urbanadventurer / android-pin-bruteforce Goto Github PK

I went through couple of issues listed here and my initials issues are sorted out.
Now when I connect to computer and kept a notepad open and when executed bash ./android-pin-bruteforce crack I can see pin numbers being printed on notepad.
However when connected the locked phone (motog 1st gen (falcon) ) and try , I get error HID USB device not ready.
I connected the OTG cable on the locked phone and normal cable on nethunter phone (redmi note 3 (kenzo)
Any tips?

So I'm pretty new to all of this, but because I am not willing to root my phone to have NetHunter installed (not yet anyway,) is it possible to use the NetHunter rootless edition? Will this function the same way?

Android 10 I think. I've been fiddling with a 2xl manually, it increases the cooldown by 30 seconds for about each 25 tries. So after a 100 tries the cooldown is 120 seconds. It remembers the number of tries after a restart but the cooldown will be 0 seconds. Restarting takes 20-30 seconds and ~1% battery charge.

I don't have a nethunter set up yet, should I even bother? Can it restart through OTG? Is it going to take too long anyway? It may even burn the charge too fast but as long as it's automated I may okay with that. Btw there are no other real ways to approach this besides bruteforcing, right?

Bruteforce сan work with 6-digit pin?

is the target is a root phone ?

NetHunter succesfully installed, HID Attack from NetHunter app works very well.

/system/xbin/hid-keyboard not found when using Android-PIN-Bruteforce, where is this file?

To test if its working, I modified optimised-pin-length-4.txt to have only 9 in the list with one of them being my correct pin.
I have a working nethunter phone (redmi note 3) and working locked phone (nexus 5).
Connected otg cable to locked phone and normal micros usb cable to nethunter phone.
ran command bash ./android-pin-bruteforce crack
I can see nethunter phone tried one by one pins in optimised-pin-length-4.txt, it even tried the actual pin and went further. But locked phone did not unlock.

When observed locked phone's PIN screen , I do not see pins being entered there by nethunter phone is that normal behavior?

To test hid-keyboard actually works, I opened a notepad on locked phone and ran the command again on nethunter phone, I could see pins being printed there.

Hello,

I try to use the program on my phone. i am using Termux. Here i can load the code fine but i can execute any programs.

GUYS IM SORRY I USED DUCKYHUNTER HERE BY MISTAKE OH MY GOD

Hi! I'm interested in pattern cracking "feature" so I'd like to know if there's an idea of how it could be implemented. I don't know much and I'd like to try to code it myself if it's not planned to be implemented soon, so any help would be appreciated :)

Hi there,

New install of NetHunter and your script and config files in the downloads folder of a Galaxy S8. Attempting to run any commands results in ten lines of error messages such as:

line 10: $'\r': command not found
line 12: config.default: No such file or directory
line 15: $'\r': command not found
line 16: $'\r': command not found
line 18: $'\r': command not found
line 21: $'\r': command not found
line 29: $'\r': command not found
line 30: $'\r': syntax error near unexpected token '$'{\r''

Any idea what I'm doing wrong please?

./android-pin-bruteforce: config.default: line 24: syntax error: unexpected "("

I get this error when trying to run the script. I double checked and my config files were not modified and match this github exactly.

Hello have the following issue,

bash ./android-pin-bruteforce crack -v
Android PIN brute-force :: version 0.1
[INFO] Loading optimised PIN list for 4 digits (optimised-pin-length-4.txt)
[INFO] PIN list contains 10000 PINs
[INFO] # Current Configuration
[CONF] Configuration file:
[CONF] ## PINs
[CONF] PIN list: optimised-pin-length-4.txt
[CONF] Mask:
[CONF] Resume from:
[CONF] PIN Type (PIN or Pattern): PIN
[CONF] PIN Length: 4
[CONF] Direction (normal or rewind): 1
[CONF]
[CONF] ## Timing:
[CONF] Delay before starting: 2
[CONF] Delay between keys: 0.25
[CONF] Cooldown time: 30
[CONF] Cooldown after N attempts: 5
[CONF] Send keys to stay awake during cooldown every N seconds: 5
[CONF] Progessive Cooldown: 0
[CONF] - Attempt count : 1 11 41
[CONF] - Attempts until cooldown: 5 1 1
[CONF] - Cooldown in seconds : 30 30 60
[CONF]
[CONF] ## Keys:
[CONF] Keys to send before starting: enter
[CONF] Keys to bring up the lock screen: escape enter
[CONF] Keys to stay awake during cooldown: enter
[CONF]
[CONF] ## Exiting
[CONF] Exit after fail count: 15
[CONF]
[CONF] ## File paths
[CONF] Log file: bruter.log
[CONF] HID Keyboard device: /dev/hidg0
[CONF] Path to hid-keyboard: /system/xbin/hid-keyboard
[CONF] Path to usb-devices: /usr/bin/usb-devices
[CONF]
[CONF] ## Configuration
[CONF] Dry Run: 0
[CONF] Verbose: 1
[INFO] Checking environment
[PASS] HID device (/dev/hidg0) found
[PASS] hid-keyboard executable (/system/xbin/hid-keyboard) found
[DEBUG] Sending key: enter
recv report: 00
[DEBUG] Sending key: escape
[DEBUG] Sending key: enter
[FAIL] HID USB device not ready. /system/xbin/hid-keyboard returned 5.

Source | Nexus 5 running Linux kali 3.4.0-8.14-Re4son-3.5 #1 SMP PREEMPT Tue Apr 14 22:10:45 AEST 2020 armv7l GNU/Linux
Target | HTC One S
OTG Cables tried |

Working USB keyboard on all above OTG cables
Working with USB cable to Computer Windows 10 using the application, does send keys
Tried swapping from MTP to Charge and back in Dev options (no change)
Tried rebooting victim phone (no change)

ADB logcat show this,
04-27 07:47:00.078 1621 1621 I Binder_A: type=1400 audit(0.0:1876): avc: denied { ioctl } for path="socket:[418058]" dev="sockfs" ino=418058 ioctlcmd=7704 scontext=u:r:system_server:s0 tcontext=u:r:system_server:s0 tclass=unix_stream_socket permissive=1
04-27 07:47:00.078 1621 1621 I Binder_A: type=1400 audit(0.0:1877): avc: denied { ioctl } for path="socket:[418058]" dev="sockfs" ino=418058 ioctlcmd=7704 scontext=u:r:system_server:s0 tcontext=u:r:system_server:s0 tclass=unix_stream_socket permissive=1

setenforce 0
setenforce: SELinux is disabled

Any ideas?

Does it need kali nethunter necessarily or we can use kali linux also ?

I have Error Message :
$ bash ./android-pin-bruteforce --length 4
Android PIN brute-force :: version 0.1
[INFO] Loading optimised PIN list for 4 digits (optimised-pin-length-4.txt)
[INFO] PIN list contains 10001 PINs
[INFO] Checking environment
[FAIL] HID device (/dev/hidg0) not found

Xiaomi mi9t nethunter 2021.1

[Fail] HID USB device not ready. /system/xbin/hid-keyboard returned 127

how can we solve the problem my friend

Any solution thanks

bruteforcing pin without nethunter?
just from kali only?

locked phone: usb-c -> male usb-a
nethunter: otg cable male micro-b to female usb-a

Seems like it should, but asking here.

Thanks,

What license is this tool under? It seems that the NetHunter hid-keyboard module is under the GNU GPL 2.

Pretty much any modern phone will auto lock or delete all date after having a certain amount of wrong attempts, so I'm wondering if and how this would bypass that?

It does not keep focus on the PIN code mask. Tried the first code, all the others fail

I suspect that this is because i am not on Kali NetHunter, where can i get those binaries from ?

Galaxy S10 (SM-G973F)
Android 10