{"id":17358984,"url":"https://github.com/themythologist/android-cracker","last_synced_at":"2026-05-01T15:38:38.168Z","repository":{"id":174752027,"uuid":"612047737","full_name":"TheMythologist/android-cracker","owner":"TheMythologist","description":"Crack Android PIN, passwords, patterns, gestures","archived":false,"fork":false,"pushed_at":"2023-04-08T05:36:14.000Z","size":129,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2023-06-12T18:40:56.093Z","etag":null,"topics":["android","android-pattern-lock","android-pin-bruteforce","cracking","cracking-hashes","password-cracker","password-cracking","password-cracking-tool"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TheMythologist.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-03-10T04:42:12.000Z","updated_at":"2024-05-30T06:24:19.673Z","dependencies_parsed_at":null,"dependency_job_id":"51e7fbae-c933-4bd2-94ca-570b7e57e48d","html_url":"https://github.com/TheMythologist/android-cracker","commit_stats":null,"previous_names":["themythologist/android-cracker"],"tags_count":0,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheMythologist%2Fandroid-cracker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheMythologist%2Fandroid-cracker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheMythologist%2Fandroid-cracker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheMythologist%2Fandroid-cracker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TheMythologist","download_url":"https://codeload.github.com/TheMythologist/android-cracker/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245870297,"owners_count":20686002,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","android-pattern-lock","android-pin-bruteforce","cracking","cracking-hashes","password-cracker","password-cracking","password-cracking-tool"],"created_at":"2024-10-15T19:07:43.449Z","updated_at":"2026-05-01T15:38:38.135Z","avatar_url":"https://github.com/TheMythologist.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Android Cracker\n\nThis is a little tool to crack the pattern lock on Android devices.\nThis tool works **up to Android 8.0 (included)**. Android 6.0 introduces Gatekeeper and changes the way it store the password/pattern/pin.\n\n## General information\n\nFiles can be pulled via `adb` (from a rooted phone).\n\n```bash\nadb pull /data/system/\u003cfile_of_interest\u003e\n```\n\nFiles of interest are listed below in their respective modules.\n\nThe key length as well as other information (e.g. number of digits and letters respectively) can be found in `/data/system/device_policies.xml` (only applies for Android versions \u003c 8.0).\n\n## Installation/running of android-cracker\n\n### Installation via pip **(recommended)**\n\n  ```bash\n  pip install android-cracker\n  android-cracker -h\n  ```\n\n### Installation from source\n\n  ```bash\n  # Clone the repository\n  git clone https://github.com/TheMythologist/android-cracker.git\n\n  # Ensure poetry is installed\n  pip install poetry\n\n  # Running via poetry\n  poetry install\n  poetry run android-cracker -h\n\n  # Running via pip installation\n  cd android-cracker\n  pip install .\n  android-cracker -h\n  ```\n\n## Examples\n\n```bash\nandroid-cracker --version 5.1 --type pattern --length 5 sample/keys/old_pattern_01258.key\nandroid-cracker --version 6.0 --type pattern --length 4 sample/keys/new_pattern_1236.key\nandroid-cracker --version 5.1 --type pin --policy sample/device_policies/device_policies.xml --database sample/locksettings/unsigned_locksettings.db sample/keys/old_pin_1337.key\nandroid-cracker --version 6 --type pin --policy sample/device_policies/device_policies.xml sample/keys/new_pin_2345.key\nandroid-cracker --version 5 --type password --wordlist rockyou.txt --salt 6343755648882345554 sample/keys/old_password_1ianian.key\nandroid-cracker --version 6 --type password --wordlist rockyou.txt --policy sample/device_policies/device_policies.xml sample/keys/new_password_1234.key\n```\n\n## How does this tool work?\n\n### Android 5.1 and below\n\n#### Pattern locks\n\nFor pattern locks, the hash of interest is stored in `/data/system/gesture.key`.\n\nThe pattern lock is just the SHA1 hash sequence of digits (0-8) with length from 3 (4 since Android 2.3.3) to 9.\n\nThe gesture board is a 3x3 matrix, and can be repressented as follows (each digit represents a \"ball\"):\n\n```\n-------------------\n| 0 |  | 1 |  | 2 |\n-------------------\n| 3 |  | 4 |  | 5 |\n-------------------\n| 6 |  | 7 |  | 8 |\n-------------------\n```\n\nSo if you set the pattern lock to 0 -\u003e 1 -\u003e 2 -\u003e 5 -\u003e 4, the SHA1 hash will be output of SHA1(\"\\x00\\x01\\x02\\x05\\x04\").\n\n#### PIN/password locks\n\nFor PIN and password locks, the hash of interest is stored in `/data/system/password.key`. You will also need to dump out the salt used during the hashing, which can be found in the following files:\n\n- locksettings.db\n- locksettings.db-shm\n- locksettings.db-wal\n\n`/data/system/locksettings.db` is a sqlite file and you can open it with sqlite3 cmdline tool or the [DB browser](https://sqlitebrowser.org/).\n\nThe pin lock contains 4 digits (0-9) and the password is a sequence of digits (0-9) and/or alphabet (a-z, A-Z) with length of 4 or more. Android adds a salt to the end of pin/password, and calculates the SHA1 and MD5 hashes of the salted password.\n\n### Android 6.0 to 8.0\n\nFor gestures, the gesture is represented as an integer of \"balls\" in order (e.g. 1258). (Note the change in the digits, as the digits are now from 1-9 instead of the previous 0-8. The hashed sequence is also now in raw integer format instead of the previous hexstring.) The relevant files are located either in `/data/system/gatekeeper.password.key` for PINS and passwords, or `/data/system/gatekeeper.gesture.key` for gestures.\n\nAll gatekeeper key files are stored in the following format:\n\n- Meta Information - First 17 bytes\n- Salt - Next 8 bytes\n- Signature - Last 32 bytes\n\nUnless otherwise implemented by the Android device supplier, the default Android hashing algorithm is `scrypt` with 16384 rounds, block size (n) of 1 and parallelism factor (p) of 8.\n\nAfter calculation of the salted hash, verification can be done by matching the first 32 bytes of the hash with the signature located in the gatekeeper files.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthemythologist%2Fandroid-cracker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthemythologist%2Fandroid-cracker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthemythologist%2Fandroid-cracker/lists"}