5,604,730 Members 33,519 Now Online
XDA Developers Android and Mobile Development Forum

Goal: S-off HOX (TEGRA3)

Tip us?
 
TripNRaVeR
Old
#141  
TripNRaVeR's Avatar
Senior Member
Thanks Meter 12581
Posts: 2,379
Join Date: Jun 2010
Location: Stevensweert

 
DONATE TO ME
Quote:
Originally Posted by eppeP View Post
I guess some of you have started to figure this out, but just to be clear as there seems to be some confusion.

The SBK is chosen by the manufacturer.

Acer have choosen to (for some of their models) base the SBK on the UID. This does not neccessarilly mean that this is the way it is for any for any devices by any other manufacturer, or even for other models from Acer. It could be that they have chosen to do it the same way, but it is highly unlikely.
Using nvflash on a Asus tf201 makes you get the SBK the same way based on UID. Toshiba SBK also the same way.

If you like my work.. you may always buy me a ice cold beer
join #TripNDroid on IRC server: freenode
The Following 6 Users Say Thank You to TripNRaVeR For This Useful Post: [ Click to Expand ]
 
blubbers
Old
#142  
Senior Member
Thanks Meter 257
Posts: 278
Join Date: Jan 2011
Quote:
Originally Posted by TripNRaVeR View Post
Code:
hal-get-property --udi "$(hal-find-by-property --key 'info.product' --string 'HTC One X')" --key 'usb_device.serial'
download bct here:
http://www.datafilehost.com/download-b7a1e658.html
this gets you the same as

Code:
cat /sys/devices/platform/android_usb/usb_serial_number
or
Code:
adb devices
which device is the bct from?

either way, we don't have access to the bct/ebt partitions as they are somehow masked, even to the kernel; or you could dump them from the raw block device mmcblk0
The Following 4 Users Say Thank You to blubbers For This Useful Post: [ Click to Expand ]
 
backfromthestorm
Old
#143  
backfromthestorm's Avatar
Senior Member
Thanks Meter 257
Posts: 721
Join Date: Jul 2011
Location: 47000 places at once.
That's not the correct ID then if its the same as the device ID is it?
Hence it's under dummy_usb_serial_number in /platform/android_usb/


Post of the century so far....
"but if it's really completely not understableable, it's annoying to reading such sentences...he should at least trying to use the right letters.. ! -.- ...but okay something like that has nothing to do with development so i wont write anything to that anymore"
 
MrT69
Old
#144  
Senior Member
Thanks Meter 308
Posts: 277
Join Date: May 2006
Location: Odelzhausen
Default Re: Goal: S-off HOX+ and maybe the HOX (TEGRA3)

I don't know if this might be important but JB devices seems currently have no chance to managed with NVFLASH.
Every other Tegra3 device i.e. A500 can be flashed but all discussion ends with "...if you have JB installed no chance"


Sent from my EndeavorU using xda app-developers app
 
backfromthestorm
Old
#145  
backfromthestorm's Avatar
Senior Member
Thanks Meter 257
Posts: 721
Join Date: Jul 2011
Location: 47000 places at once.
androidboot.sf=1 androidboot.skunum=0 androidboot.cid=HTC__001 androidboot.mid=PJ4610000 androidboot.serialno=HT242W104819 androidboot.mb_serialno=419G223L11977 androidboot.bootloader=1.39.0000 last_off_event=pmu_poweroff start_on_event=none hw_rst_reason=0x0 sw_rst_reason=0x0 project_phase=A radioflag=0x0 ats=0 hlog.ofs=296 un.ofs=0 HBootTemp=0 androidboot.engid=0x0


In proc/cmdline there lists two serial numbers, one is the device id from adb devices, the other isn't, or is that the motherboard id?


Post of the century so far....
"but if it's really completely not understableable, it's annoying to reading such sentences...he should at least trying to use the right letters.. ! -.- ...but okay something like that has nothing to do with development so i wont write anything to that anymore"
 
eppeP
Old
#146  
Senior Member
Thanks Meter 61
Posts: 114
Join Date: Nov 2011
Quote:
Originally Posted by TripNRaVeR View Post
Using nvflash on a Asus tf201 makes you get the SBK the same way based on UID. Toshiba SBK also the same way.
At the risk of going slightly of topic, would you care to share some sources for this statement?
I can't seem to find anything but failed attemts for Toshiba (except those models without SBK). For the tf201 the only method I can find seems to rely on using a patched bootloader to, I presume, generate pre-signed RCM messages while the SBK is still available. Which would seem to be a quite convoluted way of doing things if the SBK (or the algorithm to generate it) is known.
 
TripNRaVeR
Old
#147  
TripNRaVeR's Avatar
Senior Member
Thanks Meter 12581
Posts: 2,379
Join Date: Jun 2010
Location: Stevensweert

 
DONATE TO ME
Quote:
Originally Posted by blubbers View Post
this gets you the same as

Code:
cat /sys/devices/platform/android_usb/usb_serial_number
or
Code:
adb devices
which device is the bct from?

either way, we don't have access to the bct/ebt partitions as they are somehow masked, even to the kernel; or you could dump them from the raw block device mmcblk0
The bct file is from the HTC One X... only encrypted.

If you like my work.. you may always buy me a ice cold beer
join #TripNDroid on IRC server: freenode
The Following 6 Users Say Thank You to TripNRaVeR For This Useful Post: [ Click to Expand ]
 
ExoticMe
Old
#148  
ExoticMe's Avatar
Senior Member
Thanks Meter 1090
Posts: 1,074
Join Date: Aug 2012
Location: Riyadh
Quote:
Originally Posted by TripNRaVeR View Post
The bct file is from the HTC One X... only encrypted.

can it be decrypted ?
i`m away of XDA most of the time so if you need help you can find me in:
email : khalidalghali@gmail.com
Twitter : khalidnalghali
 
blubbers
Old
#149  
Senior Member
Thanks Meter 257
Posts: 278
Join Date: Jan 2011
Default Re: Goal: S-off HOX+ and maybe the HOX (TEGRA3)

Quote:
Originally Posted by TripNRaVeR View Post
The bct file is from the HTC One X... only encrypted.
No, it is not encrypted, the data is not random and can be decoded using some bct decoder

Sent from my HTC One X using xda app-developers app
The Following 2 Users Say Thank You to blubbers For This Useful Post: [ Click to Expand ]
 
The_Genius
Old
#150  
The_Genius's Avatar
Member
Thanks Meter 57
Posts: 74
Join Date: Feb 2012
Location: LONDON
Quote:
Originally Posted by The5alodi View Post
can it be decrypted ?
If some one will give me an output of first 32-128 bit how the file header may look like, I will decrypt the rest.
|Device| Google NEXUS 5
|Android Version| 4.4.2
|ROM| PURITY ROM+Xposed+Greenify+Xprivacy
|Kernel| Hardened 3.4.0 @ PURITY


Quote:
FREE YOUR MIND, BELIEVE NOTHING QUESTION EVERYTHING

The Following 19 Users Say Thank You to The_Genius For This Useful Post: [ Click to Expand ]
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes