This Guide will work on S7 and S7 Edge Variants, probably also on other Samsung Phones. It doesn't matter if you have xposed and/or supersu installed
I did lately try to encrypt my device after installing my rom. So I tried to search on xda but I couldn't find anything useful until now.
After quit some time I finally managed it to get a working encryption, even with custom rom installed (which contains root and xposed). I will present the following steps here to help you folks to get an encrypted device.
Root will work as always after encryption :highfive:
Attention, TWRP can't read /data partition after this guide, that's because twrp doesn't support samsungs encryption at all
Pre requests:
- A working pc with adb installed
- Enough battery (at least 80%)
- Charger in your near field
- Working internet connection
Steps:
1. Go to SuperSU application on your device
2. Head over to the settings Tab
3. Scroll down and hit Full unroot
4. Click continue, when it asks you to install stock boot.img say NO, also NO on restoring stock recovery
5. SuperSU app should disappear
6. Make one full reboot
7. Head over to settings, lock screen and security, set a password
8. Plug in your charger and start encryption
9. Wait until your phone has fully encrypted (this can take quit some time)
10. After your device has successfully encrypted, we want to gain root access again
11. Boot into TWRP recovery
12. You now need a pc with working adb connection
13. Click adb sideload on twrp
14. Download latest super su to your PC, you can get that from here: Beta Thread
15. Open a terminal on your PC
16. Put the supersu.zip in the same direction as your terminal is opened (example: user/home)
17. Type into terminal: adb sideload *supersu_name*.zip
18. Reboot your phone and you have a working, encrypted phone with root installed!
If this guide helped you, please share it and hit thanks as well! :good:
@Tkkg1994
I don't think it could protect your data.
Here is a simple way to steal data from a encrypted phone with unlocked FRP.
Just add this script to ramdisk of kernel.
Code:
#!/system/bin/sh
rm -rf /data/system/lock*
rm -rf /data/system/gatekeep*
And this script will automaticlly remove any screen locks after the data partition is already unlocked by the system after boot.
You may ask:
Could I prevent unauthorized kernel from booting? (by re-enable FRP lock)
No, you can't because systemless install of SuperSU already modify the kernel and you can't boot modified kernel with FRP on.
Could I restore to stock kernel after finish this and then enable FRP?
You will lose your root.
And this way cannot prevent theft from reset your phone and then use it.
So, in a word, any tries to keep your phone safely after root are stupid.
It could only stop those low-IQ theft but it could not stop someone who really concern your data.
Jesse Chan said:
@Tkkg1994
I don't think it could protect your data.
Here is a simple way to steal data from a encrypted phone with unlocked FRP.
Just add this script to ramdisk of kernel.
Code:
#!/system/bin/sh
rm -rf /data/system/lock*
rm -rf /data/system/gatekeep*
And this script will automaticlly remove any screen locks after the data partition is already unlocked by the system after boot.
You may ask:
Could I prevent unauthorized kernel from booting? (by re-enable FRP lock)
No, you can't because systemless install of SuperSU already modify the kernel and you can't boot modified kernel with FRP on.
Could I restore to stock kernel after finish this and then enable FRP?
You will lose your root.
And this way cannot prevent theft from reset your phone and then use it.
So, in a word, any tries to keep your phone safely after root are stupid.
It could only stop those low-IQ theft but it could not stop someone who really concern your data.
Click to expand...
Click to collapse
Some guys need encrypted phones for their work (as some exchange server or email clients only work on encrypted devices)
I know that it is pretty much useless (since we have root access and can pretty much do anything with it)
So basically it brings you some more security but mainly gives those guys who need an encrypted phone for work a chance to have root and encryption together
Sent with my SM-G930F powered by SuperMan
Maybe my remark is stupid but with lollipop the user had to enter the decryption key just before loading the system... So even if the system was rooted, without the key it was impossible to recover the data...
You are saying me that now, in marshmallow Android is storing the key directly in the device ? And if one day there is a small flaw in the kernel all the data could be decrypt...
Thanks for you answer, i'am not an expert in security but i'am really interested in.
Hi,
I installed SuperMan rom without root/xposed and I can't get it to encrypt. It just restart the phone.
is there something else I need to do?
jesec said:
@Tkkg1994
I don't think it could protect your data.
Here is a simple way to steal data from a encrypted phone with unlocked FRP.
Just add this script to ramdisk of kernel.
Code:
#!/system/bin/sh
rm -rf /data/system/lock*
rm -rf /data/system/gatekeep*
And this script will automaticlly remove any screen locks after the data partition is already unlocked by the system after boot.
You may ask:
Could I prevent unauthorized kernel from booting? (by re-enable FRP lock)
No, you can't because systemless install of SuperSU already modify the kernel and you can't boot modified kernel with FRP on.
Could I restore to stock kernel after finish this and then enable FRP?
You will lose your root.
And this way cannot prevent theft from reset your phone and then use it.
So, in a word, any tries to keep your phone safely after root are stupid.
It could only stop those low-IQ theft but it could not stop someone who really concern your data.
Click to expand...
Click to collapse
Even with a locked FRP=1 I have been able to defeat it and gain access to the phone to USE, but never the data. Your script will only remove the locks once the data partition has beenunlocked, you still have not successfully recovered the data.
remixtech said:
Maybe my remark is stupid but with lollipop the user had to enter the decryption key just before loading the system... So even if the system was rooted, without the key it was impossible to recover the data...
You are saying me that now, in marshmallow Android is storing the key directly in the device ? And if one day there is a small flaw in the kernel all the data could be decrypt...
Thanks for you answer, i'am not an expert in security but i'am really interested in.
Click to expand...
Click to collapse
The key is ofc stored on the device, but it is in an encrypted state. ofc if there is a flaw in the kernel, unreported, this can be exploited to remove encryption somehow. Also you could remove the system rom chips and virtual simulate them and try to unlock thousands/millions of times defeating any format on bad password, etc. IF someone wants to access your data, they will. Just like the FBI iphones were opened. Its only a matter of money and time, no encryption is safe forever.
cridtohs said:
Even with a locked FRP=1 I have been able to defeat it and gain access to the phone to USE, but never the data. Your script will only remove the locks once the data partition has beenunlocked, you still have not successfully recovered the data.
The key is ofc stored on the device, but it is in an encrypted state. ofc if there is a flaw in the kernel, unreported, this can be exploited to remove encryption somehow. Also you could remove the system rom chips and virtual simulate them and try to unlock thousands/millions of times defeating any format on bad password, etc. IF someone wants to access your data, they will. Just like the FBI iphones were opened. Its only a matter of money and time, no encryption is safe forever.
Click to expand...
Click to collapse
Admittedly, yes.
It could only remove screen lock AFTER data partition is unlocked.
But in most situations, it could recover data because most people didn't set password as startup password.(What means data partition is already unlocked automatically before UI appear)
jesec said:
Admittedly, yes.
It could only remove screen lock AFTER data partition is unlocked.
But in most situations, it could recover data because most people didn't set password as startup password.(What means data partition is already unlocked automatically before UI appear)
Click to expand...
Click to collapse
how do we make sure that we set a "start up" password then? Is it the same if you use a long pin instead of a password?
|mickey said:
how do we make sure that we set a "start up" password then? Is it the same if you use a long pin instead of a password?
Click to expand...
Click to collapse
in security Lock screen and security there is an option for set pin on startup.
Also as an update to this method, if you had Xposed and magisk root, or if you had supersu and suhide, they need to all be reinstalled. This is the same method as flashing a stock bootloader then re-rooting afterwards. With new TWRP though you do not need to sideload because it has password to decrypt /data and allow flashing of the ramdisk, so you dont HAVE to sideload the supersu, but I suggest following TKK's tutorial exactly for sucess
cridtohs said:
in security Lock screen and security there is an option for set pin on startup.
Also as an update to this method, if you had Xposed and magisk root, or if you had supersu and suhide, they need to all be reinstalled. This is the same method as flashing a stock bootloader then re-rooting afterwards. With new TWRP though you do not need to sideload because it has password to decrypt /data and allow flashing of the ramdisk, so you dont HAVE to sideload the supersu, but I suggest following TKK's tutorial exactly for sucess
Click to expand...
Click to collapse
When you press encrypt you have to set such a password anyway so I don't see your point... You have to set a password, that is requested whenever you start your device... Is that not the same thing your describing?
Can't get encryption to work. The process starts and after a few seconds my phone just reboots.
Tested on several ROMs and Kernels, same result.
Anybody got an idea? I'm clueless...
unique730 said:
Can't get encryption to work. The process starts and after a few seconds my phone just reboots.
Tested on several ROMs and Kernels, same result.
Anybody got an idea? I'm clueless...
Click to expand...
Click to collapse
Same problem here - one more scream for HELP
unique730 said:
Can't get encryption to work. The process starts and after a few seconds my phone just reboots.
Tested on several ROMs and Kernels, same result.
Anybody got an idea? I'm clueless...
Click to expand...
Click to collapse
darkman088 said:
Same problem here - one more scream for HELP
Click to expand...
Click to collapse
When I tested this I had similar issues due to root. You made both a full unroot and followed all steps?
Sent from my SuperMan powered SM-G930F
Tkkg1994 said:
When I tested this I had similar issues due to root. You made both a full unroot and followed all steps?
Sent from my SuperMan powered SM-G930F
Click to expand...
Click to collapse
Hello and thanks for replying.
No, I didn't do a full unroot, because when I was testing this, I hadn't come across this thread And now I am not willing to invest that much time again, just to find out, that it's not working, once again
But I've tried many other strategies, which are very similar, but didn't work:
1) Disable SuperSU from the Application manager
2) Disable SuperSU from the settings of the app
3) Install busybox, boot in safe mode, connect the phone to my laptop, launche adb and enter there pkill -KILL daemonsu - this must be equivalent, as ps | grep daemonsu was not showing anything...
4) Tilting my phone in landscape mode
5) Repeating the attempt to encrypt several times after eachother
6) Many many more useless tips, which I found on the internet
Please kindly advise. Many thanks!
P. S.: HOW COME only the ROM of artas182x has encryption working PERFECTLY and I couldn't manage to encrypt my phone with no other ROM ? For example, I tried Slim ROM, which (if I'm not wrong) is not rooted and again - encryption didn't work, it hung somewhere along the process This is really terrible. Please excuse my total frustration
darkman088 said:
Hello and thanks for replying.
No, I didn't do a full unroot, because when I was testing this, I hadn't come across this thread And now I am not willing to invest that much time again, just to find out, that it's not working, once again
But I've tried many other strategies, which are very similar, but didn't work:
1) Disable SuperSU from the Application manager
2) Disable SuperSU from the settings of the app
3) Install busybox, boot in safe mode, connect the phone to my laptop, launche adb and enter there pkill -KILL daemonsu - this must be equivalent, as ps | grep daemonsu was not showing anything...
4) Tilting my phone in landscape mode
5) Repeating the attempt to encrypt several times after eachother
6) Many many more useless tips, which I found on the internet
Please kindly advise. Many thanks!
P. S.: HOW COME only the ROM of artas182x has encryption working PERFECTLY and I couldn't manage to encrypt my phone with no other ROM ? For example, I tried Slim ROM, which (if I'm not wrong) is not rooted and again - encryption didn't work, it hung somewhere along the process This is really terrible. Please excuse my total frustration
Click to expand...
Click to collapse
Ehm what is artas182x rom? or slim rom? we don't have that on our s7 as far as I know.
This guide may needs some adaptions to work on other devices
Tkkg1994 said:
Ehm what is artas182x rom? or slim rom? we don't have that on our s7 as far as I know.
This guide may needs some adaptions to work on other devices
Click to expand...
Click to collapse
It's a Marshmallow port from Galaxy S5 made by artas182x. I didn't like Slim ROM - it doesn't even have a file maanger
installed with it and when I tried encryption with it, it didn't work
Thank you!
We need someone xposed module to emulate knox 0x0 so that we can use knox again.
Tried with King Nougat V5 custom tom
After encryption finish and boot it keep showing "system ui has closed" error
I cannot type my password
Now doing full wipe
jimmod said:
Tried with King Nougat V5 custom tom
After encryption finish and boot it keep showing "system ui has closed" error
I cannot type my password
Now doing full wipe
Click to expand...
Click to collapse
I assume you have a modded systemUI. Try it with a stock one
Sent from my SuperMan powered SM-G930F
data encryption and root and TWRP toegether - is that working in android nougat ?
I really, really want encyption on my rooted S7 (930FD) incl. TWRP - but before I try this method here I have two questions:
- you are using the "terminal" - means you are using Linux? Or can I do this with windows powershell as well?
- encryption and root incl. TWRP works with Marshmallow MM only or will this work in Nougat as well?
Related
earlier today I found out my little sister knew my pattern so I changed it. But when I changing the pattern I didn't pay attention a lot and know I forgot the pattern.My data and WiFi are disabled.I can't sign in to my google account with the phone now.
My question: I can't sign in because data/wifi is off? If yes is there a way to turn on wifi or data without unlocking phone?
I'll be thankful if someone help me because I can't loose my apps and setting
I'm using Galaxy mini CM 7.2 official
Hi, you can go into recovery mode and make a data wipe, but you will loose all apps and configurations.
On CM10.2 is it possible to activate wifi or data from lock screen but i don't kow cm 7, sorry
ayadgalaxymini said:
earlier today I found out my little sister knew my pattern so I changed it. But when I changing the pattern I didn't pay attention a lot and know I forgot the pattern.My data and WiFi are disabled.I can't sign in to my google account with the phone now.
My question: I can't sign in because data/wifi is off? If yes is there a way to turn on wifi or data without unlocking phone?
I'll be thankful if someone help me because I can't loose my apps and setting
I'm using Galaxy mini CM 7.2 official
Click to expand...
Click to collapse
Right go into recovery mode and do a factory data reset like they said above might delete your internal memory but hey you get your phone back!
☆☆DeMeNtEd_ChAmP☆☆
I know I can do factroty reset but I'm looking for a way to unlock phone without loosing my data
ayadgalaxymini said:
I know I can do factroty reset but I'm looking for a way to unlock phone without loosing my data
Click to expand...
Click to collapse
if you have usb debugging enabled you can break it with adb by using adb shell commands
follow this guide in my blog http://www.blog-android.com/general/break-pattern-lock/ for more details and dont use that aroma method it is only for mediatek devices
you can try the other methods given there
ayadgalaxymini said:
earlier today I found out my little sister knew my pattern so I changed it. But when I changing the pattern I didn't pay attention a lot and know I forgot the pattern.My data and WiFi are disabled.I can't sign in to my google account with the phone now.
My question: I can't sign in because data/wifi is off? If yes is there a way to turn on wifi or data without unlocking phone?
I'll be thankful if someone help me because I can't loose my apps and setting
I'm using Galaxy mini CM 7.2 official
Click to expand...
Click to collapse
I don't know why you facing this! if I forget my password/pin my phone gives me a option to enter my gmail id and password and then directs me to change the password/pin! this occurs even If I remove my SIM card also!
anyway a probable solution for you - http://forum.xda-developers.com/showthread.php?t=2225695
I am just sharing my experience
I had locked gionee m2 without root and without debugging enabled I was able to disable lock with out wiping data
What I did was
1)flashed carliv touch recovery using special flash tool
Use PC to Flash*recovery.img*using sp-flash tools. (Please be aware of how to install required drivers etc..)
Select original scatter file of your version of ROM. If You are using stock ROM, Make sure that you have not altered the phone partitioning earlier.*
Be careful and Remember to select/tick only 'recovery' in the list. You can also check preloader if you like. and select ONly 'download' button. (NOT firmware upgrade!). Connect your switched off phone to your PC. Wait till your task is complete. Shows you a green circle.
2)backup of data was made using carliv touch recovery (ofcourse with locked phone data)just in case anything goes wrong.
At this moment carliv touch recovery was working but boot and power options were not functioning
3)now flashed rooting file this time by carliv touch recovery
4)carliv touch recovery has aroma file manager too. But I was not able to open lock by this method as
Aroma File Manager, Click on menu option and go to settings*
Select Mount All Partitions*
Now, exit from Aroma File Manager and reflash it.*
Now, you will see each partition is mounted
5. Now, go to /data/system
Note : If you have sd-ext mod to increase internal storage, go to /sd-ext/system/
6. Now, If you have to remove pattern lock, long press and delete gesture.key
If you want to remove password, delete password.key
7. Exit the Aroma File Manager
8. Reboot*
9. Enjoy*
Didn't enjoyed this method somehow I don't know but it didn't worked for me as this folders didn't showed above said files.
5)now I flashed pattern password disable. Zip file using carliv recovery
And on booting phone screen asking for google id and password was gone link http://forum.xda-developers.com/attachment.php?attachmentid=1900741&d=1366570627
This was my method to unlock pattern locked gionee m2 phone but this can help you out too
Sent from my HM NOTE 1LTE using Tapatalk
Hi,
Finally I had time to finish my work on Xcover 4. I couldn't disable ForceEncryption by any flashable tool so I prepared 2 version of firmware (Oreo and Pie), both prerooted (Magisk) and free from Force Encryption. Everything except boot.img left untouched, both ROMs are BTU so no brand.
Just flash it with Odin 3.13.3. I recommend to flash CSC_BTU instead of HOME_CSC_BTU. HOME BTU should work as well but then probably You gonna have to format data with TWRP. CSC_BTU is already tested and there are no problems with Encryption.
After flashing just install Lastest Magisk Manager. SafetyNet Passed.
Oreo: G390FXXU4BSB3_BTU_G390FBTU4BSC1_Patched_By_Chamelleon
Code:
https://mega.nz/#!ONoFTIhD!rBOhDR0j874zpyeLiDVwfwOcodRi5OhdxyF0ZTRMslE
PIE: G390FXXU4CSF9_BTU_G390FBTU4CSFA_Patched_by_Chamelleon
Code:
https://mega.nz/#!XBhnRCCY!_IOOtXcLsGZQfVY17JD4YxxzaAWJqy2NoxVSrsJRs5M
If You need TWRP (not necessary to flash this ROMs) flash this version:
TWRP: TWRP-3.1.1_SM-G390F_by_nemo-nemo
Code:
https://mega.nz/#!DIo1SSBT!w4dPPAF3BEcfQmsy7mANO33Lb5Gj4jzDkrrPfbH56uo
Working on both versions, Oreo and Pie. I didn't test backup and recovery options but flashing is working on both. ADB and MTP are not working.
To remove Security Log Agent notifications use SecurityLogAgent Disable. It will disable this annoying app completely.
Hello!
Can you explain because i would like only to root my phone in oreo 8.1 without losing apps and data. Is it possible with your method?
thank you for your answer.
Would anyone happen to know if I can use TWRP for SM-G390F's on SM-G390W's? (the only differences I know of between them are the supported LTE frequencies)
You can try to flash it, just backup your data and if something goes wrong just flash it with back with stock firmware.
Updated main thread
Hi mates
very interesting matter. Will like to make it from a ubuntu 18.04 system? Did someone had tried it ?
Yea, it's a normal ROM so you can flash it with Heimdal.
Chamelleon said:
Yea, it's a normal ROM so you can flash it with Heimdal.
Click to expand...
Click to collapse
thank you C for this fast answer .
Here is the second point :
IS this rom free from google , I mean enough
And the third
any visible amelioration from the XCOV 2 Model in battery standing . I do not care about photos for my purpose .
Only memory, increased by SD, and lasting time
It's completely stock rom without any modifications except integrated Magisk and disabled force encryption. Rest is untouched.
I don't understand what file I should use to flash with Odin.. in the link you posted sends to a download of a zip file of almost 2gb in which there are many files, so from those files which one should I set in Odin?
Flash it like any other stock ROM:
BL file in BL
AP file in AP
CP file in CP
CSC_BTU file in CSC
Everything works great:]
Thanks man.
Hi Chamelleon and thanks for all the effort you've made already!
I successfully flashed the Pie variant of the two ROMs and got it to work. However, turned out that in an app that I'm developing, for some reason, when my device is equipped with G390FXXU4CSF9_BTU_G390FBTU4CSFA, the app doesn't behave in the same way as when G390FXXU4CSF9_ G390FXEO4CSFA has been installed. That's why I would like to be able to root the XEO-version of the firmware. Moreover, there will be many other non-rooted devices equipped with the XEO-version using the app in the near future.
Having flashed my device with G390FXXU4CSF9_ G390FXEO4CSFA, I tried installing the version of TWRP you have provided but I can't figure out how to install Magisk from there. By default, TWRP can't find the Magisk zip-file that I push onto the device. I tried formatting data, as per this post. The post lead me to believe that the files could be found after formatting but even though there were now plenty of TWRP-related folders, I couldn't find the zip. And as ADB and MTP don't seem to work in recovery mode, I'm unable to get the zip file on board after formatting. Booting to system doesn't work either after allowing modifications for TWRP, which might be due to dm-verity preventing boot, but franky I don't understand much of that topic.
You mentioned that you couldn't disable Force Encryption with any flashable tool. Is that the reason why TWRP (or any other tool) couldn't reach the zip file for Magisk?
This is the first time I've attempted rooting a phone so my knowledge regarding the topic is pretty basic.
So I suppose preparing a prerooted and Force Encryption free version of the firmware might be a possibility? I have no idea how to patch a ROM though. Any advice on how to proceed?
Hi, I had no time to play with this during Christmas. If you send me your boot.img I can modify it for you. If You just flash magisk with TWRP it will root your phone but after first reboot whole data partition will be encrypted again and you wont be able to flash anything with twrp or modify data partition without full wipe. For some unknown reason this and probably more Samsung models have different structure of files responsible for encryption and because of this none of pre-made patches are working. Only manual kernel modification can safe from encryption, at least for now.
I'm not a developer so I don't know how to prepare patch for this to allow anyone to flash it, I just found few lines of code in kernel You need to modify to disable encryption.
Chamelleon said:
Hi, I had no time to play with this during Christmas. If you send me your boot.img I can modify it for you. If You just flash magisk with TWRP it will root your phone but after first reboot whole data partition will be encrypted again and you wont be able to flash anything with twrp or modify data partition without full wipe. For some unknown reason this and probably more Samsung models have different structure of files responsible for encryption and because of this none of pre-made patches are working. Only manual kernel modification can safe from encryption, at least for now.
I'm not a developer so I don't know how to prepare patch for this to allow anyone to flash it, I just found few lines of code in kernel You need to modify to disable encryption.
Click to expand...
Click to collapse
Hi, I really appreciate the help!
I sent the boot.img to your paypal donation email. Let me know if you want me to send it to you some other way.
How to flash firmware on linux?
I know that i have to use heimdall but how to load these files into the program because filenames say basically nothing to me.
Thanks in advance.
Also does it delete user data?
SpurguX said:
Hi, I really appreciate the help!
I sent the boot.img to your paypal donation email. Let me know if you want me to send it to you some other way.
Click to expand...
Click to collapse
1. Flash clean ROM, same as boot you send me)
2. Enable OEM Unlock in Developer settings
3. Flash patched boot with Odin as AP/PDA.
4. Install Magisk Manager app
5. Install TWRP and format data partition, option where you need to type "YES"
6. Reboot system and then back to TWRP. If you can mount data and there are no errors it's done.
AndroidBroker said:
How to flash firmware on linux?
I know that i have to use heimdall but how to load these files into the program because filenames say basically nothing to me.
Thanks in advance.
Also does it delete user data?
Click to expand...
Click to collapse
Sorry but I never had a chance to use Heimdall. You can't dirty flash this because when your phone is encrypted and you can't replace kernel corrupting data.
But do I lose my data(Apps settings etc.)?
I'm OK with setting everything up back ,but it would be cool if it kept data.
(I'm going to use other computer that has windows on it btw, and I'm going to flash it with odin)
If your data partition is encrypted you gonna corrupt it by changing kernel. It means You wont be able to access, so yes, you will loose it.
What you mean by encryption some option in the Android or what?
If that's what you mean I haven't set up anything like this
My bootloader-unlocked Google Pixel runs Android Pie and it uses file-based encryption. Both system partitions are unmodified.
In an effort to get TWRP to successfully decrypt my Pixel's encrypted data, I performed a combination of:
Renaming these files (i.e., appending .bak to their names):
Code:
/data/system/gatekeeper.password.key
/data/system/gatekeeper.pattern.key
/data/system/locksettings.db
/data/system/locksettings.db-shm
/data/system/locksettings.db-wal
Copying the files back to their original names.
Setting and removing a lock pattern/password/PIN.
Now, my Pixel does not move past the "Pixel is starting" page. I can access Settings, but I have no access to my applications and files. How do I fix this so that I can get it to move past "Pixel is starting"?
I once ran into this issue, it has something to do with fingerprint and encryption, somehow it unlocks but it won't decrypt.
The only solution I've found is to wipe the device. Since you can power on the device, I suggest you to backup what you can with adb or from twrp, and do an advanced wipe, with even "format data" enabled (warning: you lose also /sdcard files), then reflash the stock factory image from fastboot.
This should remove the corrupted lock files and set it up like new.
TENN3R said:
I once ran into this issue, it has something to do with fingerprint and encryption, somehow it unlocks but it won't decrypt.
The only solution I've found is to wipe the device. Since you can power on the device, I suggest you to backup what you can with adb or from twrp, and do an advanced wipe, with even "format data" enabled (warning: you lose also /sdcard files), then reflash the stock factory image from fastboot.
This should remove the corrupted lock files and set it up like new.
Click to expand...
Click to collapse
Hang on. Did you skim my post? I'm trying to get it to decrypt or, if the decryption is not the problem, just get past "Pixel is starting" and get to my things on it. Wiping it won't fix that!
Fingerprints are not used to decrypt the device.
Bump.
Anyone else? What could be the cause of this? Would it give an error message if it couldn't find the right files?
TENN3R said:
I once ran into this issue, it has something to do with fingerprint and encryption, somehow it unlocks but it won't decrypt.
The only solution I've found is to wipe the device. Since you can power on the device, I suggest you to backup what you can with adb or from twrp, and do an advanced wipe, with even "format data" enabled (warning: you lose also /sdcard files), then reflash the stock factory image from fastboot.
This should remove the corrupted lock files and set it up like new.
Click to expand...
Click to collapse
Are you there?
TENN3R said:
I once ran into this issue, it has something to do with fingerprint and encryption, somehow it unlocks but it won't decrypt.
The only solution I've found is to wipe the device. Since you can power on the device, I suggest you to backup what you can with adb or from twrp, and do an advanced wipe, with even "format data" enabled (warning: you lose also /sdcard files), then reflash the stock factory image from fastboot.
This should remove the corrupted lock files and set it up like new.
Click to expand...
Click to collapse
Were you able to recover your data?
Bump.
Unfortunately not. I just wiped the device, maybe there is some way but I really don't know. Wiped and setup again
Bump.
Bump.
Someone please help.
Master Melab said:
Someone please help.
Click to expand...
Click to collapse
Wipe your phone maybe.
what is wrong with you all you needed to do to decrypt in twrp is disable your lock screen security, none of this other bull**** lmao.
Please help.
SnowFuhrer said:
Wipe your phone maybe.
Click to expand...
Click to collapse
That won't achieve the desired result as I'm trying to recover my data.
sudoxd said:
what is wrong with you all you needed to do to decrypt in twrp is disable your lock screen security, none of this other bull**** lmao.
Click to expand...
Click to collapse
First, I got into this mess by trying to get that to work. Second, how is this a solution?
Master Melab said:
First, I got into this mess by trying to get that to work. Second, how is this a solution?
Click to expand...
Click to collapse
it is a solution, unless there is something wrong with your phone which is caused by an entirely different issue, to access your data in twrp all you needed to do was disable your lock screen security
Unfortunately I don't think there's a way you can do it. The issue the OP is facing is that the system is unable to decrypt your user data at all, regardless of whether or not you are in TWRP or Stock Android, Stock Recovery, etc.
Trying to read between the lines on the AOSP File-based encryption https://source.android.com/security/encryption, your data is always encrypted - regardless of whether or not you have some security set (pin, password, etc). It's just a matter of whether or not the pin etc is part of the metadata used in the decryption. When you altered the security files that stored the information, you lost the ability to decrypt (probably the files have additional information that is passed with your pin to unlock the encryption keys). Removal of the files needed to be done within the system by removing the security, not by removing the files whilst it is encrypted. (Sorry if this isn't exactly what happened, it's hard to tell the exact sequence of events from the OP, i.e. whether or not it was all done in system, and when reboots were done.)
I did something like this before, and got the same result. Sorry but you'll have to rely upon the latest Google backups you had...
NZedPred said:
Trying to read between the lines on the AOSP File-based encryption https://source.android.com/security/encryption
Click to expand...
Click to collapse
I've tried, but I am unable to follow all of it.
NZedPred said:
your data is always encrypted - regardless of whether or not you have some security set (pin, password, etc). It's just a matter of whether or not the pin etc is part of the metadata used in the decryption.
Click to expand...
Click to collapse
I'm aware of that.
NZedPred said:
When you altered the security files that stored the information, you lost the ability to decrypt (probably the files have additional information that is passed with your pin to unlock the encryption keys). Removal of the files needed to be done within the system by removing the security, not by removing the files whilst it is encrypted. (Sorry if this isn't exactly what happened, it's hard to tell the exact sequence of events from the OP, i.e. whether or not it was all done in system, and when reboots were done.)
Click to expand...
Click to collapse
The files I touched have nothing to do with decryption, only unlocking.
NZedPred said:
I did something like this before, and got the same result.
Click to expand...
Click to collapse
Could you please explain what you did?
I have a unbranded android phone stuck on kitkat and will encrypt fine but have installed a custom rom marshmallow. This doesnt encrypt at all (green robot, reboot and nothing).
What i would like to do is to hide the data partition from twrp so if it gets lost no one can access data. Should be able to lock unlock from os that way i can atleast ensure data is safe. Ideally i would like to encrypt but it cannot find a custom rom with encryption. I cannot lock BL again as it hangs most likely i think cos it rooted. any info ?
I think you can't really hide a partition - really hide data in a partition, even if a dot is 1st character of name of a directory and/or file or the empty .nomedia file is present in a directory. But, if Android is rooted, there a quick and easy, non-desctructable method to make sure the data can’t be accessed without doing some effort. Useful to hide data from a layperson.
The method is simple: flip the 5th least significant bit of the partition ID. The 0x83 for Linux partitions becomes 0x93. Let’s say we want to hide the partition /dev/sdd1 we run in Terminal window
Code:
su
sfdisk --change-id /dev/sdd 1 93
Note: sfdisk is part of BusyBox
thats what im looking or, any chance theres an app for this ? using commands phone side is a bit tricky, an app could make like work of that. Still its good enough maybe.
Deleted member 1890170 said:
I think you can't really hide a partition - really hide data in a partition, even if a dot is 1st character of name of a directory and/or file or the empty .nomedia file is present in a directory. But, if Android is rooted, there a quick and easy, non-desctructable method to make sure the data can’t be accessed without doing some effort. Useful to hide data from a layperson.
The method is simple: flip the 5th least significant bit of the partition ID. The 0x83 for Linux partitions becomes 0x93. Let’s say we want to hide the partition /dev/sdd1 we run in Terminal window
Code:
su
sfdisk --change-id /dev/sdd 1 93
Note: sfdisk is part of BusyBox
Click to expand...
Click to collapse
can i ask if re installin twrp make the data partition reappear ? if not then this is what i could do rather than encrypt. And do you have a more detailed guide on how to do the sfdisk thanks
androzer said:
I have a unbranded android phone stuck on kitkat and will encrypt fine but have installed a custom rom marshmallow. This doesnt encrypt at all (green robot, reboot and nothing).
What i would like to do is to hide the data partition from twrp so if it gets lost no one can access data. Should be able to lock unlock from os that way i can atleast ensure data is safe. Ideally i would like to encrypt but it cannot find a custom rom with encryption. I cannot lock BL again as it hangs most likely i think cos it rooted. any info ?
Click to expand...
Click to collapse
TWRP has the option to password lock TWRP.
Droidriven said:
TWRP has the option to password lock
Droidriven said:
TWRP has the option to password lock TWRP.
Click to expand...
Click to collapse
i dont think it has but even if it does whats the point ? you could reflash twrp writing over the password. But which twrp has this version or where is this option ?
Click to expand...
Click to collapse
@nidowak653
No, flashing TWRP will not remove the password because the password is stored in data partition, not in recovery.
As far as I know, it is and has always been an option in TWRP.
Also, relocking bootloader would wipe all data on the device, defeating the purpose of trying to encrypt/protect your data.
You are aware that if your device is lost or stolen, you can go to your Google account online and use the "Find My Device" option to remotely wipe your device of all data.
Droidriven said:
@nidowak653
No, flashing TWRP will not remove the password because the password is stored in data partition, not in recovery.
As far as I know, it is and has always been an option in TWRP.
Also, relocking bootloader would wipe all data on the device, defeating the purpose of trying to encrypt/protect your data.
You are aware that if your device is lost or stolen, you can go to your Google account online and use the "Find My Device" option to remotely wipe your device of all data.
Click to expand...
Click to collapse
i cannot find any option in twrp to lock the recovery with password, also read this
Why doesn't TWRP have password protection?
I’ve had people ask enough for a protected TWRP that I’m creating this page as a response so I don’t have to retype. If you’re seeing this page, you’re proba...
twrp.me
i only want encrypt to be able to use the fone for work purposes i dont really care about the data or the phone itself they can be replaced but havin encrypt means i can work on it.
Hello, My phone is new & fresh. Sometimes during playing games or heavy tasks, I see some lags. It's KG5K or Spark 8c model & Android 11. I noticed that my phone is already showing encrypted in 'Encryption & credentials'. I tapped on the Encrypted word but nothing comes to make it decrypt. I am a boy and a student. (Not a celebrity ) I don't want privacy or encrypted Android. I want to get highest performance from my phone. So factory reset it from 'Settings' app. But still showing encrypted. So I tried to get to the recovery mode to hard reset. I saw so many tutorials for the same model. Everywhere Volume + & Power button for this phone. I tried but can't get there. Anyway, after connecting another android via wireless adb. I commanded to go to recovery. Finally, I got there. And hard reset it.But I saw it's still encrypted . Any solution? I already lost so many app data because didn't create backup. PLEASE HELP ME DECRYPT IT. SO MY PHONE CAN BE MORE FAST!! AND LET ME USE IT ASAP. I DON'T WANT TO USE IT UNTIL I DECRYPT IT !!!!!!!!
Look inside here:
How to Decrypt an Encrypted Phone
If you have an encrypted phone, you may be wondering how to decrypt it. Answer for common questions about how to decrypt an encrypted phone.
innobytech.com
Thx. But it didn't work. They are talking about keys. Please note that I can't go through the 'encryption' button. Showing no option to disable it or to input keys. Android Device Manager also not showing Encrypt) Decrypt option. I bought it from official Tecno show room. Still if the phone is fake, how can I discover it? Or want to know if there is any way to check if my phone is really encrypted. I have doubt about that the 'setting's 'encryption' word is like a demo word just showing itself. HELP ME!!
To check Android's encryption state you may use ADB
Code:
adb devices
adb shell "getprop ro.crypto.state"
jwoegerbauer said:
To check Android's encryption state you may use ADB
Code:
adb devices
adb shell "getprop ro.crypto.state"
Click to expand...
Click to collapse
Sir, I entered the command via wireless adb. It says "encrypted" . Please see the attached photo. I am afraid now. Help me decrypt it (specially via adb) Any command to do it? !. Please HELP ME!!
You can't remove encryption, AFAIK. Use the device with encryption.
FYI:
That happens when Android boots up
Sorry sir, but that's not a solution. I want to decrypt it. To make it faster. It's Android 11 and it's 2023. It's a modern age and nothing is impossible. (HAPPY NEW YEAR ) You can't leave it like that, sir. Thx.
You simply didn't understand it: encryption takes place when Android boots up, this is forced by Android kernel.
Flash a Custom ROM what doesn't encrypt Android.
It has 12+1 months warranty. So I don't want to install TWRP, root, Custom ROM, Customized Kerbal etc. Because, I'm a student and my exam will held within 4 month from now. Please sir assure me, as you said encryption or decryption happens when Android boots up. So it may take a while to boot up completely. I've no problem in it. Please sir tell me after it boots up is there any decryption process happens further. I meant is encryption/decryption happens only when it boots up and only for that moment. Or it continuously or Constantly run this encrypt/decrypt all the time (when the Android is powered on ) Hope ya understand . And Help to free me from this problem. Thx
lightinfo10 said:
It has 12+1 months warranty. So I don't want to install TWRP, root, Custom ROM, Customized Kerbal etc. Because, I'm a student and my exam will held within 4 month from now. Please sir assure me, as you said encryption or decryption happens when Android boots up. So it may take a while to boot up completely. I've no problem in it. Please sir tell me after it boots up is there any decryption process happens further. I meant is encryption/decryption happens only when it boots up and only for that moment. Or it continuously or Constantly run this encrypt/decrypt all the time (when the Android is powered on ) Hope ya understand . And Help to free me from this problem. Thx
Click to expand...
Click to collapse
then you can't decrypt. you need to format in twrp, reboot into twrp, and flash the decrypt file for your device.
Encryption is mandatory in Android 10 and up.
Factory Data Reset won't decrypt your device and will only regenerate new encryption keys.
The only way to decrypt your device is to unlock the bootloader, and flash no-encrypt in a custom recovery to prevent re-encrypting the flash memory.
Phones nowadays can't experience performance impact from encryption since they have a Dedicated AES engine implemented in hardware so that they can decrypt blocks in memory on-the-fly. You shouldn't really be decrypting your device as it is NOT RECOMMENDED.
Though if you really want to decrypt your device, some phones are decrypted by not using a lock screen as some phones require a lock screen so that they can get data from there to derive a secure encryption key.
Look, your phone doesn't slow down for encryption, the problem you have is that your phone is a low end device. Even if you manage to decrypt it, you won't see any difference except that if someone steals your phone, they will have every data you have. You need to optimize it, you may root it and delete system apps and things like that, when I want a boost in games, i temporary disable Google Play Services and Google Play, then the phone goes faster.
lightinfo10 said:
Hello, My phone is new & fresh. Sometimes during playing games or heavy tasks, I see some lags. It's KG5K or Spark 8c model & Android 11. I noticed that my phone is already showing encrypted in 'Encryption & credentials'. I tapped on the Encrypted word but nothing comes to make it decrypt. I am a boy and a student. (Not a celebrity ) I don't want privacy or encrypted Android. I want to get highest performance from my phone. So factory reset it from 'Settings' app. But still showing encrypted. So I tried to get to the recovery mode to hard reset. I saw so many tutorials for the same model. Everywhere Volume + & Power button for this phone. I tried but can't get there. Anyway, after connecting another android via wireless adb. I commanded to go to recovery. Finally, I got there. And hard reset it.But I saw it's still encrypted . Any solution? I already lost so many app data because didn't create backup. PLEASE HELP ME DECRYPT IT. SO MY PHONE CAN BE MORE FAST!! AND LET ME USE IT ASAP. I DON'T WANT TO USE IT UNTIL I DECRYPT IT !!!!!!!!
Click to expand...
Click to collapse
Thanks to you all ! I fully understood the situation. [SOLVED]