easiest way to get it is the "Sqlite installer for root" app on the market.
Click to expand...
Click to collapse
Yes, the problem is the missing sqlite. I will do as you told once I re-encrypted my phone. Will keep you posted once I have the results.
It worked! Installing sqlite fixed the problem. Thank you!
Hi robberknight,
Thanks for this very interesting work. Will this work on Honeycomb as well, or just ICS?
I don't have a Honeycomb device to test so I don't know.
You can just try it though. The script tests the password before changing anything. The test will fail if encoding is done different on Honeycomb. And the script also creates a backup before overwriting anything.
I consider the chance that the script breaks anything quite low. But it can very well be that the script aborts with an error because something is done different on Honeycomb.
sqlite3 binary
Some hints:
I failed to install "Sqlite installer for root".
So I grabbed sqlite3 from SuperOneClickv2.3.3-ShortFuse.zip.
Somehow it won't start within the python script. It throws "cannot locate register_android_functions" in def sqliteFound(self) which ends up with the error "sqlite3 command not found". Executing sqlite3 -version in the shell caused no problem.
I managed to get sqlite3 working by installing again from "Sqlite installer for root" after proper remount of /system in read-write mode
"mount -o remount,rw /dev/block/mmcblk0p15 /system"
The PIN-Lock works now!
Using S3 with DarkyROM III v2.0 (Android 4.0.4)
xdascrat said:
I managed to get sqlite3 working by installing again from "Sqlite installer for root" after proper remount of /system in read-write mode
"mount -o remount,rw /dev/block/mmcblk0p15 /system"
Click to expand...
Click to collapse
Thanks for reporting this. Seems they either changed it in 4.0.4 or just Samsung on the S3.
xdascrat said:
The PIN-Lock works now!
Click to expand...
Click to collapse
That's nice to hear, seems like the encryption & pin stuff didn't change.
i am getting can not read salt when executing. ideas ?
---------- Post added at 03:11 PM ---------- Previous post was at 03:04 PM ----------
using jelly bean by the way
salatiel said:
i am getting can not read salt when executing. ideas ?
---------- Post added at 03:11 PM ---------- Previous post was at 03:04 PM ----------
using jelly bean by the way
Click to expand...
Click to collapse
I'm not in JB, but when I got a "can't read salt" error recently, I got through it by changing SU back to "prompt" and then clicking through the prompts. I have no idea if this might work for you though.
Thank you for sharing this information. This is exactly what I was looking for
I think it is logical to have a complex password for booting your encrypted android, but using a simple pin for unlocking your screen. Who wants to enter their complex password every time the lockscreen pops up?
Im running cyanogenmod 9 on SGS2 and I will report back here if it doesn't work somehow.
The easiest way to accomplish this is to set the password for the boot using vdc cryptfs changepw PASSWORD.
Sent from my Galaxy Nexus using xda app-developers app
---------- Post added at 04:07 PM ---------- Previous post was at 04:04 PM ----------
that will change the password for the encrypted volume while keeping you pin whatever you initially set up
Sent from my Galaxy Nexus using xda app-developers app
salatiel said:
The easiest way to accomplish this is to set the password for the boot using vdc cryptfs changepw PASSWORD.
that will change the password for the encrypted volume while keeping you pin whatever you initially set up
Sent from my Galaxy Nexus using xda app-developers app
Click to expand...
Click to collapse
can you please elaborte on this? I assume the steps would then be
1) encrypt android phone using normal GUI way from the settings
2) Change PIN to some easy to enter PIN for the lock screen
3) Use vdc cryptfs changepw PASSWORD to set a strong password for the authentication during boot?
Update: Yes, that is how it works. See http://blog.joelj.org/2012/08/02/st...setting-a-different-bootlock-screen-password/
Script method is better than "vdc cryptfs changepw" on Galaxy S2 Epic Touch
This script is the way to go for the Galaxy S2 Epic Touch for at least 2 reasons:
1) Using the "vdc cryptfs changepw" method doesn't seem to work. I tried Cryptfs Password and EncPassChanger both of which fail with the error that the current password is incorrect. My presumption is that the EpicTouch stores the password differently than a Nexus. (I tried to use it command-line as well, but I'm not really versed in that method so I'm not sure I was doing it correctly.)
2) The EpicTouch also requires an alpha-numeric password in order to encrypt. It will not accept a PIN. You must choose a password with at least 6 characters, including one alpha and one numeric. Again, this is different than the Nexus which appears to accept a simpler numeric PIN for encryption.
Thus, using the "vdc cryptfs changepw" method would not be optimal because you'd still be stuck with the alpha-numeric PIN that you used to initially encrypt the device. Thus, this script method that changes the GUI PIN is much better.
A hint for those who are trying this and have never used SLA4/Python (as I was):
1) Load SLA4
2) Menu-View-Interpreters
3) Menu-Add
4) Select Python 2.6.2 - the SLA4 app will go get Python and intall it with the correct linking
5) Exit SLA4, then start Python and select Install, and when finished, exit Python
6) Put the pin_change.py file in the SLA4 "scripts" directory
7) Start SLA4
After that, when SLA4 is run you should see the script in the pick list. Upon selection SLA4 will pop-up an icon select-list. Pick the gear, which will run the script.
Thanks to the original poster for sharing this.
This is awesome! Thanks goes to the OP!
I have one question though, Is there a way I can modify the python script to use the pattern instead of the pin ?
S3 with JB 4.1.1 - "can't read salt"
salatiel said:
i am getting can not read salt when executing. ideas ?
---------- Post added at 03:11 PM ---------- Previous post was at 03:04 PM ----------
using jelly bean by the way
Click to expand...
Click to collapse
Although this worked great on my Sprint S2, I've just upgraded to the S3, (running JB 4.1.1) and I'm getting stuck at "can't read salt". I did what I could and I looked through the script and confirmed the database is at the same location in the S2 and S3. However, although I can find the salt in the S2 database, it does not appear in the S3 database. Obviously, that's why it's getting the error. Unfortunately, I can't find any information as to where the salt in stored in JB. My thought was to make a small modification to the script and point it to the correct database.
This script made using encryption on the S2 very pleasant. Any assistance you can give in helping to get it working on JB/S3 would be greatly appreciated.
Thanks.
Awesome... but
Hey there!
Awesome little script that just works.
I am running on my Galaxy S3 here, feeling a lot more secure.
However, I just upgrades to Android 4.1.1 (Build JRO03C.I9300XXDLIH) and the script does change the password to a pin, leaving the encrpytion password intact, but it wont switch the device to pin input screen. I rather have the text box field, which is kinda annoying to use.
Would that be easily to fix for you?
Cheers,
and thanks for all the hard work,
much appreciated!
-Christian.
earlier today I found out my little sister knew my pattern so I changed it. But when I changing the pattern I didn't pay attention a lot and know I forgot the pattern.My data and WiFi are disabled.I can't sign in to my google account with the phone now.
My question: I can't sign in because data/wifi is off? If yes is there a way to turn on wifi or data without unlocking phone?
I'll be thankful if someone help me because I can't loose my apps and setting
I'm using Galaxy mini CM 7.2 official
Hi, you can go into recovery mode and make a data wipe, but you will loose all apps and configurations.
On CM10.2 is it possible to activate wifi or data from lock screen but i don't kow cm 7, sorry
ayadgalaxymini said:
earlier today I found out my little sister knew my pattern so I changed it. But when I changing the pattern I didn't pay attention a lot and know I forgot the pattern.My data and WiFi are disabled.I can't sign in to my google account with the phone now.
My question: I can't sign in because data/wifi is off? If yes is there a way to turn on wifi or data without unlocking phone?
I'll be thankful if someone help me because I can't loose my apps and setting
I'm using Galaxy mini CM 7.2 official
Click to expand...
Click to collapse
Right go into recovery mode and do a factory data reset like they said above might delete your internal memory but hey you get your phone back!
☆☆DeMeNtEd_ChAmP☆☆
I know I can do factroty reset but I'm looking for a way to unlock phone without loosing my data
ayadgalaxymini said:
I know I can do factroty reset but I'm looking for a way to unlock phone without loosing my data
Click to expand...
Click to collapse
if you have usb debugging enabled you can break it with adb by using adb shell commands
follow this guide in my blog http://www.blog-android.com/general/break-pattern-lock/ for more details and dont use that aroma method it is only for mediatek devices
you can try the other methods given there
ayadgalaxymini said:
earlier today I found out my little sister knew my pattern so I changed it. But when I changing the pattern I didn't pay attention a lot and know I forgot the pattern.My data and WiFi are disabled.I can't sign in to my google account with the phone now.
My question: I can't sign in because data/wifi is off? If yes is there a way to turn on wifi or data without unlocking phone?
I'll be thankful if someone help me because I can't loose my apps and setting
I'm using Galaxy mini CM 7.2 official
Click to expand...
Click to collapse
I don't know why you facing this! if I forget my password/pin my phone gives me a option to enter my gmail id and password and then directs me to change the password/pin! this occurs even If I remove my SIM card also!
anyway a probable solution for you - http://forum.xda-developers.com/showthread.php?t=2225695
I am just sharing my experience
I had locked gionee m2 without root and without debugging enabled I was able to disable lock with out wiping data
What I did was
1)flashed carliv touch recovery using special flash tool
Use PC to Flash*recovery.img*using sp-flash tools. (Please be aware of how to install required drivers etc..)
Select original scatter file of your version of ROM. If You are using stock ROM, Make sure that you have not altered the phone partitioning earlier.*
Be careful and Remember to select/tick only 'recovery' in the list. You can also check preloader if you like. and select ONly 'download' button. (NOT firmware upgrade!). Connect your switched off phone to your PC. Wait till your task is complete. Shows you a green circle.
2)backup of data was made using carliv touch recovery (ofcourse with locked phone data)just in case anything goes wrong.
At this moment carliv touch recovery was working but boot and power options were not functioning
3)now flashed rooting file this time by carliv touch recovery
4)carliv touch recovery has aroma file manager too. But I was not able to open lock by this method as
Aroma File Manager, Click on menu option and go to settings*
Select Mount All Partitions*
Now, exit from Aroma File Manager and reflash it.*
Now, you will see each partition is mounted
5. Now, go to /data/system
Note : If you have sd-ext mod to increase internal storage, go to /sd-ext/system/
6. Now, If you have to remove pattern lock, long press and delete gesture.key
If you want to remove password, delete password.key
7. Exit the Aroma File Manager
8. Reboot*
9. Enjoy*
Didn't enjoyed this method somehow I don't know but it didn't worked for me as this folders didn't showed above said files.
5)now I flashed pattern password disable. Zip file using carliv recovery
And on booting phone screen asking for google id and password was gone link http://forum.xda-developers.com/attachment.php?attachmentid=1900741&d=1366570627
This was my method to unlock pattern locked gionee m2 phone but this can help you out too
Sent from my HM NOTE 1LTE using Tapatalk
Hello All, Before you ask no the phone is not stolen. I'm a idiot but not a thief. So I wanted this phone for a while and I saw it at a pawn shop while in Oregon on vacation. So I purchased it sorta cheap with the original box cables books the works in mint condition. The phone did not come with the prior users information so I did a Hard Reset from the Boot menu and now it ask for the prior persons info which I obviously don't have. Called Bullitt who informed me that they can't fix it that it is an android issue and to contact google. Which I can't seem to find information for. So tried a few of the unlock methods for other phones on youtube to no avail. Can't return the phone so unless I somehow fix it I'm out $350 bucks. =/ Any help would be appreciated.
Phone Details:
Android Version 6.0.1
08/05/2016 Security Patch
Baseband 025.01
Kernel Version: 3.10.84-perf-gb111a7d
Build Number: LTE_D0201121.0_S60_0.025.01
Solution in post #7
Re: FRP bypass
Sorry to hear. Not too long ago in the past, you could hit google and bypass FRP in minutes on the first attempt. Now, FRP bypass how-to's have become a great ad pusher, and 95% of the info has been patched.
Save yourself multiple headaches, and put your research into learning how to flash a new rom. That info will be much more reliable, you'll get a much better Android version, and frp will be gone.
Hic_Svnt_Dracones said:
Sorry to hear. Not too long ago in the past, you could hit google and bypass FRP in minutes on the first attempt. Now, FRP bypass how-to's have become a great ad pusher, and 95% of the info has been patched.
Save yourself multiple headaches, and put your research into learning how to flash a new rom. That info will be much more reliable, you'll get a much better Android version, and frp will be gone.
Click to expand...
Click to collapse
Thanks for the reply, I actually did try to see if I could just unlock the boot loader and flash a new Nougat Rom to it since it's almost a vanilla version of Android OS but couldn't really find anything along the lines of posts that might break down how to go about unlocking the boot loader. =/
There was a guy here who showed how to overwrite GAM as a user app using DirtyCow. I can confirm it is possible to get a root shell with DirtyCow and replace files in memory on the S60. His FRP bypass looked like it would work for you. Look on youtube, it's about a 15 minute long video.
The version of DirtyCow that worked on my S60, partially, was found here in D1kiy's "Universal Debloater" package. I don't have a Windows machine so I just used those files manually through ADB to replace run-as. There's nothing made specifically for this phone, so you'll have to use your brain and cobble these methods together. Basically, where he goes into the shell and uses the cat command, I would try to create that file and use the "dirtycow64 <file> <location>". You could TRY to install D1kiy's run-as and use "run-as exec cat <file> >> <location>", but I don't know if that will work or not. It didn't work to disable packages on my phone, and it's more steps.
What I'm trying to do is replace my hosts file with a larger one, which of course can't be done directly with DirtyCow. If you get any farther towards real root than removing FRP, please let me know. Good luck!
aff3p said:
There was a guy here who showed how to overwrite GAM as a user app using DirtyCow. I can confirm it is possible to get a root shell with DirtyCow and replace files in memory on the S60. His FRP bypass looked like it would work for you. Look on youtube, it's about a 15 minute long video.
The version of DirtyCow that worked on my S60, partially, was found here in D1kiy's "Universal Debloater" package. I don't have a Windows machine so I just used those files manually through ADB to replace run-as. There's nothing made specifically for this phone, so you'll have to use your brain and cobble these methods together. Basically, where he goes into the shell and uses the cat command, I would try to create that file and use the "dirtycow64 <file> <location>". You could TRY to install D1kiy's run-as and use "run-as exec cat <file> >> <location>", but I don't know if that will work or not. It didn't work to disable packages on my phone, and it's more steps.
What I'm trying to do is replace my hosts file with a larger one, which of course can't be done directly with DirtyCow. If you get any farther towards real root than removing FRP, please let me know. Good luck!
Click to expand...
Click to collapse
Hey Thanks for that info. been trying to get this method to work for the past 4 hours to no avail, but I do see progress. I think I just need to find all the correct files to overwrite. I'll do a write up as soon as I figure out the FRP Removal process.
aff3p said:
There was a guy here who showed how to overwrite GAM as a user app using DirtyCow. I can confirm it is possible to get a root shell with DirtyCow and replace files in memory on the S60. His FRP bypass looked like it would work for you. Look on youtube, it's about a 15 minute long video.
The version of DirtyCow that worked on my S60, partially, was found here in D1kiy's "Universal Debloater" package. I don't have a Windows machine so I just used those files manually through ADB to replace run-as. There's nothing made specifically for this phone, so you'll have to use your brain and cobble these methods together. Basically, where he goes into the shell and uses the cat command, I would try to create that file and use the "dirtycow64 <file> <location>". You could TRY to install D1kiy's run-as and use "run-as exec cat <file> >> <location>", but I don't know if that will work or not. It didn't work to disable packages on my phone, and it's more steps.
What I'm trying to do is replace my hosts file with a larger one, which of course can't be done directly with DirtyCow. If you get any farther towards real root than removing FRP, please let me know. Good luck!
Click to expand...
Click to collapse
Finally after about 30 hours of playing with this Phone I managed to bypass the FRP I will do a write up so others have an easier time.
Solved: Caterpillar S60 FRP Unlock / Bypass / Removal
Must Have:
1. Security update no later then November 2016
2. OTA Cable
3. Download of files https://we.tl/oNjiyfTk57 (None are mine, Credit goes to their developers)
Getting to Settings:
Log into wifi, once at prompt for prior users account info go back to Network setting go down and click on other network setting type anything highlight select all and click the 3 dot menu and select “Assist”
You will be taken to google. Just click no thanks and type settings and select settings.
1. Go to apps and click Android Pay, force stop and disable.
2. Scroll down to Drive and click, force stop and disable.
3. Go to Security and enable unknown sources
4. Go to Storage to access your OTA Cable USB drive you added programs to and hold and select all of them and copy to downloads.
5. Go back to google and type downloads and install all apps except gam6 and dirty cow and click done leaving apex launcher for last which you will open.
6. go to apps in Apex launcher and select Termux
Termux Commands:
1. apt update
2. apt install coreutils debianutils
3. Go back to downloads and hold and select gam6.apk and share to Termux
3. Go back to downloads and hold and select dirtycow.apk and share to Termux
4. Type ls (you should see both files installed)
5. type chmod 777 * (Both files should not be green)
6. back out and go to terminal
Terminal commands
1. cd ~
2. cat /sdcard/Download/dirtycow > dcow
3. cat /sdcard/Download/gam6.apk > gam6.apk
4. touch file
5. echo FFFFFFFF >> file
6. chmod 777 *
7. ./dcow gam6.apk /system/priv-app/GoogleLoginService/GoogleLoginService.apk
8. ./dcow file /system/priv-app/GoogleLoginService/oat/arm64/GoogleLoginService.odex
Back to Termix
1. ./dirtycow /system/priv-app/GoogleLoginService/GoogleLoginService.apk gam6.apk
Go to Setting:
1. Go to Downloads and install gam6.apk
2. Go to Apps and force quit and disable Google Account Manager and reinstall from factory.
3. Go to Downloads again and re-install gam6.apk
4. Go to Apps and force quit and uninstall Google Account Manager
5. Go to Apex and run “Test DPC” set up work account.
6. It should take you to accounts tab after completed. Allow it to sync to your google account
7. Click on the personal account that is not set up above the work account and set it up with your google account information and allow it to sync.
8. Go back to downloads and install gam6.apk again.
9. Go to About this phone and tap Build No. until developer options are opened.
10. Go to developers options and check the OEM Unlocking
11. Power off and restart and you should be in with your account it will prompt you to choose launcher start with google launcher and go to setting.
12. Go to “Back up and reset” and do a Factory Data Reset
13. after Factory Reset you should have FRP Removed.
I posted a wetransfer link for the files should be good for a month if you need them or if the link is taken down PM me. Most of the ideas for this FRP Bypass came from Ghostlyhaks.com I just complied what worked and what didn’t to get FRP Removed. Thanks to @aff3p for giving me a push in the right direction. Also thanks to XDAdevelopers whom I have constantly learned a few tricks from.
Once it is FRP unlocked it will download updates so if you don't want them make sure to block them upon factory reset.
Caterpillar S60 FRP Unlock / Bypass / Removal
hi everybody here is mine experiment Security update March 1,2017
Getting to Settings:
Log into wifi, once at prompt for prior users account info go back to Network setting go down and click on other network setting type anything highlight select all and click the 3 dot menu and select “Assist”
You will be taken to google download es file explorer install it open in settings left side open network and remote manager turn on. in pc ftp client copy files in to the phone
Android_6_G.A.M.apk and testdpc.apk, nova launcher.apk before dowloaded. install testdpc and nova launcher.
1. Go to Downloads and install gam6.apk
2. Go to Apps and force quit and disable Google Account Manager and reinstall from factory.
3. Go to Downloads again and re-install gam6.apk
4. Go to Apps and force quit and uninstall Google Account Manager
5. Go to Apex and run “Test DPC” set up work account.
6. It should take you to accounts tab after completed. Allow it to sync to your google account
7. Click on the personal account that is not set up above the work account and set it up with your google account information and allow it to sync.
8. Go back to downloads and install gam6.apk again.
9. Go to About this phone and tap Build No. until developer options are opened.
10. Go to developers options and check the OEM Unlocking
11. Power off and restart and you should be in with your account it will prompt you to choose launcher start with google launcher and go to setting.
12. Go to “Back up and reset” and do a Factory Data Reset
13. after Factory Reset you should have FRP Removed.
sorry for little copy paste im not good writer
Awesome work @cesarq glad to know it works with the March update too!
YZFNYC said:
Awesome work @cesarq glad to know it works with the March update too!
Click to expand...
Click to collapse
Yes thats why i write people know that working i march update not for how its do you
guys, has anyone figured out yet if this phone is rootable and if there's any way to install Nougat on it? I got 7 days more to return it if not happy with it and camera is just really bad
it work but different way. Thanks you
My friends i found a way to bypass that and is actualy very simple
So i found solution to frp on cat s60 contact me at [email protected] and i tell you how
help with FRP removal
Hello Sirs,
I have just bought a CAT S60 from my carrier as a used handset, and I've ran into this FRP problem too. I could take it back, since I have a 2 weeks guarantee for this, and they would pay me back its price, but since it was a good price, I'd rather keep it.
I've tried the solution above, I've managed to get to the google app, and searched for ES file manager, but when I click on the app, the phone tries to open google play which directs me back to the point where I should enter the previous user's data.
As far as I can tell, my ROM version is after 01. June, 2017. Or at least, I've entered android recovery, and the latest recovery log sais: ro.bootimage.build.date= Thu Jun 1 12:12:51 CST 2017.
Do you have any suggestions?
Thanks in advance
P
Solved
@Calinalex, Thank You very much for the help, worked like a charm.
:highfive:
cat s 60 frp remove SOLUTION FOUND
Much more easy and done in 5 min use instructions in video : So go to youtube and there is cat s60 frp remove , good luck AND PLS IF IT WORKS DONT FORGET TO LIKE THE VIDEO
march 1 2018
hey it work on march too
I have set fingerprint on my galaxy s7 but as it necessary that we must chose passwors or pattern for security purpose. So now I have restarted my phone and I forgot my pattern. I have tried too much that the device should give me the option of resting it through email password. But it did not give the option. Kindly help me I have important data on my device.
walayat said:
I have set fingerprint on my galaxy s7 but as it necessary that we must chose passwors or pattern for security purpose. So now I have restarted my phone and I forgot my pattern. I have tried too much that the device should give me the option of resting it through email password. But it did not give the option. Kindly help me I have important data on my device.
Click to expand...
Click to collapse
Do you have TWRP or stock recovery?
Assuming you have TWRP go into the file manager found in advanced and go to /data/system and delete the locksettings.db or gesture.key
Hope I helped
I have a canadian S7 (8.0.0/R16NW/G930W8VLS5CSA1)
It's a company owned device that we are trying to re-purpose from a terminated employee. The device has been wiped but we appear to be stuck verifying account. I've gone over a number of threads but i can't seem to find a concise set of instructions.
Any help would be appreciated.
geopgin said:
I have a canadian S7 (8.0.0/R16NW/G930W8VLS5CSA1)
It's a company owned device that we are trying to re-purpose from a terminated employee. The device has been wiped but we appear to be stuck verifying account. I've gone over a number of threads but i can't seem to find a concise set of instructions.
Any help would be appreciated.
Click to expand...
Click to collapse
Can't you sign in with the email and password of the Google account of the terminated employee?
cooltt said:
Can't you sign in with the email and password of the Google account of the terminated employee?
Click to expand...
Click to collapse
You mean the x employees personal gmail account. No thats definitely not possible
geopgin said:
You mean the x employees personal gmail account. No thats definitely not possible
Click to expand...
Click to collapse
OK well for future reference always,....ALWAYS remove the google account from the phone before doing any kind of factory reset when you don't know the credentials.
Method 1 take it to a Samsung service shop with proof of purchase / ownership and they will reset the device for you, (might want to do this before messing around with it).
Method 2 is to get TWRP onto the phone to wipe "user data" then reboot , once you get TWRP on your home and dry. Can flash with Odin and depending on how up to date the device firmware is will depend if it will work or not.
Method 3 is to use the use the OTG cable (which came with the phone) to plug in a USB drive with all manner of frp disabling .apk's on. Lots of guides on line for this.
Method 4. I know some of the videos on youtube look confusing but depending on how old your device firmware is some of them still work. Any guides from late 2018 onwards should be tried, don't bother with any guides older than September 2018
Method 5. Is the nuclear option of "nand erase all" in Odin only use this if you are desperate as it's likely to corrupt the efs partition
It's very difficult to give specific advice without knowing the exact state of the phone, firmware update, security patch etc.
FRP lock is an absolute bast**d to resolve. I hope this helps.
Update
Apparently this method works on an S7
cooltt said:
OK well for future reference always,....ALWAYS remove the google account from the phone before doing any kind of factory reset when you don't know the credentials.
Method 1 take it to a Samsung service shop with proof of purchase / ownership and they will reset the device for you, (might want to do this before messing around with it).
Method 2 is to get TWRP onto the phone to wipe "user data" then reboot , once you get TWRP on your home and dry. Can flash with Odin and depending on how up to date the device firmware is will depend if it will work or not.
Method 3 is to use the use the OTG cable (which came with the phone) to plug in a USB drive with all manner of frp disabling .apk's on. Lots of guides on line for this.
Method 4. I know some of the videos on youtube look confusing but depending on how old your device firmware is some of them still work. Any guides from late 2018 onwards should be tried, don't bother with any guides older than September 2018
Method 5. Is the nuclear option of "nand erase all" in Odin only use this if you are desperate as it's likely to corrupt the efs partition
It's very difficult to give specific advice without knowing the exact state of the phone, firmware update, security patch etc.
FRP lock is an absolute bast**d to resolve. I hope this helps.
Update
Apparently this method works on an S7
Click to expand...
Click to collapse
How are you suppose to get into the device and remove the google account when you don't have the device password? Most if not all of those options require USB debugging be enabled no? Which i can't / wasn't able to do without pwd. We don't have samsung service shops around here.
Is there no way to load from usb drive
geopgin said:
How are you suppose to get into the device and remove the google account when you don't have the device password? Most if not all of those options require USB debugging be enabled no? Which i can't / wasn't able to do without pwd. We don't have samsung service shops around here.
Is there no way to load from usb drive
Click to expand...
Click to collapse
None of the methods i've listed require you to have password access to the device. I'm assuming from what you've written in your first post, you can turn the device on but are stuck at the Google verification screen? AKA, FRP lock
No you do not necessarily need USB debugging turned on
The OTG cable IS connected to a USB drive if you use that method
I mean this in the nicest possible way but do you have a basic understanding of the steps required to modify this phone?
cooltt said:
None of the methods i've listed require you to have password access to the device. I'm assuming from what you've written in your first post, you can turn the device on but are stuck at the Google verification screen? AKA, FRP lock
No you do not necessarily need USB debugging turned on
The OTG cable IS connected to a USB drive if you use that method
I mean this in the nicest possible way but do you have a basic understanding of the steps required to modify this phone?
Click to expand...
Click to collapse
Thanks, You have instructions for usb otg chance?
geopgin said:
Thanks, You have instructions for usb otg chance?
Click to expand...
Click to collapse
Read through this
cooltt said:
Read through this
Click to expand...
Click to collapse
i don't believe any of those methods work on s7 on android 8. No file manager pop, no google assist on keyboard, sidesync doesn't pop either. I believe the latest that tutorial works on reliably is 6.1 i may be wrong however.
geopgin said:
i don't believe any of those methods work on s7 on android 8. No file manager pop, no google assist on keyboard, sidesync doesn't pop either. I believe the latest that tutorial works on reliably is 6.1 i may be wrong however.
Click to expand...
Click to collapse
also just tried realterm method which is the most recent and it also doesn't work.
can i downgrade the rom without root? if so how, is there a otg method (without twrp)?
managed to bypass frp on my verizon s7 G930VVRU8CRJ3. I will try and list the steps so you can test it for yourself
From the start screen hold vol up and vol down simultaneously to start talkback
Draw a L to open global context menu.
Select talkback settings
Long press vol up and down together to turn off talkback
Select text to speech setting
Select the gear next to preferred engine
Select install voice data
Select the download arrow next to any language
Select the grey oval that says tools under the title of whatever language you chose
(You may have to update the galaxy store)
Select the magnifying glass and search for "internet"
Download samsung internet browser then open by pressing the triangle that appears in the same spot the download button was
Type frptools.com
Click on the second link that says All Frp Bypass Apk Download - frptools.com
Download FRPTools_8.1.apk install and open
Click on open google login. It will say you need google account manager then automatically down load it. Install that then it will take you back in to the frptools apk.
Click open google login again
Click on the three dots in the top right and choose browser sign in
Input your google account and password
Download apex launcher from frp tools apk and install.
Pull down notification shade and select settings gear
Select general management setting
Select reset
Select factory data reset. You should see your email account on this screen
Select reset.
Once it reboots you should be able breeze through setup wizard with your credentials.
Good luck! Please let me know if this works for you
awanderingponderer said:
managed to bypass frp on my verizon s7 G930VVRU8CRJ3. I will try and list the steps so you can test it for yourself
From the start screen hold vol up and vol down simultaneously to start talkback
Draw a L to open global context menu.
Select talkback settings
Long press vol up and down together to turn off talkback
Select text to speech setting
Select the gear next to preferred engine
Select install voice data
Select the download arrow next to any language
Select the grey oval that says tools under the title of whatever language you chose
(You may have to update the galaxy store)
Select the magnifying glass and search for "internet"
Download samsung internet browser then open by pressing the triangle that appears in the same spot the download button was
Type frptools.com
Click on the second link that says All Frp Bypass Apk Download - frptools.com
Download FRPTools_8.1.apk install and open
Click on open google login. It will say you need google account manager then automatically down load it. Install that then it will take you back in to the frptools apk.
Click open google login again
Click on the three dots in the top right and choose browser sign in
Input your google account and password
Download apex launcher from frp tools apk and install.
Pull down notification shade and select settings gear
Select general management setting
Select reset
Select factory data reset. You should see your email account on this screen
Select reset.
Once it reboots you should be able breeze through setup wizard with your credentials.
Good luck! Please let me know if this works for you
Click to expand...
Click to collapse
Thanks for response,
When i holde volume up and down it doesn't do anything from start screen. On my device voice assistance is turned on by holding 2 fingers on the screen until it beeps. Then a tutorial comes up. swiping L shape does nothing.
Simple go to ebay search for samsung galaxy Google lock removal service and have one of them remove it for you. I have done this many times and it dose not cost that much.