is dc-unlocker's HCU safe to install ? - Honor 6X Questions & Answers

Hello,
I possess a GR5 BLL-L22 which is bootlocked, and I need an unlock code sinced Huawei doesn't provide them anymore.
I am willing to pay the credits needed to perform the unlock. I went into DC unlocker site and downloaded HCU on my Windows 10 computer, but there are signs that scream malware:
* download is a password protected zip
* App does not allow to run inside a Virtual machine
* Last but not least, my AV Sophos, detect it has adware and put it into quarantine
Any thoughts ?
Also, do I really need to install something on my computer to get an unlock code ? I believe I only need to pass the IMEI or some identifier to get the unlock code.

biaib said:
Hello,
I possess a GR5 BLL-L22 which is bootlocked, and I need an unlock code sinced Huawei doesn't provide them anymore.
I am willing to pay the credits needed to perform the unlock. I went into DC unlocker site and downloaded HCU, but there are signs that scream malware:
* download is a password protected zip
* App does not allow to run inside a Virtual machine
* Last but not least, my AV Sophos, detect it has adware and put it into quarantine
Any thoughts ?
Also, do I really need to install something on my computer to get an unlock code ? I believe I only need to pass the IMEI or some identifier to get the unlock code.
Click to expand...
Click to collapse
For the most port, you need to go in, get your code and then delete it. It's safe on my phone. However, you can always try Ministry of Solutions. But they may cost More. Rest assured, did you download from official site? If so, then it's safe. Just get your code and delete it.

Mannan Qamar said:
For the most port, you need to go in, get your code and then delete it. It's safe on my phone. However, you can always try Ministry of Solutions. But they may cost More. Rest assured, did you download from official site? If so, then it's safe. Just get your code and delete it.
Click to expand...
Click to collapse
Hello, thanks for the answer. What do you mean on your phone ? is there an android version of the unlocker ? because what I have is a zip archive with a windows installer in it.
If I desinstall it from windows, that does not guarantee at all it will remove any associated malware.

biaib said:
Hello, thanks for the answer. What do you mean on your phone ? is there an android version of the unlocker ? because what I have is a zip archive with a windows installer in it.
If I desinstall it from windows, that does not guarantee at all it will remove any associated malware.
Click to expand...
Click to collapse
Sorry. Typo. I meant on my PC. There is no Android version. You can always use an anti virus to check. Alternatively, if you downloaded it from Official Site you have nothing to worry about.

Its perfectly alright, I have used all their S/W on many occasions and I agree HCU flags as malware on my Win10 PC also.
I have to suspend Defender to run it.
I told them about this and they more or less said that I must be mistaken as no one else had complained.
I then sent them a screenshot and all they said that it is a false positive as their S/W is 100% virus free.

Sparkrite said:
Its perfectly alright, I have used all their S/W on many occasions and I agree HCU flags as malware on my Win10 PC also.
I have to suspend Defender to run it.
I told them about this and they more or less said that I must be mistaken as no one else had complained.
I then sent them a screenshot and all they said that it is a false positive as their S/W is 100% virus free.
Click to expand...
Click to collapse
Ok, thanks. In the end I used their dc-unlocker program which is not flagged.

Related

[Q] what is this Exploit.Linux.Lotoor.g

this site tried to put this on my pc when i joined here
i also just got this alert when clicking to download an attachment added to a post here. Superoneclick.
could it be a false positive of some sort? The download hadn't begun so i doubt it was the actual attachment that was infected.
"The requested URL cannot be provided
The requested object at the URL:
http://forum.xda-developers.com/
attachment.php?attachmentid=437039&d=
1289271263
Threat detected:
object is infected by Exploit.Linux.Lotoor.g"
I am seeing it too
I am getting an alert from Kaspersky that the file rageagainstthecage file in the SuperOneClickv1.5.5-ShortFuse.zip is infected with Exploit.Linux.Lotoor.g
Kaspersky report:
detected: Trojan program Exploit.Linux.Lotoor.g file: C:\Documents and Settings\user\Desktop\SuperOneClickv1.5.5-ShortFuse\rageagainstthecage
I expect this is a false positive due to the nature of the application, but Id like someone brighter than me to confirm.
Thanks!
I'm going to have to agree with the false positive considering it says it's a linux exploit in the name. RaTC is an exploit to get root on android which is a form of linux. I've also used SuperOneClick so I know it's not malicious.
Well, maybe it is malicious if we take into consideration this:
...
Troj/DroidD-A
Aliases
* Exploit.Linux.Lotoor.k
* Exploit.Linux.Lotoor.g
* Trojan-Downloader.AndroidOS.Rooter.a
* Android.Rootcager
* Backdoor.AndroidOS.Rooter.a
* Trojan-Downloader.AndroidOS.Rooter.b
* Exploit.Linux.Lotoor.l
...
Troj/DroidD-A is a malware for Google Android phone. It purports to be legitimate application and had been on Google Market before it was taken down.
...
All the packages contains repackaged legitimate application with a trojan package in com.android.root package, which is specified to start its action prior to the normal application.
* It can access TelephonyManager and steal IMEI (International Mobile Equipment Identity) and IMSI (International Mobile Subscriber Identity) code, and various other data.
* It then add this information into an XML file
<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<Request>
<Protocol>1.0</Protocol>
<Command>0</Command>
<ClientInfo>
<Partner>%s</Partner>
<ProductId>%s</ProductId>
<IMEI>%s</IMEI>
<IMSI>%s</IMSI>
<Modle>%s</Modle>
</ClientInfo>
</Request>
* using a simple XOR byte encryption with a key predefined in the class adbRoot. The decrypted byte buffer contains the IP address and the URL of the server which is used to post data about the infected phone in an XML format using an HTTP POST request
The package contains runs a set of privilege escalation exploits. These exploits are detected by Sophos as PUA HackTool "Android Local Root Exploit".
After obtaining root privilege, it tries to install another DownloadProviderManager.apk (as package com\android\providers\downloadsmanager) which is the payload (also detected as Troj/DroidD-A)
This payloads will runs as a background service "DownloadManageService" and starts whenever the phone is boot up.
* It will try to access even more information and report back, including trying to enumerate packages installed on the phone and then report back to the same control center.
* It have function to install additional packages from remote download
...
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdroidda.html
That is so confusing lol. Tbh though, I doubt they'd be malicious or else they'd be taken down off of XDA. If they were, I'm sure they'd be taken down straight away as that would be MOST DEFINETLY against the rules. Wait to see what a mod or something says though.
Skellyyy said:
That is so confusing lol. Tbh though, I doubt they'd be malicious or else they'd be taken down off of XDA. If they were, I'm sure they'd be taken down straight away as that would be MOST DEFINETLY against the rules. Wait to see what a mod or something says though.
Click to expand...
Click to collapse
Has anyone got a live link to an example of this?
pulser_g2 said:
Has anyone got a live link to an example of this?
Click to expand...
Click to collapse
Seen this in a previous post, don't know if it'll help but here: http://forum.xda-developers.com/attachment.php?attachmentid=437039&d=
1289271263
Btw, I could swear you're stalking me. jk.
pulser_g2 said:
Has anyone got a live link to an example of this?
Click to expand...
Click to collapse
Here is another link (xda-dev as host): http://forum.xda-developers.com/attachment.php?attachmentid=591335&d=1304969547
Hope it can be solved.
Thx from Germany
Has anyone confirmed or denied that this in a trojan? Kaspersky detected this file on my computer (backup of my sdcard). That file was used when I rooted my phone, so I am concerned. By the way, the two links posted above do not work.
Gaining root privileges seems to be reasonable (especially if it's part of rooting your droid), however it's legitimacy depends on the reason.
In plain English, I'm trying to say that the question about lotoor should be answered per attachment (tool) and not on a global basis.
BTW: lotoor also detected (virustotal 14/42) for zr file which is part of MTKdroidTools. I'm not qualified enough to answer if this is legit
I got this when I downloaded the ace hack kit, but disregard it.
Of COURSE it's a malicious exploit!
If you have specifically rageagainstthecage or zergrush, congratulations, your virus software has successfully discovered your ROOTING software for what it is - a malicious linux-based exploit used to root android devices!
Remember when the phone manufacturers locked the door to root? Remember we decided to break in and root em anyway? These linux exploits are what break the lock - (Super) One Click Root, root.jar files, root.exe files, etc etc. All executables with these 'virus's' that root your phone. That isn't to say you guys don't have something that may well be dangerous to linux machines, but if you still have rooting software on your Windows PC, then this is most likely what it is, and it's a-okay.
Hope you guys are sighing with relief
The4thDoctor said:
Has anyone confirmed or denied that this in a trojan? Kaspersky detected this file on my computer (backup of my sdcard). That file was used when I rooted my phone, so I am concerned. By the way, the two links posted above do not work.
Click to expand...
Click to collapse
voshell said:
this site tried to put this on my pc when i joined here
Click to expand...
Click to collapse
Have you downloaded or installed "Exynos Abuse" to root Samsung/Exynos powered device ??
Because that's what I have, and I get it all the time on my antivirus Kaspersky
Exynos Abuse main development page http://forum.xda-developers.com/showthread.php?t=2050297
wait a minute .. but my kaspersky detected it in a file named "root me " on the computer , i did root my samung mini2 with it , yet it's STILL fully functional after ks quarantined it !!
Is it something else?

[UPDATED, DUMPED!] I have an HTC 8X engineering unit! Check this out devs

The dump will be online soon, special thanks to the members who helped me get the dump! Without the help of them I wouldn't have do this.
I wanna thank these guys and to all who have posted here..
biktor_gj
Jaxbot
E:V:A
Cotulla
and especially rob243 who will host the dump for the developers to download.
I hope Windows Phone users will benefit to this!
Please check back here in a few days for the dump.
Meanwhile, the engineering HTC 8X loaner device will have to go back to the company soon, too. I would appreciate a little donation from the generous ones out there. Buy me a pizza? Buy me my own 8X? Just hit the donate to me button on the left under my username, or here.
Thanks all!
neilgoco said:
I got one with tons of apps that seems to be for testing. Maybe somehow this will help in the future development of the device? I am not sure how though.
Click to expand...
Click to collapse
Lucky you, check the hspl/spl to see if it's locked or unlocked. If unlocked, contact the user, I mean The Living Legend called COTULLA and tell him about your phone. Actually, just contact him, he will tell you to do a few things and if someone can help in here, it's him. We owe him the HSPL for HTC WP7 1st and 2nd generation phones and the 1st Titan custom rom (DFT) among other things.
Thanks for sharing!
f.
forelli said:
Lucky you, check the hspl/spl to see if it's locked or unlocked. If unlocked, contact the user, I mean The Living Legend called COTULLA and tell him about your phone. Actually, just contact him, he will tell you to do a few things and if someone can help in here, it's him. We owe him the HSPL for HTC WP7 1st and 2nd generation phones and the 1st Titan custom rom (DFT) among other things.
Thanks for sharing!
f.
Click to expand...
Click to collapse
Okay, how do I check that? Here are the apps installed, aside from the normal ones.
AudioPathSwitch
AutoCountCharge
AutoCountHeadset
CameraAutoFocus
CameraTestTool
DebugFlagEdit
eMMCTool
GCFSettings
HTCLogUploadStatus
NFCTool
PPT7Extension
StorageFullTool
TestSuite
USBModeSwitch
User Trial Feedback
WiFiTool
WirelessTool
WPRControl
zAccCalibrationApp
zAdventureWorks
zAllThingShell
zAppPurchaseHistory
zBattInfo
zBingSuggestsTestApp
zCafeApp
zCasey's Coffee
zDebugMenu
zEpdDiscoverySettings
zFiddlerClient
zGestureBester
zIE Optimization
zLocation Diagnostic App
zManaged Maps
zMarbleMaze
zProximityTestApp
zSensorView
zSystemInfo
zTicTapToe
zUpdate
zUsbFnBusMenu
zWiFiCSSettings
zWPPerf
zWPRedApp
what is the ROM version installed on the device?
Cotulla said:
what is the ROM version installed on the device?
Click to expand...
Click to collapse
Check these screenshots, especially the 3rd one.
okay, from the app titles and about phone screenshots- this is most definitely an engineering/test unit. bootloader entry built into the OS? wp bld lab? how did you come across this gem?
nothingsfactory said:
okay, from the app titles and about phone screenshots- this is most definitely an engineering/test unit. bootloader entry built into the OS? wp bld lab? how did you come across this gem?
Click to expand...
Click to collapse
[REDACTED FOR PRIVACY REASONS]
By the way, I am not sure if it's right to tap the Enter Bootloader button, I'm scared! LMAO
You do realize that this can help developers reverse engineer windows phone 8 right?
mcosmin222 said:
You do realize that this can help developers reverse engineer windows phone 8 right?
Click to expand...
Click to collapse
I do, that's why I created this thread so I can help somehow, even by a bit.
EDIT: I found a setting that lets me developer lock/unlock the device (even without registration). If you want me to test or run apps that will help you guys let me know.
EDIT 2: I tried tapping the Enter Bootloader option but it does nothing. Maybe I am doing it wrong?
neilgoco said:
I do, that's why I created this thread so I can help somehow, even by a bit.
EDIT: I found a setting that lets me developer lock/unlock the device (even without registration). If you want me to test or run apps that will help you guys let me know.
EDIT 2: I tried tapping the Enter Bootloader option but it does nothing. Maybe I am doing it wrong?
Click to expand...
Click to collapse
You can try holding down Vol Up, camera, and power, or Vol Down, camera, and power to get to the bootloader.
Is there a way to access the file system?
Jaxbot said:
You can try holding down Vol Up, camera, and power, or Vol Down, camera, and power to get to the bootloader.
Is there a way to access the file system?
Click to expand...
Click to collapse
I tried doing the volume down, camera, and power combination and it displayed something like a BIOS screen very quickly, around 1-2 seconds and then continues to boot up. I only managed to read the 1st line which says 'Security Unlocked' or something. I'll try take a photo.
EDIT 2: Regarding the file system access, I found these on the phone. Will any of these help?
[REDACTED FOR PRIVACY REASONS]
neilgoco said:
I tried doing the volume down, camera, and power combination and it displayed something like a BIOS screen very quickly, around 1-2 seconds and then continues to boot up. I only managed to read the 1st line which says 'Security Unlocked' or something. I'll try take a photo.
EDIT: Here's a rather blurry shot. :S
EDIT 2: Regarding the file system access, I found these on the phone. Will any of these help?
Click to expand...
Click to collapse
Security Unlocked probably means UEFI is off, or otherwise the bootloader is unlocked. Could be very wrong on that, though. Either way, doesn't matter since we don't have a 8X ROM to cook and modify.
Jaxbot said:
Security Unlocked probably means UEFI is off, or otherwise the bootloader is unlocked. Could be very wrong on that, though. Either way, doesn't matter since we don't have a 8X ROM to cook and modify.
Click to expand...
Click to collapse
JK. http://www.xda-developers.com/windows_phone/say-hello-to-wp8-htc-8x-ruu-leaked/
This is so very serious and huge news...if it has the UEFI unlocked like an ES is supposed to be. Can you access the file system/mount device in bootloader mode?
Also, could you try and install a WP7.* xap file ( just download an app/game xap from xda or this one from here, not a sys messing one) on it? Just copy it inside phone's int meme and click on it, the installer ''should" handle the xap...
BTW,if tha XAP installs and runs I could say that phone is worth its weight in gold...cough...cough...for us and MS.
htc9420 said:
This is so very serious and huge news...if it has the UEFI unlocked like an ES is supposed to be. Can you access the file system/mount device in bootloader mode?
Also, could you try and install a WP7.* xap file ( just download an app/game xap from xda or this one from here, not a sys messing one) on it? Just copy it inside phone's int meme and click on it, the installer ''should" handle the xap...
BTW,if tha XAP installs and runs I could say that phone is worth its weight in gold...cough...cough...for us and MS.
Click to expand...
Click to collapse
Can you access the file system/mount device in bootloader mode?
I cannot enter the bootloader mode, when I press volume down, camera, and power button it just shows the (I'll call it the...) BIOS screen very quickly, and then continues to boot up. Are there any other ways to access the file system?
Also, could you try and install a WP7.* xap file on it?
I'll try later. And what do you mean by "Just copy it inside phone's int meme and click on it, the installer ''should" handle the xap..."
neilgoco said:
Can you access the file system/mount device in bootloader mode?
I cannot enter the bootloader mode, when I press volume down, camera, and power button it just shows the (I'll call it the...) BIOS screen very quickly, and then continues to boot up. Are there any other ways to access the file system?
Click to expand...
Click to collapse
Maybe it's a combination of only two buttons....or maybe there's an app for that
neilgoco said:
Also, could you try and install a WP7.* xap file on it?
I'll try later. And what do you mean by "Just copy it inside phone's int meme and click on it, the installer ''should" handle the xap..."
Click to expand...
Click to collapse
Email it to you as an attachment and try to open it on the phone.
Also, depending on your time and availability, you could contact E:V:A by PM or posting in this thread http://forum.xda-developers.com/showthread.php?t=1934388 so you could dump whatever is on that phone.
Wow, this is real HW porn! I posted partition dump instructions in that thread, but I now see that this could be even more useful in the future, for allowing us to have unlocked bootloaders with all engineering features intact. So if you could somehow get us, either a full "disk image" or preferably all of the individual partitions, that would be awesome!
All the tools needed can be found in the links of my footer. It could be that you need to install some additional USB drivers as well.. But we'll see.
E:V:A said:
Wow, this is real HW porn! I posted partition dump instructions in that thread, but I now see that this could be even more useful in the future, for allowing us to have unlocked bootloaders with all engineering features intact. So if you could somehow get us, either a full "disk image" or preferably all of the individual partitions, that would be awesome!
All the tools needed can be found in the links of my footer. It could be that you need to install some additional USB drivers as well.. But we'll see.
Click to expand...
Click to collapse
My brains! Is it possible to do that via TeamViewer or something like that? So you would control my PC?
EDIT: I got into the 'bootloader mode' (not sure if it is). I plugged it into my notebook and it installed Windows Mobile Device Center (forgot the exact name lol) and the 'Serial' mode changed into 'USB'. ?
[REDACTED FOR PRIVACY REASONS]
neilgoco said:
My brains! Is it possible to do that via TeamViewer or something like that? So you would control my PC?
Click to expand...
Click to collapse
It's not that hard and it can't be done via remote support unless you have two machines ( you need one running linux and the other one with a IM that has video also). Your best shot is to find a friend that knows Linux and has a Linux distro installed and "beg" him to do it for you.
Also, it would be wise to keep secret the rest of the info about the device. It's been known that MS roams XDA and this thread isn't good news for them, just let me put this in another way : it's like you've got a WIN8 key generator in your hands ( though this is not a solution to activate W8). Stick to PM the devs.
Gracias
More finds. I pressed camera, volume UP, and power. Got this on Windows.
CHECK FIRST PAGE. =)

Windows RT 8.0 Recovery Environment Jailbreak

This is a version of the 8.0 jailbreak that will run in the recovery environment. This is meant more for developers than end-users.
It does not force a two minute wait at the start, but that is still required.
As always, it was developed for a Surface RT. Vivo tabs, etc..., your mileage may vary. I developed it targeting the Windows RT 8.0 image that MS uploaded after the 8.1 upgrade issues. I don't know if this varies from the stock image, I don't have it anymore.
I'm also curious as to if it'll run on a Surface 2 in the recovery environment. If anyone can test, I'd be grateful.
The trick to getting cdb and whatnot to run was plugging in valid certificate catalogs for cdb (and some other tools).
It also doesn't work with the side volume keys, though it does work with the volume keys on my Type 2 keyboard.
I think you need to add an batch file to download the symbol. The preloaded one may not work on some other tablets.
LolitaPlus said:
I think you need to add an batch file to download the symbol. The preloaded one may not work on some other tablets.
Click to expand...
Click to collapse
There is no Internet in recovery mode. If you can send me aystem32\ntkrnlmp.exe and system32\ci.dll for your recovery I can add them.
netham45 said:
There is no Internet in recovery mode. If you can send me aystem32\ntkrnlmp.exe and system32\ci.dll for your recovery I can add them.
Click to expand...
Click to collapse
However you can run it under normal Windows RT environment, don't you? I know there is no internet so I said it should be in another file.
LolitaPlus said:
However you can run it under normal Windows RT environment, don't you? I know there is no internet so I said it should be in another file.
Click to expand...
Click to collapse
You can't get at the recovery files easily from a full system either.
netham45 said:
It also doesn't work with the side volume keys, though it does work with the volume keys on my Type 2 keyboard.
Click to expand...
Click to collapse
So, seriously, that was my mistake. I only try to use side volume key. And I delete all my work for recovery jailbreak yesterday. Want to cry now. :crying:
Thank for your work, again.
netham45 said:
There is no Internet in recovery mode. If you can send me aystem32\ntkrnlmp.exe and system32\ci.dll for your recovery I can add them.
Click to expand...
Click to collapse
Is there anyway I can done it myself?
LolitaPlus said:
However you can run it under normal Windows RT environment, don't you? I know there is no internet so I said it should be in another file.
Click to expand...
Click to collapse
I get what you're saying, misread your other post. I don't have my device in a bootable state right now, but once I get it fixed up I'll make a .bat you can run to dump the PDBs for the other kernels.
hisoft said:
So, seriously, that was my mistake. I only try to use side volume key. And I delete all my work for recovery jailbreak yesterday. Want to cry now. :crying:
Click to expand...
Click to collapse
That really stinks. Sorry for your loss.
Assuming we have a way to run unsigned code, does anyone have a way to perform raw reads of a block device? I don't think there's any way to do it with managed code, and my development skills only extend a little into that. I figure there should be a way to compile C++ for ARM though. It might help you recover some of what you lost.
Also, it might help us get deleted files off system partitions. A few of us got lucky in getting Vivotab RTs that didn't have signing files deleted. If we could boot from a USB stick and undelete them, then just about everyone could have them...
nice work and a useful way to boot an RT8.1 system into an 8.0RT RE + jailbreak system
I had to get the correct symbols for my Sept 2012 kernel
You have to unlock the os drive if system has a Live account and it is Bitlockered
I usually skip that and run a batch file
manage-bde -unlock c: -recoverypassword xxxxxx-...
WindowsRE RT8.0
doesn't have a full windows environment or full win32 api (obviously) and no network (so far)
but can run many unsigned RT desktop apps
eg
putty
Strangely it can't run RT8.1 standard OS utilities -- must be some version number etc in the header it doesn't like
I might look into a way to dual boot it from HD (rather than booting from a USB) in due course
This is awsome! Been waiting for some update on something about RT jailbreaking even though it's in a RE environment.

HELP Forgot Pattern in Android 6.0

Thats the problem...Android Device Manager is useless cuz there is already a pattern...I tried almost 100 times and there is no "forgot your password?" option...I need at least do a copy of my pictures.
Is there any solution to this? I feel like a real idiot...I was trying a different pattern and I forgot It...I cant believe it...
I think there's a file not sure if it is directly under /data/system or one of it's sub directories, but basically what I did was to boot to TWRP , use the built it file manager and delete that file. I could then access my phone. I will search maybe I kept the file name somewhere.
EDIT:
Just remove this file /data/system/gesture.key
and reboot.
wizardwiz said:
I think there's a file not sure if it is directly under /data/system or one of it's sub directories, but basically what I did was to boot to TWRP , use the built it file manager and delete that file. I could then access my phone. I will search maybe I kept the file name somewhere.
EDIT:
Just remove this file /data/system/gesture.key
and reboot.
Click to expand...
Click to collapse
How I do that? my phone is not rooted, the bootloader is locked and debugging mode is off :S
Jerber said:
How I do that? my phone is not rooted, the bootloader is locked and debugging mode is off :S
Click to expand...
Click to collapse
That could be a problem. I think that it might be done using adb but not sure if it can be done without root/bootloader secured
If cracking an Android device were as easy as deleting a file then I doubt that there's much value in any security on a device at all, no?
Surely this has to be a reinstall of the ROM...? Maybe with no-wipe to preserve the data?
Genuine question - I don't know for sure.
dahawthorne said:
If cracking an Android device were as easy as deleting a file then I doubt that there's much value in any security on a device at all, no?
Surely this has to be a reinstall of the ROM...? Maybe with no-wipe to preserve the data?
Genuine question - I don't know for sure.
Click to expand...
Click to collapse
Testing it would be really easy. just set a pattern and then delete that file.
Lets us know is it is that easy to hack it or not.
Since obviously you know better, share your findings with us.
dahawthorne said:
If cracking an Android device were as easy as deleting a file then I doubt that there's much value in any security on a device at all, no?
Surely this has to be a reinstall of the ROM...? Maybe with no-wipe to preserve the data?
Genuine question - I don't know for sure.
Click to expand...
Click to collapse
The phone has to have an unlocked bootloader and twrp installed, so you already compromised its security yourself. You could relock the bootloader, flash a stock recovery and encrypt the phone, that would solve the issue.
"Since obviously you know better, share your findings with us."
Look, guy, just because you're a senior member there's no need to be offensively sarcastic.
Maybe you didn't get as far as my last comment: "Genuine question - I don't know for sure."
dahawthorne said:
"Since obviously you know better, share your findings with us."
Look, guy, just because you're a senior member there's no need to be offensively sarcastic.
Maybe you didn't get as far as my last comment: "Genuine question - I don't know for sure."
Click to expand...
Click to collapse
Not being Sarcastic at all. Making a point. If you got offended, sorry about that.
I posted what I have , after testing it myself. Had the same issue on Lollipop.
Further more, I will share another piece of Info in here.
When You are able to access any Solaris/Linux server using a console , and boot it from DVD, you can simply edit the /etc/shadow file and reset even the root password. Does that mean Unix/Linux aren't secure OS's ?
When you have access to OS level files you can practically hack every OS.
Same goes here. When you have unlock bootloader and modified recovery you can access system files that otherwise would be inaccessible. if he can have access to that file and remove it, he will gain access to his system.
Well, I tried everything that I could because my phone is no rooted, and the bootloader is locked, plus, the debugging mode is off too... so I was close to give up, BUT finally I remembered that my phone was connected to Airdroid!; if Airdroid is connected to the phone It can bypass the lockscreen and you can access to the internal memory anyways with the Airdroid website!, so I did a full backup of all my pictures and then I did a factory reset!, the copy was a kinda slow but I didn't care of course!. What a relief!!!
So, I really recommend use Airdroid (and have the app connected of course), it saved my life!, I was really frustrated about this, I cant believe Google doesnt provide the old way the restore the pattern like in Kitkat and Jelly Bean.
wizardwiz said:
I think there's a file not sure if it is directly under /data/system or one of it's sub directories, but basically what I did was to boot to TWRP , use the built it file manager and delete that file. I could then access my phone. I will search maybe I kept the file name somewhere.
EDIT:
Just remove this file /data/system/gesture.key
and reboot.
Click to expand...
Click to collapse
It worked like a charm!
I have a fingerprint enabled phone. forgot my pattern, followed your suggestion and presented in my phone are data/system/gesture.password.key and gesture.pattern.key so I deleted the pattern.key (guided by forgotten pattern) I rebooted and my apps were optimized and voila the phone is unlocked.
However, I tried accessing the fingerprint menu on my phone but refused access. I then used root explorer, browse to aforementioned location, copied and renamed gesture.password.key to gesture.pattern.key as it was before deletion.
went back to the security setting of my phone, setup pin option (scared of forgetting the pattern again) and phone screen locked. I try using my fingerprint to unlock (which I am accustomed to) and voila! it says pin required for additional security. entered Pin and the fingerprint menu became functional again and all previously stored fingerprints remained unaltered....QED

New methods to custom software no root or unlock bootload

I have started developing of an android app project, some can give user privilege to edit system without root and unlocking bootloader.
Here is info about how my program do it.
1. Capture network traffic and get server IP and port of this application some update the system. (SYSTEMUPDATE.APK).
2. Starting portforwarding to my server and capture request from application and my server will be to a VPN, so the request can be send from my server to orginal server and back.
Softwareupdate.apk will ask for updates, after it has begin downloading of this update, will my server save networktracffic and my server has a program, some can detect specific files. (Update.zip)
3. Now will my program send the custom update over my server, some user has makes self and selected in app.
4. Now will systemupdate.apk get the modified version of its update and the target device will install it.
Note: My program don't unpack the files, but it's has patch function for avb security and its zip verification.
I upload soon the project to GitHub, some open source.
Note: Have a copy of your software, because you are need copy of your vbmeta.img's files...
add list of supported (confirmed working) devices you tested successfully
aIecxs said:
add list of supported (confirmed working) devices you tested successfully
Click to expand...
Click to collapse
All devices would essentially work with this if correct signature and fake host identical to your manufacturers. Sad to say if you root you would still have detection. Maybe this will be a way to escape widevine degradation
Hey Joe! I loaded your image and your account is active with your Lovoo! now i have serious problems with my girl because she thought i wrote that!best regards! pete
Oh my gosh! I just noticed!! I will clean up this image immediately! and thanks for that info bro! and I'm really sorry about your girl!!
toolhas4degrees said:
All devices would essentially work with this if correct signature and fake host identical to your manufacturers.
Click to expand...
Click to collapse
just name a single one. what device used for testing? which manufacturers signature you have spoofed successfully?
aIecxs said:
just name a single one. what device used for testing? which manufacturers signature you have spoofed successfully?
Click to expand...
Click to collapse
People have spoofed server using msm tools in the past. This is pretty much the same thing. Browse xda
so you are asking us to send our traffic to your server on good trust, but you don't have any proof and don't answer the question lol
aIecxs said:
so you are asking us to send our traffic to your server on good trust, but you don't have any proof and don't answer the question lol
Click to expand...
Click to collapse
My server. Are you crazy. You make your own virtual server on your computer. Man you are smart. Do you just like to argue about things you don't know anything about and are obviously to lazy to search.
And if you are mistaken I'm not the op of this thread.
JonasHS said:
I have started developing of an android app project, some can give user privilege to edit system without root and unlocking bootloader.
Here is info about how my program do it.
1. Capture network traffic and get server IP and port of this application some update the system. (SYSTEMUPDATE.APK).
2. Starting portforwarding to my server and capture request from application and my server will be to a VPN, so the request can be send from my server to orginal server and back.
Softwareupdate.apk will ask for updates, after it has begin downloading of this update, will my server save networktracffic and my server has a program, some can detect specific files. (Update.zip)
3. Now will my program send the custom update over my server, some user has makes self and selected in app.
4. Now will systemupdate.apk get the modified version of its update and the target device will install it.
Note: My program don't unpack the files, but it's has patch function for avb security and its zip verification.
I upload soon the project to GitHub, some open source.
Click to expand...
Click to collapse
I count "my server" six times. there is no github link. it's common sense one can't modify system on locked bootloader. it's not my job to proof you wrong, it's your job to proof this genius hack!
toolhas4degrees said:
And if you are mistaken I'm not the op of this thread.
Click to expand...
Click to collapse
LOL completely missed that! sorry for arguing at you. But wth did you reply for him? xD
aIecxs said:
LOL completely missed that! sorry for arguing at you. But wth did you reply for him? xD
Click to expand...
Click to collapse
I didn't you quoted me, bc I told you it technically would work
technically... except that no OEM would leak their private key
wait... just read that today. this is gamechanger
Android OEM key leak means sideloaded "updates" could be hiding serious malware
Samsung, LG, and MediaTek are among the companies affected.
www.xda-developers.com

Categories

Resources