I am running Maximus 5. I used the built in storage encryption.
I want to remove the encryption but I can't. I tried to wipe it out in TWRP, just to mount it. No password prompts.
Nothing in the bootloader helps. Any ideas? Do I have to go back to the stock recovery to remove the encryption?
You'd need to open them in whatever program you used to encrypt it in the first place, and re-save the files without it. There's no way to just "decrypt" something, that's the whole point of encryption.
Related
As per the title. I have an S4 Active, humming along happily with "activeroot" applied when it first became available. I realized this morning that I never deleted the activeroot app itself, but when long-pressing the icon to get to the uninstall menu, my finger slipped. I really like geohot and his work, a whole lot, but the fact that there isn't at least a confirmation screen before overwriting important system files really grates on me. The instant the tap happened, the screen went black, and became immediately stuck on the AT&T logo at reboot.
If I power the phone up normally, I only see the AT&T logo for as long as I care to stare at it before powering it down. I can reboot into the stock recovery, but because the phone doesn't ask me for the disk-encryption password as in a normal boot, I see the error "Can't mount /data (Invalid argument)". The only non-destructive thing I could do at that menu was to wipe the cache, which obviously did nothing for my bootloader or encrypted disk. I feel pretty sure I haven't lost any data on that encrypted disk yet, and I know I could do a full factory wipe, but I'm hoping I have a better option:
1) Could it possibly be as simple as trying to send "towelroot", the newest root, to the phone via adb and execute it?
2) Without the ability to write to the disk, can I get a log file for further troubleshooting / ideas?
3) Is there a way to decrypt the disk over usb to at least pull over any non-backed-up files before performing a factory wipe?
4) Can I install a different recovery which might give me more or better options?
Thanks for any help you can provide! = )
Hi guys, I've been using TWRP for a long time, but this one is a bit of a head-scratcher for me. I'm running stock Android MMB29S on my N6, unlocked bootloader, and unrooted. I decided to install TWRP 2.8.7.1 and then root it with Beta supersu 2.66. The fastboot flashing of TWRP went fine the first time, and I opted to leave TWRP read-only. But I didn't install supersu right afterwards. Rather, I rebooted into system first, and downloaded supersu. When I attempted to reboot into recovery again to flash supersu, I'm finding out that stock recovery has overwritten TWRP. Ok, no problem, I re-flashed TWRP, but this time I allowed it to modify the system (instead of read-only). Now, I'm unable to see anything under /sdcard or any of the other folders when I go to flash the zip. Under the "Mount" Menu, I see that only "cache" is checked. Didn't want to mess with anything there.
Rebooting into system now gives me the "Your device is corrupted..." spiel, which I'm not concerned about, but I really do need to be able to see files in TWRP. Would re-installing TWRP be an option or even a different version of it?
mount system. if its still empty after that, use twrp to locate the right place in the filesystem. yes, like a file explorer app twrp can act
The solution to my problem was actually as simple as just removing the lockscreen passcode. I was wondering why TWRP was asking for that in the first place. Once I removed the lockscreen PIN and went back into TWRP I was able to see all the files. Happily rooted now. :good:
I have a Moto X2 with Android 6.0 and TWRP 3.0.2
I just turned on full disk encryption and set a pattern screen lock.
The first time I enter TWRP, it asked me for the pattern. However, after that, when I reboot into TWRP, it doesn't ask for pattern anymore.
I can't find any option about forget password or ask every time in twrp.
I am afraid others can just enter TWRP and copy my files through ADB or MTP. So is there a way to solve that?
BTW. I read the principle of Android full disk encryption. I guess TWRP already stored my master key somewhere, but I can't find it.
Trying to install a different STOCK ROM on my phone,
I unlocked the bootloader, flashed TWRP, now I am on TWRP menu, connected the phone, I can see the phone directory on my windows 10 file explorer.
Trying to copy and paste, the transfer starts but it hanhs there, nothing is tranfered, wht to do?
Maybe try a few other recoveries using download mode. And find one which seems to work. Also you might want to use the format data feature under wipe, in-case it's some kind of data encryption issue.
Hi everyone. Got a puzzle for you forensic data recovery guys out there. I am a fool having a bad day today. For the first time in 10 years of screwing with Android, I backed up my ROM with twrp and also backed up my sms and calls, but then managed to somehow forget to copy those files off the internal storage before trying to flash my phone to LineageOS and botching the internal storage. Here is what happened.
0) Before state: Rooted (I think) and for sure running OxygenOS 5.0.3, flashed via TWRP. TWRP version 3.2.1-0. 128 GB OnePlus 3T
1) Backed up System, data, etc to backup on internal storage via TWRP. Booted into OS and backed up SMS and calls to .xml file.
2) Wiped data, system, cache and dalvik/art cache.
3) Downloaded LineageOS w/ microG via zip in TWRP and attempted to install. Received error that I needed to update the modem to at least 9.0.3.
4) Mounted storage from TWRP and copied in Stable9.0.3+Firmware+Modem_OnePlus+3T.zip. Ran the install and was successful.
5) Installed lineage-17.1-20200826-microG-oneplus3.zip via TWRP. Left prompt to install TWRP checked and booted into OS.
6) Upon boot, saw the message: "Decryption unsuccessful" The password that you entered is correct but unfortunately your data is corrupt.
7) Rebooted back into TWRP to mount storage. Could not get anything to mount because it would not accept my decrypt passcode.
8) Figured TWRP bug, flashed twrp-3.4.0-0-oneplus3.img via fastboot. Could decrypt now with passcode but all storage read 0MB
9) Flashed modem back to OnePlus3T_5.0.3-25-05-18-FIRMWARE-flashable.zip via adb sideload method which is what I assume I was running before since that was the OS version. Rebooted
10) Booted back into TWRP, discovered I still couldn't see files. Downgraded TWRP back to 3.2.1-0 via fastboot.
11) Unable to decrypt from TWRP or even install zips. No change at any point in the OS. Flashed TWRP back to 3.4.0.0.
12) Ran adb shell twrp decrypt XXXXXX (where XXXXXX is my pin) which gave me this message:
Attempting to decrypt data partition or user data via command line.
(then it returned to shell so I assume it worked)
13) Ran an ADB pull command (adb pull /dev/block/dm-0 backup.img). There is obviously something there because it downloaded 111 GB worth of .img file (which I'm 99% certain was the amount of space I had used on the phone). Tried to open the .img file with multiple EXT4 programs and they all said the file/partition was corrupt.
14) Tried to wipe data via TWRP. Failed to wipe because it couldn't be mounted. Followed this:
https://************/how-to-fix-twrp-unable-to-mount-storage-internal-storage-0mb/
15) Ended up with MTP mount of 101 GB free space. Everything seems to be lost on the phone at present. No programs I use to recover the data off the MTP mount (just doing a raw file scrape) can see it as a OnePlus in Windows.
After finding a better guide on XDA, it sounds like this is a known issue that happens when you go from 5.0.x to 9.x on this phone where your encryption breaks and you lose all files. Unfortunately I saw that about 15 minutes after step 14...
My next thoughts would be to:
a) downgrade everything (ROM, firmware, etc) and then try to push the 111 GB .img file back to the phone via ADB, then flash a stock OnePlus 5.0.3 ROM over it to see if I could get the internal storage to mount again. Don't even need to boot into the OS--just to get the internal storage mounted again through TWRP.
--OR--
b) convert the .img file to a .raw and then possibly a .vhd and use Recuva or something to scan the image of the phone and see if I can find those .xml files and maybe a twrp backup if I'm lucky. Although if the entire .img contents is still encrypted and not actually just a corrupt android filesystem, I think I am hosed on this option.
I would prefer option a) but I didn't know if anyone had any insight on this. I thought maybe there would be a way for me to get into the filesystem via ADB maybe and clear out some botched encryption cache or keystore/etc in order to get it to mount again. I'm also not sure if you're able to downgrade the firmware or modem either from 9 to 5 (even though I never got errors on downgrade). Thoughts? Am I just royally hosed?
Tried option b. Nothing but garbage. I made a backup of the .img file this time... so still would be willing to try option a) unless anyone thinks that this is impossible.
Edit: yep... may be too late... https://forum.xda-developers.com/on...-9-0-3-5-0-8-firmware-barrier-t3941164/page18
To my knowledge the data partitions content is unrecoverable lost after the reboot from 5) to 6). The img contains the messed up (and still encrypted) dm0 container but without the enctyption footer which is "outside" the dm0 container in sda15 (aka userdata) partition. To decrypt the img you are missing the device dependent key (an encrypzed partition can be decrypted only on the device the enctyption has been done on) as well as the encryption footer (which is messed up after the reboot).
Format data (not only wipe!) and start over.
Thanks for the reply. That makes sense and is what I was afraid of.
I wonder if it would be possible to regenerate the crypto footer by doing something like this to get the HMAC keys and then flashing a rom to recreate the cryptofooter and then editing the key values to reflect the old cryptofooter values based on the KeyMaster extraction via this exploit.
http://bits-please.blogspot.com/2016/06/extracting-qualcomms-keymaster-keys.html?m=1
It might depend on how much of the cryptofooter is left and whether or not 5.0.3 is vulnerable to these CVEs...
I’m not sure if I know enough about the KeyMaster structure to know how to rebuild it even if I were able to retrieve the HMAC keys.
I also know TWRP now supports EDL so perhaps there is something with a Qualcomm tool I could yse to assist.
Obviously this would mean security issues for everyone on these older builds if I am able to regenerate the crypto footer.
Are you aware of adb commands or likewise that I could run to survey the KeyMaster damage?
As stated: to my knowledge the data is lost after the first reboot with the 9.0.x bootloader.
If you search the official los thread (don't remember if 17 or 16) you'll find some detaled postings on restoring the keys after updating the bl from 5.0.x to 9.0.x. The user, who has examined that has failed, but perhaps it helps to shine some light on your questions.