As explained in earlier sections, the secure USB debugging feature introduced in Android 4.4.2 allows only authorized workstations to connect to the device; however, there's a bug in this feature, as reported at https://labs.mwrinfosecurity.com/, which allows a user to bypass the Secure USB debugging feature and connect the device to any workstation. Here are the steps to follow to bypass Secure USB debugging on an Android device:
- On an unlocked device, attempt to use adb. An error message will be shown by the device.
- Now, navigate to either the emergency dialer or the lock-screen camera and execute the following commands:
$ adb kill-server $ adb shell
- The confirmation dialog will be triggered and the workstation can now be authorized without unlocking the device. The confirmation dialog box will be displayed on the emergency dialer, as shown in the following screenshot:
Secure USB debugging in Android 4.2.2
- Once connected to the device through adb, try to bypass the lock screen using the following command:
$ adb shell pm clear com.android.keyguard
Next, let's see how to bypass the screen lock by crashing the lock screen.