I'll take a look but I think I did manage to get everything. It copies a lot of itself in the 0x12000 range up to 0x20000. It ends up looking like slide 21 in the 8960 boot architecture pdf

If we can't put another phones boot loader on our phone because of a device Id mismatch, is it possible to spoof/change our device Id along with using their boot loader? I I would guess with the level of depth you guys are able to probe you might be able to do that sort of thing, maybe? ^_^

Sent from my SCH-I535 using Tapatalk 2

Quote:

Originally Posted by AdamOutler

There is an article I posted on the front page of xda today which outlines a data forensics tool called 'LImE'. It is a loadable kernel module which will make a complete dump of all memory on a device. You may be interested in it.

Do you know where we can find a pre-compiled copy?

Here's Lime module built from the I535 kernel sources. This is for stock kernel.

https://www.dropbox.com/s/zdesybzfawlra0c/lime.ko

I now a have an 1.8 GB memory dump sitting on my laptop. It compresses nicely to 600 MB.

If you want the file, let me know.

Quote:

Originally Posted by AdamOutler

I connected up with minicom and I was not able to talk to it at all. I received no response. So I decided to poke around a bit more on other things... It appears that QDL mode is like Qualcomm's version of Odin Download Mode.

I found a tool called "gobi_loader" which is supposed to communicate with this QDL mode. I'm running into a problem where it does not recognize the format of the firmware folder I am feeding it. I am trying to find out more about this.

This is some great news though. It could satisfy goal #1 as stated in the OP once we figure it out.

Hey,

Sorry to hear about the brick. Two pointers that could interest you:

- scotty2 bricked his Desire Z some time ago. He did not have the PBL at the time, nonetheless started implementing Qualcomm's download protocol. You can look at his sources here: https://github.com/tmzt/g2root-kmod/...ty2/pbl/pbl.pl

- there is a closed source windows implementation of QDL in the RIFF Box. Il allows writing the flash for a number of HTC phones (they call it QHUSB). If you find an S-OFF HTC phone with the same chip as the Verizon S3, then you can dump the PBL through HTC secondary bootloader "mb" command.

Quote:

Originally Posted by xd.bx

Hey,

Sorry to hear about the brick. Two pointers that could interest you:

- scotty2 bricked his Desire Z some time ago. He did not have the PBL at the time, nonetheless started implementing Qualcomm's download protocol. You can look at his sources here: https://github.com/tmzt/g2root-kmod/...ty2/pbl/pbl.pl

- there is a closed source windows implementation of QDL in the RIFF Box. Il allows writing the flash for a number of HTC phones (they call it QHUSB). If you find an S-OFF HTC phone with the same chip as the Verizon S3, then you can dump the PBL through HTC secondary bootloader "mb" command.

If this thought is not useful please remove - but isn't the One X us variant using the same S4 processor, and I believe it is unlocked (not sure if S-Off yet though?)

The Droid Incredible 4G and AT&T HTC One X have the MSM8960.

Not sure if either have achieved S-OFF.

Quote:

Originally Posted by LLStarks

Here's Lime module built from the I535 kernel sources. This is for stock kernel.

https://www.dropbox.com/s/zdesybzfawlra0c/lime.ko

I now a have an 1.8 GB memory dump sitting on my laptop. It compresses nicely to 600 MB.

If you want the file, let me know.

Can we load lime.ko with the app posted here:
http://forum.xda-developers.com/show....php?t=1228605

It was built on an xperia s, but the dev asks for feedback on all devices.

Last, if that 1.8G dump contains no personal info, can you post it? I'd like to run it through IDA following ralekdev's instructions.

Offtopic:
How do you always have everything as soon as someone mentions it? It uncanny and amazing!

Ta,
ALQI

Sent from my SCH-I535 using xda app-developers app

The module needs to be loaded with certain parameters, so I'm not sure if the app will help.

I don't want to post the dump since it has personal info.

PM me or ask on IRC.

(Alquimista, the Android build chain is awesome to have lying around.)

Quote:

Originally Posted by LLStarks

The Droid Incredible 4G and AT&T HTC One X have the MSM8960.

Not sure if either have achieved S-OFF.

This thread has a couple people that got S-Off One X's with the S4 processor. maybe they can get you what you need file wise, if you reach out to them http://forum.xda-developers.com/show....php?t=1645002