urbanadventurer/android-pin-bruteforce

Android-PIN-Bruteforce is a shell script that tries to unlock a locked Android phone by automatically guessing its PIN, one attempt at a time. It works by connecting two phones together with a USB cable: a Kali Nethunter phone acts as an automated keyboard, and the locked Android phone receives the keystrokes. No special hardware is required beyond the cable, and the locked phone does not need to have USB debugging turned on or be rooted. The way it works is that the Nethunter phone pretends to be a USB keyboard plugged into the locked device. The script then types out PIN combinations in sequence, waiting after each wrong guess to avoid triggering the phone's lockout timer. It handles the cooldown periods that Android enforces after too many failed attempts, and it can dismiss pop-up warnings that appear on screen during the process. The script supports PINs from 1 to 10 digits long. For common lengths like 4 or 6 digits, it ships with pre-sorted PIN lists built from real-world password database leaks, meaning the most commonly chosen PINs are tried first. This can reduce the time needed to crack a PIN compared to trying every combination in order. You can also provide a custom PIN list or use a pattern mask if you already know some of the digits. Configuration files let you adjust the script's behavior for different phone models, since manufacturers build their lockscreens differently. You can tune the timing between key presses, the cooldown schedule, and which keys are sent before each PIN attempt. The script has been tested on Samsung and Motorola devices running Android 6 through 10. A full brute-force of all 10,000 possible 4-digit PINs takes roughly 16 hours on a Samsung S5. Using the optimized list shortens that considerably by front-loading the most likely guesses. The project is aimed at security researchers and phone owners who are locked out of their own devices.