I hacked myself: Android edition

Besides a crappy Windows Mobile 6.1 phone I owned years ago, I bought my first smartphone in 2012 – a Lenovo A660 from a rather unknown Chinese Smartphone seller. (They did not only declare the package as a gift, they even wrote a gift card which stated ‘Merry Xmas, Yours Dan’) The device was already rooted and came with a custom ROM, which was a nice service, because all official images were Chinese. Being the stupid trustful person I was back then, I decided to use the phone as it was until I migrated to a new phone. Dan was such a nice person, how could i not trust him?

After years of being abandoned in one of my boxes I got interested in it again, when I was looking for something else. I cleaned the connectors, powered it on and booted the phone. I was greeted by a lockscreen, which asked for a PIN I didn’t know anymore. Since I knew it was rooted and I didn’t use PINs longer than 4 digits back then, I thought it would be an easy task to ‘hack’ it. I was right!

The ‘hack’

‘Hacking’ yourself is obviously easy, but being someone who easily forgets things it is something you have to do occasionally. Knowing that it must have been an Android 4.X it took me a Google search to find a suitable solution. Since USB debugging never really worked with this device, but cwm-recovery was installed, I found a way easier solution: The Aroma filemanager, which can be started out of cwm-recovery. So I booted into cwm-recovery, started Aroma from the sdcard and copied the files I needed to the sdcard and put the sdcard back into my laptop. After that I had to bruteforce a 4 digits numerical PIN, which of course was solved by hashcat in a split second.

Easy. But why did I bother to write down something I did on a rainy afternoon in October 2019? First of all, because you can’t start a blog without a first post. On the other hand: I plan to publish more posts about ‘hacking’ myself and make this a series, hopefully with more helpful posts than this one. (And think about it: If my phone were a Raspberry Pi in a lunch box, I would be able to talk at the next C3)

Conclusion

  1. Don’t use stock ROMs, but never use arcane custom ROMs from the Chinese seller of your trust. Don’t buy mysterious China phones, buy a Lineage OS compatible device. Much worse thing could have happened and I can’t believe how stupid I was.
  2. I don’t really get why 4 digit numerical PINs have been a thing, even in 2012. Maybe because SIM cards require 4 digit PINs since the 90s, so it’s still a thing in old people’s minds.

See also