Built for Business - Learn more about BlackBerry KEY2
09-02-11 12:11 PM
38 12
tools
  1. KermEd's Avatar
    Okay,

    The below information is not for the faint of heart, or those who are afraid to really dig into the Blackerry files.

    Difficulty: 2/10
    Tools Required: Hex Editor [FRHED - Free and lets you compare files, works great for this], and Blackberry Software installed.
    Tests: Tested on my Blackberry 8900.

    I recently became frustrated because apparently the password limit cannot be pushed past 10 using any normal means. Calling Blackberry support results in speaking to someone who barely knows the user manual, and you have to pay for this support.

    Password protection is supposed to erase your data after 10 attempts - but according to Blackberry - this password can never be hacked. The reason it hasn't been - is no one has needed to. If they enter the code wrong 10 times, the phone now belongs to them.

    Increasing the limit:


    Anyways. We will work from Blackberry Desktop Manager > Backup and Restore.

    Step 1 - Create a full-backup (safety) in case things go wrong.

    Step 2 - Create an Advanced Backup, and save only the Options section from your Blackberry Software through Backup and Restore > Advanced. Once you have moved your Options section to the left-hand side, save the file using File > Save As ...

    Step 3 - Open the IPD file you saved in your selected hex-editor.

    Step 4 - Browse to your number of password attempts (My file-location was 0xe8 on my 8900) and change it to whatever you want (in my case I changed it to 255).

    Note: If you do not know your location for this option, save multiple IPD files, changing the option by one or two values each time. These IPD files should be identical, except for the bytes where you changed the Password Value. If you are using FRHED (or some other free Hex Editors) you may be able to select Edit > Compare from Current Offset. It will show you something like:

    1) 0xe8=232 to 0xe8=232 (1 bytes)

    This means to browse down your list to 000000d0, and scroll to the right through the list. Watch the bottom left hand side until the value says: Offset xxx-0xe8 - and you should see your current password limit value where your cursor is at.

    Its a hexidecimal value, so 5 tries should be 05, 9 tries should be 09, and 10 tries should be 0a.

    Change this value to your selected value (example would be FF for 255 tries)

    Step 5 - Transfer the file back to your phone.



    As long as you do not re-enter your Options > Password tab, this value will remain. If you ever go back into the Options > Password tab, it will re-set to the maximum value of 10.

    This can be done for most any hard-coded option on the Blackberry. I've done a lot of changes through my old hex-editors, and this was one of the first I had to get changed.

    Although you cannot set this value to infinite - it does allow you to change it to 255 tries. Anyone whole stole your phone will be seriously confused long before they reach that value. And if you have your Name, Home Number, and Reward Offered on your lock screen its going to come back to you. Its now useless to the thief - or so they will think
    Last edited by KermEd; 05-18-09 at 01:03 AM.
    Garvin6600 likes this.
    05-18-09 01:00 AM
  2. xliderider's Avatar
    Good info!

    I would think that a thief would probably smash your beloved BB before sending it back to you, or leaving it somewhere for some good samaritan to find it and return it to you though.

    I guess just the satisfaction of knowing that someone can't use my BB just by "wiping" it after 10 incorrect password attempts is reason enough.

    Posted from my CrackBerry at wapforums.crackberry.com
    Last edited by xliderider; 05-18-09 at 01:23 AM.
    05-18-09 01:18 AM
  3. Duvi's Avatar
    Question... what happens to the password if I do accidentally go back in?
    05-18-09 01:19 AM
  4. KermEd's Avatar
    Great question!

    I did a ton of tests on my BB before posting. If you re-enter the Password section, its going to reset the maximum number of tries to 10. No biggie. (I do recommend changing passwords semi-ocassionally, but remember with this modification if you forget your password... your going to have to 'try' your password a loooooot of times to reset your BB!).

    But, any changes you make on the password screen (even just accessing the Password section on my tests) automatically changed the value to 10 - the rest of the options were as expected (password doesnt change or anything).

    If you change something - re-modify your file later to boost those tries back to the value you want. If you didn't change anything, you can still overwrite your Options file again from your already modifed and saved copy on the PC.



    And I hear you on the smashing the BB - but I'd rather it was destroyed than used bwahahaha!... <cough cough...> Hopefully its a rare-enough modification that most people won't know its just raised to 255.
    05-18-09 01:57 AM
  5. Duvi's Avatar
    Sorry... must be tired; the topic was all I read and then posted the question. I have since updated the title.
    05-18-09 02:04 AM
  6. FF22's Avatar
    I did go searching for the value and finally found it. But it moves around and is not located in the same place from time to time. That is BB did not see fit to place stuff like this in one fixed location but as data (contacts, email, etc) come to the phone, the location of the "password count" moves. I had done back-to-back backups only changing the "password count". Also in these almost simultaneous backups, the data compare showed a number of things had changed and not just the value of the password count (and I had changed nothing else and no email or calls had come in), although the count was located in the same location.
    05-20-09 09:43 AM
  7. KermEd's Avatar
    Yeah,

    It did that to me the first time. The first time I saved entered / exited options and exported the file it saved everything in different locations. After that, I changed only the one value and the hex locations remained stationary for me.

    There is probably a better method to hunt-down the memory location (and it takes patience!) but at least its doable! And once you have the backup file, if you already have your options how you want, you can always re-import it.


    Edit: When I did the backups, I backed up only the Options section, which had only 1,391-1,396 bytes
    Last edited by KermEd; 05-20-09 at 06:46 PM.
    05-20-09 05:42 PM
  8. Gees97's Avatar
    so r u guys sayn the password protection is useless?!
    05-24-09 11:46 PM
  9. alliz's Avatar
    how do u reset your bb when u exceeded your number of temps and the screen says "error 503 reset"
    05-25-09 03:25 PM
  10. el_diablo5711's Avatar
    I'd imagine there's probably a thread for that already.
    05-25-09 05:55 PM
  11. irothenberg's Avatar
    Do you know how to transfer passwords to a new phone? I have a lot of them and have not found a way move them.
    05-31-09 02:56 PM
  12. Rapdasix's Avatar
    Very interesting, thanks alot for posting this.
    06-01-09 09:16 PM
  13. ambuhcakes's Avatar
    If your having problems with your device not letting you enter your password in and your almost out of tries before it wipes the hand held- EX if your keys weren't functioning properly; connect your device to the Desktop Manager and it will prompt for the password again. Just type your password in and it will save your device
    06-16-09 02:15 PM
  14. Sith_Apprentice's Avatar
    Problem is you cannot create this backup without knowing the original password. It works only for your device, not for having the device "hacked". Also, on Corporate devices, I do not believe this will work, as the IT policy re-sends this information at least periodically. For standard use however, its a good trick
    06-16-09 02:30 PM
  15. Reed McLay's Avatar
    Thanks for the information, It has prompted me to test for myself just what happens during a passwork security wipe.

    The device defaults back, the password has been disabled.

    Now, I have to search out a few post and correct false information.
    06-16-09 02:42 PM
  16. mcsweyna's Avatar
    my phone got wiped clan when i first got it because of that stupid password but the thing was i was entering it properly and still refused it any ideas why?
    06-27-09 07:55 PM
  17. -MCM-'s Avatar
    Step 4 - Browse to your number of password attempts (My file-location was 0xe8 on my 8900) and change it to whatever you want (in my case I changed it to 255).
    how do i do this for my bold??
    07-20-09 10:48 PM
  18. -MCM-'s Avatar
    and how do I install Frhed?
    07-20-09 11:24 PM
  19. Fmjc001's Avatar
    how do i do this for my bold??
    I found the location at 0xd9.
    10-22-09 12:01 PM
  20. -MCM-'s Avatar
    is their a simple way to do this?
    10-22-09 07:03 PM
  21. xEchox's Avatar
    Anyone tried this on a tour?
    10-24-09 07:51 AM
  22. mwakefield's Avatar
    Awesome. Thanks for the info.
    11-13-09 06:11 PM
  23. Mz.Turtle's Avatar
    my phone got wiped clan when i first got it because of that stupid password but the thing was i was entering it properly and still refused it any ideas why?
    If you have numbers in your password like I do you may have not been pushing/holding down the ALT key hard enough... That happens to me a lot.


    Posted from my CrackBerry at wapforums.crackberry.com
    Last edited by Mz.Turtle; 12-14-09 at 10:03 AM.
    11-22-09 09:36 PM
  24. Mz.Turtle's Avatar
    I can't wait to go try this.

    I'm also one of those people that if I lose my phone I don't want anyone else to be able to use it.

    I lost my phone (not a BlackBerry) & spoke to the person who had it, he said he bought it from someone & I offered to give him back what he payed for it plus a little extra & he still said no.

    11-22-09 09:40 PM
  25. Mz.Turtle's Avatar
    Here is a link to the FRHED program. FRHED
    11-22-09 09:54 PM
38 12
LINK TO POST COPIED TO CLIPBOARD