December 21st, 2016, 6:06
December 21st, 2016, 8:19
December 30th, 2016, 13:42
December 31st, 2016, 3:52
Bolo wrote:Few approach for this:
BF attack - check Times for example on xpinclip.com but phone need to suport OTG, if NO OTG enabled we can use our adapter which is not available for public but can work on all phones even on those with physical keys - time depednds here mainly on code lenght and "luck". Can work even on 6.x phones but older verion where counter not increase - takes from 1 to even 200 hours
Special BL - on some phones we using UFED 4PC to get dump by uploding specially bootloader and getting dump from phone - then you can get HASH and SALT directly from dump or read Pattern from rainbow table... or use UFED parser from PA to get phone or even password - takes 30 minutes to read dump..can suport also 6.x but usually need root and BL cannot be locked
Special service Intefaces/Dongles - there are many of them which can read eMMC ...fastest method are for MTK but also Speadstrum CPUs can be nowadays readed too - support all
iSP eMMC - using this method if both up are not possible - if we got ISP eMMC pinout within 20-30 minutes up to few hours (including time needed to open it and connect using VR-Table), this are needed to get dump and get a PIN, Password from file and decrypt SHA. If pinout need to be found then around 1 day includin time needed to find it
Chip-off - takes around 20-30 minutes to get chip from phone, read it 20-30 minutes , reball and put back...totally almost half of day....
Overally - there are no common answer - give me exactly phone model and I will try to give you answer
--
Boguslaw Rzepka
multi-com.eu
December 31st, 2016, 11:47
December 31st, 2016, 12:33
Amarbir[CDR-Labs] wrote:Well,
So Many GSM Boxes Out There Have Such Features ,Whats New In It [ even If You Can Do It ]
December 31st, 2016, 13:12
einstein9 wrote: ANY Android device?
einstein9 wrote:Regardless of the Android version
December 31st, 2016, 14:25
einstein9 wrote:Amarbir[CDR-Labs] wrote:Well,
So Many GSM Boxes Out There Have Such Features ,Whats New In It [ even If You Can Do It ]
Am wondering if you READ the FULL statement here, specially the part which says: without a PC or App.
January 1st, 2017, 4:04
January 1st, 2017, 5:08
January 1st, 2017, 5:29
Bolo wrote:Really must say WOW..... just one question: phone need support OTG, correct ? Or non-OTG phones is also supported ?
January 1st, 2017, 5:52
January 1st, 2017, 5:56
Bolo wrote:Really must say WOW..... just one question: phone need support OTG, correct ? Or non-OTG phones is also supported ?
January 1st, 2017, 6:29
einstein9 wrote:seems my wish will never come true.. AnywayBolo wrote:Really must say WOW..... just one question: phone need support OTG, correct ? Or non-OTG phones is also supported ?
Any android phone "Bolo" will work regardless of the OTG support.
in fact the reason why i came up with this idea is the following case scenario:
Some airports provide the power CHARGER service, and one day i was sitting @ the Airport waiting for my flight i came up with this IDEA
As i mentioned in Youtube Desc. the solution is customizable and imagine a USB HUB with 2 wires, one connected to the phone to charge it
and the other is connected to MY USB, Anyone connects his phone will be UNLOCKED 1st. (timer can be set here to unlock) and then
we can upload a REMOTE controlled HIDDEN SERVICE. and thats it.
i think you got the big picture here.
I think 2 years back one Russian came up with the KILLER FLASH design, where he used Capacitors to charge and then Dis-charge and kill the connected
device (PC/Phone) when attached. after 2 years of his discovery i saw some idiot in TV somewhere in USA talking about it live (stealing the Russian Idea)
As a slogan from Steve Jobs "people don't know what they want until you show it to them"
I started this Android project and its ready in 2017 for the Law Enforcement only.
January 2nd, 2017, 4:52
Spildit wrote:einstein9 wrote:(...)Anyone connects his phone will be UNLOCKED 1st. (timer can be set here to unlock) and then
we can upload a REMOTE controlled HIDDEN SERVICE. and thats it.
i think you got the big picture here.(...)
So would your law enforcment team target a single individual or would they just implement that idea on let's say the airport and randomly install a REMOTE controlled HIDDEN SERVICE on *anyone* using the charger facility on that location ?
And if it's a targeted attack how would you know that the target would charge the phone at that specific point ?
Interesting idea to apply on a lab but not on the real world, I think. At least on a leagal manner....
February 3rd, 2017, 19:23
February 4th, 2017, 6:00
mr_spokk wrote:Really good work
February 5th, 2017, 5:39
February 5th, 2017, 8:22
mr_spokk wrote:Any work on iPhones, IOS9---> ?
February 5th, 2017, 9:10
Powered by phpBB © phpBB Group.