I'll start with a disclaimer: this phone is, following the laws in my country, legally in my possession. I'll share some anonymous background information, but that is not the subject of this post. The phone came into my possession after my brother abruptly passed away (him being the previous rightful owner and not having a partner or children). Because of how he passed away I am not capable of gaining access to the phone; however, also because of how he passed away, me and the family really want to gain access to the phone. I know that there are professional options for gaining access to it, but that is too expensive at the moment.
The phone is an LG G6 running the latest available firmware (which is Android 9.0). The Phone has a pattern lock and maybe also a fingerprint lock (which might be easy to get past, because of a blatant security flaw in the sensor he shared with me). Another problem however is that I, using his computer that was still logged into google, locked the phone using FindMyDevice (let's not get into the why of this one).
I have a good background in (high level) programming (anything above and including imperative languages like C) and am capable of figuring things out quite some time until I need assistance. However I don't have any experience with (ethical) hacking. Low level programming or other things I haven't tried don't scare me though an I would gladly take the challenge.
I did try to access the phone using adb, however I didn't get into the phone. I'm afraid the service is disabled, but I don't know that for sure, because the usb port is broken. I am currently trying to repair it, but the parts haven't arrived yet (Update: Fixed it; but ADB and MTP are disabled).
I am especially interested in (officially disclosed) exploits (anything that works when you have access to the phone itself or less) that might make it possible for me to (temporarily) gain access to either the phone itself or the data on it. It goes without saying that the data should not be altered or destroyed in the process.
Thank you in advance
1 Response
I finally repaired the usb-port; it is functional and the computer can see the device. However both MTP and ADB have been disabled and obviously cannot be enabled without the pattern, we are looking into making educated guesses, but it will probably be be impossible without brute-forcing it (which is hopeless work). So, I am still hoping somebody knows about some vulnerability or (preferably) an exploit for this specific device or android 9.0 in general.
Share Your Thoughts