Help Required in Clearing Doubts Regarding Cyber Forensics (Android)

Hello everyone, hope everyone is doing well. While going through this article online i had few question to ask. I hope to get an answer :slightly_smiling_face: P.S read the full guide before answering my question.

Link to the article: https://android.gadgethacks.com/how-to/7-ways-bypass-androids-secured-lock-screen-0165540/

Method 4: Perform a Factory Reset

As the article states: “due to a new anti-theft feature called Factory Reset Protection, you’ll need to know your Google account password to use this method if the phone was released in 2016 or later.”

Question: How can someone bypass screen lock when we don’t know Google account password? As from a cyber forensics point of view we won’t be knowing Google account password in most of the cases or else the thing would have been something else. You know we need to get physical access to the device.

Method 5: Use ADB to Delete the Password File

As the article states: This next option will only work if you’ve previously [enabled USB debugging] on your phone, and even then, it will only work if you’ve allowed the computer you’re using to [connect via ADB]. But if you meet those requirements, it’s a perfect way to unlock your device. However, note that models with encryption enabled by default may not be compatible with this workaround.

  1. No non-techie user will ever enable Developer Mode in their phone.

  2. Even if Developer Mode is enabled what if USB Debugging is not enabled?

    Question: How will we be able to bypass screen lock in such cases?
    

These are the question which are making me very curious. Hope someone helps.

1 Like

I think you are looking for FRP Bypass
Some bypass methods need to have access on the target phone before factory reset to remove the google account from settings.
But there are some phones which have bugs, that can help you bypass it,without the need of any access in phone settings (for specific models and android versions).
I have not tested any method though because I have just Huaweii p9 and Mate20 :stuck_out_tongue:.

I hope I helped you search a bit deeper :wink:

So that means we need to find bugs in Android or particular smartphone in order to proceed with cyber forensics?

It depends on the case.
If legal user was storing data in his sd,then you can easily retrieve it’s data from there by just reading it.
But if you want to read the main storage, then the first thing is to check if the phone’s model has removable storage (like old Huaweii phones) or finding some other things,like android version for finding security flaws.

So what about those third party softwares claiming to bypass any kind of protection mechanism? How do they work?

I really do not know.
Most of them are scamming (not proved though),because they are showing that you can do it free ,and when you try it,they are telling you that you need to pay.

It’s like other third party softwares that claim that they can recover corrupted data,but even their premium versions cannot recover them (this is confirmed by me many times).

But if they are not scamming,then most probably,they found a vulnerability or backdoor or magic.:man_shrugging: I will ask a good friend who is working on forensics and when do it,I will inform you :wink: . (I hope I will see him soon :joy:)

1 Like

Thank you buddy :grinning: i hope you see your friend soon and clear my doubt lol :grin:

1 Like