Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,802,856 Members 38,663 Now Online
XDA Developers Android and Mobile Development Forum

WP8 MDM: how to hack?

Tip us?
Recognized Developer - OP
Thanks Meter 425
Posts: 1,489
Join Date: Nov 2009
Location: Boston, MA

Question WP8 MDM: how to hack?

After enrolling my Lumia 920 to the corporate Exchange email, new MDM (mobile device management) policies are applied to my phone. It's OK but company administrator(s) set the unlock password (pin) expiration time too short. Every damn month I should choose and remember a new pin... And I can not use the old pins (or I don't know what is the time for "clearing" my old passwords).

Do you know/could you suggest any tricks/hacks to get around this situation? I want to reuse my old pins.
Thanks Meter 12
Posts: 82
Join Date: Aug 2011
Location: Frankfurt a.M.
Hey Dude,
I don't think that you can do anything. And this is not the correct thread for such questions.
In the MS World the recommended value for reusing old passwords is 24 so after 2 years
(if 4 weeks was choosen) you can use the first one again.
LTC: LMScAd1wcNZBaakNLabvjFLmYwdyKS3ekS
BTC: 1A99oUtZGbwysvhEnkQq3VNzWPpykZda6q
Recognized Developer - OP
Thanks Meter 425
Posts: 1,489
Join Date: Nov 2009
Location: Boston, MA

Why do you think it's an incorrect forum? This forum is about "hacking", and I need a hack. It's definitely not a "Q&A" or "General" forums question...
snickler's Avatar
Forum Moderator / Recognized Developer
Thanks Meter 485
Posts: 827
Join Date: Aug 2010
Location: Wheeling, WV

Hmmm this WOULD fall under the Q&A because it is technically asking a how-to although it involves hacking. Typically the threads under the Development and Hacking are threads that start projects with the hopes of hacking instead of asking how to. With that said, I'll move that over there for now and if there is some development that comes out of this, it can be renamed and moved back to Development and Hacking.
My Apps:
R1ng3d | CloudMuzik V1.5 Now in the MarketPlace for both WP7 and WP8
My Projects and Contributions:
WP8 Registry Tools | Async Wrapper for WP7 Root Tools SDK
My Phones:
Lumia 1520 - (8.1) / Lumia 920 - (8.1) / Focus v1.3 (7.8 via Dynamics ROM)
twitter: @sinclairinator | fb for: CloudMuzik | Skype: jsinnie

Recognized Developer
Thanks Meter 2,699
Posts: 5,680
Join Date: Jan 2011
Location: Seattle
If you have a registry editor, it's pretty easy to tweak those settings. Unfortunately, you're on a Lumia so right now that's not possible (we're working on it!)

The only other option I can think of right now is to try intercepting the communication between the phone and the corporate server. Exchange ActiveSync uses HTTPS, so any standard HTTPS proxy (like Fiddler or Burp Suite) should work. You may need to set the proxy to use a client certificate (if one was provided for your phone), and you definitely need to install the proxy's certificate on the phone (so the phone trusts it to spoof the corporate server). Anyhow, once you have interception set up, it should be pretty easy to modify the policy rules that get pushed down.

In either case, though, the changes will only last until the next time the phone checks its policy rules. I don't know how often that happens - it *might* even be only at initial enrollment, in which case if you un-enroll and then re-enroll you should be fine - but it could be a problem.
Win8/Windows RT projects:
List of desktop apps for hacked RT devices

WP8 projects:
Native Access WebServer and Libraries
WP8 Interop Unlocks
Storage Cleanup tool

WP7 projects:
XapHandler, Root Webserver, OEM Marketplace XAPs, Bookmarklets collection (Find On Page), Interop-unlock hacks.

Do not private message me with questions that should have been posted on the forum! Not only are you wasting your time - I'm not going to bother writing an answer to such a question for only one person - but I will probably block you from PMing me in the future as well.
(Last edited by sensboston; 4th September 2014 at 04:13 PM.)
Recognized Developer - OP
Thanks Meter 425
Posts: 1,489
Join Date: Nov 2009
Location: Boston, MA

GoodDayToDie, thanks for reply. Could you remind me: is it possible to just read values from registry on the Lumia handsets? At least I want to know value of the DevicePasswordHistory settings (according to this article).

[UPDATE] I installed Fiddler's root certificate on the phone, and able to catch & decode https traffic; however there is nothing about provisioning xml in the content, account synchronization produces 3 https requests, first response is a short binary data, second contains an email body (or header) etc. , no xml at all. Looks like MDM policies are applied only on service discovery (I should google for that). Will try to remove this Exchange account and add it again. By the way, I'm not very familiar with the Fiddler: can I change https XML response on the fly?
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Speed Up Jenkins Configuration Process with TSJ

When you are theleader of a largedevelopment project, Gerrit isn’t the only tool that … more

AutoData Regulates Your Connectivity to Save Battery Life

It’s absolutely no secret that battery life is somewhat of anundoingformany … more

Tale of the Great Recoveries

About a week ago, our fantastic writer and my esteemed colleague Tom embarked on a mission to learnthe vast and … more

How to Make Your GPS Lock Faster – XDA Developer TV

Nothing is more frustrating than opening up Google Maps and it taking way to long … more