Post Reply

Why not modify the Update.zip?

OP rhetorician

8th March 2014, 02:55 AM   |  #1  
OP Junior Member
Thanks Meter: 5
 
29 posts
Join Date:Joined: Feb 2012
Forgive my ignorance, but couldn't one modify the update zip to include superuser and the corresponding library files? It seems others--who actually know what they're doing--do this process or something similar across many devices, with continued success. Am I missing something? Have I oversimplified?

Don't worry, I won't ask anyone to walk me through it If in fact it's a viable option (I can Google, read etc.). If is, though, I think it'd be a great learning experience.

Sent from my SM-N900T using XDA Premium 4 mobile app
8th March 2014, 03:01 AM   |  #2  
toastido's Avatar
Senior Member
Flag Huntsville, AL
Thanks Meter: 544
 
650 posts
Join Date:Joined: Oct 2013
Donate to Me
More
Quote:
Originally Posted by rhetorician

Forgive my ignorance, but couldn't one modify the update zip to include superuser and the corresponding library files? It seems others--who actually know what they're doing--do this process or something similar across many devices, with continued success. Am I missing something? Have I oversimplified?

Don't worry, I won't ask anyone to walk me through it If in fact it's a viable option (I can Google, read etc.). If is, though, I think it'd be a great learning experience.

Sent from my SM-N900T using XDA Premium 4 mobile app

The problem is that the update zips are signed and will not flash without a valid signature outside of a custom recovery (which will trip Knox).

Sent from my SM-N900T using Tapatalk
The Following User Says Thank You to toastido For This Useful Post: [ View ]
8th March 2014, 03:06 AM   |  #3  
OP Junior Member
Thanks Meter: 5
 
29 posts
Join Date:Joined: Feb 2012
So modification of the stock image would not be viable via stock recovery unless, for example, one could, for a lack of better words, forge Samsung's signature?

Sent from my SM-N900T using XDA Premium 4 mobile app
8th March 2014, 03:14 AM   |  #4  
toastido's Avatar
Senior Member
Flag Huntsville, AL
Thanks Meter: 544
 
650 posts
Join Date:Joined: Oct 2013
Donate to Me
More
Quote:
Originally Posted by rhetorician

So modification of the stock image would not be viable via stock recovery unless, for example, one could, for a lack of better words, forge Samsung's signature?

Sent from my SM-N900T using XDA Premium 4 mobile app

Correct. Since the signature is generated uniquely based in the hash of the file, a salt (usually the time) and a private key that only Samsung has, good luck "forging" the Sig :P We'd have better luck at finding a flaw in the signature verification than actually cracking the key.

Sent from my SM-N900T using Tapatalk
The Following User Says Thank You to toastido For This Useful Post: [ View ]
8th March 2014, 03:18 AM   |  #5  
OP Junior Member
Thanks Meter: 5
 
29 posts
Join Date:Joined: Feb 2012
Quote:
Originally Posted by toastido

Correct. Since the signature is generated uniquely based in the hash of the file, a salt (usually the time) and a private key that only Samsung has, good luck "forging" the Sig :P We'd have better luck at finding a flaw in the signature verification than actually cracking the key.

Sent from my SM-N900T using Tapatalk

Understood. I have no intention of undertaking such a project, but it nevertheless helps me conceptualize the situation.

Thank you for clarifying!

Sent from my SM-N900T using XDA Premium 4 mobile app
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes