Security researchers at University of Texas have found a bug in android 5.xx which allows hackers/attackers to bypass the lock screen of android lollipop devices.

However this hack works on devices using password set , this means that devices with pin or pattern lock are safe for now.

On to the hack;

1.  On the locked screen, open EMERGENCY CALL window .

2. Type in the emergency number space about ( not limited to ) 10 " * " characters.

3. Double tap on it them to highlight them then copy . 
At the end of the characters paste the copied characters adding to those already there, then copy all the characters again. 
Now keep copying and pasting till double tapping on the characters no longer highlights the characters .
This usually happens after 11 times of copying and pasting . 

4. Now go back to the lock screen and then swipe to open camera.
Pull down the notification panel, tap on the settings symbol (gear).
A password prompt will pop up.

5. Long press in the space then paste the copied characters. 
At the end of the characters, long press again and paste the the characters.
Repeat this till the camera UI crashes , this will give a full screen camera.

Note: As the characters gets huge, adding more will get difficult but be relaxed and always move the cursor to the end of the characters before you paste .

6. Wait for the Camera to crash leaving the Home screen . The Phone is now open at this point.

Note: Use the hard key at the sides or wherever it is to take picture to speed up the process .
Do not use screen double tap to take pictures and the device should not lock .

7.  Navigate to settings.
Now togo about phone/device>repeatedly tap on device build number to open developer mode.
Go back to settings and open developer mode . Check USB debug .

8. Use adb tools to gain full permission. 


Google has made a patch for this vulnerability and this vulnerability does not affect Android 5.1.1 build LMY48M  and Android released 5.1.1 build LMY48M sure that the devices which receive OTA will get the patches.

This vulnerability should still work on mtk devices which do not receive OTA so kindly switch from password to pin/pattern.

Credits :

Related Posts
« Prev Post