[Q] Prevent encrypted device wipeout from too many failed passwords? - General Questions and Answers

Hi there!
TL;DR: Forgot encryption password, only have 10 tries left before data wipe, how can I backup my phone to get 10 more tries if I don't manage to find the password within 10 tries?
For context:
*ROM: Lineage 14 official build
*Custom recovery: TWRP
*Bootloader: Unlocked
*The phone is not rooted.
*No SD card port.
*The phone is encrypted with a password (not a PIN)
*I don't remember the exact encryption password, so I can't get past the password prompt after booting. But I am sure I can find it if I keep trying. It might take me more than 10 tries to enter all variations though.
*I can't access or mount /data from TWRP (nor can I get past the password promt after booting) without the password.
*After entering the wrong password multiple times, the password prompt says I only have 10 tries left before the data gets wiped, and I must avoid this at all costs. (Since Android 6 or 7, there is a limited number of tries before the phone gets wiped)
My question is: How can I make a backup of the phone in it's current state, so that even if I don't manage to enter the right password after booting the phone 10 times, I can restore the phone in it's current state and still have 10 more tries (and eventually repeat this if I still don't manage to find the password after 20 tries)?
I have found some tutorials that show how to backup /dev/block/mmcblk0, but they require root (I can't install anything in my phone since it's encrypted...). And I am not even sure if it will work to restore the phone in it's "10 tries left".
I also don't have access to /data partition from TWRP without entering the password (it shows "0MB") so I can't backup the /data partition from TWRP.

Related

[Q] Unable to Encrypt TF700 with Cromi-X 5.2a

I am trying to encrypt my device (to satisfy BYOD rules for my employer) and have not been able to get it to work.
I have setup a PIN and followed the following with my device fully charged and plugged in.
1. Select encrypt from Security
2. Click the encrypt button at the bottom
3. Enter my PIN
4. From the follow up encrypt screen I click the encrypt button at the bottom again
5. Tablet reboots by itself
6. I am presented with a Android logo (robot with gears in the middle) for about a minute
7. Tablet then reboots by itself back to the system
8. I check the encrypt setting in Security and it looks exactly the same as before (like my device is not encrypted)
I do not receive any error message
I've tried this with and without my SD card in place.
I've tried this in the keyboard and out of the dock.
It's the same result every time.
I am running Cromi-x 5.2a (just installed over the Thanksgiving weekend) and have done some tweaks with Pimp my Rom.
Appreciate any suggestions as to why my device will not encrypt, or throw any error messages.
Additional testing
OK, did some additional testing.
After the above steps failed, I did another factory reset and wipe of my device (Asus tf700) and then executed the following:
1. After the reset/wipe I flashed Cromi-X 5.2a (US build with _that kernel v6)
2. I then set my PIN (4 numbers because I'm lazy)
3. I then selected Encrypt from the Security menu and selected the Encrypt button
4. My PIN was successfully entered
5. On the second encrypt screen I selected the encrypt button
As before my device rebooted by itself, and also as before I got a screen with just the green android robot with gears in the middle
Also as before, After a very short period of time (a few minutes at most) the tablet rebooted itself.
This time however, I got a different response. Instead of booting all the way through to the lock screen. The system just hangs at the Cromi-X boot screen (spinning circle).
I even let it sit all night thinking it was "encrypting", but nope came up in the morning and it was still just sitting there.
One more item to note, this time when I went to reset/wipe my device I did get a message in TWRP that my device was encrypted. I had to enter my PIN in order to wipe/reset the device.
So while it won't boot, some sort of encryption happened.
HELP!!??
Same...
Same thing happens to me, after I press the encrypt button the Android guy with gears appears and it seems that it is an app. Then the tablet force shutdown itself (because it never takes that fast) and reboots...
everything is same, except I'm running Cromi-x 5.4 and not 5.2a.

[Q] Unlock Android Device

Hi. I'm doing a search in my university about android security.
1. is it possible obtain acess the information of the user if the device android has lock? I tought if i has a recovery custom, i do the backup of the rom, and i restore, when the device restart the informations (log calls, sms, photos) will be in the memory and it will be necessary digit the password to unlock device?
2. if i do a wipe (not data), in reboot the password will be necessary? (wipe system maybe)
3. plug the device in a pc with linux, i can acess some information (log calls, sms...)?
if this ideia isn't impossible, exist a way of the obtain some information of user?
thanks
1. If the device has a passworn/pin lock and a stock recovery, you won't be able to access any data. If it has a custom recovery, you can boot into it and do a backup to gain data. If you apply that backup to a new device, it will still have the password lock as all settings and data remain intact.
2. Yes, any setting is in the /data partition.
3. You won't be able to access and data if the phone is locked.

Changing disk encryption pw from inside TWRP...

The situation:
the device is encrypted
the device is locked with PIN
the encryption password was changed with SnooperStopper to be passphrase
→ everything works
change the screen lock PIN to another PIN and reboot
→ Phone asks for PIN to unlock instead of password, but neither the old nor the new PIN work; and since it doesn't offer full keyboard one cannot enter passphrase
→ but TWRP can still decrypt with the previously set passphrase
Possible fixes:
either change the disk encryption passphrase to be just PIN from inside TWRP so I can get back into android and the try to reset with SnooperStopper; or
change somthing in /system ( or boot?) from inside TWRP so that android offers full keyboard again on boot.
What would you recommend and how would I go about it? How does the system even know (or in this case falsely assume) that I am using PIN and not password? Is this managed through a config file on /system or is this information set directly on the encrypted disk?
Thanks for your suggestions.
[I know I can backup from TWRP and factory reset, but I would like to be able to fix it properly and understand what's going on, in case it happens again]
Probably not so relevant, but for completeness: it's CM13 running on bacon.

HELP! Device does not accept PIN during boot after TWRP and SuperSU install.

Hi All,
Today I wanted to install LinageOS on my S7. Before that I wanted to backup my data using Titanium Backup.
To get the full function of Titanium Backup I wanted to root the device before that.
I installed TWRP using heimdall and installed SuperSU from the external SD card.
Then I booted again and during boot the device asked me as usual for my pin (black screen, only pin input and emergency calls possible, NOT the pin input on the lock screen).
But when I entered my pin as usual the device said that the pin is invalid (it is the correct pin).
After several tries I got a message that after 8 more tries my data get will get erased permanently... ;-((
So long story short, does anyone has an idea of how I can decrypt my data on the data partition now???
Things to mention and tried so far:
* During the install of SuperSU the /data partition can not be mounted.
(Also adb shell twrp decrypt your_password does not work because of this I think)
I think this is because TWRP can't decrypt data partitions on Samsung Phones which is a known problem.
But this does not seem to be a problem for SuperSU.
* After I couldn't boot because of the problem the first time I also installed no-verity-opt-encrypt-5.1 in hope for a fix, didn't solve the problem either (But I am not shure if it adds to the problem after reading to a lot of postings today).
* I am not sure if it has to do, that asking for the PIN during boot was enabled in Settings on the device. But there was no hint, that this could be a problem in the instructions I used.
https://wiki.lineageos.org/devices/herolte/install
and
https://forum.xda-developers.com/galaxy-s7/development/recovery-official-twrp-herolte-t3333770
* I am not shure if this all has to do with dm-verity
see: https://twrp.me/devices/samsunggalaxys7.html[/QUOTE]
This device uses dm-verity!
This means that swiping to allow system modifications will prevent you from being able to boot if you are using the stock kernel. In order to bypass dm-verity's boot prevention, you will have to install a kernel that has dm-verity disabled in the fstab.
Click to expand...
Click to collapse
I am also not shure if Dm-verity and Forced Encryption Disabler is already included in SuperSU.
* Versions used:
Buildnumber: NRD90M.G930FXXU1DQEF
Baseband: G930FXXU1DQD7
twrp-3.1.1-0-herolte.img
SR3-SuperSU-v2.82-SR3-20170813133244.zip
no-verity-opt-encrypt-5.1.zip
* I also tried to make a backup of the encrypted partitions but copying of the partitions using TWRP and adb does not work because the phone gets reconnecting ca. every 45 seconds. And it seems it is not possible to decrypt an encrypted android partition on linux or windows even with the correct pin. (right?)
* The only thing I found is this, but I am not shure if this is the way to go, besides I don't know how to get the encrypted partitions of the phone.
http://www.forensicswiki.org/wiki/H...ypting_Samsung_Full_Disk_Encryption_.28FDE.29
I also saw as similar post like that today, but I have a pin and no password and I need to unlock my data partition with the correct pin (right?).
So does anyone has an idea how to decode the data partiton or to access my data in any way?
If I will be able to get my data of the device I could simply flash LinageOS and everything should be fine.
Thanks!

Auto Encryption ROM 47.2.A.10.62

I was trying to apply the installation of the eXistenZ (https://forum.xda-developers.com/xz...om-existenz-pie-v3-5-0-beta-31-01-19-t3895452)
But aside from that I found the following problem:
Following the instructions I downloaded the last ROM, I specifically downloaded the G8141_Customized UK_1308-5320_47.2.A.10.62_R3C
First of all I made a clean flash and restart, then I installed the TWRP v.3.3.1 via ADB, next the Magisk 19.3, later reboot the system normally and finally a tried to do the part of rebooting in the recovery and wiping data, cache, dalvic, etc.
However I noted that when the system started up the first time (after flashing) it appears a legend describing a process of encryption, it said the cel phone was going to be encrypted and it restarted once again.
When I start in the recovery mode and slide the bar to authorize to modify system partition nothing happens.
The first try I stored the Magisk.apk file in the internal memory but in TWRP interface the system partition is not mounted, the storage space says is 0 GM (or mb).
I started up the system one more time, trying to disable the encrypted function but is not possible, I disable Find my Device function as administrator maybe thinking it was the reason deactivating encryption was blocked but nothing.
I have to mention that when I enter recovery mode is not asking me to enter any pass or pin as it does when there is a pin protected phone.
Please can anyone help me to find the solution to this problem
Zur75 said:
I was trying to apply the installation of the eXistenZ (https://forum.xda-developers.com/xz...om-existenz-pie-v3-5-0-beta-31-01-19-t3895452)
But aside from that I found the following problem:
Following the instructions I downloaded the last ROM, I specifically downloaded the G8141_Customized UK_1308-5320_47.2.A.10.62_R3C
First of all I made a clean flash and restart, then I installed the TWRP v.3.3.1 via ADB, next the Magisk 19.3, later reboot the system normally and finally a tried to do the part of rebooting in the recovery and wiping data, cache, dalvic, etc.
However I noted that when the system started up the first time (after flashing) it appears a legend describing a process of encryption, it said the cel phone was going to be encrypted and it restarted once again.
When I start in the recovery mode and slide the bar to authorize to modify system partition nothing happens.
The first try I stored the Magisk.apk file in the internal memory but in TWRP interface the system partition is not mounted, the storage space says is 0 GM (or mb).
I started up the system one more time, trying to disable the encrypted function but is not possible, I disable Find my Device function as administrator maybe thinking it was the reason deactivating encryption was blocked but nothing.
I have to mention that when I enter recovery mode is not asking me to enter any pass or pin as it does when there is a pin protected phone.
Please can anyone help me to find the solution to this problem
Click to expand...
Click to collapse
Wipe cache and data
To factory reset and then boot your system
Turn off / flash twrp/ restart/turn off / enter twrp/ magisk / restart to twrp/flash existenz/ reboot
You will loose all data
Yes i have same problem. When use TWP Swipe but always failed
I try use flashtools, flash .ftf firmware .62 and choose all swipe in box Flashtools.
Now, folder is working.
You can try.
ngocthang26 said:
Yes i have same problem. When use TWP Swipe but always failed
I try use flashtools, flash .ftf firmware .62 and choose all swipe in box Flashtools.
Now, folder is working.
You can try.
Click to expand...
Click to collapse
I'm sorry, didn't understand you, did you fallow the sequence karrouma gave me in the first answer?

Categories

Resources