Pin codes, pass phrases and patterns – these are the most commonly used lock screen securities. Most devices have an option to securely wipe themselves if the wrong code is entered over a certain amount of times, but research shows that most people don’t use this option due to fear of accidentally wiping their device themselves.
Phones and tablets are generally attacked with software because exploits are rife for the most popular devices. However, there are times when attacking a device with software isn’t possible or practical for various reasons. That’s where this lock screen cracker comes into play; It’s a hardware based brute force cracker that will physically press buttons, guessing at the code until it gets in.
It can crack capacitive screens using a special stylus and resistive screens using a regular plastic pole. Without modification It can crack pins (e.g 1980) and phrases (e.g pass123). With modification it could crack patterns. It has adjustable delays to avoid temporary blocks which are often enforced for entering too many incorrect codes.
To crack a new device (e.g ipod, iphone, android phone) you simply place it under the arm and map out each individual key position. The cracker will then go through a dictionary of words (for phrase based security) or the most common pin codes (for pin based security) before trying every possible combination.
Demo video – cracking the lock screen of an Android tablet
How does it work?
The device is made up of an Arduino clone, 3 servo motors and some scrap wood and metal. There are two arms and a trigger. The arms move in combination to position the trigger over the correct key. The trigger arm (the part that pushes the buttons on the screen) can be swapped between a special stylus for capacitive screens or a standard plastic pole for resistive screens. Making it compatible with cheaper tablets and phones as well as higher end devices like the iphone, ipad and kindle fire.
The cracker starts with the most common codes (e.g 1234, 1970-1990) and then moves onto sequentially increasing codes. A similar approach is used for phrase based locks.
A webcam watches the screen of the device, constantly checking if the device has been unlocked, ready to stop the cracker when the correct code has been found.
Many devices protect against this form of cracking by locking you out for a certain amount of time if you enter the incorrect code too many times within a set time period or if you enter too many incorrect codes in a row. Generally this protection is only going to delay the cracking, eventually the cracker will get through. With some smart delays between tries, you can limit the amount and length of lockouts that you experience.