Hack Application Pattern Lock

Is locking your phone or any application using a pattern lock truly safe from cracking?

The answer is NO. Many apps use pattern locks, but these can have security misconfigurations in their authentication process. Let me explain how this works and show an example of how such an app could be compromised.

How Pattern Lock Authentication Works

When you set a pattern lock, the pattern usually follows a 3x3 grid, which means there are 9 points:

For example, if your pattern goes through the points 1-> 4 -> 7 -> 3 -> 5, the authentication system generates a SHA1 hash of the sequence. In this case, the SHA1 hash would be computed from the string "\x01\x04\x07\x03\x05".

There are two common security flaws related to pattern lock apps:

Let’s move on to hacking an application using this method.

2. Navigate to the app’s data directory
Go to the application’s path inside the /data/data directory:

3. List the app content
Once you found the shared-prefs directory, list the contents of the dir.

If you take a look at the content of this directory file, you will find a juice string variable with the name: image_loack_patternand this variable contains an encryption key:

4. Working on the key
This key appears to be base64 encoded; let's first decode it and store the result in the file calledpattern.key:

5. Crack the pattern
To crack the key and retrieve the pattern, use a Python tool designed to crack Android pattern locks. Run the tool on the pattern.key file:

I use this tool: A little Python tool to crack the Pattern Lock on Android devices

Note: If this tool is not working on python, try using python2.

BOOOOOOM 🔥🔥

Now you can draw the pattern as shown by the tool (e.g., from point 1 to 5) and unlock the application!

THANKS FOR READING ❤️

If you want to connect with me, feel free to reach out to me on LinkedIn