Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blu Smartphone G60 | Nethunter phone: Oneplus 7 pro - PIN not submitting by "enter" key #156

Open
Outlawed-Earl opened this issue Jun 9, 2024 · 11 comments
Open

Blu Smartphone G60 | Nethunter phone: Oneplus 7 pro - PIN not submitting by "enter" key #156

Outlawed-Earl opened this issue Jun 9, 2024 · 11 comments

Comments

@Outlawed-Earl
Copy link

Describe the bug

After the first 4-digit PIN attempt, no “Enter” key doesn't submit PIN, and the screen continues with the next 4-digit PIN

To Reproduce
Steps to reproduce the behavior:

  1. I have a OnePlus 7 Pro phone connected to a Blu G60 via cables OTG.

  2. Nethunter is installed on the OnePlus phone.

  3. Running sudo bash ./android-pin-bruteforce crack --length 4

Expected behavior
The 4-digit PIN should be submitted before the Next 4-digit PIN starts.

Screenshots
error4

My phones

  • The make and model of my NetHunter Android phone : Oneplus 7 Pro GM1915
  • The make and model of my locked Android phone : Blu Smartphone model G60

Can I send any keys

It looks like I can send keys, but the normal one don't submit the PIN's. when I submit an enter key I see the screen light up and same with the others.

echo "enter" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard 

echo "space" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard  

echo "ctrl + esc" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard

Sending the correct keys

  • What keys will bring up the PIN prompt?
    If I understand this its the ctrl + esc, but I'm not sure
  • What keys should be sent after the PIN is entered?
    This is my current issue.

Troubleshooting

  • Did you try rebooting both phones?

  • Did you try unplugging and replugging the cables?

  • Did you try new cables including the OTG cable?

  • The output of the diag command

Android PIN brute-force :: version 0.2
[INFO] # Diagnostic info
[PASS] HID device (/dev/hidg0) found
crw-rw-rw-. 1 root root 480, 0 Jun  8 20:19 /dev/hidg0
[PASS] hid-keyboard executable (/etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard) found
-rwxr-xr-x. 1 root root 72480 May 28 22:46 /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard
[PASS] usb-devices executable (/usr/bin/usb-devices) found
-rwxr-xr-x. 1 root root 4498 Jun 21  2023 /usr/bin/usb-devices
[INFO] ## Executing Command: /usr/bin/usb-devices
[PASS] usb-devices script executed succeessfully.
[INFO] ## Finding Android Phone USB Device
[INFO] Expected result, no device found.
[INFO] ## Sending Enter Key
[PASS] Key was sent succeessfully.
[INFO] ## Executing Command: /system/bin/getprop |grep usb
./android-pin-bruteforce: line 180: /system/bin/getprop: cannot execute: required file not found

[INFO] ## Executing Command: dmesg | grep -i usb | tail
[523939.689188] [20240608_19:01:57.419035]@3 msm-usb-ssphy-qmp 88e8000.ssphy: USB DP QMP PHY: Update TYPEC CTRL(2)
[523939.741987] [20240608_19:01:57.471833]@3 msm-dwc3 a600000.ssusb: DWC3 exited from low power mode
[523940.194430] android_work: sent uevent USB_STATE=CONNECTED
[523940.199594] android_work: sent uevent USB_STATE=DISCONNECTED
[523940.306389] SMBLIB: notify_usb_enumeration_function: status=1,vbus_present:1
[523940.322694] android_work: sent uevent USB_STATE=CONNECTED
[523940.326330] usb_gadget_vbus_draw USB setting current is 500mA
[523940.326508] android_work: sent uevent USB_STATE=CONFIGURED
[523940.882021] SMBLIB: smbchg_re_det_work: re_det, usb_enum_status
[523942.556763] [20240608_19:02:00.286604]@1 SMBLIB: smblib_update_usb_type: pm8150b_charger: smblib_update_usb_type: APSD=SDP PD=0 dash_on=0 real_charger_type=4

[INFO] # Troubleshooting tips
- Check the NetHunter phone is succesfully emulating a keyboard by connecting it to a computer with a regular charging/data USB cable. Open a text editor like Notepad and you should see it sending PINs. Note that you do not need an OTG cable for this.
- Check the Nethunter phone has a regular USB cable attached, and the locked phone has an OTG adaptor attached.
- Try using different cables/adaptors. You may have a faulty cable/adaptor.
- Perform a hard reset of both phones by holding down the power button for 20 seconds.
- Try this command: /system/bin/setprop sys.usb.config hid

Troubleshooting Instructions Section

Can I send any keys?

yes looks like all keys work

Are your cables correctly connected?

yes

Is your NetHunter Android phone capable of emulating a keyboard?

  • Check that the /dev/hidg0 device is present yes
  • Check that the /system/xbin/hid-keyboard binary is present
    no I had to change and compile.

The diag command will check that these files are present.
bash ./android-pin-bruteforce diag

N/a

Does your OTG cable work?

Yes

Does the script correctly send keys to a text editor in Windows/Linux/MacOS?

Keys work

Can you send keys to Windows/Linux/Macos from the command line?

Yes

Can you send keys to the locked phone from the command line?

Same as above.

Does the phone accept keyboard input when it is locked?

This works

Did you try a different locked phone?

Same as above but with a different locked phone.

Sending the correct keys

works

What keys will bring up the PIN prompt?

Using a keyboard, try keys and combinations of keys including:

  • CTRL + ESCAPE
  • ESCAPE
  • SPACE
    These all work

What keys should be sent after the PIN is entered?

This is the issue I am having. I can't find this

Troubleshooting

I've tested sending key with keyboard and using the nethunter phone.
I ssh into the nethunter phone and start sending echo "enter" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard it'll I didn't find the submit for the PIN.
@Outlawed-Earl Outlawed-Earl changed the title Blu Smartphone G10: Android 9, Nethunter phone: Oneplus 7 pro Oxygen 10.3.8.GM21AA - PIN not submitting by "enter" key Blu Smartphone G10 | Nethunter phone: Oneplus 7 pro - PIN not submitting by "enter" key Jun 9, 2024
@Outlawed-Earl Outlawed-Earl changed the title Blu Smartphone G10 | Nethunter phone: Oneplus 7 pro - PIN not submitting by "enter" key Blu Smartphone G60 | Nethunter phone: Oneplus 7 pro - PIN not submitting by "enter" key Jun 9, 2024
@urbanadventurer
Copy link
Owner

urbanadventurer commented Jun 11, 2024 via email

@Ajayi901
Copy link

Ajayi901 commented Jun 11, 2024 via email

@Outlawed-Earl
Copy link
Author

Try key combinations with enter like: echo "ctrl + enter" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard Kind regards, Andrew Horton

On Sun, 9 Jun 2024 at 11:22 AM, Outlawed Earl @.> wrote: Describe the bug After the first 4-digit PIN attempt, no “Enter” key doesn't submit PIN, and the screen continues with the next 4-digit PIN To Reproduce Steps to reproduce the behavior: 1. I have a OnePlus 7 Pro phone connected to a Blu G60 via cables OTG. 2. Nethunter is installed on the OnePlus phone. 3. Running sudo bash ./android-pin-bruteforce crack --length 4 Expected behavior The 4-digit PIN should be submitted before the Next 4-digit PIN starts. Screenshots error4.gif (view on web) https://github.com/urbanadventurer/Android-PIN-Bruteforce/assets/78323230/f238df10-ddab-4ff1-8077-c4ddd4248b71 My phones - The make and model of my NetHunter Android phone : Oneplus 7 Pro GM1915 - The make and model of my locked Android phone : Blu Smartphone model G60 Can I send any keys It looks like I can send keys, but the normal one don't submit the PIN's. when I submit an enter key I see the screen light up and same with the others. echo "enter" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard echo "space" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard echo "ctrl + esc" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard Sending the correct keys - What keys will bring up the PIN prompt? If I understand this its the ctrl + esc, but I'm not sure - What keys should be sent after the PIN is entered? This is my current issue. Troubleshooting - Did you try rebooting both phones? - Did you try unplugging and replugging the cables? - Did you try new cables including the OTG cable? - The output of the diag command Android PIN brute-force :: version 0.2 [INFO] # Diagnostic info [PASS] HID device (/dev/hidg0) found crw-rw-rw-. 1 root root 480, 0 Jun 8 20:19 /dev/hidg0 [PASS] hid-keyboard executable (/etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard) found -rwxr-xr-x. 1 root root 72480 May 28 22:46 /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard [PASS] usb-devices executable (/usr/bin/usb-devices) found -rwxr-xr-x. 1 root root 4498 Jun 21 2023 /usr/bin/usb-devices [INFO] ## Executing Command: /usr/bin/usb-devices [PASS] usb-devices script executed succeessfully. [INFO] ## Finding Android Phone USB Device [INFO] Expected result, no device found. [INFO] ## Sending Enter Key [PASS] Key was sent succeessfully. [INFO] ## Executing Command: /system/bin/getprop |grep usb ./android-pin-bruteforce: line 180: /system/bin/getprop: cannot execute: required file not found [INFO] ## Executing Command: dmesg | grep -i usb | tail [523939.689188] @. msm-usb-ssphy-qmp 88e8000.ssphy: USB DP QMP PHY: Update TYPEC CTRL(2) [523939.741987] @.*** msm-dwc3 a600000.ssusb: DWC3 exited from low power mode [523940.194430] android_work: sent uevent USB_STATE=CONNECTED [523940.199594] android_work: sent uevent USB_STATE=DISCONNECTED [523940.306389] SMBLIB: notify_usb_enumeration_function: status=1,vbus_present:1 [523940.322694] android_work: sent uevent USB_STATE=CONNECTED [523940.326330] usb_gadget_vbus_draw USB setting current is 500mA [523940.326508] android_work: sent uevent USB_STATE=CONFIGURED [523940.882021] SMBLIB: smbchg_re_det_work: re_det, usb_enum_status [523942.556763] @.*** SMBLIB: smblib_update_usb_type: pm8150b_charger: smblib_update_usb_type: APSD=SDP PD=0 dash_on=0 real_charger_type=4 [INFO] # Troubleshooting tips - Check the NetHunter phone is succesfully emulating a keyboard by connecting it to a computer with a regular charging/data USB cable. Open a text editor like Notepad and you should see it sending PINs. Note that you do not need an OTG cable for this. - Check the Nethunter phone has a regular USB cable attached, and the locked phone has an OTG adaptor attached. - Try using different cables/adaptors. You may have a faulty cable/adaptor. - Perform a hard reset of both phones by holding down the power button for 20 seconds. - Try this command: /system/bin/setprop sys.usb.config hid Troubleshooting Instructions Section Can I send any keys? yes looks like all keys work Are your cables correctly connected? yes Is your NetHunter Android phone capable of emulating a keyboard? - Check that the /dev/hidg0 device is present yes - Check that the /system/xbin/hid-keyboard binary is present no I had to change and compile. The diag command will check that these files are present. bash ./android-pin-bruteforce diag N/a Does your OTG cable work? Yes Does the script correctly send keys to a text editor in Windows/Linux/MacOS? Keys work Can you send keys to Windows/Linux/Macos from the command line? Yes Can you send keys to the locked phone from the command line? Same as above. Does the phone accept keyboard input when it is locked? This works Did you try a different locked phone? Same as above but with a different locked phone. Sending the correct keys works What keys will bring up the PIN prompt? Using a keyboard, try keys and combinations of keys including: - CTRL + ESCAPE - ESCAPE - SPACE These all work What keys should be sent after the PIN is entered? This is the issue I am having. I can't find this Troubleshooting I've tested sending key with keyboard and using the nethunter phone. I ssh into the nethunter phone and start sending echo "enter" | /etc/Android-PIN-Bruteforce-master/hid-keyboard/hid-keyboard /dev/hidg0 keyboard it'll I didn't find the submit for the PIN. — Reply to this email directly, view it on GitHub <#156>, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAY3FYD7OWCRTLEVHZPBLTZGOU4BAVCNFSM6AAAAABJANYSYOVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM2DCOJWGU3TMMI . You are receiving this because you are subscribed to this thread.Message ID: @.***>

So.... I tried "ctrl + enter" after sending the phone screen would turn on but after going to the PIN prompt. I submitted again and the same result PIN would not submit. I also got the error unknown option: +
image

Then I removed the + and only sent "ctrl enter" and still didn't submit the PIN...

Let me know if you have any other suggestions

Thanks

@urbanadventurer
Copy link
Owner

urbanadventurer commented Jun 12, 2024 via email

@Outlawed-Earl
Copy link
Author

Outlawed-Earl commented Jun 12, 2024 via email

@urbanadventurer
Copy link
Owner

urbanadventurer commented Jun 13, 2024 via email

@heskez
Copy link

heskez commented Jun 17, 2024

I am having the exact same issue!

@Outlawed-Earl
Copy link
Author

Outlawed-Earl commented Jun 17, 2024 via email

@heskez
Copy link

heskez commented Jun 17, 2024

I hooked my nethunter phone to my laptop and started the script I got something like: e1234eee5555eee7777eee etc

@heskez
Copy link

heskez commented Jun 17, 2024
edited
Loading

Tried to adjust his:
function send_enter() {
send_key enter
}

into ->

function send_enter() {
send_key return
}

But no luck...

@heskez
Copy link

heskez commented Jun 27, 2024

Nobody expercienced these kind of issues? Also I'd expected HEX as output but looks like it's decimal looking at these chars e1234eee5555eee7777eee

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@urbanadventurer @heskez @Outlawed-Earl @Ajayi901