Force decryption for user data? - Xiaomi Poco F2 Pro (Redmi K30 Pro) Questions & Ans

Hi!
I think I managed to get two layers of encryption on my storage let me explain :
I had a pattern+fingerprint password. While changing my screen I also had to change the fingerprint sensor which lead to interface bootloop as I forgot to remove FP before changing sensor.
I tried a TWRP method to remove password from the device, consisting in removing some system files (which I didn't backup) without success, so I reopend th phone to plug the old sensor. This allowed me to remove my fingerprints and plug back the new sensor.
Now, I think my data is encrypted but the password is not prompted AND if i set the same password as before, I still can't access the data (even in TWRP as I think the encrypted data gets encrypted again)
Is there a way in TWRP (or other) to force a first decryption as I know both passwords?

Well, I removed my password and TWRP didn't prompt any pattern, and I can access my data.
However, My user remains encrypted with a password, and I can't figure it out.
I think the easy way is to copy my data and factory reset the phone.
Another way would be to clone full system partition to try recover the deleted files I think

Related

How to backup & restore Android 9/P/Pie with TWRP?

Because on https://twrp.me/google/googlepixel.html it says:
Decrypting Android 9.0 Pie when using a PIN / pattern / password does not work yet. We do not have an ETA for fixing decrypt. Restoring a backup made with an alpha using RC1 may result in loss of data including internal storage. If you need your backups from those versions, restore the backup using alpha2, then install RC1 and run a new backup with RC1.
Click to expand...
Click to collapse
I just flashed the official Android 9/P/Pie release (it did not fix the randomly dying microphone issue) and I want to do a full nandroid backup before I take my Pixel into UBreakIFix for a $0-80 fix because they require a locked bootloader and factory reset.
So do nandroid backups work or not?
SOLVED!
Answering my own question...
roirraW "edor" ehT said:
Since internal storage, where user apps and user and system app data are stored can't be decrypted, you'd definitely have to at least disable the pin/pattern/password, although you should confirm that doing so makes the storage readable in TWRP - it should.
Click to expand...
Click to collapse
According to this person, you must disable pin/pattern/password in order to decrypt the file system and allow nandroid backup & restore.
However, I just did a fastboot boot TWRP.img and it prompted me with my unlock pattern, and then it said "Data successfully decrypted". I checked, and I have access to the filesystem, and it even mounted to my connected laptop. So I'm testing this out. Backups completed successfully. I'll be trying a restore soon.
Archangel said:
The overwhelming response to what areas to tick when you back up has been system, boot, vendor and data,,,no images just the partitions. But that struggle is still on going LOL.
Click to expand...
Click to collapse
Backup & restore these 4 partitions (no images):
System, Boot, Vendor, and Data
(Note: for system and vendor you have to uncheck "mount system as readonly")
UPDATE:
Restoring my System and Vendor TWRP backups caused boot to hang at the G logo with an endless progress bar below the G.
However, doing a fastboot flash of System and Vendor factory images then restoring only my TWRP Data backup successfully restored my phone!
Except for one issue: fingerprints don't work. I think I may have screwed myself here by not disabling pin/pattern/password when I did the backup. For some reason TWRP had no problem decrypting then. But now, trying to restore, TWRP can't decrypt unless I disable pin/pattern/pass. It wont let me delete my old fingerprints or set new ones. Trying to unlock with fingerprint, it either doesn't respond at all or says "Fingerprint hardware not available"
UPDATE 2:
Followed instructions to clear the fingerprint data: [Guide] Delete fingerprint profils via TWRP. Everything is perfectly restored now! (Note: if you disable pin/pattern/pass before backup, you shouldn't need to do this)

OP6 says it's encrypted, but it's not

Have a custom ROM installed (Havoc) with PIN as screen lock. Have never installed the encryption/verity disable mod. Here's the thing:
When I reboot into TWRP, I am prompted for a password. If I type in the correct PIN, it goes into TWRP. HERE'S THE THING: If I just hit cancel, I am still able to see all of the contents of the device, mount MTP, etc. as if there was no PIN protection at all
It may be still "encrypted" but even though I have set my own PIN, somehow I believe that it's just using the default password. I have tried disabling the PIN, changing the PIN, removing work mode, setting to password rather than PIN, repairing filesystem, etc.
I'm kinda at a loss. Is this expected behavior or am I missing something?
Did you format data from TWRP while switching to Havoc os from OOS
Disregard, I got it sorted by doing a data wipe in TWRP then set new passcode in havoc during setup

Factory reset on forgotten pattern

You know by default Sony phones have no recovery installed so if you forgot the unlock security pattern mistakenly. Or if you buy a used Sony mobile with previous users recorded security pattern and you don't know about it. This will annoy you and there's no chance of entering into the phone or by pass the pattern security. Specially when phone isn't rooted and any custom recovery like twrp aren't installed.
But if you don't wanna flash the device and you wanna keep that rom and wanna perform factory reset. Open the flashtool click on flash sign and choose any self-made Ftf extension and when options dialog appears, uncheck or exclude all the tar and other options except wipe box (user data, apps log) and now move forward.
This will perform a factory reset on device and you'll end up by entering into the same rom with all the user data and internal memory wiped. Though you'll lose data and apps but still it should be interesting to you.......

"Fingerprint hardware not available"

After successfully restoring backup on the new phone the fingerprint doesn't work.
Details about restore process are here: https://forum.xda-developers.com/pixel-3a/development/twrp-3-3-1-pixel-3a-t3943413/page10
Before TWRP backup I did set two fingerprints. After restoring on new phone if I try unlock screen with fingerprint I'm getting message "Fingerprint hardware not available"
I can unlock screen using PIN but I can't add new fingerprint nor delete two existing.
When I delete one fingerprint, it greyed out (screenshot attached) but when I return back to Fingerprints it's still there.
Adding new fingerprint starts fingerprint setup but right before end I'm getting message (screenshot attached):
Enrolment was not completed.
Fingerprint enrolment didn't work. Try again or use different finger
Fear not, this is not hardware issue. I went back to stock image and I can setup and use fingerprint and delete fingerprints.
So, I went back to square one and flashed stock image, boot, reboot, TWRP, flashed StatiXOS, boot. At this point checked, fingerprint is still working in StatiXOS.
Rebooted to TWRP, wipe and restore my StatiXOS backup and still having the same issue with fingerprint.
Reading some threads my guess is that fingerprint should be disabled before backup. The fingerprint info is probably saved on fingerprint chip and factory reset should fix the issue.
Turther search lead to other threads about same issue and it seems deleting some files/folders in data partition reset fingerprint settings.
Unfortunately none of them doesn't match 3a. Have no time now but will investigate further other solutions. Pixel 3 threads might have the answer.
I had exactly the same prob on AOSiP on my Pixel 3 XL. Was not able to find it out or to solve it. Back to Stock and it worked fine w/o any probs. Since some days I am on DU and also no probs so far.
gogoffm said:
I had exactly the same prob on AOSiP on my Pixel 3 XL. Was not able to find it out or to solve it. Back to Stock and it worked fine w/o any probs. Since some days I am on DU and also no probs so far.
Click to expand...
Click to collapse
Same here, gave up and flash stock again. I was trying some stuff and noticed if I create another account and switch I can enable fingerprint but only for that account. So, something is screwed up in default account settings.
The best advice I can offer is from this Pixel XL thread: https://forum.xda-developers.com/pixel-xl/how-to/slota-b-how-to-flash-roms-magisk-kernel-t3754175
MAKE SURE YOUR LOCKSCREEN IS OFF... No fingerprint set up... Not a pin set up... No pattern set up. If your more secure than swiping up to open your screen your not getting in to TWRP 3.2.0-0 decrypted.
Click to expand...
Click to collapse
Unfortunately I don't have another Pixel 3a around to test, but it make sense.
So you already tried data/system/ & change locksettings.db to locksettings.db.bak ? It should create a new locksettings.db after you go into phone settings to set up a new pin/fingerprints then go & delete locksettings.db.bak or you can leave it...either way.
SketchyStunts said:
So you already tried data/system/ & change locksettings.db to locksettings.db.bak ? It should create a new locksettings.db after you go into phone settings to set up a new pin/fingerprints then go & delete locksettings.db.bak or you can leave it...either way.
Click to expand...
Click to collapse
I have some spare time today and will try. Need to test my backup first to make sure I can go back.
Even if it work on my phone it might not work on different phone. If I'm in charge of security on Pixel 3a project I will at least compare hardware fingerprints (i.e. serial numbers, MAC address, etc) of the phone with previous data save in encrypted file in some very protected area
However, it could be useful to all dummies like me who screwed their phones.
Pogo said:
I have some spare time today and will try. Need to test my backup first to make sure I can go back.
Not much luck today. I have created two backups on rooted StatiXOS:
- one with fingerprints and PIN unlock
- one without fingerprints and swipe unlock (no protection at all)
Before running backup checked all boxes in Backup option (Boot, System, System Image, Vendor Image, Data)
Note: only Boot, Data and System Image are actually required, but just in case
After that I've tried the following:
1.
- flash factory ROM to make sure there is no traces of my settings
- perform initial setup, enable ADB debug, setup PIN and one fingerprint
- back to TWRP, wipe Dalvik/Art, System and Data
- copy my backups to TWRP as well as all other folders originally on sdcard
- go to restore and select my backup with fingerprints
- only check Boot, Data and System Image boxes
- reboot, all good so far. PIN and fingerprint works, only needed to re-enable fingerprint in apps that use it like my banking app
2.
- back to fastboot, deleted file data/system/locksettings.db
- rebooted, there is no lock or PIN, just swipe
- "Pixel is starting..." message show up on display
- launcher and apps are not available, but Settings are available from status bar
- can add new fingerprint, delete fingerprint but the message on home screen won't disappear
- gave up after 10 min of waiting
3.
- flashed factory ROM again
- perform initial setup, enable ADB debug, setup PIN and one fingerprint
- back to fastboot, delete file data/system/locksettings.db
- reboot, there is no lock or PIN, just swipe
- same as before but the message is now "Phone is starting..."
- gave up after 10 min of waiting
Need to actually USE my phone, so I stopped here and restored my trusty backup.
So, you can restore your backup with fingerprint. Judging by my experience restore is fully functional only on the physically same phone (same s/n, same MAC, etc, no hardware modifications).
Deleting data/system/locksettings.db did remove lock but still didn't make phone fully functional. However it's promising.
Click to expand...
Click to collapse
Pogo said:
Pogo said:
I have some spare time today and will try. Need to test my backup first to make sure I can go back.
Not much luck today. I have created two backups on rooted StatiXOS:
- one with fingerprints and PIN unlock
- one without fingerprints and swipe unlock (no protection at all)
Before running backup checked all boxes in Backup option (Boot, System, System Image, Vendor Image, Data)
Note: only Boot, Data and System Image are actually required, but just in case
After that I've tried the following:
1.
- flash factory ROM to make sure there is no traces of my settings
- perform initial setup, enable ADB debug, setup PIN and one fingerprint
- back to TWRP, wipe Dalvik/Art, System and Data
- copy my backups to TWRP as well as all other folders originally on sdcard
- go to restore and select my backup with fingerprints
- only check Boot, Data and System Image boxes
- reboot, all good so far. PIN and fingerprint works, only needed to re-enable fingerprint in apps that use it like my banking app
2.
- back to fastboot, deleted file data/system/locksettings.db
- rebooted, there is no lock or PIN, just swipe
- "Pixel is starting..." message show up on display
- launcher and apps are not available, but Settings are available from status bar
- can add new fingerprint, delete fingerprint but the message on home screen won't disappear
- gave up after 10 min of waiting
3.
- flashed factory ROM again
- perform initial setup, enable ADB debug, setup PIN and one fingerprint
- back to fastboot, delete file data/system/locksettings.db
- reboot, there is no lock or PIN, just swipe
- same as before but the message is now "Phone is starting..."
- gave up after 10 min of waiting
Need to actually USE my phone, so I stopped here and restored my trusty backup.
So, you can restore your backup with fingerprint. Judging by my experience restore is fully functional only on the physically same phone (same s/n, same MAC, etc, no hardware modifications).
Deleting data/system/locksettings.db did remove lock but still didn't make phone fully functional. However it's promising.
Click to expand...
Click to collapse
In the future (I've done this on the last several phones running AOSP or similar) I always change locksettings.db to locksettings.db.bak before doing a nandroid because I've had issues restoring ROMs then my PIN won't work, etc. Once I've unlocked my phone on a restore I change it back to locksettings.db
Click to expand...
Click to collapse

Failed to decrypt FBE for user 0

Will make it short.
I had a password set on my phone, keyboard did not pop up when needed to enter password. I booted into TWRP. Entered my password to decrypt the phone. In file manager I deleted this file "/data/system/locksettings.db". When booting to android, device was unlocked with an "android is starting" message (launcher did not start). It was still possible to go into settings, so I did and changed the password to none. Restarting into TWRP I still had to enter a password to decrypt the device, OLD password worked. I booted back to android, changed the password to a swipe pattern, booted back to TWRP once again. This time the pattern nor the OLD password worked. I can't decrypt my phone and was dumb to not backup data beforehand.
I've tried changing the password back and forth to my previous one in android settings, removing the new locksettings.db file, also tried pull&pushing files from another device with the same password to my phone, no success.
Is there anyone familiar with Android encryption that could help me out? What can I do, is there a any specific encryption file somewhere? I noticed a file called /data/unencrypted/key/encrypted_key, most likely unrelated.
Thanks for any help or suggestions!

Categories

Resources