PDA

View Full Version : Reset Android PIN/Pattern Lock Using Flashable ZIP (Tested on Gingerbread)



c0dist
08-30-2012, 11:21 PM
Hi friends,
As I was reading some random post about bypassing the Android lock protection using adb (Android Debug Bridge), I thought why not try something that doesn't require you to connect the phone to computer. The way that came into my mind was using the flashable zip.


What is a flashable zip?
Flashable ZIPs are the zip files that can be flashed into phones using the Recovery found in phones, which is automatically installed when you install custom kernel or root the phone. I tried googling the exact meaning, but couldn't find it. Though from my experience, these ZIPs are generally used to apply updates to the phone.

Why flashable ZIP?
Password of your Android phone can be cleared using adb from you computer, but for that you need a computer, and "USB Debugging" enabled on your phone. But consider a situation, you forgot your password, have no computer (or you have one) but "USB Debugging" disabled. In this case, this trick will come handy as these ZIPs don't need any special setting enabled on your phone.

How passwords are stored in Android?
To know how passwords are stored in Android, read Cracking PIN and Password Locks on Android (http://forensics.spreitzenbarth.de/2012/02/28/cracking-the-pattern-lock-on-android/)

Note:
I've successfully tested this on my rooted Xperia Mini w/ unlocked bootloader. Your phone need to have CWM recovery installed on it. I'm not sure if this requires root permission or not as I don't have any un-rooted device. But this certainly worked on my rooted GB.

What you need?
Demo Android Update.zip -> mackief / update.zip--for-Android-Devices- (https://github.com/mackief/update.zip--for-Android-Devices-)
Any good editor
Little patience
Busybox installed on your phone(installed automatically when you root, most of the time)


Continued..

c0dist
08-30-2012, 11:49 PM
Disclaimer : I'm not responsible for any damage done to your phone or you. Use it at your own risk. Make sure you've NANDroid backup, just incase anything goes wrong.

1. Extract the content of the demo update.zip into an folder, delete the files from /data folder, though don't delete any folder, just files.

2. Open the editor of your choice (On windows I'd suggest you Notepad++ or Programmer's Notepad, I used the latter).

3. Locate file [folder where you extracted update.zip]\META-INF\com\google\android\updater-script and open it in editor. Delete all the code.

4. Enter the following code, this removes both the protection, PIN and Pattern Lock.



ui_print("Password Resetting ZIP by RahulB");
ui_print("Mounting System");
ui_print("Mounting Data");
run_program("/sbin/busybox", "mount", "/system");
run_program("/sbin/busybox", "mount", "/data");
ui_print("Deleting Pattern/ PIN Lock Keys");
delete("/data/system/gesture.key");
delete("/data/system/password.key");
ui_print("Unmounting System");
ui_print("Unmounting Data");
run_program("/sbin/busybox", "umount", "/system");
run_program("/sbin/busybox", "umount", "/data");
ui_print("Done :D");


5. Select file - save as, and when the dialog box opens, in format select "Ensure Unix Format (LF)". Save and exit.
Note : this is for programmer's notepad. May vary on others.

6. Now archive all the file you extracted, along with newly edited file and name it as "update.zip". Transfer this zip to root of your card, and reboot your phone into recovery.

7. In recovery select "Install from Zip from sdcard" and then select "apply /sdcard/update.zip".

8. Reboot the phone. You're done. :)

Zip file attached.

Sources/ References :
[How To] Make A Flashable Update.zip - Android Area51 (http://androidarea51.com/modifications/(how-to)-make-a-flashable-update-zip/)
forensic blog Blog Archive Cracking the Pattern Lock on Android (http://forensics.spreitzenbarth.de/2012/02/28/cracking-the-pattern-lock-on-android/)
update.zip error (status 6) (http://www.droidforums.net/forum/droid-development/111348-update-zip-error-status-6-a.html)

Hope you'll enjoy..
Cheers.

Copyright
05-13-2013, 09:21 PM
Hi,

Your post was like a saver to me, I tried the flashable ZIP to bypass the Pin/Pattern on an SII ISC< I'm not sure if its ISC.

However the script ran and said succesfful , but nothing happened the PIN still stood there..

mmmm? thoughts?

Cheers =)!

c0dist
05-15-2013, 05:31 PM
Hi,

I tested this script long ago on my Xperia phone. My phone had gingerbread, recovery installed and was rooted at that time. As I've mentioned, it worked fine for me. So, there're few questions you should look answers for:

1. Is your phone using upgraded version on Android, of which I'm pretty sure it is. If yes, then it may or may not work for you. Google around, there may be some other way.
2. If same OS version, is your phone having CWM recovery? This method is tested only with CWM recovery.
3. Is your phone rooted? As you can read, the script requires "busybox" binaries. You might need to look for other ways.

Other than that, digging into google and xda-developers.com will surely turn up working solution. :)

Cheers.

yadhukrishnan
07-10-2013, 12:07 AM
Thank you so much for the post.
NANDroid backups are awesome, thanks for the mention.
:D

danger_dog_37
12-25-2013, 07:08 PM
Hi friends,
As I was reading some random post about bypassing the Android lock protection using adb (Android Debug Bridge), I thought why not try something that doesn't require you to connect the phone to computer. The way that came into my mind was using the flashable zip.


What is a flashable zip?
Flashable ZIPs are the zip files that can be flashed into phones using the Recovery found in phones, which is automatically installed when you install custom kernel or root the phone. I tried googling the exact meaning, but couldn't find it. Though from my experience, these ZIPs are generally used to apply updates to the phone.

Why flashable ZIP?
Password of your Android phone can be cleared using adb from you computer, but for that you need a computer, and "USB Debugging" enabled on your phone. But consider a situation, you forgot your password, have no computer (or you have one) but "USB Debugging" disabled. In this case, this trick will come handy as these ZIPs don't need any special setting enabled on your phone.

How passwords are stored in Android?
To know how passwords are stored in Android, read Cracking PIN and Password Locks on Android (http://forensics.spreitzenbarth.de/2012/02/28/cracking-the-pattern-lock-on-android/)

Note:
I've successfully tested this on my rooted Xperia Mini w/ unlocked bootloader. Your phone need to have CWM recovery installed on it. I'm not sure if this requires root permission or not as I don't have any un-rooted device. But this certainly worked on my rooted GB.

What you need?
Demo Android Update.zip -> mackief / update.zip--for-Android-Devices- (https://github.com/mackief/update.zip--for-Android-Devices-)
Any good editor
Little patience
Busybox installed on your phone(installed automatically when you root, most of the time)


Continued..

can you do a video for this ? bcuz i dont quite understand n it's quite confusing for me at least

yuvraj143
09-19-2016, 12:00 PM
Hi,

I tried the procedure mentioned by you, but I am not successful in doing that. I tried in 2 different phones (Gionee V4S with Android 4.4.2 and Intex Cloud Gem+ with Android 5.1).

When I try to apply update from SD Card, it says that Installation Aborted.

What could be the reason? Can you please reply?

Thanking you,

Yuvraj