New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is there anyway to recover a forgotten PIN # on my personal Android phone?? #38
Comments
The only way to do this is by rooting your phone (without erasing it, not all devices support this), and browse through the file system and locate the PIN setting in the Mycelium app private data. |
Hi Jan Bob ----- Original Message ----- The only way to do this is by rooting your phone (without erasing it, not all devices support this), and browse through the file system and locate the PIN setting in the Mycelium app private data. — |
Actually it is a file with the extension .APK ----- Original Message ----- The only way to do this is by rooting your phone (without erasing it, not all devices support this), and browse through the file system and locate the PIN setting in the Mycelium app private data. — |
after you have rooted the phone you can access the pin at inside is a "PIN" entry in the xml file. |
Ok ----- Original Message ----- after you have rooted the phone you can access the pin at inside is a "PIN" entry in the xml file. — |
On a stock (non-rooted) android 4.4.2, do you know if running adb backup (or any other backup utility) will make a backup of all the wallet files under /data/data/com.mycelium.wallet ? If I root my phone to find my PIN on my Nexux 4 it will erase everything, so I will need a backup that I can restore after rooting. |
No, mycelium is exempt from backup. |
OK, great, thank you. I also responded on reddit: http://www.reddit.com/r/nexus4/comments/21pfp7/on_a_stock_nonrooted_nexus_4_running_442_can_i/ |
For future references, what one could try is: Get the second phone, same as this one to test it on first multiple times if needed.
This has been tested and verified on: |
Hi 2pac1, i have forgotten my Pin and i'm not really tech savy so it would be very helpfull if you could help me. I use a Samsung S10 Note Is it possible to extract it from there? I'm very thankfull for any help cause i'm not able to do it myself 🙄🙏🏻 |
WARNING!!!The above methods are not recommended by Mycelium and we do not vet them in any way. You might lose your coins to a scammer. You might destroy your phone. Be careful! The PIN protection is a feature and we do not endorse any way of circumvention but can't rule out that experts would be able to reset the PIN in any way. |
The above method only works if you could unlock the bootloader without
wiping the data. And if you could put custom recovery (twrp), also without
wiping.
If that doesn't work then it's down to:
1. Data extraction from the chip
2. Privilege escalation exploit
3. Having Mycelium give you debugable version of the app which you can run
as "run as" via console.
The above scenario happened to John Doe where somehow she/her now has a new
mycelium wallet on a new phone without writing down the seed or setting the
pin themselves.
Don't know if that is a bug that could happen.
Old phone has different wallet.
And sorry @Zab0x I cannot help you.
I posted here just for anyone else who might run into this problem in the
future.
And for Mycelium team >> there is a potential security improvement that
could be done.
If one deletes the data/data/com.mycelium.wallet/shared_prefs/settings.xml
the pin will be removed upon restarting the app. But when you want to set
pin again, it will not ask you to verify the seed, like it did ask the
first time when you have set the pin.
It should ask you to verify the seed each and every time if you are setting
a spending pin.
Because if not, you might end up in situation where you don't have seed and
cannot enter pin.
…On Tue, 9 Mar 2021, 02:45 Zab0x, ***@***.***> wrote:
Hi there,
thank you for your help and i will be careful 🙏🏻
As you mentioned in you reply " experts may be able to help "
Could you recommend me towards a expert who can help me?
I'm pretty lost arm, cause i can't remember my Pin 🙄.
Would be thankfull if me as not tech savy someone could help me.
All the best 🙏🏻
Leo Wandersleb ***@***.***> schrieb am Di., 9. März 2021,
02:25:
> WARNING!!!
>
> The above methods are not recommended by Mycelium and we do not vet them
> in any way. You might lose your coins to a scammer. You might destroy
your
> phone. Be careful!
>
> The PIN protection is a feature and we do not endorse any way of
> circumvention but can't rule out that experts would be able to reset the
> PIN in any way.
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <
#38 (comment)
>,
> or unsubscribe
> <
https://github.com/notifications/unsubscribe-auth/ATETVCXOPXSTPJMEHK7JODDTCV2JTANCNFSM4AK4LRCQ
>
> .
>
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#38 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AILPGMENHR3KR6FTXSJUPF3TCV4TFANCNFSM4AK4LRCQ>
.
|
I used a version of Mycelium which still allows for unlimited retries when inputting the PIN (prior to 2.8.4), yours might be as well. I'm currently cracking my PIN by connecting my old phone to a computer, stream the screen and wrote some script to try out all 1000 000 possible combinations. The advantage is that this method is less invasive then the others so if this one fail you can still try out the others. I might be able to help, just ping me a line on Twitter (https://twitter.com/codevagabond) |
Android does not allow to down-grade the app to an older version. To install an old version, you either have to delete the app with its data or you need access that would allow to extract the key or delete the pin trivially anyway. |
Yes I was referring to people who still have the older version on their phone. The brute-force worked for me! |
No description provided.
The text was updated successfully, but these errors were encountered: