Root NationSoftHowTo & LifehacksIs Factory Reset Protection such reliable? Bypassing the Android security on Samsung Galaxy S7

Is Factory Reset Protection such reliable? Bypassing the Android security on Samsung Galaxy S7

-

Today, quite a curious thing happened to me. I change smartphones often, and this day had no signs of trouble. I took the smart phone, left the office and started setting up the device, but surprise waited for me.

When I turned on the smartphone, a window with the following message popped up on the screen: “An unauthorized attempt to reset the device to factory settings. To verify your identity, connect to the Wi-Fi network or mobile network.”. I did not attach any importance to this message and tried to log in my Google Account, but was unsuccessful – I was told that I need to log into an account which belongs to this unit. After that I started looking for a solution. And finally I found it, and that is what I’m going to tell you. But first let’s try to understand what kind of protection it was.

factory reset protection

This text is posted for reference only security problem Android, do not use the methods described with malicious intent, or you will be punished by the virus, the police and by Sundar Pichai himself.

Factory Reset Protection in Galaxy S7

Google more and more are working on the protection of user data with each Android update. With the arrival of Android 5.1 is now available a new method of protecting data – Factory Reset Protection. As a measure of control over tampering and modification of the software, this security tool uses Google account registered on the device. This method of Google Account verification is implemented to prevent unauthorized reset to factory settings, and modify the software without the knowledge of the owner of the device. This aspect is important in case the device is lost, stolen, firmware was changed or a factory reset have been done. The essence of the FRP – to prevent an attacker to access the system, to lock the phone as long as the user does not confirm ownership of the device with a password and ID. FRP can be considered as an alternative to iCloud activation lock in iOS.

What certainly would not help if your device is locked using FRP:

  1. Firmware with modified recovery mode (if the OEM-unlock is allowed, fraudsters can steal information)
  2. Installing of services firmware
  3. Installing of firmware with modified software without Google services (again, if the OEM-unlock is allowed)
  4. Wipe data/factory reset using Android Recovery will launch FRP

On the Internet you can find several ways to circumvent the blocking of the device, but there is no fools in Google, and about every month security update is available which cover the “hole” through which took place FRP avoiding. At the moment I have found a way to circumvent the protection, but on different devices it is done a little differently. I will describe how I did on the Samsung Galaxy S7, this method is suitable for the other Samsung devices.

For this method I should to express gratitude to rootjunky! Before all manipulation it is needed to be connected to an active network of Wi-Fi. At first you need go to the link, download and install RealTerm 2.0. Once installed RealTerm, turn on smartphone and connect it to a computer via USB-cable. Your smartphone will be defined as a modem. Now it is necessary to run the program RealTerm. On a Display tab put a tick in the Half Duplex option.

RealTerm

Then go to Send tab, enter the command at+creg?\r\n and press Send ACSII. If it says “OK” on the command line, enter the second command atd1234;\r\n and then press the Send ASCII.

RealTerm

After that, your device will make a call to the number 1234. You will need to quickly drop the call and then even faster to press the button of adding a number to your contacts. Then we go down to the bottom and click at “Scan a business card.” After that we’ll go to the store Galaxy Apps, in which ypu need to find and download the ES File Explorer.

Open ES File Explorer and go to “Bookmarks”, and then click Add. In the “Path”, enter the following:

The «Name» field, enter any name. Then click Add and your bookmark is saved. Then click on the tab you created and go to the site file storage, where download and install two files. Install and download the necessary precisely in this order:

  1. Android_6_Google_Account_Manager.apk
  2. com.rootjunky.frpbypass-1.0.apk

Once installed FRP Bypass – just open it. Then click on the three dots in the upper right corner and enter the browser. They enter the data of the desired Google Account, through which the device will be unlocked.

Then reboot your smartphone, and we met again a message about unauthorized reset. Click “Yes” to connect to the Wi-Fi and start the activation process. During activation, enter the username and password from the Google-account, which was administered in the previous step. After all these procedures, your phone will take this account as correct and will be turned on.

It can be concluded that the Factory Reset Protection is not a very reliable method of protection if the device is lost or stolen. His main rival – iCloud Activation lock from Apple – appeared three years ago, and the attackers are still not able to create a simple or a fully working way to get around system. So Google’s protection still has room to grow.

This text is posted solely in order to familiarize with the existing problem, and is not a motivation or instruction for action.

Denіs Lіtvіnenko
Denіs Lіtvіnenko
Свадьбы, праздники, корпоративы. Пользователям Android - скидка!
- Advertisement -
Subscribe
Notify of
guest

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments