Re: Dumping flash from HTC Desire 510

Do you know version of Android it's running? Anything over 4.0, I believe the flash can be encrypted. I read on the post that the flash encryption key is the pin code, but I doubt that very much. Especially after looking at that FROST program. They have a pin code brute force program, which I wanted to try, but I need to install a custom recovery partition in order to use it, which I don't think I can do without the pin. Also, there's something called S-On, which I believe prevents things like a custom recovery from being installed permanently. As soon as the phone is rebooted, it goes back to the original. Same with rooting it. For this phone though, in order to turn S-OFF, I believe I need to log into the phone and enable USB developer mode.

Anyways, if you can remove the flash chip yourself, you don't really need that adapter. I can show you how to make a custom adapter using a MicroSD to SD adapter and a USB cable. You just cut the ends off the USB cable and solder some wires onto the MicroSD to SD adapter and then solder some wires directly to the NAND. It's crude, but it works. That's why I was looking for the eMMC pinouts on the phone. I was going to solder them directly to the board, instead of the chip.

Re: Dumping flash from HTC Desire 510

^ I've got the pinout. I just can't do the soldering. It's too small. ICS i believe...

Re: Dumping flash from HTC Desire 510

What does ICS mean? I have a micro soldering station and have had varying degrees of success soldering really small stuff. For example, those miniature via's, I've soldered to them before. I've taken stranded wire and removed all strands but one, and put that one little thin piece of strand in the hole and soldered there.

If you want, you could send me the flash and I would try to solder it. I won't ruin it. If I can't do it, I just won't. Even if the flash is still in the phone and you mean you have the pinouts for where to solder to the PCB, I could still try that for you. I'd mail it back to you when I was done, regardless of whether I got it or not. If I get it, I'll just send you a tar.gz'd copy of the img I extracted, I wouldn't snoop through the dump or anything like that.

Also, is anyone familiar with PUK? This is my understanding. A person sets a PIN for their phone. After a certain number of attempts at entering an incorrect PIN (usually three), the SIM card becomes PUK locked. A person needs to obtain the PUK code. Some carries have an on-line form you fill out with the cell number, the owner of the phone's first and last name and their birthday. Once you provide this, it'll give the PUK unlock code. Other carriers, you need to call and speak to a representative and provide this information.

Once you obtain the PUK code, you can use a SIM card reader and third party software to enter the PUK code or sometimes, you can use the Emergency Call and enter the PUK code. Afterwards, it'll ask for a new pin and you can reset the pin without knowing the current pin.

If this is true, I'm a bit confused. Some SIMs have the PUK code printed on them. If I have a SIM card that has the 8-digit PUK code printed on it, can I put that SIM card into this phone, enter the PUK and assign a new pin to phone to unlock it? It almost seems like the PIN would be stored on the SIM card, but this doesn't seem to be the case, because on this phone, there's no SIM in the SIM slot....

I booted into some weird modes a few times. One said Boost Mobile at the lock screen. One said Safe Mode, but every time, I needed to the PIN unlock code. I'm just thinking if I can get a Boost Mobile SIM card that we know the PUK for, can I just pop it in the phone and use it to reset the PIN on this phone?

Thanks.

Re: Dumping flash from HTC Desire 510

ICS is Ice Cream Sandwich Android version 4.0

Try at some GSM service center.
If they have something like Z3X easy JTAG then request them full dump of EMMC,or what you need to recover from.
New version have addons like Z3X Emmc File Manager more easy to read,search for data you need to recover.

Re: Dumping flash from HTC Desire 510

dont confuse the sim and the fone.
the sim has one pin code and 2 PUK codes that over-ride it and each other.
this has nothing to do with the fone or any pin stored in it's o.s.

if your not sure if the lock is on the sim or the fone, just put the sim in another fone or another sim in this fone.(one with no pin set)

Re: Dumping flash from HTC Desire 510

btw, other than making calls, an android phone should be fully functional without the sim - another way to see where the lock is.

Re: Dumping flash from HTC Desire 510

The problem is the NAND is encrypted. I thought of purchasing an Z3X easy JTAG, instead of trying to use my arm-usb-ocd-h jag device, but with the encrypted NAND, I think we're SOL. If I had the cell number, and the owner's birthday, I could just request the PUK code and reset the PIN. But no one seems to know the original phone number. Plus, the SIM card is missing, and from my understanding, the SIM card is needed.

I believe the PUK code is generated from something on the SIM card and the EMIE number or whatever it's called.

Re: Dumping flash from HTC Desire 510

The SIM is MIA. But with the PUK code, you can reset the phone's PIN, can't you? That was my understanding. The PUK code is tied to the SIM, but when they generate a PUK code, it pulls a number from the SIM but also uses the phone's IMEI number.

Re: Dumping flash from HTC Desire 510

Essentially, you type the phone pin incorrectly 3 times (when a SIM card is inserted) and then the phone becomes PUK locked. You call the carrier, provide information to prove who you are, give them the IMEI number, cell number, etc, they provide the PUK unlock code. You enter the PUK unlock code and once entering it successfully, you set a new phone pin.

If you enter a PUK code incorrectly ten times, the SIM card becomes completely useless.

Even if I were to put another SIM card in, one that I knew the PUK code for, I don't think it'd help. Because somehow, it's tied into the IMEI number, from my understanding.

Re: Dumping flash from HTC Desire 510

let me try again.

the simcard has the IMSI number & phone number in it.
it also has 1 or 2 levels of pincode option in it, and puk override codes.

it has no effect on the phone whatsoever.
----

the fone can have a pin or passcode or other method of lockdown, but it has nothing to do with the sim.
the fone can also be set to only recognise a specific sim - but can still run without one even if this option is set.
filesystem encryption is optional btw - and usually not used because it effects battery life.
it also does not effect the system partitions - or it couldnt boot and ask you for a key!
the IMEI and i suspect the key too, are never encrypted.

Re: Dumping flash from HTC Desire 510

There is confusion between simcard PIN and user phone code (named also PIN)
You can protect Android based phones by drawing some pattern on those nine dots,code or fingerprint on some.
That code some call it PIN so there is confusion.
In case of SIM PIN you can reset it by PUK code.
In case of phone code (named PIN in that case) no way to reset it by PUK

You may try to bypass this,no ideea how,but you may try to put a working SIM (without PIN) power phone,wait to register in network then call that number.
Maybe phone will ring,if yes answer call,then from phone application you may access some other function like video call wich may require wifi and let you access wifi settings,connect to a wifi network,send a sms to that number with a link like www.google.com maybe tapping on that link will open browser search some file browser apk and try to install it then you may have access to files on phone.

As for encryption I don't know sure.
On newer devices there is some optionto encrypt but by default is not on,user may switch it on


May I ask you what info you try to recover?

Re: Dumping flash from HTC Desire 510

I understand the SIM has it's own pin, but I thought the PUK was generated using some number off the SIM and the IMEI, and with that, it would allow you to reset the phone pin. Sorry for the misunderstanding and thanks for clarifying this.

I saw videos where people turn on the phone it asks for the pin (the phone pin) and after three invalid attempts, then it asks for the PUK. They call customer service, get the PUK number, and can reset the pin. Is this a SIM pin they've set and cannot remember?

With my wife's cell, if she sets a PIN and we enter it incorrectly X amount of times, it locks and even knowing the PIN won't unlock the phone. We have to do an e-mail recovery, where it sends us a special code and she enters that to unlock it. My brother's cell was like this as well (I tried guessing his PIN and got locked out) after 5 invalid attempts.

Re: Dumping flash from HTC Desire 510

Thanks! For phone "PIN", there's e-mail recovery, at least on the two phones I tried on, but they were newer phones. One was about 5 years old. The other one was about 2 years old (Samsung Galaxy S6 or S7 I think it's called).

I thought the encryption was automatic. If it has to be turned on, that's good. Then maybe dumping the NAND is still an option.

The family wants me to try and recovery text messages. The person is missing. The police are looking for him. They're treating it as a missing person's case and don't think foul play is involved. The family tried giving the police the phone but they said because there's a PIN, there's nothing they can do it and gave it back to the family.

I think if they wanted to, they could get the PIN reset by calling Boost Mobile and just telling them they're the cops.

I can't believe noone knows the phone number. There's no SIM in the card either. Someone said he was using some type of app that would give him a free phone number and text messaging whenever he had wireless network access, you know, from a computer's network.

Re: Dumping flash from HTC Desire 510

the police are full of shit, the carriers are legally obliged to store call records and texts etc for months - probably years.
and the NSA has a copy the FBI can request access to.

it sounds like he was using a SIP protocol service like skype though.
why dont you power up the fone without a sim and see if it lets you in?
if it does, enable ADB, unlock the bootloader, and flash a custom recovery such as TWRP.

then boot into the recovery menu and do a FULL-FLASH backup.

Re: Dumping flash from HTC Desire 510

There is no SIM, so that's how I've been powering it up. And yes, the cops around here aren't the best. We've dealt with them before and they've told various things that weren't true. Once, they ticketed me for not having a valid license, and although my license had expired, because I was in the military when it expired, I had what's called a military extension. I went to court, the judge dropped the charges. Then they pull me over again! This time, I have my home awaiting orders on me and the say because it's not notarized, it's not valid. The Marine Corps doesn't notarize things! If you got your home awaiting orders and they're signed, you know they're legit!

So, they ticket me again and say they're going to impound my car if they catch me driving again and throw me in jail!!! I told them what the judge said and they said I was just making it up and that they could have me arrested for harassment! So I go to court again, but this time, I ask for a supporting deposition. I go back to court, with the officer. The judge asks why I'm back. I explain how they pulled me over again. I was in my uniform. He asks me to go grab my home awaiting orders. I run out to the car, grab it, and give it to him. He looks it over and then asks the cop why he keeps ticketing me. The officer says because my license is invalid, my home awaiting orders aren't notarized, and how they've warned me twice now. The judge says the home awaiting orders look legit to him and that he suggests the officer actually learn the law a bit more before trying to enforce it.

That put a smile on my face. I think in all honesty, since the cops ruled out foul play and Travis just decided to leave on his own, they don't really care or want to go through all the paperwork. He's not a kid, he thinks the cops are after him for one reason or another. He'll show up sooner or later I bet.

Re: Dumping flash from HTC Desire 510

so the fone is asking for a pin without the sim?

Re: Dumping flash from HTC Desire 510

I personally would go this route.... https://forums.hak5.org/index.php?/t...e-4-digit-pin/

And if you can't get it to work on the device, even if it is encrypted by a pin, once you dump the eMMC it will only take 6561 digit combos to crack. My core i3 averages about 1000 passwords per second with everything running, so with that and overhead it should take around 77s to crack on my laptop.

Re: Dumping flash from HTC Desire 510

That's providing the pin was 4 digits and Spork has a Rubber Ducky/Teensy.
If it is 4 digits Spork would have been done by now trying them manually.
Quicker to buy one of the boxes that plugs into the phone/PC that can unlock pins and reset patterns Z3x, Volcano etc.

Re: Dumping flash from HTC Desire 510

Don't try to unlock bootloader.
After bootloader unlock HTC perform a hard reset and everything is erased.

Re: Dumping flash from HTC Desire 510

At least you aren't this guy spork. http://rare.us/rare-politics/rare-li...t-was-cocaine/