[GUIDE][HOW-TO]Crack android pattern lock!

Search This thread

gavster26

Senior Member
Feb 10, 2012
1,260
505
In The Xperia Forums ;)
ok so not long ago i had a problem with a locked android device with a pattern and i managed to unlock it using adb,so here's how in case you were stuck one day with a locked device.

the device needs to have usb debugging enabled in case usb debugging isn't enabled and you have cwm you can run the same instructions from cwm,root is not required (though it will be so better if the device was rooted)

this was tested on:gingerbread,ice cream sandwich and jelly bean.

both method are through adb.

method 1:
Code:
adb shell
cd /data/data/com.android.providers.settings/databases
sqlite3 settings.db
update system set value=0 where name='lock_pattern_autolock';
update system set value=0 where name='lockscreen.lockedoutpermanently';
.quit

-AND/OR-

method 2:
Code:
adb shell rm /data/system/gesture.key

and that's a video showing how method 2 is done (thanks to melvinchng) : http://www.youtube.com/watch?v=tVJ7T2oC_Zs&feature=player_embedded

you can try both of them,here is how i managed to remove the lock:
1- run the first method.
2-reboot
3-run the second method
4-reboot

NOTES:
-in the first method each line is a seperate command so click enter after typing each line.
-in the second method type all the command and then press enter.
-after running both methods and rebooting you may see the pattern lock,that doesn't necessarily mean it doesn't work,just try any random pattern and it may unlock then remove the pattern from settings.
-this may and may not work,it may work on some devices and don't on others,so all you can do is trying it but i can't assure it will work.
a small donation would be much appreciated thank :) (check my signature)
What can i do if usb debugging in not enabled how can adb see the device
 

igorir

Senior Member
Apr 10, 2011
55
3
This method is Ok,
But how I can unlock phone and decrypt data, on Samsung galaxy S3,
if the my device is password locked and Full encrypted ???
 
Last edited:

vermajai93

Senior Member
Jun 17, 2013
65
2
New Delhi
OnePlus 7
I think I'm just being paranoid here, but I like to keep my device fully secured and unreachable if it gets stolen. I'm very naive in android world but I have done what I think was best to keep my fone secure.
• I have a rooted device with CWM installed.
• I keep USB Debugging off all the time.
• In addition to stock lock screen I have a third party app to lock out the apps that I don't want anybody to access.
From what I've read and to my understanding adb is kind of a console for using scripts or commands. And I'm not sure if its enabled in my phone.
My main question is Is my phone secured?? I mean like if someone were to steal my phone and followed this thread would he still be able to crack it?
 

RootTheMachine

Senior Member
Oct 4, 2011
2,088
533
I think I'm just being paranoid here, but I like to keep my device fully secured and unreachable if it gets stolen. I'm very naive in android world but I have done what I think was best to keep my fone secure.
• I have a rooted device with CWM installed.
• I keep USB Debugging off all the time.
• In addition to stock lock screen I have a third party app to lock out the apps that I don't want anybody to access.
From what I've read and to my understanding adb is kind of a console for using scripts or commands. And I'm not sure if its enabled in my phone.
My main question is Is my phone secured?? I mean like if someone were to steal my phone and followed this thread would he still be able to crack it?

You're secured from within Android perfectly fine. However, a knowledgeable thief would be able to use adb in recovery. The only solution to this would be encryption.

Sent from my Nexus 4 using XDA Premium 4 mobile app
 

Jimmy34742

Senior Member
Jul 1, 2011
879
243
成都
I downloaded settings.db to my laptop, but when I open it in SQLite Database Browser, it comes up empty. I checked the file in a text editor, and it's in SQLite Format 3 and the database entries look like as they should. I also tried another db editor, but it also came up empty with no errors. What am I missing here?
 

mrjoy

Senior Member
Aug 24, 2012
2,572
175
The Heaven Of Punjab
I have GT I9001. & i forgot the pattern lock in recovery mode, i tried to factory reset but after clicking factory reset its ask for password. But i dont know the password. Plz help
 

stevey500

Senior Member
Dec 30, 2009
259
47
Or you could boot into recovery backup data
wipe factory reset and reboot
Could try restoring data but most likely restore pattern lock
Or simply enter your gmail address as requested

Or just boot into TWRP if they have it, go to file manager, and remove the gesture key file. Bam. This is why I wish TWRP had a simple pin-lock option for security of one's lost phone.
 
Little update I think should be discussed

ok so not long ago i had a problem with a locked android device with a pattern and i managed to unlock it using adb,so here's how in case you were stuck one day with a locked device.

the device needs to have usb debugging enabled in case usb debugging isn't enabled and you have cwm you can run the same instructions from cwm,root is not required (though it will be so better if the device was rooted)

this was tested on:gingerbread,ice cream sandwich and jelly bean.

both method are through adb.

method 1:
Code:
adb shell
cd /data/data/com.android.providers.settings/databases
sqlite3 settings.db
update system set value=0 where name='lock_pattern_autolock';
update system set value=0 where name='lockscreen.lockedoutpermanently';
.quit

-AND/OR-

method 2:
Code:
adb shell rm /data/system/gesture.key

and that's a video showing how method 2 is done (thanks to melvinchng) : http://www.youtube.com/watch?v=tVJ7T2oC_Zs&feature=player_embedded

you can try both of them,here is how i managed to remove the lock:
1- run the first method.
2-reboot
3-run the second method
4-reboot

NOTES:
-in the first method each line is a seperate command so click enter after typing each line.
-in the second method type all the command and then press enter.
-after running both methods and rebooting you may see the pattern lock,that doesn't necessarily mean it doesn't work,just try any random pattern and it may unlock then remove the pattern from settings.
-this may and may not work,it may work on some devices and don't on others,so all you can do is trying it but i can't assure it will work.
a small donation would be much appreciated thank :) (check my signature)

Hi I saw your post to unlock a table that had adb enabled, but there was one difference.
The table "system" did not have the settings you described. I know sql but I used an sql browser, mainly because I dont have sqlite in my system.
Any who I found the settings in "secure" table, so the sql will become:
Code:
update secure set value=0 where name='lock_pattern_autolock';
update secure set value=0 where name='lockscreen.lockedoutpermanently';
update secure set value=1 where name='lockscreen.disabled'; -- I added this

Regards!
 

mrlightman

Senior Member
Feb 18, 2013
54
0
Galaxy S3 Non USB Debbugin Set, Non Rooted - How to do &get data intact?

I dont know it was accidentally or on pourpose but someone took my phone and left his as mine.

It doesnt have an sd card inserted, mine has.

I saw the person how took mine was able to crack my screenlock partern and got into my Whatsapp, etc. (Prabably using the smodges on the screen surface)

By the time I really need to get this phone working but before thinking on go to wipe data factory reset I need brake the patern and reach the files, fotos, etc

The phone is like when it comes from factory Galaxy S3 GTI9300

Unrooted and USB Debbuging is not select in the phone

I tried Power+VOlumeDonw+Home and it gets into a few options but ADB shell doesnt recognize it.

What can I do to resolve it?

I was thinking about flashing a Kernel wich includes ABD shell along the kernel but I dont know if it will work or if the internal data will be safe

Please, Senior members HELP ME.

Thanks
 

lord_melchett

Member
Feb 19, 2010
17
2
Ok i think i've tried all of the options on here but don't seem to be able to remove the code.

My set up:
Nexus 7 running 4.4.2 and 2 user profiles (i'm not sure if the user profile makes any difference)
One profile has USB debugging enabled, not the other
Not rooted and locked bootloader.

All of the attempts say "permission denied", "device offline"- when trying the pull.settings.db option. etc

Any help would be greatly received!:good:
 

Top Liked Posts

  • There are no posts matching your filters.
  • 204
    Dislcaimer: this is for educational purposes only,you shall not use this on other people phones without permission under any circumstances,and am not responsable to any misuse of this hack

    ok so not long ago i had a problem with a locked android device with a pattern and i managed to unlock it using adb,so here's how in case you were stuck one day with a locked device.

    the device needs to have usb debugging enabled in case usb debugging isn't enabled and you have cwm you can run the same instructions from cwm,root is not required (though it will be so better if the device was rooted)

    this was tested on:gingerbread,ice cream sandwich and jelly bean.

    both method are through adb.

    method 1:
    Code:
    adb shell
    cd /data/data/com.android.providers.settings/databases
    sqlite3 settings.db
    update system set value=0 where name='lock_pattern_autolock';
    update system set value=0 where name='lockscreen.lockedoutpermanently';
    .quit

    -AND/OR-

    method 2:
    Code:
    adb shell rm /data/system/gesture.key

    and that's a video showing how method 2 is done (thanks to melvinchng) : http://www.youtube.com/watch?v=tVJ7T2oC_Zs&feature=player_embedded

    you can try both of them,here is how i managed to remove the lock:
    1- run the first method.
    2-reboot
    3-run the second method
    4-reboot

    NOTES:
    -in the first method each line is a seperate command so click enter after typing each line.
    -in the second method type all the command and then press enter.
    -after running both methods and rebooting you may see the pattern lock,that doesn't necessarily mean it doesn't work,just try any random pattern and it may unlock then remove the pattern from settings.
    -this may and may not work,it may work on some devices and don't on others,so all you can do is trying it but i can't assure it will work.
    a small donation would be much appreciated thank :) (check my signature)
    22
    i have better method than bot the above ones


    look for smudges on the phone ;)
    16
    I don't know whether this method can use on neither:
    Rooted
    Installed Busybox
    Rom Version Older or Newer than CM7


    This method require ADB Debugging On & A PC & A tool Provided
    I found this trick a long time ago
    I come for sharing ;)

    Download the By-pass security Hack.7z
    Primary Step for all method:
    1. Extract it to anywhere using 7-zip.
    2. Open SQLite Database Browser 2.0.exe in SQLite Database Browser.
    3. Run pull settings.db.cmd inside By-pass security Hacks folder to pull out the setting file out of your phone.
    4. Drag settings.db and drop to SQLite Database Browser 2.0.exe program.
    5. Navigate to Browse data tab, At table there, click to list down the selection & selete secure
    Instruction To Remove Pattern Lock:
    1. Now, find lock_pattern_autolock, Delete Record
    2. Close & save database
    3. Run push settings.db.cmd and reboot your phone :)
    Instruction To Remove PIN Lock:
    1. Now, Find Or Create lockscreen.password_type, double-click & change it's value to 65536, Apply changes!
    2. Now, find lock_pattern_autolock, Delete Record, If doesn't exist, Ignore
    3. Close & save database
    4. Run push settings.db.cmd and reboot your phone :)
    Instruction To Remove Password Lock:
    1. Now, find lockscreen.password_salt, Delete Record
    2. Now, find lockscreen.password_type, Delete Record
    3. Close & save database
    4. Run push settings.db.cmd and reboot your phone :)
    11
    Easier way to force unlock

    I found more simple method to do so on my Galaxy Nexus 4.1.1 ParanoidAndroid 1.99 ROM.

    Code:
    adb shell
    su
    rm /data/system/locksettings.db
    rm /data/system/locksettings.db-wal
    rm /data/system/locksettings.db-shm
    reboot

    And you're done :)
    4
    The exploit/workaround has nothing to do with root. The issue is some OEMs grant the adb shell root access instead of restricting it to a lower permission user. When the adb shell is granted root access someone is then able to access the /data permission which is normally blocked off from any user besides root.

    So you could encounter this exploit by using a phone with USB debugging enabled where the OEM grants the adb shell root access. Or, on a custom ROM where the kernel is granting the adb shell root access. Having your phone rooted just makes it easier where, even if adb was protected with a lower permission user, you could still "su" to root once in a shell and wreck havoc.

    Summary:
    1. Without a rooted phone if your phone grants the adb shell root access (this is something an OEM mistakenly would have done) then you can access this exploit
    2. With a rooted phone you can type "su" after getting a shell via "adb shell" and then execute the exploit