Wednesday, May 17, 2017

Crack Android Pattern Lock Using Kali | No Root Required 2017

How To Crack Pattern Locks Without Data Loss

Hi guys, from last my post we are using kali linux for hacking. Let's analyze the power of kali linux through cracking the pattern lock of android device. Although there are many methods and many tools (for various platform like window, mac or linux) are available but there basic requirements is, victim's phone must be rooted or debugging should be on. Which is not making any sense; there are rarest chances that your victims would have a rooted phone with debugging on. Another simplest method is flashing new rom, that’s mean forget the data... But luckily kali give us the power to crack pattern lock without root. I will show you two methods for cracking android screen lock.


Method 1: Pattern Locks Cracking With Android Pattern Lock Cracker

Ok before you check and try, let's see which tool of tool box (kali linux) help us. Android pattern can be hacked with help of Android Pattern Lock Cracker, this is a little tool to crack the pattern lock on Android devices.

How does the pattern lock works?

The pattern lock is the SHA1 hash sequence of digits (0-8) with length from 3 (4 since Android 2.3.3) to 8.
Since Android does not allows the pattern to repeat "balls" and it does not use a salt when computing the SHA1 hash, it really takes a very short period of time to crack the hash and get the pattern.
The gesture board is a 3x3 matrix, and can be represented as follows (each digit represents a "ball"):
So if you set the pattern lock to 0 -> 1 -> 2 -> 5 -> 4, the SHA1 hash will be output of SHA1("\x00\x01\x02\x05\x04"), and that is the hash to be cracked by this tool.

Where can I find the hash or pattern lock file?

The hash (pattern lock file) is stored at "/data/system/gesture.key".

How to Hack Android Pattern in unrooted device

1. First reset Android device in Recovery Mode, if you don't know please Google it.

2. Now create backup user data from Recovery Mode. Remember a memory card is required to create a file. This backup will be stored as userdata_xxxx_xxxxxx.backup on memory card.

3. Now run you live kali linux and copy the userdata_xxxx_xxxxxx.backup from memory card to Desktop.

4. Now you have to convert and extract userdata_xxxx_xxxxxx.backup file. To do this type following commands:

 cd ~/Desktop/

 dd if=userdata_xxxx_xxxxxx.backup bs=512 skip=1 of=backup.tar.gz

*You may need to replace the userdata_xxxx_xxxxxx.backup with your file name.

 mkdir backup

 tar -xvf backup.tar.gz -C ~/Desktop/backup

5. Now you need Android Pattern Lock Cracker tool in your device, to get it, open your terminal and type: 
 git clone
6. Now let's try to hack the pattern lock using following commands:

 python ~/Desktop/androidpatternlock/ ~/Desktop/backup/system/gesture.key

If you are not comfortable with command lines, i have another method for you, with GUI.

Method 2: Pattern Locks Cracking With AndroidGestureCrack.
It is another tool for kali linux, but this time you don't need to face commands line work on GUI. Let's first understand how it works?
AndroidGestureCrack is a Java tool to crack the Gesture Screenlock pattern of an Android Phone. It has been tested on Android API Level 15 and up, but should work with lower versions as well. As long as you extract the gesture.key file this tool will work
The key is a SHA1 hash of the sequence of bytes for the gesture pattern. The hash is unsalted and hence is easier to crack.

First follow same 4 step as mentioned in method 1 (I am not gonna right them again).  Now you will have backup folder in your desktop. Now open follow this path "Desktop/backup/data/system/” where you can search for “gesture.key” and paste it to Desktop. You will need this gesture.key later (at step 5).

1. Run kali on your pc and change your directory to desktop by typing in terminal:

 cd Desktop

*cd is use to change the directory. You can learn other commands from google.
2. Now you need to AndroidGestureCarck in your kali, type following command.

 git clone

3. Now you need to unzip the file by following command.

4. Now again change your directory to AndroidGestureCarck-master/jar as follows.
 cd AndroidGestureCarck-master/jar

5. Now Download Dictionary and unzip it. You will get an AndroidGestureSHA1.txt file. Move it Desktop.

6. To crack android pattern, type in terminal:
 java -jar AndroidGestureCrack-2.1-Beta.jar --gui

A GUI box should be opened. 

Now you just only need to provide the gesture.key file (at your desktop) and a dictionary text file (at your desktop). (Remember you have downloaded it in step 1).


Or you can also type following command instead of GUI.

java -jar AndroidGestureCrack-2.1-Beta.jar gesture.key AndroidGestureSHA1.txt

Let me know if you face any problem.

No comments:

Post a Comment

PowerShell Empire Download – Post-Exploitation Hacking Tool

PowerShell Empire Module Categories Currently Empire Power Shell has the following categories for modules: Code Execution – Ways to ru...