Hello. Correct me if I'm wrong but after reading through a lot I was told this forum can help my problem. The device has been rooted but viewing saved wifi password shows a bunch of random strings (numbers/letters). My question is any ideas how I can get the actual password as it seems to be encrypted (or hashed)? I read somewhere that I need to obtain a masterkey but I don't understand how to get to that part.
Any ideas?
Related
Before anyone yells at me and links different threads on encryption i've spent the past 3 hours already researching and trying to find an answer to this. I am also aware that custom recoveries can not be used as well as flashing being the only way to revert.
I'm debating on whether or not doing a full disk encryption would be any less secure if the device was rooted since the root is isolated under the encryption. So my question is does being rooted allow for any sort of way to bypass the encryption or execute any sort of security vulnerability or at least help break the encryption? Or is it irrelevant since the root resides in the /data and that would be encrypted?
I want to the device to be as secure as possible and yes I know I will have to use a 16 char key phrase password to prevent the brute force attacks that have been shown effective on pins since the device uses your device password for the key.
Can anyone shed some light on this? I'm thinking it would be best to go back to stock without a root and encrypt from there, but if rooting is not a security risk on an encrypted device i'd very much like to keep the device rooted.
Thank you for your time.
I've searched all over the net for this problem but to no avail.
I have a Samsung galaxy s4 i9505 LTE android 4.3 which is rooted with Cwm recovery using odin.
So the problem is the only reason I rooted my phone was in order to read the wifi passwords stored in my device (coz mostly my friends enter their wifi passwords and do not show them) but in this phone the passwords inside "wpa_supplicant conf" are encrypted. :/
So I need your help guys .. just find me another way to figure this out..
Thank you
murtuza_tiger said:
I've searched all over the net for this problem but to no avail.
I have a Samsung galaxy s4 i9505 LTE android 4.3 which is rooted with Cwm recovery using odin.
So the problem is the only reason I rooted my phone was in order to read the wifi passwords stored in my device (coz mostly my friends enter their wifi passwords and do not show them) but in this phone the passwords inside "wpa_supplicant conf" are encrypted. :/
So I need your help guys .. just find me another way to figure this out..
Thank you
Click to expand...
Click to collapse
May be its for a reason they dont want to share the passwords? If it was ok to them, then they probably will git it to you.
LS.xD said:
May be its for a reason they dont want to share the passwords? If it was ok to them, then they probably will git it to you.
Click to expand...
Click to collapse
It's not really about knowing their passwords it's about accessing them. .
All the other devices I've used which are rooted of course have the feature of reading the wifi passwords stored in them.. except this s4 i9505 which encrypts the passwords. .my question is y and how to solve this..
This was never solved?
smithilberry said:
This was never solved?
Click to expand...
Click to collapse
you can install an app called (wifi password) in play store requires root
Which doesn't crack the wifi passwords but it shows the password of secured wifi which you have been connected and saved to your device
This is helpful because in an non rooted phone you cannot see the passwords of secured wifi but can get connected
In this app you can see the saved passwords
Hit THANKS if I helped you
pandian8552 said:
you can install an app called (wifi password) in play store requires root
Which doesn't crack the wifi passwords but it shows the password of secured wifi which you have been connected and saved to your device
This is helpful because in an non rooted phone you cannot see the passwords of secured wifi but can get connected
In this app you can see the saved passwords
Hit THANKS if I helped you
Click to expand...
Click to collapse
but such apps do not seem to work for the galaxy s4... you get random characters when using them
I just upgraded from 4.3 to 4.4.2 (on a Sprint L720) and was surprised by this issue too. Even when Titanium backs up the access points to xml, the passwords are still encrypted as a string of hex characters. Presumably they're encrypted by a key specific to each Android install (and not a hardware key)? Titanium will restore all of the access points from the xml, but the password protected ones will not function since the encrypted keys are restored instead of the plain text passwords.
EDIT: I just created an xml from my current install. When I compare the encrypted data for my home network between my old install and new install, the data is different. So, whatever key is used changes between installations.
nobody291 said:
I just upgraded from 4.3 to 4.4.2 (on a Sprint L720) and was surprised by this issue too. Even when Titanium backs up the access points to xml, the passwords are still encrypted as a string of hex characters. Presumably they're encrypted by a key specific to each Android install (and not a hardware key)? Titanium will restore all of the access points from the xml, but the password protected ones will not function since the encrypted keys are restored instead of the plain text passwords.
EDIT: I just created an xml from my current install. When I compare the encrypted data for my home network between my old install and new install, the data is different. So, whatever key is used changes between installations.
Click to expand...
Click to collapse
Interesting find but sounds like this will never be possible for us
No way to decrypt wifi passwords on I9505?? My passwords are like this bellow:
SSID: "XYZ"
psk: 9af4cdbcd8d8ec619c07147adef9591
use xposed and this module
http://repo.xposed.info/module/com.whd.wifikeyview
I doubt that xposed module will work since Samsung encrypts the passwords...but please let us know if you try it and it works!
With Samsung devices if it shows hex code for password, you need to open /system/build.prop file with a text editor and change the line ro.securestorage.support=true to false and reboot. Now your app shows actual passwords and not hex string.
shallmann said:
With Samsung devices if it shows hex code for password, you need to open /system/build.prop file with a text editor and change the line ro.securestorage.support=true to false and reboot. Now your app shows actual passwords and not hex string.
Click to expand...
Click to collapse
Thk
Hi,
I have been trying to troubleshoot this problem for some time. The basic problem is that every time the device is shutdown/reset the existing wifi data including known hotspots and passwords is lost.
I have tried factory resetting the tablet (Samsung Note 10.1 SM-T520), along with flashing various stock 4.4.2 Roms (i.e. different release dates and different countries). The tablet was purchased in the US and gifted to my mum in New Zealand, it originally had a stock US rom and now has the NZ rom loaded. Unfortunately Samsung's warranty required us to ship the tablet back to the US to investigate the problem (they would not look at it in NZ as it was not from NZ).
Based on some other threads, I thought it was a problem with the wpa_supplicant.conf file. So I rooted the phone using CF root through odin. I have looked at the wpa_supplicant.conf file and noticed that every time the device is shutdown/reset the
Code:
network={
}
section is removed.
When the device is turned on and I enter the network password the wpa_supplicant.conf file will be updated with the network information and as I said when shutdown this information is removed.
The wpa_supplicant has read/write privilages and user is set to system and group is set to wifi (I did not change these), this is the same for the wpa_supplicant.bak.conf which is created on reboot/shutdown (the bak file doesn't keep the network data on reset either)
In the data/misc/wifi/sockets folder (which the wpa_supplicant.conf references) are the following 4 files:
p2p0
wlan
wpa_ctrl_2719-7
wpa_ctrl_2719-8
This has been an ongoing problem for a year now and has driven me to the point of insanity.
Also, the problem was not originally solely related to the wifi data but also other common settings (i.e. app positioning on the home screen, stored settings), however, after some tinkering and flashing various stock roms some of the problems I was having before I have not been able to re-produce. I am waiting until the battery runs out to see if my home screen will return to the default factory state along with other settings which initially was part of the problem.
Any help or advice would be much appreciated I am happy to do any troubleshooting that may shed some light on the problem. The tablet is current rooted with a stock NZ room running 4.4.2.
Thanks
So an update, with some success
I read another thread that suggested the /efs/ss_data file could be causing the problem. Although this file does not exist... however as part of the troubleshooting process to see if this file might be causing the problem the following was suggested
There is most likely a problem with the phone's /efs/ss_data file. I think it's basically a key for decryption of your Wi-Fi passwords and other things in secure storage.
Root is required for this fix.
First we need to confirm it's a problem with secure storage.
Install BuildProp Editor from Play Store
Set ro.secure.storage=false
Reboot, setup Wi-Fi & reboot again
WiFi should now remember passwords if there was an issue with secure storage.
Now let's fix the secure storage issue since we know what's broken.
Set ro.secure.storage=true using BuildProp Editor
Backup EFS using TWRP/CWM recovery
Delete ss_data in /efs using ES File Explorer in root mode
Reboot, setup Wi-Fi and reboot again
Your Wi-Fi passwords should be remembered now on any ROM/kernel, non rooted and without edits to build.props
Click to expand...
Click to collapse
I didn't have the exact entry as per above but changed ro.securestorage.support to false and my wifi password seems to have saved. At least on one reset test.
As a side note, previously my apps weren't updating automatically and my gmail was not responding, now both seem to be working. Everything I have tested so far that had known problems seems to be working.
Now I have ejected the microSD and have not tested it with it in the device, I'm on 3% battery so running it dead before I do more testing.
Can someone shed any more light on how this problem has occurred and what is the permanent fix? (I cannot delete the ss_data file as the advice above suggests as the file does not exist??!!?
Can someone explain me how changing your password in FDE works?
Normally when you first encrypt your device it takes a while for the device to be encrypted. This process can take easily more than 5-10 minutes to finish.
After your device is encrypted you can change the password (vdc cryptfs changepw password). Changing the password only seems to take a few seconds. Can someone explain me how this works? I would assume all the data would have to be re-encrypted but it seems not? Does the old data get re-encrypted or does it only change your boot password?
e:
I tried to think what other things used FDE, TrueCrypt/VeraCrypt came to mind and I actually found the solution
https://crypto.stackexchange.com/a/18483
TIL....
Hello,
I got a little problem with my phone (so freak... I'm explaining)
I got a router before but now I changed it, because I switched to another operator. But it feels like the Wi-fi of my phone is not agree with that.
I "forget" the now inexisting router I had and connect to the new one...
...But I do this each time I turn off then on Wi-fi, and even after switching off the device with enabled Wi-fi!
For now I just have to remember one Wi-Fi router (and, thank you Kika Keyboard developers who made an extensive clipboard where I can store my password <3) but figure out what it will be when I'll have to save more passwords! So yes it's annoying. And I also already lost at leat 8 router passwords because of this strange cr*p.
Fortunately I got a Wi-fi retriever app but this is not auto connecting and this is no longer working!
That was the last point: even the router password retriever app is acting like I didn't connect to a new router since its last analyze!
So could you help me fix this annoying bug?
For now I got an hypothesis: I got XPosed and a device ID changer app.
And it contains an useless but impossible to disable option that is "changing the SSID"
Default configuration make your phone to display your SSID. But not with the local variable where your actual SSID is displayed! No, with the SSID you got when you installed the app. So you can connect to another Wi-fi and still got the same SSID (perfectly useless)
Rest of my theory is that messing up with SSID display may cause network state not to be saved properly. But this is only a supposition. And this is hard to figure it...
So to corroborate this theory, a subquestion: What is the local Android variable where SSID is stored? Tried %WIFI, %SSID but it doesn't work. And I didn't found it after a quick search.
Thank you in advance!
Sorry for wasting your time with so much text :/
https://android.stackexchange.com/questions/124792/my-phone-stopped-remembering-wifi-passwords
There are also people conplaining this problem.
In the link pasted on the top, there is a possible fixes for some fortunate people... But actually this doesn't work for me.
-First, ro.secure.storage or ro.securestorage. thing does not exist on my device. I don't even know if it existed on my device.
-Second, there is something about /efs/ss_data, a file that also not exists on my device.
So I don't know if it's because Samsung built it differently or it has been removed. Keep checking...
After a check of my backups I saw that I got none of the file and property mentionned before.
So I'm unable to know where is the problem...
Atronid said:
After a check of my backups I saw that I got none of the file and property mentionned before.
So I'm unable to know where is the problem...
Click to expand...
Click to collapse
If you're saying that you looked in build.prop but you don't see any lines that say ro.securestorage, you can add those lines if they don't exist. Just edit build.prop and type the line in at the bottom then save build.prop and reboot the device.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Droidriven said:
If you're saying that you looked in build.prop but you don't see any lines that say ro.securestorage, you can add those lines if they don't exist. Just edit build.prop and type the line in at the bottom then save build.prop and reboot the device.
Click to expand...
Click to collapse
This is what I did. Uneffective.
Why? Because I never got this prop before.
I checked my backups where the Wi-fi worked perfectly in case all of this would be due to the fact that this prop vanished because of a dark and random informatic process. And after checks I finally realized that I never had this prop...
Same thing for the file I mentionned before, located in /efs. I didn't lose it because I basically never got it.
So... This means that my device save Wi-fi informations by another way. And because I don't know this way, I cannot fix it...
(Device: Samsung Galaxy Core Prime SM-G361F AOG1 build.
Pre-rooted firmware, release date 23 February.
Latest Xposed Frameworks, Custom build by Wanam )
Atronid said:
This is what I did. Uneffective.
Why? Because I never got this prop before.
I checked my backups where the Wi-fi worked perfectly in case all of this would be due to the fact that this prop vanished because of a dark and random informatic process. And after checks I finally realized that I never had this prop...
Same thing for the file I mentionned before, located in /efs. I didn't lose it because I basically never got it.
So... This means that my device save Wi-fi informations by another way. And because I don't know this way, I cannot fix it...
(Device: Samsung Galaxy Core Prime SM-G361F AOG1 build.
Pre-rooted firmware, release date 23 February.
Latest Xposed Frameworks, Custom build by Wanam )
Click to expand...
Click to collapse
If you got a different router but kept the same network name and password and didn't change anything on your device, that might be the issue, your device is probably looking for your original router because the information you originally saved was saved while the other router was in use.
Try backing up your apps, app data and settings but don't backup your wifi settings or saved wifi information. Then boot to recovery and factory reset and wipe cache and dalvik/ART. Then reboot the device, when it boots to system, try connecting and signing into your network again and see if it saves it correctly.
If the backups you are talking about are nandroid backups created in TWRP, you can also try doing an advanced restore in TWRP, you can restore just the data from your previously working backup without restoring everything else.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Thank you, I'll try this out
Droidriven said:
Try backing up your apps, app data and settings but don't backup your wifi settings or saved wifi information. Then boot to recovery and factory reset and wipe cache and dalvik/ART. Then reboot the device, when it boots to system, try connecting and signing into your network again and see if it saves it correctly.
If the backups you are talking about are nandroid backups created in TWRP, you can also try doing an advanced restore in TWRP, you can restore just the data from your previously working backup without restoring everything else.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Click to expand...
Click to collapse
Well, tried what you told me and this didn't end well...
I used to make a factory reset of my phone. The problem was fixed. When I connected to the wifi first time, now each time I disabled and re-enabled it automatically reconnected (auto-connect is miraculous lol)
Then I flashed data back with TWRP recovery (backup by Nandroid app because I got a classical TarFork error with TWRP 2.7.0.1...)
When rebooting to Android it spammed 1M layers of various program crash message box.
Then using TWRP I reflashed this time everything I got then rebooting to Android the bootloader freezed.
I thought my phone was dead until I realized I could boot to recovery again. So I flashed an older backup and lost some data (fortunately I backed up SMS and apk).
My device is safe now, but this misadventure taught me lots of things:
-When I did a factory reset data has been erased, but system still the same and it reworked. So maybe an app is locking my Wi-fi like this. But which?
-Nandroid backup app is NOT reliable. If your device isn't clearly identified your backups are corrupt. Gotta erase all Nandroid backups I made.
Solved. Bug due to a bad TWRP backup. Made a fresh install and everything is fine now.
Thread closed.