Vulnerability in Telegram allows you to bypass the password local code of any length

From past

In my previous work, I demonstrated the vulnerability of secret Telegram chats, and posted a video manual for restoring the local code Telegram to GNU / Linux / Windows / Android (hacking the Mid-Telegram).

Recently discovered the "continuation of the vulnerability": Android-Telegram [bypassing the local code of the password of any length] (added the attack "fingerprint").

Some of the comments that I am going to refute due to a random experiment with my experimental Android device.

"On Habré published an article entitled" Vulnerability in the Telegram allows you to compromise the secret chats. " Loud headline, yes. We got acquainted with the material and recommend readers to do the same, at least for the sake of interest. ”
“In the Android version of Telegram for several years, how can you set a complex alphanumeric password instead of a pin code?”

A source

"In the Android version, there IS the ability to set an arbitrary password, for those who have little 4-digit PIN"

A source

“You can not use a pin, but a password. And if you have a root or unlocked bootloader or an unencrypted phone, then what kind of personal data security can you say? ”

A source

"Secondly, the victim should not include data encryption on his device"

Source of

(Retreat - there were all sorts of (not just criticism, something tougher) "funny" comments about the attack on the Local Code, for example, such a comment:

“Tehpod telegram, a crowd of stupid yeh ... s who don’t want or can’t tell Durov that it’s possible to break into secret chats and you don’t need to break his praised protocol”

Source )
')
I am not going to rewrite the previous article, everything is described in detail in the cracking of the local code in the previous work, I will remind you of the key points:
Telegram local code (pin) is cracked instantly with JTR. Conditions: need root; as it turned out "today" Android encryption does not always save; will not save and instead of “pin” “password” local code Telegram.

To get hold of the secret Telegram chats, it was enough to copy “several files” from the root device to another, to crack the non-crypto-resistant local code using JTR. The brute force attack speed was impressive, but still not so fast as to crack someday “password” local code> 30 characters. Found a way to attack the password local code of any length and complexity.

Attack algorithm next

(we have root; encrypted gadget; password> 30 characters on the victim's side; a fingerprint device does not exist “that is, it does not matter”).

• Steal the "external data telegram" (see article before).
• Configure unlocking your Android device with a fingerprint on the side of the researcher (the position of the attacker).
• Install with GP Telegram and merge with “external data”.
• When opening the Telegram on the device of the researcher and when prompted to enter a 31-digit password (to unlock the local code), put your finger on it. Telegram unlocks, all secret chats / correspondence and cloud will be available to the researcher.

Interestingly, only Telegram (out of 4 tested applications) is subject to such an attack. I tried to conduct similar attacks on keepass2android offline; Sberbank Online; Yandex money - these Android applications required a password and did not react to the imprint.


The plot on the video:

• Created a secret chat between Android on Virtualbox, where there is no fingerprint device and Android 6. Between the "terrorists" there is communication.
• On Android Virtualbox, I set the local code. A 31-digit password is to block the Telegram application.
• I backup the Telegram-Virtualbox account (it is not necessary to copy all the data, see the previous article).
• I copy the data on the poison.
• I am taking c Poison Backup on Android 6.
• I install Telegram on Android 6 from GP.
• Slip part of the "external data" from the Android 6 backup on the installed Android 6.
• I launch Telegram on Android 6, I get a request to enter a password / fingerprint. I attach a fingerprint, and the telegram is unlocked, all the MF correspondence and the cloud are available.
• I restart Telegram, enter the 31-digit local code, and Telegram is also unlocked.

Double I removed the fingerprint on the smartphone, dropped the pin-cod of the smartphone. I installed a new pin on the device, created a new fingerprint. I rerun the experiment (I cleared the Telegram completely from the devices / installed it) and the new imprint unlocked someone else’s Telegram account again. Version Telegram-Android v5.4 from 02.27.2019.

Summing up this part of the article.

Telegram is susceptible to theft of keys, but the strangest thing in the messenger is “integrated fingerprint in the application”. Yandex money; Sberbank Online; keepass2android offline - not subject to such an attack. All the applications listed above have the function unlock the application by fingerprint, but in Telegram it is forcibly integrated and works when it is used for insidious purposes, in other applications the function “fingerprint” does not work - fraud protection).

Telegram Messenger is a massive messenger, protection needs to be developed both for housewives and for all. The face of the company is wrong when it declares that all troubles come from the fact that everything has been compromised, except for the Telegram messenger.
If you lose your ruled (in some cases encrypted) device, you should not worry about finances or keepass2android offline (passwords will not be opened). Anyone who finds a gadget - will receive "only" access to all MF Telegram. Clearing the Telegram data from the new device will not help if the attacker opens it in offline mode (the cache remains in place).
Do Telegram developers understand this problem when developing their cryptocurrency?

ps / not related to Telegram

I also managed to bypass encryption on the Android device Leagoo M8 and get all the data, including Telegram data for access to the midrange (JTR attack, or fingerprint).

There is a stock firmware of this gadget and dozens of custom (free) firmware on w3bsit3-dns.com. Installed TWRP. Formatted the Android device Leagoo M8, rolled Resurrection Remix 6 firmware (one of the best in my opinion). I went to the settings - security - encrypt data. Encrypted. Before downloading the gadget, a password was required (the main section was not mounted in TWRP without a password). I flashed secro.img from the stock firmware and the password (all encryption) safely disappeared. In TWRP, it became possible to mount a partition without entering a password, / data / data / ... became available.

Perhaps this problem (the problem of device encryption) also affects other gadgets, but I don’t have so many to experiment with different models of devices.