Bruteforcing PIN protection of popular app using $3 ATTINY85 #Arduino Testing all possible PIN combinations (10,000) would take less than 1,5 hours without getting account locked. It is possible coz, PIN is limited only to 4 digits, without biometrics authentication #rubberducky

Script with 20 most popular PINs You can download bruteforce script that tests 20 most common mobile phone PINs using Digispark ATtiny85 board. These data are based on the result of a academic research

Solution for users: -Disable OTG connection if possible in system settings -use not easy to guess or common passcodes For developers: -Implement lockout timer after 5-10 unseccesfull entered passcodes

You can also check my slides on the similar topic: How to unlock PIN protected Android device using ADB and HID method | Brute force | Rubber Ducky #bruteforce #exploit #ADB #HID #WBruter

Instant Withdrawals - Get a 150% Welcome Bonus Up To $2000! Sign Up Now! #Crypto #Poker

Recent Smartphones have limited failure attempts. After you've reached that limit, you can't input any PIN during some time. So, what will your program do in this case ?

The problem is not smartphone but the app itself. The app can't inherit system security limits by default, it needs to be implemented. In case you illustrated, it would be necessary to include timeout between attempts and then continue further. It would work, but took way longer

Excuse me, what is the name of this piece and how to buy it?

It is Attiny85 Arduino board. You can buy it anywhere online like Amazon, aliexpress, ebay etc. for few dollars

all devices have limitation

App limitations need to be implemented by developers first. Otherwise, there are none.

How did he get around the password limit?