galaxy s21 ultra has been taken over and i need help - Samsung Galaxy S21 Questions

someone has installed user certificates on my phone and changed hardware/software etc.. maybe flashed not sure but i need to get whatever got into my phone out and return it to its Original rom samsung. is there a way to figure out where it came from and can anyone help by chance willing to try anything. i know this much. its some kind of apatche license/certificate as well as several others idk what half of this means i know how to get into download mode for custom os push and how to get the the factory reset page etc but as far as code and things like that my knowledge base just is not there. anyone that can help it would be VERY much appreciated. PS> i think my current wife we are seperated and i think her jealous bf somehow hacked my phone to see our convos etc etc etc. but any help will be very much appreciated and if i can find out who or why and its him i will **** his **** too with community help nof course. been dealing with this going on 3 months now with my phone so to the forums i turn !!!!

If it is simply certificates, then follow the screenshots.
If you think the phone has been tempered, or rooted to gain unauthorised access to you, you'll have to boot into Download Mode and check KNOX status. If it contains 1, then you're screwed, and I advise you to go to the police.
If it is 0x0, then you're fine, but you must wipe/format the phone, just to make sure nothing is left that may track you. Unless your wife's boyfriend works at Samsung or your carrier's company. Haha. Then you're totally done for.
I thought people lost hope in marriage in Western Communities. Nothing is the same it was back then.

Mohamedkam000 said:
If it is simply certificates, then follow the screenshots.
If you think the phone has been tempered, or rooted to gain unauthorised access to you, you'll have to boot into Download Mode and check KNOX status. If it contains 1, then you're screwed, and I advise you to go to the police.
If it is 0x0, then you're fine, but you must wipe/format the phone, just to make sure nothing is left that may track you. Unless your wife's boyfriend works at Samsung or your carrier's company. Haha. Then you're totally done for.
I thought people lost hope in marriage in Western Communities. Nothing is the same it was back then.
Click to expand...
Click to collapse
my storage type says backed up to hardware for credential wise i think it. ill chex with the knox thing but i believe they have disabled it and police im not sure what good they would do at this point any suggestions?

Chrisih12 said:
my storage type says backed up to hardware for credential wise i think it. ill chex with the knox thing but i believe they have disabled it and police im not sure what good they would do at this point any suggestions?
Click to expand...
Click to collapse
KNOX is not something that can be disabled and enabled, it is a Samsung feature, they give it a special treatment that if someone tried to modify the device in an unauthorised way, it'll trip a fuse that cannot be repaired.
So it is simple, either the device is still under KNOX, or it is not, and you're probably being hacked, without you noticing that.
My credentials' storage also says backed up to hardware, it's normal. You simply follow the screenshots to clear any user-added credentials, if there's none, you won't have to worry.

Related

If You Bought a Used Android You Could Be Being Tracked!

I believe this information should be out there for all Android users and i dont recall seeing it anywhere but i hang out here right now and thought i would share what i discovered on accident.
i reference a RAZR M here but INSERT any Android phone as far as i can tell.
***please Devs and such i am not one so ignore my possible misuse of how exactly it operates but i just wanted to share the point of this not how the Android OS operates
i had a RAZR M with ROOT and installed Avast Mobile Security (i believe many others would do this as well) and since i was root i installed it as a /System app. this as some of you may not know makes it kinda part of the OS now. this means that a Factory Reset does not remove it but instead installs it again. i will explain how i discovered this:
- had a RAZR M as mentioned and i installed Avast as /System
- you can rename the app itself to whatever you want like "fletch33" and so anyone who finds your phone wouldnt know it was a security app and try to uninstall it. this is a great feature so i renamed it.
- this will do the standard stuff like locate your device, wipe it, make it beep, etc....
- i decided to give the phone to someone else and they wouldnt want root items or anything so i did a factory reset forgetting i had installed Avast as /System so they would have a clean start with the M
- since Avast was /System it became part of the Factory Reset process and so a what i thought was a clean fresh phone actually still had Avast on it but now since it was fresh and clean there were no signs like an app to remind me i had installed it as root. i honestly forgot it was on there.
- i had selected to get notifications of where the phone is if it traveled a distance but could see it whenever i wanted with a browser login to website and although i had reset it that STILL WORKS! i am getting emails when it moves and can login and see it.
- there are no visible signs that this is on the M (insert any phone)
- in my knowledge the only way the tracking etc... would stop is if i were to ODIN or SBF or whatever the equivalent is on that particular device or i would have to re-install Avast and it would then allow me to put in my passcode and then i could uninstall it.
the moral of the story is that any used phone could have had this done and if not by accident like mine but on purpose for whatever reason.
fortunately i gave the M to a family member and i will fix it for him but it really made me think what it could be used for ....
if this has been mentioned or i am incorrect i apologize in advance but when i started getting emails about where the phone i gave away was located all the time from Avast after a Factory Reset i decided i should share this so that others might take precautions with their second hand Android device.
1. I always Odin my phone and procedure to rooting with in a few short hours of owning device.
And if not, I'm pretty sure unlocking the device will erase everything. (in a lot of my previous cases)
2. And I see nothing wrong with the previous owner being able to track me picking up his wife and taking her back to the white house to make her my First lady
Yep, first thing I would do is wipe the phone properly.
"Factory reset" is a really bad name for the process...it does nothing of the sort.
Um, makes complete sense that you can still track the device. I assumed that before you even posted it. Same way you can track devices through android device manager, moto software, etc etc.
You're forgetting a huge oversight here.......it doesn't really do much good if stealing someones phone, then wiping it, would get rid of all tracking options. Kinda defeats the purpose. Otherwise people would steal someone's phone, factory reset, then go about their merry way and you're SOL...
TechSavvy2 said:
Um, makes complete sense that you can still track the device. I assumed that before you even posted it. Same way you can track devices through android device manager, moto software, etc etc.
You're forgetting a huge oversight here.......it doesn't really do much good if stealing someones phone, then wiping it, would get rid of all tracking options. Kinda defeats the purpose. Otherwise people would steal someone's phone, factory reset, then go about their merry way and you're SOL...
Click to expand...
Click to collapse
sure but since most Android phones dont offer a iPhone like recovery and most users dont even know what root it then to me its those people that should have concern.
i always ODIN or SBF etc.. myself if i pick up a used phone but most people woudnt even know about that.
Manufacturers should release iPhone like recovery system so that an average person can clean their phone without tech knowledge and downloading a file somewhere.

[Q] How To Format an Encrypted GS3

I work for a company doing tech support and one of the problems we've ran into is that our employees are sending their old GS3 devices back to us after we upgrade them and we cannot get into them. When we get the phones back they are locked, encrypted, and off. Our policy is that we never ask employees for passwords so that if our employees get someone asking for a password, their natural response is to take a step back and refuse to share passwords.
So now we have probably 10+ USCellular GS3 devices that are locked and encrypted. Does anyone know a way to wipe these to factory settings w/o knowing the password?
Thanks!
12059350 said:
I work for a company doing tech support and one of the problems we've ran into is that our employees are sending their old GS3 devices back to us after we upgrade them and we cannot get into them. When we get the phones back they are locked, encrypted, and off. Our policy is that we never ask employees for passwords so that if our employees get someone asking for a password, their natural response is to take a step back and refuse to share passwords.
So now we have probably 10+ USCellular GS3 devices that are locked and encrypted. Does anyone know a way to wipe these to factory settings w/o knowing the password?
Thanks!
Click to expand...
Click to collapse
Even if somebody knows how to I don't thing anybody in there right mind would post a solution here! (1) XDA would not allow it (2) It is illegal (3) Anybody who lets say uses a stolen phone would know exactly where to look to reset the phone!
Why didn't you just suggest for your "employees" to just factory reset their phones and unlock before sending them to you?..
WRONG
tallman43 said:
Even if somebody knows how to I don't thing anybody in there right mind would post a solution here! (1) XDA would not allow it (2) It is illegal (3) Anybody who lets say uses a stolen phone would know exactly where to look to reset the phone!
Why didn't you just suggest for your "employees" to just factory reset their phones and unlock before sending them to you?..
Click to expand...
Click to collapse
Ok (1)If anyone DIDN'T think this post was anything sinister, they sure as hell do now. Thanks man. (2) It makes no difference whether it is encrypted or not, i don't want the data off of it and that is the soul reason to encrypt a phone, to keep the data inside protected. (3) WE RIGHTFULLY OWN ALL OF THESE DEVICES but just cannot unlock them (4)Even if they were stolen, their MEID would be blacklisted and they would just be a glorified mp3 player that cannot be hooked up to a network.
This is not illegal, not even a little bit. Prove me wrong with data to support it buddy.....
12059350 said:
Ok (1)If anyone DIDN'T think this post was anything sinister, they sure as hell do now. Thanks man. (2) It makes no difference whether it is encrypted or not, i don't want the data off of it and that is the soul reason to encrypt a phone, to keep the data inside protected. (3) WE RIGHTFULLY OWN ALL OF THESE DEVICES but just cannot unlock them (4)Even if they were stolen, their MEID would be blacklisted and they would just be a glorified mp3 player that cannot be hooked up to a network.
This is not illegal, not even a little bit. Prove me wrong with data to support it buddy.....
Click to expand...
Click to collapse
Funny how u work for a company tat does tech but dun know tat it is IMEI instead of MEID.
(1)He was saying tat xda does not allow anyone to make use of the info to do illegal things. So if anyone got a stolen phone, they can use the info here and xda will be partially responsible.
(2)no idea wat u are saying
(3)Wat I said in '(1)'
Sent from my GT-I9300 using xda app-developers app
80% Right
12059350 said:
Ok (1)If anyone DIDN'T think this post was anything sinister, they sure as hell do now. Thanks man. (2) It makes no difference whether it is encrypted or not, i don't want the data off of it and that is the soul reason to encrypt a phone, to keep the data inside protected. (3) WE RIGHTFULLY OWN ALL OF THESE DEVICES but just cannot unlock them (4)Even if they were stolen, their MEID would be blacklisted and they would just be a glorified mp3 player that cannot be hooked up to a network.
This is not illegal, not even a little bit. Prove me wrong with data to support it buddy.....
Click to expand...
Click to collapse
To say my post was WRONG is inaccurate (partially wrong maybe)
My original answers:
(1) XDA would not allow it (RIGHT THEY WOULD NOT!:good
(2) Illegal (Maybe not..my mistake )
(3) Anybody who lets say uses a stolen phone would know exactly where to look to reset the phone! (OBVIOUSLY RIGHT!:good
Your answers:
(1) People may think it was sinister because of the nature of the question wiping a locked phone! (not that I think you personally have anything to hide)
(2) I know what encrypting a phone is
(3) I NEVER SAID YOU DID NOT OWN THE DEVICES!
(4) I never said anything about the imei ..(and they would make good mp3 players )
My point was to say you would not get any answer on here on how to wipe the phones!
But you still did not answer my question why did you not just ask the employees to just unlock and factory reset before returning to you (would have saved you alot of trouble)
I was not saying the your phones where stolen but posting any information on here about wiping locked phones would not be allowed and would be a haven for people who are not entirely honest..
Thanks
JellyYogurt said:
Funny how u work for a company tat does tech but dun know tat it is IMEI instead of MEID.
(1)He was saying tat xda does not allow anyone to make use of the info to do illegal things. So if anyone got a stolen phone, they can use the info here and xda will be partially responsible.
(2)no idea wat u are saying
(3)Wat I said in '(1)'
Sent from my GT-I9300 using xda app-developers app
Click to expand...
Click to collapse
Ok ass hat, 1st, the IMEI contains the MEID (at least on my devices it does) so ease up and 2nd, forgive me if i use the wrong acronym, it's not like IT Professionals have that many to remember.... (sarcasm since we are spelling it out) and 3rd, you spelled "that" wrong so i don't feel bad for making a small mistake.
12059350 said:
Ok ass hat, 1st, the IMEI contains the MEID (at least on my devices it does) so ease up and 2nd, forgive me if i use the wrong acronym, it's not like IT Professionals have that many to remember.... (sarcasm since we are spelling it out) and 3rd, you spelled "that" wrong so i don't feel bad for making a small mistake.
Click to expand...
Click to collapse
Oh well u are just angry tat my form of typing is too fab.
Sent from my GT-I9300 using xda app-developers app
similar situation..
hi all.. ive posted this in another forum but havent seen a reply yet. i thought i'd try my luck in this thread as it's kinda relevant to my situation. obviously im not fluent in cellphone tech but at the recommendation of a member here i went to root my gs3 (gt-i9300) using kingo. i should have stuck to the old adage, "if it seems to good to be true, then it probably is.." but thought safe in the recommendation of others... the idea of rooting my phone in a single click process seemed wonderful. so, i now have a hardbricked phone.
after whipping up a usb jig following various youtube guides i was able to get it back to download mode. so, my primary question is, "because my phone was encrypted before becoming a brick, am i able to restore it using odin?" or will it keep taking me back to the encryption password screen with no hope to restore the phone?
ok, what the problem is, is this: i've tried to re-flash firmware from sammobile relevant to my country and model with odin(v3.07), it completes successfully, reboots, then takes me back to the encrypt screen. the prob is, when i enter the password the phone just turns off and i have to take the battery out to get back to download mode through the usb jig. also, after trying to flash with an earlier firmware, it just keeps saying "try again" without turning off, still no joy but atleast with that firmware it didn't turn off.
any help or guidance would be very welcome, as i'm willing to keep working if i can restore my phone, if it's beyond hope then i will just dump it.

[Q] Need to regain access to a previously-stolen password locked Galaxy S III

Okay, so it's a bit of a long story but there's a woman I work with who had her virtually-new Samsung Galaxy S3 stolen by her recently-split husband last year. We all knew it was him, but we had virtually no evidence, other than it's disappearance. Anyway, so this woman recently was in his now-separated husband's flat & was rooting around. She found a Samsung Galaxy S3, smartly took a picture of the IMEI & left it. She knew it was hers, but wanted to be 100% sure. She went home, checked the box, & of course they did match. The next day, she went back to his house & manipulated the situation so that she could find enough time on her own to go take the phone back without him knowing. So she brings it into work with her the next day. The problem is, the phone now has a password lock on it. She then spent the night trying to guess the password, but to no success.
So, me being the tech guy that I am, she asked me to try to get into it. I said, the easiest way would be for me to wipe it & factory reset it, but that she would lose all of her information. She doesn't want me to do that. She wants to get pictures & stuff of her / their kids off the phone, as well as look into who her ex-husband had been talking to / see who knew about him stealing the phone. So, I said it should be possible. However, I'm not a hugely great phone guy. I'm good with computers, but not so much phones.
So, we spent the day trying various exploits found on Google or YouTube but to no success. There was one method where we had a little success where we turned the phone on > Emergency Call > Emergency Contact > Press Home > Press Power > Unlocked home screen in then meant to appear. It never did. Although we could get it to quickly flash whatever was on the home screen (which was a picture of her / their kids, which she'd set to the phone before it was taken).
So without any of those methods working, I'm tasked with now getting into the phone at home. I have no idea whether USB debugging is enabled, I would assume not. We are unable to reset the password via Google Recovery or anything because we're never offered the option. As I say, she doesn't want me to wipe the phone. But there has to be a way to get into it otherwise, either through brute force, or one of those other password cracking methods possibly?
There was a technique I found on Google at work, something about connecting the phone to your computer via USB then trying to do some stuff from command line or through a Linux distro, which I need to re-find & try.
But alas, does anyone here have any methods or know any ways that I could get around this password lock?
I have to say though, I'm glad it's not that simple (atleast it appears so, anyway) to get around one of these passwords. Makes me feel a little safer for my own Galaxy S3! haha
Hey
You said u tried the Google account method right?
If that's not working try to flash philz recovery and from that you can access the contents of the internal SD card..
U can also TRY to use the custom back up option offered by his recovery and then custom restore the data..
I can't assure you that it will work but you can try it..
Best of Luck
-tchindalia
Sent from my GT-I9300 using xda app-developers app
We did not try a Google account method, I don't think? Think we tried to log in to the ex-husband's Google account on my iPad for some reason (can't remember why now tbh) but we could not guess his password. He's apparently changed it since they split.
Won't flashing the phone wipe everything that's on it?
Hey
Not if your just flashing a recovery..
Just youtube for some videos on this...
I had see one some time back..
Sent from my GT-I9300 using xda app-developers app
Benaholic said:
Okay, so it's a bit of a long story but there's a woman I work with who had her virtually-new Samsung Galaxy S3 stolen by her recently-split husband last year. We all knew it was him, but we had virtually no evidence, other than it's disappearance. Anyway, so this woman recently was in his now-separated husband's flat & was rooting around. She found a Samsung Galaxy S3, smartly took a picture of the IMEI & left it. She knew it was hers, but wanted to be 100% sure. She went home, checked the box, & of course they did match. The next day, she went back to his house & manipulated the situation so that she could find enough time on her own to go take the phone back without him knowing. So she brings it into work with her the next day. The problem is, the phone now has a password lock on it. She then spent the night trying to guess the password, but to no success.
So, me being the tech guy that I am, she asked me to try to get into it. I said, the easiest way would be for me to wipe it & factory reset it, but that she would lose all of her information. She doesn't want me to do that. She wants to get pictures & stuff of her / their kids off the phone, as well as look into who her ex-husband had been talking to / see who knew about him stealing the phone. So, I said it should be possible. However, I'm not a hugely great phone guy. I'm good with computers, but not so much phones.
So, we spent the day trying various exploits found on Google or YouTube but to no success. There was one method where we had a little success where we turned the phone on > Emergency Call > Emergency Contact > Press Home > Press Power > Unlocked home screen in then meant to appear. It never did. Although we could get it to quickly flash whatever was on the home screen (which was a picture of her / their kids, which she'd set to the phone before it was taken).
So without any of those methods working, I'm tasked with now getting into the phone at home. I have no idea whether USB debugging is enabled, I would assume not. We are unable to reset the password via Google Recovery or anything because we're never offered the option. As I say, she doesn't want me to wipe the phone. But there has to be a way to get into it otherwise, either through brute force, or one of those other password cracking methods possibly?
There was a technique I found on Google at work, something about connecting the phone to your computer via USB then trying to do some stuff from command line or through a Linux distro, which I need to re-find & try.
But alas, does anyone here have any methods or know any ways that I could get around this password lock?
I have to say though, I'm glad it's not that simple (atleast it appears so, anyway) to get around one of these passwords. Makes me feel a little safer for my own Galaxy S3! haha
Click to expand...
Click to collapse
If he lets her into the house so easily then:
1- HE didn't steal the phone because he felt no need to hide it
2- The "woman" is invading the guy's privacy and checking personal info without consent
3- Seeing who he talked to is a typical behaviour pattern of someone who is invading someone's privacy for ill intentions
4- the "woman" can always request for the guy to share the kid's photos and other stuff. No need to snoop around
To the OP:
If you do help this person break into the phone and turns out it wasn't hers, then you are aiding in a possibly criminal activity.
If he did steal, then all the best to you. Otherwise; Beware of the LAW.
~ RazorMC
RazorMC said:
If he lets her into the house so easily then:
1- HE didn't steal the phone because he felt no need to hide it
2- The "woman" is invading the guy's privacy and checking personal info without consent
3- Seeing who he talked to is a typical behaviour pattern of someone who is invading someone's privacy for ill intentions
4- the "woman" can always request for the guy to share the kid's photos and other stuff. No need to snoop around
To the OP:
If you do help this person break into the phone and turns out it wasn't hers, then you are aiding in a possibly criminal activity.
If he did steal, then all the best to you. Otherwise; Beware of the LAW.
~ RazorMC
Click to expand...
Click to collapse
OP alr said the imei matched so the phone is the woman's. Unless tat was a lie.
To the OP, have u tried samsung's "find my mobile"?
Sent from my GT-I9300 using xda app-developers app
JellyYogurt said:
OP alr said the imei matched so the phone is the woman's. Unless tat was a lie.
To the OP, have u tried samsung's "find my mobile"?
Sent from my GT-I9300 using xda app-developers app
Click to expand...
Click to collapse
Like I said, if it was indeed stolen, then I wish the OP luck.
I'm just curious why the person never approached the police with proof of ownership instead of trying to bypass the security.
Cheers :good:
~ RazorMC
RazorMC said:
Like I said, if it was indeed stolen, then I wish the OP luck.
I'm just curious why the person never approached the police with proof of ownership instead of trying to bypass the security.
Cheers :good:
~ RazorMC
Click to expand...
Click to collapse
I can't remember the reason she believed the phone was stolen, to be honest. The reason she had access to his house, was because they have kids together. She had gone to go drop the kids off, or pick them up. For some bizarre reason, I don't know why, he left her in the house alone after he went to take them to school (telling her to lock the door when she leaves). She took that opportunity to look around the house for the phone, as he'd never previously admitted to taking it but she was sure he did.
She found the phone, took a picture of the IMEI, went home to match to the IMEI on her box & it saw that they were the same. She's shown me the picture as well. confirming that it was indeed her phone, she then went back to her ex's flat the next day (because he was going to come along to their daughter's birthday). Just as they were about to leave, she says she needs the toilet. So, she runs back upstairs & grabs the phone without him knowing.
I think the reason why she never went to the police about it is because he was trying to get citizenship to remain here in the country, & she didn't want something like this to jeopardize whether she's in a relationship with him or not; they do still have kids together. Sending him back to Kenya over a phone wouldn't do anyone any good.
JellyYogurt said:
OP alr said the imei matched so the phone is the woman's. Unless tat was a lie.
To the OP, have u tried samsung's "find my mobile"?
Sent from my GT-I9300 using xda app-developers app
Click to expand...
Click to collapse
Which "Find my mobile" thing are you on about?
---------------------------------------
I appear to have found a way to bypass the lock screen via the ADB, but I think it only works for a lock pattern. Anyone know or have any ideas what to do for a password?
http://forum.xda-developers.com/showthread.php?t=2237382
For hours now I've been trying alsorts of stuff, from doing things via terminal, trying to do things through recovery, & alsorts to no success. However, I did find one solution that worked:
http://forum.gsmhosting.com/vbb/f77...-pin-reset-no-root-no-usb-debug-free-1722271/
Was posted here on XDA Developers as well, but the thread was closed. Many virus programs do immediately notify that the program contains viruses / trojans, but not sure if they're false positives? Anyway, disabled AVG & it worked like a charm! So, if anyone else needs similar help, maybe try this?
Alas, suppose this thread can be closed now.
^^ That malware had stopped working and that is why it was closed on other site as well.
~ RazorMC

New here and have a problem with my old Samsung J7 Max as well.

Aight so I have this Samsung Galaxy J7 Max that I've been trying to unlock for more than 2 years now. I of course, don't want to lose the super important data it holds. It got locked out randomly and hasn't been able to take up the pattern I had put on it till date. I'm absolutely sure no one changed its lock screen pattern and its the phone that is unable to recognize the exact same password it had before this happening. I got hold of it today and yet again, started looking for solutions on YouTube and the internet itself. After all of my research, one thing is clear. There is only one way that the pattern lock can be removed in such a condition; by deleting this system folder called gesture.key that lies within the phone itself. I am by no means a nerdy software dev or something but I do have very little knowledge about these workarounds. I used an ADB via a cmd terminal to contact my phone. But it turns out that due to my usb debugging setting not being turned on in my phone, the adb didn't have the required authorization to make any changes to the target. I then got my phone into stock recovery mode and chose the Install through ADB option there. Now when I input the command adb devices, the prompt showed me my device ID, but instead of the "unauthorized" indicator beside it, it now had the indicator "sideload". I had no idea of what had to be done when such happens, so I tried the adb shell > cd data/system > su > rm *.key [taken from an XDA forums thread] commands again. But right on the second step it displayed error this time. I have tried using a key eraser via sd card too, but it just doesn't happen, the sd card folder in the stock mode does not display the contents of the folder.
Now the phone isn't being an obstacle in my life right now, but I really hope there's a way to fix it. Early help would be appreciated. Thank You.
If the data is super important why isn't it redundantly backed up?
Having a set lock screen and storing data on the OS is a sure fire way to lose data, eventually.
Maybe you'll get lucky... is that drive encrypted?
If not it may still be corrupted and unusable.
Don't put yourself in this position again... been there, done that
@blackhawk As I said, this was an absolutely random incident, had never even thought this could've been the case someday. Its not like the phone crashed and then this happened, I turned off my phone's display and the next time I woke it up, the pattern wasn't working anymore. Furthermore, the timed attempts that happen after 5 incorrect tries wasn't existing anymore. Now it could be that someone did get the timed attempts wrong as well [it isn't my own phone]. But I really don't see any other reason to that occurrence.
About the backups, I mean cmon, I was 15 back then, a medico student even more so. I never got my hands around backing up anything. But yes, have been backing up every single bit of data within these two years.
The storage drive shouldn't be encrypted. It was a regular phone bought online that had pdfs, images, recordings and videos stored. The google account was not that of the owner either! It was my uncle's account that was being used ever since he bought it. And since there was never a problem having used his account for quite a while, we never cared to change it to a new google account. Now my uncle's google account itself handles another device, his own phone, exact same model, Galaxy J7 Max. I have tried using his account at the Google Find My Device app to locate and unlock the phone that way [I hope you know it has the three options Ring, Secure and Erase Data]. But it happens so that the Secure phone with password option only for devices that have been lost and don't have a security lock already setup, which wasn't, unfortunately, my case. So that option was greyed out.
For the data corruption, you might be correct. But that phone still does receive SMS texts, calls, whatsapp texts and other notifications. They just don't show up on the lock screen anymore. I honestly had the "Screw the data, I'll erase it anyway" thought yesterday, but during my latest tries, I found the XDA forums website to be quite helpful. Had not it been the damn USB debugging, the solution I approached from this forum would've got the job done in a couple minutes. Again, if the data might've gone corrupted, I will erase the data [I mean I would have to]. But this little glimmer of hope that I experienced yesterday is what is preventing me from doing that. I really hope there is a fix to my situation.
@Chinmay47
a phone can get booted into these modes
Normal ( AKA Android OS )
Recovery
Fastboot
Sideload
EDL
Sideload mode is used to flash OTAs and/or ROMs.
Recovery mode allows you to perform some ADB actions as e.g. pull userdata, but this reqires ADB ( read: USB debug ) got enabled.
So my guess is you can't recover phone's userdata at your own, this would have to be done by an external service who can pull out phone's internal SD-card and has the forensic tools to read it.
@jwoegerbauer Surprisingly the idea of taking the phone to a forensic service struck me yesternight too. As you mentioned, since I can't recover the phone's data myself, all tips and tweaks on the web should now be struck off of my list of solutions. I'll leave the data to some forensic services then. Let's hope the recovery is worth the hassle. The thread is still open to more suggestions though. Thanks for the replies everyone. Really appreciate it!
Chinmay47 said:
@jwoegerbauer Surprisingly the idea of taking the phone to a forensic service struck me yesternight too. As you mentioned, since I can't recover the phone's data myself, all tips and tweaks on the web should now be struck off of my list of solutions. I'll leave the data to some forensic services then. Let's hope the recovery is worth the hassle. The thread is still open to more suggestions though. Thanks for the replies everyone. Really appreciate it!
Click to expand...
Click to collapse
It not a card they can pull. More than likely it's on a BGA chipset, the hardest kind there is to work with.
If they can't access the data on/with the mobo they will have to unsolder the chipset without damaging it then put it into a test jig or another mobo (after pulling that mobo's matching chipset).
If they can access the data on the mobo, not so bad. Otherwise not so good.
Let us know how this plays out for you.
Here's one I found showing you this complex procedure: https://flashfixers.com/recover-data-dead-phone-chip-off-data-recovery/
They may be able to help you, but I have no personal knowledge of this company.
blackhawk said:
If they can't access the data on/with the mobo they will have to unsolder the chipset without damaging it then put it into a test jig or another mobo (after pulling that mobo's matching chipset).
Click to expand...
Click to collapse
Actually thought of this idea right after a couple days from the beginning of the problem. Yes its gonna take loads of precision and patience but it does sound doable. Maybe that's what is gonna be the last option for the forensic service too in case, god forbid, they aren't able to do it the "simple" way. Can't say yet, but I'm gonna keep this thread updated with all the developments that take place.
Chinmay47 said:
Actually thought of this idea right after a couple days from the beginning of the problem. Yes its gonna take loads of precision and patience but it does sound doable. Maybe that's what is gonna be the last option for the forensic service too in case, god forbid, they aren't able to do it the "simple" way. Can't say yet, but I'm gonna keep this thread updated with all the developments that take place.
Click to expand...
Click to collapse
If they need to remove the chipset the chances of failure increase. Flash memory retension is generally good for 10+ years but it may be damaged in the removal process if so, snake eyes.
Get price quotes up front for the whole process.
Once they got the phone, they got you by the balls. Not saying they aren't trustworthy but feel them out. If it's a couple hundred and you get the data back, you did good.
No idea of the cost though, my guess is $400-1000+ especially if they need to pull the chipset.
That's high risk even if they do it by the book.
If their policy is no data, no charge... expect higher rates to cover their loses.
@blackhawk All of that sounds kinda terrifying if you ask me. Well I mean, there is always a first option that can be tried without any mentions of pull-aparts. Yet I will surely judge the person well before I hand my device in his hands. I would try my level best to not take it to the critical stage, but if it needs be and there is a really high chance of losing my data, I can factory reset my data at home by myself too can't I? Future shall tell I suppose.
If you factory reset it all data will be lost.
It will not be recoverable!
If you want the data you will need to use a service like I showed you. They will need physical access to the phone to recovery the data.
The phone may be scrape afterwards
@blackhawk Sure does look like it would be! But paying to get your phone reset for you is way to harsher than doing it yourself. It is only in case the data is nearly impossible to recover that I'll reset the phone myself.
Chinmay47 said:
@blackhawk Sure does look like it would be! But paying to get your phone reset for you is way to harsher than doing it yourself. It is only in case the data is nearly impossible to recover that I'll reset the phone myself.
Click to expand...
Click to collapse
Reset? Most likely destroyed.
Do you really want the data?
blackhawk said:
Reset? Most likely destroyed.
Do you really want the data?
Click to expand...
Click to collapse
I actually do though. But well, if it ain't coming back then why wish for it. Yeah the data was really important.
Chinmay47 said:
I actually do though. But well, if it ain't coming back then why wish for it. Yeah the data was really important.
Click to expand...
Click to collapse
Call them up and see what they say.
Since it's not physically damaged they may be able to access it none invasively.
blackhawk said:
Call them up and see what they say.
Since it's not physically damaged they may be able to access it none invasively.
Click to expand...
Click to collapse
I'll do that and report back ASAP. Thanks for the help sire!

Question Help me reverse engineer this mod? How do i get my phone back to stock rom, and regain full control over it? Unroot?

I have a A52 5g and a tab S7+ wifi, that are both remotely controled and monitored, and serve as gateway to my home network and basicaly every device connected to it. I noticed it at first and mew NOTHING related to this, didnt even know what open source was. Since then i have come to understand that, somehow, my phone seems to run a custom version of android, my guess is, built from AOSP and designed to disguise itself as oem samsung ui, but in background enables remote access and total takeover of every function. I have discovered, using total commander, that storage has been partitioned in 2 separate locations, and that one folder in there is called root system file, and filled with data/apk/installkits/etc.. this has me asking for help in 2 specific questions:
Am i holding a rooted device or is there another possibility that creates this situation? I was convinced its rooted untill i read here that root prevents from using samsung pass, secure folder etc.. and those seem to work on mine(or is it a version of those apps?) If its indeed rooted, will it wype everything if i flash it with the stock rom? And should i trust a small cell repair store to do that or learn how to do it myself?
2: i have bought 3 brand new phones since august, and made sure not to use my usual accounts, no use backups, not even set it up near my home wifi, and it almost instantly started self installing harmful software in background. I see no other way for it to link itself to be owned by me at initial setup, but for the sim card, new of course, but with my usual phone number and service transfered to it. Is that enough to make a breach and compromise a new device? If so, what would be different after fpashing the stock rom, if everything reinstalls itself? Do i need to change my number? Change cellular service provider even? I know its an unusual request but im a fast learner, i have compiled lots of technical info on specific apps, ip's, servers, build id numbers etc.. that i know would make more sense to anyone more qualified than me, and i am about ready to try and wype/flash the thing myself, i just would feel better with a little help since i have gone this far pretty much alone, since no service provider or manifacturer actualy feels like this is their problem to solve....
Here you can download firmware for your phone and flash with Odin, which you can also download at the bottom of the page, there are instructions on how to do it also.
Make sure to download correct firmware for exact device you have. There are few different A52 5G models.. SM-A526B, SM-A526U, SM-A5260, SM-A526U1, SM-A526W.
You will lose all data after flashing new firmware. After this your phone will be like brand new from Samsung..
If your device is rooted then that means your warranty is void and manufacturers and carriers are under no obligation to help you.
I'm trying to understand your situation but its so conflicting I don't know where to begin.
For example, you say your device runs a custom AOSP with a Samsung UI. Thats exactly how it actually works. Samsung take the AOSP, customise it with their own functionality, then overlay their own skin as the UI. Theres absolutely nothing unusual about that.
I'm conflicted as to whether your rooted or not. If the manufacturer or carrier has physically seen the device and won't repair it then that would suggest your definitely rooted. If you spoke to them virtually and told them your rooted then they will use it as an excuse whether you're truly rooted or not. The partitions you mention could be the internal storage and an sd card which can be seen non-rooted. I dont know what you mean when you mention a "root system file". Is it an actual folder called "root" or is the app you're using just telling you that you've reached the "root" of the filesystem? I can't quite work out what you mean. You also say Knox-powered apps still work which just adds to the confusion.
You stated you have had 3 new devices and they all self-installed harmful software. To get one device compromised is possible. To get three compromised means your either a high profile government target (which I doubt because they wouldn't be so sloppy as this) or your doing something to compromise your own devices such as continuously visiting dodgy websites.
Flashing will fix things but so would having a new device. The only common denominator is you so either you're doing something wrong or you truly are a government target in which case I wish you good luck!
First let me appologise for the long silence, i cut off most online activity for a while and just read your answers. To clarify, i have not solved my prolem yet. But ill try to explain better what you ask about my situation:
About de os version arobase40 got it right. I Asked google play help reps. And a stock samsung version of android would not trigger googles warning about running a custom version of android. So that point to a modified after-the-fact more than to the fact samsung has their propierary version installed.
About beeing rooted or not, ylwhat you are asking is what im not totaly certajn of, also. I know partition can happen without rooting, its seems to have created a "virtual sd card" since its named as such when sd card slot is actualy empty. About the root files folder, i cant say for sure, all i can say is that its holding a large amount of Gigs that dont get taken into account when looking at storage capacity and usage, and accessing that folder gives me a message that root files cant be access from this device. Does it mean my device had root acess privileges revoked to prevent viewing files that hide what is given control of the software remotely, so i dont find out or have the capacity to remove or alter those files?
What is absolutely sure is that if it is rooted, it wasnt done by me. As for the chance the devices were not factory brand new, 1 of them was not, got it opend box from amazon, a saudi arabia version, but my prkblems had started months before getting it, did not keep it more than 2 months, and all others before and since are 100% pure factory new, some directly from my cellular service provider, as financed device came with 2 year agreement of service,(actualy 2 of them i got this way) and the last one is my tab s7+ i got online directly from samsung canada website, on preorder, delivered on release day.
And lastly the fact i cant seem to shake those persistent leeches, is not from having reckless habbits online, but from having careless and uneducated habbits before that all started, usual older lazy dude stuff, like not changing my wifi password after a ruff breakup with bipolar psycho ex gf, or having only a few passwords reused on most my accounts. I have stopped doing those things long ago now that i know better, but i suspect that i could have been unaware something gettnng installed and staying dormant for a while, maybe? The ex had way more opportunities than needed to do something like this and is more than psycho enough to realy do it also. For having the skills to do it, lets say she has "assets" that can easily get her guys willing to help about that. It may also be coming from somwhere else, but as you say im not a super spy or a high ranking gov. Official. Im not even that interesting, and have absolutely no usable id for fraud or anything, my credit history would raise more red flags then there is in all china. So after so long struggling with this still very active, i cant even think of a rational reason to do so much effort into this, theres nothing to gain, i only can imagine that maybe a twisted mind seeking revege, or with a sick way of amusing themselves could see the point to all that, but i dont realy care. I only want to get rid of it.
As for the way it manages to be so much persistent, i can only see one option left i didnt remove from the process, and its through my phone number/account on the sim card, even a new sim on a new phone, still is linked to my cell service. I did initial setup with only that new sim card, accounts freshely created during setup, with no info or anythink linkable to my previous accounts, and even did it sitting outside, far from any building that could get me in range of a wifi network. And it still was no more effective at staying secure.
Thats why i did not yet try to flash a stock rom myself on my device, because it would, at best, become exactly like it was when brand new, and i know that this is not enough to keep it secure, and that means theres still something im missing in the whole picture.

Categories

Resources