Attention all programmers and the likes
 

I've searched the internet but to no avail. I am in a predicament, that being that I cannot access my N810 because i cannot remember my password. Resetting is not an option, as I need the info on her, her in this case being the N810. I do not see any simple solution to this problem (if you have one, please alert me), so I am issuing a challenge to end all challenges; find a way to let me brute force the password box.
My savior will win precisely:
- one (1) unit of admiration from yours truly
- three (3) mental-fives (I won't be able to physically hi-five you, so you'll have to excuse this scrubs reference [excuse it because I'm ashamed of my past relationship with this show that has become nothing more than trash]).

But I digress, so I shall leave it at... GO!

Re: Attention all programmers and the likes
 

The reason for a password is so someone who doesn't know it can't get your information, so I don't think you can do this in an easy way that anyone here will help you with.

Re: Attention all programmers and the likes
 

Sounds like a job for forensics. Unless you had the thing encrypted, you should be able to get at the data. How you do that may be tricky. If the data you need is on an MicroSD card it would be easier. If it is on the internal memory, you should still be able to pull the data off you need.

That's assuming the thing still works somewhat, and you haven't overwritten what was on the internal memory.

Re: Attention all programmers and the likes
 

Do you have ssh installed?

Re: Attention all programmers and the likes
 

There is no simple solution. If you have a computer with Linux/Mac OS X then I can help.

Re: Attention all programmers and the likes
 

dude_sweet: I have some on the microsd which I can just take out of the n810, but I mainly don't want to lose all the apps I installed, because it took forever to get the setup I have right now.

lardman: I do have ssh installed.

qwerty12: I have BackTrack2 on my flashdrive, so I can have a computer with linux if need be.

Re: Attention all programmers and the likes
 

Hrm, lardman has an interesting point. If you can connect via ssh while it's asking, then this will be a lot simpler. if not, then I have another method...

Re: Attention all programmers and the likes
 

And how would I go about attempting these two methods?

Re: Attention all programmers and the likes
 

Smells like another new user posting for help on how to crack a password of a freshly stolen N810.

Re: Attention all programmers and the likes
 

I've concocted this up. I'm not going to give a step by step.

Download flasher-3.0 into your backtrack install, download this initfs : http://qwerty12.maemobox.org/initfs/initfs.jffs2 , use flasher-3.0 to flash the initfs image only (read the help) and enable rd-mode using the flasher. When you boot the tablet, your lock code will be shown in the corner.

I will be deleting that initfs image at 8:00 PM GMT, so you've got ~2 hours to download it.

Re: Attention all programmers and the likes
 

now thats a can of worms...

Re: Attention all programmers and the likes
 

Yup. Sucks to be him! Tip for the future: "don't forget your password."

Honestly, I can't see how someone forgot their password for something as commonly used as a screen-lock. That's why I agree that it's a scam.

And about backups: "You don't convince people to take periodic backups. Repeated tragic data loss convinces people to take periodic backups." So hopefully he's been convinced to make periodic backups.

Re: Attention all programmers and the likes
 

I forgot my password because I never used it, and I don't usually use all-number passwords, so it wasn't some that I had memorized. If you'd like me to post pics of the packaging or whatever, I'll do it, but that really wouldn't help anyone and it would just keep me from my n810 that much longer.

qwerty12: I'm sorry, I just got back from work, so I guess I was about an hour late on that dl. Any way I could get you to repost it?

Re: Attention all programmers and the likes
 

qwerty12: please do not post that kind of cracker tool here.

Re: Attention all programmers and the likes
 

Way way way too late for that. (pentesting thread, aircrack-ng, not to mention my numerous other posts on doing the same albeit from a booted system).

Besides, I don't call it cracking when the code is stored in plaintext ;).

The major navicore cracking thread still exists.

@tron

I'll reupload tomorrow with the same conditions and after that, the file WILL not be coming back even if you miss it again.

Re: Attention all programmers and the likes
 

there are legitimate uses and requirements for these kind of apps and workarounds.

the open source heart in me says post all the information we have on the devices.
one side of me is nervous incase my machine is nicked and used against me says no.

i think if the software is obtained legitimately and the methods are publicly documented then why should we stop qwerty from walking through the process?

it might actually benefit one of us at a later date.

Re: Attention all programmers and the likes
 

security is a double edged sword...

Re: Attention all programmers and the likes
 

I don't know why I find this somehow different than the other tools you listed, but I'm really not one to talk; I don't use a security code. I also usually keep no unique data on my tablet; this has been changing lately as I experiment with note taking tools... especially liqbase and maemopad+, since the notes & sketches are saved in a proprietary format.

Re: Attention all programmers and the likes
 

heh qole, i agree on the data side.
My nokia is my very personal diary now and theres notes on it which I would not want anyone to have.

you are right that they are proprietary (though open), and this will likely not change, but I will ensure there is a valid export format in the next release and that the current (very simple) format is fully documented.

Re: Attention all programmers and the likes
 

thanks a bunch, qwerty

Re: Attention all programmers and the likes
 

[It might be shady, but it might not be either.]

Once you'll pass a certain age your relatives will understand this by observing you. But you won't because you'll even forget you forget. I've forgotten passwords because I never had to enter them. Then I found out I had a few characters wrong (so did brute forcing) or had the correct password but the wrong method for authorization.

It happens. **** happens.

But it should not happen, and there are options to mitigate this. In order to securely manage your passwords you can use an application which stores them securely (using cryptography to store the data) and is only opened using a master password.

For Navicore I found the price for the offer too ridiculous although this was partly because of the internal GPS quality. Later I found a way to buy a cheap license.

Re: Attention all programmers and the likes
 

Normally, I would do that, but I didn't store my pw for this because I never thought I'd have to use the lock. I hit it accidentally when I was trying to power off.

Honestly, I'm surprised this doesn't happen to a lot more people. It seems to me that the device lock would be useless to the majority of users.

Re: Attention all programmers and the likes
 

It happens.

To naysayers I give a hint: PUC code...

Re: Attention all programmers and the likes
 

@tron

Got until 12:00 PM GMT to get it.

Personally, to me, it's the fact that the code is available so easily. All you need to be is root to get access to the mtd devices. I don't use the lock code, I don't keep information that is personal - just music, books etc.
One program that does get the code (getlockcode) doesn't even access the mtd device, it just asks the closed source dsme program which happily gives it out.

Re: Attention all programmers and the likes
 

aand amount of things you know about the interbal workings...

Re: Attention all programmers and the likes
 

When should I have the n810 connected? I used the command "flasher-3.0 -enable-rd-mode -flash-only initfs.jffs2" but when I enter it, nothing happens, except that the computer can detect the n810 now.

Edit: Scratch that last part. I just realized I was forgetting the second -. I boot in r&d mode, and it has some green text on the left when I boot, but I don't see my pw anywhere. :[

Green text says:
Kernel version:
2.6.21-omap1
#2 Tue Sep 2 10:12:13 EEST 2008

initfs version:
2008-36

Component versions:
product RX-33
hw-build 0805
nolo 1.1.16

Re: Attention all programmers and the likes
 

flasher -f -n initfs.jffs2

Re: Attention all programmers and the likes
 

I'm getting 6 0s in the top left, but that's not working.

Re: Attention all programmers and the likes
 

AHHHHH! I guess the limit for that screen is 6 #s, because I just did all 0s and it worked! Thank you so much, qwerty. You're the best!

Re: Attention all programmers and the likes
 

Interesting, I'll have to fix that sometime :)

Re: Attention all programmers and the likes
 

I'm such a hypocrite. I downloaded a copy of your initfs too. :p

Re: Attention all programmers and the likes
 

You can script better than me so if you end up fixing it to show the two remaining digits, I'll remake the jffs2 image :D

Re: Attention all programmers and the likes
 

Hey qwerty12... you don't suppose you could post your optimized mplayer for me again, could you? You know, this one?

Re: Attention all programmers and the likes
 

I've figured out the problem where longer codes were trucanated so I'll fix it tomorrow.

@qole

Maybe... I don't have the builddeps for mplayer installed in sbox atm and I'm kinda preoccupied with compiling modules & programs for my router atm :/

Re: Attention all programmers and the likes
 

I think 6 zeros is the default code. Or 123456.

For those who want protection against this attack: LUKS or TrueCrypt for your sensitive data helps. See search for details.

Re: Attention all programmers and the likes
 

So I just learn how to set the lock code on my device but, now it seems so useless. Blah! So where am I suppose to keep my personal junk that I want no one else to see?

Re: Attention all programmers and the likes
 

I also hate the lock code because I'd keep forgetting what I have put in. For your personal data, use truecrypt as mentioned above.