Found my old phone from high school. Turned it on and looks like I never factory reset it, and I would love to see all of the photos and messages I left behind, however I can not for the life of me remember the pin I used. Browsed around and tried to delete the gesture.key using ADB but permission is denied, and I wasn't able to find a custom recovery tool for this specific phone either. Anyone have any possible solutions? Thank you
Shiiiba said:
Found my old phone from high school. Turned it on and looks like I never factory reset it, and I would love to see all of the photos and messages I left behind, however I can not for the life of me remember the pin I used. Browsed around and tried to delete the gesture.key using ADB but permission is denied, and I wasn't able to find a custom recovery tool for this specific phone either. Anyone have any possible solutions? Thank you
Click to expand...
Click to collapse
If you cannot remember the PIN, you're most likely going to have to factory reset. There is no way around this that I know of, unfortunately.
you can just dump the whole userdata partition off flash memory in EDL mode, loop mount partition image from linux and modify it's content (like deleting locksettings.db)
Shiiiba said:
Hi there, thanks for responding to my forum post. I can give it a shot, however I was wondering if you would be willing to help me with attempting this. Im familiar with root and devices but I’ve not had any experiencing with dumps or tools like the one you provided on github. I have an extra ZTE Flash to test on but some extra insight would be nice. I also had two questions:
1: can I just take the locksettings.db and somehow retrieve my pin from it instead of modifying and dumping?
2: if I do end up having to dump, will the environment be the same (IE logged in apps, id like to see my message history in apps that are there)
Thanks so much, and sorry for disturbing.
Click to expand...
Click to collapse
you need a firehose programmer matching your SoC and OEM. the tool comes with collection (loaders) for quite few devices, just give it a try.
1. might be possible with password.key
2. yes by just deleting locksettings.db nothing is changed
Related
Hi all, I have completely screwed my surface rt last night.
I was trying to do a reset and it wasn't working then I tried a bunch of other things ive read on the forum and my surface wont even boot up. its just in a constant loop ive trying to do an automatic repair and diagnosing and keeps bringing me to the boot menu.
I made a recovery usb but it doesn't seem to be working so im assuming the OS was already corrupt hence the reason the reset option in "change pc settings" wasn't working.
I would really love if someone could upload a recovery image of their surface rt. I cannot find one any where and the ones I have found they have pulled the links down.
hope someone can help me out here.
cheers.
adam_4049 said:
Hi all, I have completely screwed my surface rt last night.
I was trying to do a reset and it wasn't working then I tried a bunch of other things ive read on the forum and my surface wont even boot up. its just in a constant loop ive trying to do an automatic repair and diagnosing and keeps bringing me to the boot menu.
I made a recovery usb but it doesn't seem to be working so im assuming the OS was already corrupt hence the reason the reset option in "change pc settings" wasn't working.
I would really love if someone could upload a recovery image of their surface rt. I cannot find one any where and the ones I have found they have pulled the links down.
hope someone can help me out here.
cheers.
Click to expand...
Click to collapse
Next time do a search. You would have found a thread on this. And, as was said in the aforementioned thread these recoveries are device specific, so even if I got mine to you, it wouldn't work for you. Take it to Microsoft and have them replace it.
C-Lang said:
Next time do a search. You would have found a thread on this. And, as was said in the aforementioned thread these recoveries are device specific, so even if I got mine to you, it wouldn't work for you. Take it to Microsoft and have them replace it.
Click to expand...
Click to collapse
i did do a search and nothing has been able to help me so far. i also did read that it is device specific but have also read it has worked for some people. unfortunatley in australia we do no have any microsoft stores so its not that easy to just take it somewhere.
I feel like there are files missing from c drive. Almost like it started to do a restore then stopped halfway. In which I have never been able to get it to that stage for that to be the case.
I did some reading and was able to find the recover partition and tried to run the install.wim file from which I understand to basically be the “OS”. When I try to run it it says “no such interface supported”
From what I understand there is just no way to do a fresh install on these things regardless of what the problem is which is disappointing on Microsoft’s behalf.
C-Lang said:
And, as was said in the aforementioned thread these recoveries are device specific, so even if I got mine to you, it wouldn't work for you.
Click to expand...
Click to collapse
No. Those recovery images are device-type specific. Not device-specific. You can safely take one WIM file from the recovery partition of your device and use it to recover a different device of the identical model.
adam_4049
I see that you were able to start a restore process and it fails in the middle.
You may try the following: boot into the command line mode and format the boot partition (probably drive C: ). This would fix the disk errors if they are present, but you'll lose everything. Use diskpart tool to find the disk letter. Be careful with diskpart - do not delete partitions or issue "clean" command.
Then assign the letter to recovery partition with diskpart (say, R: ), then expand WIM file from the recovery partition with the command like this:
Code:
Dism /apply-image /imagefile:R:\RecoveryImage\install.wim /index:1 /ApplyDir:c:\
R:\RecoveryImage\install.wim - a path to install.wim on the recovery partition.
More info: http://technet.microsoft.com/en-us/library/hh824910.aspx - you need only "Dism /apply-image" part, bcdboot is unnecessary. Lets hope that "apply-image" option is present on RT.
This would forcibly expand the WIM file to your disk C:. Or at least you'll be able to see why it fails.
This may help. Or may completely brick the device and you'll need to go to service. So use it on your own risk. And you should be familiar with the command line - so don't ask how to use diskpart.
I had a problem with the recovery process when I've played with BCD and added a boot from VHD option. Had to delete that extra boot setting - and then recovery went fine. But I assume that you have not played with BCD.
Yeah, looks like people dont use search, what you want is a nice useful soul that creates a USB recovery from his EN-UK Surface_RT and puts it up on Copy, or Dropbox or something like that...
Hi,
tl;dr:
Is there a theoretic way to recover data from the phone after:
1. deleting /storage folder
2. and then rooting (which means factory reset?)
If there is a theoretic way to recover it from the bits, is there a way to take a snapshot of the current state of the bit, so I can (in theory) recover the media in the future?
Long version:
First of all I know I'm very stupid..
Yesterday I've deleted my /storage folder since in first glance it looked empty.
Then I figured out what did I do, so I tried to recover the information.
I've searched the web for an application that does that and I found one that required rooting the phone, so I rooted the phone which means I made factory reset.
Then I tried to recover but it didn't manage to recover the photos and videos.. (it did recover whatsapp photos and some other things but not from the dcim folder).
I tried then several different applications that may not ask for rooting the phone so maybe I made a mistake by doing that (not sure that they wouldn't request for rooting either) but no success with that...
I'm willing to pay money to save that data but do you think it's not recoverable anymore?
I also called the 3 biggest recovery companies in my country, 2 of them told me that they don't think it's possible and one agreed to take it to their labs for a small price and then give me an offer.
If there is a theoretic way to recover it from the bits, is there a way to take a snapshot of the current state of the bit, so I can (in theory) recover the media in the future?
I'm very desperate and would be very thankful for your help
PeroPy said:
Hi,
tl;dr:
Is there a theoretic way to recover data from the phone after:
1. deleting /storage folder
2. and then rooting (which means factory reset?)
If there is a theoretic way to recover it from the bits, is there a way to take a snapshot of the current state of the bit, so I can (in theory) recover the media in the future?
Long version:
First of all I know I'm very stupid..
Yesterday I've deleted my /storage folder since in first glance it looked empty.
Then I figured out what did I do, so I tried to recover the information.
I've searched the web for an application that does that and I found one that required rooting the phone, so I rooted the phone which means I made factory reset.
Then I tried to recover but it didn't manage to recover the photos and videos.. (it did recover whatsapp photos and some other things but not from the dcim folder).
I tried then several different applications that may not ask for rooting the phone so maybe I made a mistake by doing that (not sure that they wouldn't request for rooting either) but no success with that...
I'm willing to pay money to save that data but do you think it's not recoverable anymore?
I also called the 3 biggest recovery companies in my country, 2 of them told me that they don't think it's possible and one agreed to take it to their labs for a small price and then give me an offer.
If there is a theoretic way to recover it from the bits, is there a way to take a snapshot of the current state of the bit, so I can (in theory) recover the media in the future?
I'm very desperate and would be very thankful for your help
Click to expand...
Click to collapse
try Undeleter from play store..worked for me on N4..never tried on OPO
atulclassic said:
try Undeleter from play store..worked for me on N4..never tried on OPO
Click to expand...
Click to collapse
Didn't work :crying:
You might give DiskDigger a shot. I never tried it though.
PeroPy said:
Didn't work :crying:
Click to expand...
Click to collapse
are you rooted since undeleter requires root
atulclassic said:
are you rooted since undeleter requires root
Click to expand...
Click to collapse
I'm...
After few weeks of working on that, I didn't make it to recover any of my photos/videos/whatsapp chat history (the things that were most important to me)
I tried several stuff, apperently all of the recovery programs that using the adb to directly connect to the phone through the PC doesn't work well enough, as well as the programs that works from the device...
I tried this article:
http://www.dflund.se/~jokke/androidfilerecovery/
but it didn't work for some reason...
Then I tried that one :
http://forum.xda-developers.com/gal...de-internal-memory-data-recovery-yes-t1994705
I used a centos VM to get a image of the device partiotns the way they suggested (I couldn't make the busybox work).
I mapped that file as hard disk
I tried to use 'Recuva' it seems like it managed to restore files but something apperantly went wrong and the files wasn't helpful...
I tried to use 'easeus data recovery' it worked better, it found around 20k files.. There were alot of directories and I didn't look up at it so much but it recoverd alot of photos which I think were from the whatsapp media.
Incase someone who made the same mistake by deleting the 'storage' folder, get to this post, I recommend to turn off the phone immidietly and find a way to do that without rooting the device.. (although it might be impossible since as far as I know all of the methods I used were depends on a rooted device, but I didn't look up on this since the first thing I done is to root my device - which might be the mistake)...
Thats the problem...Android Device Manager is useless cuz there is already a pattern...I tried almost 100 times and there is no "forgot your password?" option...I need at least do a copy of my pictures.
Is there any solution to this? I feel like a real idiot...I was trying a different pattern and I forgot It...I cant believe it...
I think there's a file not sure if it is directly under /data/system or one of it's sub directories, but basically what I did was to boot to TWRP , use the built it file manager and delete that file. I could then access my phone. I will search maybe I kept the file name somewhere.
EDIT:
Just remove this file /data/system/gesture.key
and reboot.
wizardwiz said:
I think there's a file not sure if it is directly under /data/system or one of it's sub directories, but basically what I did was to boot to TWRP , use the built it file manager and delete that file. I could then access my phone. I will search maybe I kept the file name somewhere.
EDIT:
Just remove this file /data/system/gesture.key
and reboot.
Click to expand...
Click to collapse
How I do that? my phone is not rooted, the bootloader is locked and debugging mode is off :S
Jerber said:
How I do that? my phone is not rooted, the bootloader is locked and debugging mode is off :S
Click to expand...
Click to collapse
That could be a problem. I think that it might be done using adb but not sure if it can be done without root/bootloader secured
If cracking an Android device were as easy as deleting a file then I doubt that there's much value in any security on a device at all, no?
Surely this has to be a reinstall of the ROM...? Maybe with no-wipe to preserve the data?
Genuine question - I don't know for sure.
dahawthorne said:
If cracking an Android device were as easy as deleting a file then I doubt that there's much value in any security on a device at all, no?
Surely this has to be a reinstall of the ROM...? Maybe with no-wipe to preserve the data?
Genuine question - I don't know for sure.
Click to expand...
Click to collapse
Testing it would be really easy. just set a pattern and then delete that file.
Lets us know is it is that easy to hack it or not.
Since obviously you know better, share your findings with us.
dahawthorne said:
If cracking an Android device were as easy as deleting a file then I doubt that there's much value in any security on a device at all, no?
Surely this has to be a reinstall of the ROM...? Maybe with no-wipe to preserve the data?
Genuine question - I don't know for sure.
Click to expand...
Click to collapse
The phone has to have an unlocked bootloader and twrp installed, so you already compromised its security yourself. You could relock the bootloader, flash a stock recovery and encrypt the phone, that would solve the issue.
"Since obviously you know better, share your findings with us."
Look, guy, just because you're a senior member there's no need to be offensively sarcastic.
Maybe you didn't get as far as my last comment: "Genuine question - I don't know for sure."
dahawthorne said:
"Since obviously you know better, share your findings with us."
Look, guy, just because you're a senior member there's no need to be offensively sarcastic.
Maybe you didn't get as far as my last comment: "Genuine question - I don't know for sure."
Click to expand...
Click to collapse
Not being Sarcastic at all. Making a point. If you got offended, sorry about that.
I posted what I have , after testing it myself. Had the same issue on Lollipop.
Further more, I will share another piece of Info in here.
When You are able to access any Solaris/Linux server using a console , and boot it from DVD, you can simply edit the /etc/shadow file and reset even the root password. Does that mean Unix/Linux aren't secure OS's ?
When you have access to OS level files you can practically hack every OS.
Same goes here. When you have unlock bootloader and modified recovery you can access system files that otherwise would be inaccessible. if he can have access to that file and remove it, he will gain access to his system.
Well, I tried everything that I could because my phone is no rooted, and the bootloader is locked, plus, the debugging mode is off too... so I was close to give up, BUT finally I remembered that my phone was connected to Airdroid!; if Airdroid is connected to the phone It can bypass the lockscreen and you can access to the internal memory anyways with the Airdroid website!, so I did a full backup of all my pictures and then I did a factory reset!, the copy was a kinda slow but I didn't care of course!. What a relief!!!
So, I really recommend use Airdroid (and have the app connected of course), it saved my life!, I was really frustrated about this, I cant believe Google doesnt provide the old way the restore the pattern like in Kitkat and Jelly Bean.
wizardwiz said:
I think there's a file not sure if it is directly under /data/system or one of it's sub directories, but basically what I did was to boot to TWRP , use the built it file manager and delete that file. I could then access my phone. I will search maybe I kept the file name somewhere.
EDIT:
Just remove this file /data/system/gesture.key
and reboot.
Click to expand...
Click to collapse
It worked like a charm!
I have a fingerprint enabled phone. forgot my pattern, followed your suggestion and presented in my phone are data/system/gesture.password.key and gesture.pattern.key so I deleted the pattern.key (guided by forgotten pattern) I rebooted and my apps were optimized and voila the phone is unlocked.
However, I tried accessing the fingerprint menu on my phone but refused access. I then used root explorer, browse to aforementioned location, copied and renamed gesture.password.key to gesture.pattern.key as it was before deletion.
went back to the security setting of my phone, setup pin option (scared of forgetting the pattern again) and phone screen locked. I try using my fingerprint to unlock (which I am accustomed to) and voila! it says pin required for additional security. entered Pin and the fingerprint menu became functional again and all previously stored fingerprints remained unaltered....QED
Recently updated my Pixel 4a and have run into an issue that causes a strange boot loop to a screen that states "Cannot load Android system. Your Data may be corrupt." and prompts to either factory data reset or try booting again. What's strange is that when attempting to boot it again, it is able to load into the device and I have normal access to the phone for about 30-60 seconds before it restarts and prompts a factory reset again.
My main issue is that I need to backup/upload about 900 photos to google photos that were not saved. So far the phone has been rebooting, connecting to wifi and uploading about 0-3 items to google photos per boot until it restarts. Eventually I may be able to secure all my photos this way but I want to know if there is a more efficient method to do this.
Things to know:
Bootloader is locked (can't unlock due to wipe) -> cannot use custom recovery/ flash twrp
USB debugging is enabled and I have sideloaded the latest OTA (sunfish) via ADB sideload in recovery mode but the boot loop has not resolved.
I can successfully use ADB pull /sdcard/DCIM/Camera for only up to 60 seconds until it force restarts. When I attempt to pull again on the next boot, it will pull the same files because it is copying and not moving them.
Does anyone have a solution to this rather than to just factory reset or continuously rebooting? It is frustrating because I still have access to the phone's files but only for about less than a minute. I have scavenged reddit threads, forums, and google for some way to do this but to no avail. (Also is there a way to use the stock recovery's "mount /system" option?)
It's not very elegant, but I could totally imagine a script that listed the files and then copied a few at a time, waiting for the phone to reboot before continuing...
I have a python script that uses adb to "sync" a directory on the phone with a directory on the PC, but it's doing a push, not a pull.
a1291762 said:
I have a python script that uses adb to "sync" a directory on the phone with a directory on the PC, but it's doing a push, not a pull.
Click to expand...
Click to collapse
I modified my script a bit to pull instead of pushing, it's ... awfully rough (eg. you have to manually create a Camera directory to store the files it copies) but it seemed to work in principle. It might be enough for you, or it might serve as a base for a better solution. No doubt it'll need a few mods anyway, especially if you're on Windows (in which case ls won't work).
You might also try booting into safe mode, in case that stops the phone from rebooting? https://www.androidauthority.com/how-to-enter-safe-mode-android-801476/
a1291762 said:
I modified my script a bit to pull instead of pushing, it's ... awfully rough (eg. you have to manually create a Camera directory to store the files it copies) but it seemed to work in principle. It might be enough for you, or it might serve as a base for a better solution. No doubt it'll need a few mods anyway, especially if you're on Windows (in which case ls won't work).
You might also try booting into safe mode, in case that stops the phone from rebooting? https://www.androidauthority.com/how-to-enter-safe-mode-android-801476/
Click to expand...
Click to collapse
Thank you for the reply! I am on Windows and I am not too script savvy out of writing a few simple AHK actions so I am not entirely sure how to proceed with what you have there.
Booting into safe mode did not work unfortunately. Seems the time until restart was the same as well.
Expressionize said:
Thank you for the reply! I am on Windows and I am not too script savvy out of writing a few simple AHK actions so I am not entirely sure how to proceed with what you have there.
Click to expand...
Click to collapse
I do have a windows PC for gaming so I'll fire it up and see if I can make it work there.
a1291762 said:
I do have a windows PC for gaming so I'll fire it up and see if I can make it work there.
Click to expand...
Click to collapse
I was able to brute force the process and finally made my way through the photos. There was one lucky boot that allowed normal access for about 3 minutes and that was enough time for adb pull to completely grab what I needed. I appreciate your time and help.
I guess it still doesn't solve the issue if someone else runs into my similar situation though, but it seems like a rare enough problem.
Expressionize said:
I was able to brute force the process and finally made my way through the photos. There was one lucky boot that allowed normal access for about 3 minutes and that was enough time for adb pull to completely grab what I needed. I appreciate your time and help.
Click to expand...
Click to collapse
No worries. I'm glad you got your photos.
I had to go out, but I got back and literally just finished updating the script so it runs on Windows and is a bit smarter (eg. waiting for the phone to come back when it goes away). I'll attach it here in the event someone else finds it useful
There's a few variables at the top to configure it. It needs python and adb but shouldn't need anything else.
python3 fetch_files.txt
It's got a .txt extension instead of the more typical .py because XDA won't let me upload a .py file.
Forgive if I put this in the wrong section.
Q: my father recently passed away and I'm trying to recover some data that is on his phone. I physically have his phone. Blu G90. Is there a way to bypass or disable the native pin lock?
Usb debug not enabled. Default set to charge only for pc.
Pretty sure wipe at 15 is set so can't brute force.
I have a couple of forensics applications that can see it when it goes to bootloader but then they crash as soon as I try to grab an image or mount /system.
I'm literally begging for any assistance I can get.
Thanks in advance
AntiMatter2112 said:
Forgive if I put this in the wrong section.
Q: my father recently passed away and I'm trying to recover some data that is on his phone. I physically have his phone. Blu G90. Is there a way to bypass or disable the native pin lock?
Usb debug not enabled. Default set to charge only for pc.
Pretty sure wipe at 15 is set so can't brute force.
I have a couple of forensics applications that can see it when it goes to bootloader but then they crash as soon as I try to grab an image or mount /system.
I'm literally begging for any assistance I can get.
Thanks in advance
Click to expand...
Click to collapse
Since the device is locked (bootloader locked) so the permissions to change/modifiy/copy something into phone cannot obtain the internal storage files.
Only unlocking bootloader and for it is need format phone as internal storage so the device erasing all files. The pin lock can remove with adb-fastboot commands or TWRP.
But again, with locked bootloader, without chance to have internal files.
DragonPitbull said:
Since the device is locked (bootloader locked) so the permissions to change/modifiy/copy something into phone cannot obtain the internal storage files.
Only unlocking bootloader and for it is need format phone as internal storage so the device erasing all files. The pin lock can remove with adb-fastboot commands or TWRP.
But again, with locked bootloader, without chance to have internal files.
Click to expand...
Click to collapse
thanks for the reply. i was afraid of that. even after factory reset, if i root, theres a chance at partial data recovery? or is it completely gone?
AntiMatter2112 said:
thanks for the reply. i was afraid of that. even after factory reset, if i root, theres a chance at partial data recovery? or is it completely gone?
Click to expand...
Click to collapse
You can try an official unlock. Maybe it can have some result or maybe not. Trying is the attitude.
Write Google support and try to legally show some death certificate and supporting documents over your father's phone number. Write down the situation and wait for some response from them.
The only practical way would be to try a backup of the internal partition. But it depends on your knowledge with Smart Phone Flash Tool. Also you must know how to "cut" the file in the right parts.
There would be a very small possibility of restoring the internal files with a backup of userdata or in its entirety (called ROM_1).
The next step would be to unlock the phone, install TWRP and restore the file made from userdata.
Perhaps at that point you have a 1% chance of removing the PIN and booting the device without a password.
But this should only be done if Google gives you a negative answer.
Another way is with carrier company. But I think help in nothing.
Understand that despite having a userdata file with PIN, there is encryption involved and that is what makes the whole process difficult.
I know the TWRP made for BLU G90 has active decryption. But I don't know how it will behave with a userdata file made with stock ROM.
Unfortunately there is no guarantee that files like photos, docs, etc can be in userdata as this refers to internal storage. Already userdata is in ROOT storage.
So even if there is an application or software capable of restoring files, there is also the possibility that it will not be successful or have corrupted files. This will depend on your choice and risk carrying out the process.
DragonPitbull said:
You can try an official unlock. Maybe it can have some result or maybe not. Trying is the attitude.
Write Google support and try to legally show some death certificate and supporting documents over your father's phone number. Write down the situation and wait for some response from them.
The only practical way would be to try a backup of the internal partition. But it depends on your knowledge with Smart Phone Flash Tool. Also you must know how to "cut" the file in the right parts.
There would be a very small possibility of restoring the internal files with a backup of userdata or in its entirety (called ROM_1).
The next step would be to unlock the phone, install TWRP and restore the file made from userdata.
Perhaps at that point you have a 1% chance of removing the PIN and booting the device without a password.
But this should only be done if Google gives you a negative answer.
Another way is with carrier company. But I think help in nothing.
Understand that despite having a userdata file with PIN, there is encryption involved and that is what makes the whole process difficult.
I know the TWRP made for BLU G90 has active decryption. But I don't know how it will behave with a userdata file made with stock ROM.
Unfortunately there is no guarantee that files like photos, docs, etc can be in userdata as this refers to internal storage. Already userdata is in ROOT storage.
So even if there is an application or software capable of restoring files, there is also the possibility that it will not be successful or have corrupted files. This will depend on your choice and risk carrying out the process.
Click to expand...
Click to collapse
Thanks for the reply. Google was pretty useless. They told me to contact Blu and Blu said to contact Google. I successfully hard reset and root. Went through setup to try a restore from his drive backup and it wanted the unlock pin in order to restore. Google was again quite useless. Since this is a matter if his estate i served Google with a notice of preservation on the backup, since it expires pretty soon. I'm going to try next to roll back to an older version, before the unlock pin requirement to restore Google backup. Grabbed a cellebrite image earlier so I can mess around with it later tonight. I'm hoping that because of the unlock requirement that the pin file is still there after reset.