Post Reply

[GUIDE] Making Dump Files Out of Android Device Partitions

19th September 2013, 03:18 AM   |  #1  
majdinj's Avatar
OP Recognized Contributor / Themer
Flag AlAhsa
Thanks Meter: 2,980
 
980 posts
Join Date:Joined: Nov 2006
More
Use:
The main purpose is to make a file that contains all data in android specific partition. This is really handy in case of dumping leak firmwares.


Pr-requirement:
- Rooted device.
- Knowledge of how to use adb or Terminal Emulator.

The first step of making dump files out of device partitions is to locate its mounting points..!!
So in our tutorial, we will make it in 2 sections. Section 1 for how to get mounting points, and section 2 for how to get partition dumped..
Keep in mind that this is xda-university; so my target is to show beginners how to do that manually, without the aid of any tool, so they can get the concept behind it.. OK let's begin..!!

Section 1:
Getting mounting points
There are several methods to achieve this, but we will discuss the easiest methods that give efficient information about the partition that you want to know its mounting point.
All these methods will be described using adb shell.

Way #1
Code:
adb shell
cat /proc/partitions
This one needs from you to figure out which block belong to which partition name.!!



Way #2
Code:
adb shell
ls -al /dev/block/platform/dw_mmc/by-name
This one will give you info about the dev block names WITH their familiar names (i.e, boot, recovery, system... etc)


This command is not universal between devices, and you will need to gather its pieces (/dev/block/platform/dw_mmc/by-name).
How?
- In your device, use any explorer that can get you to the device root (personally I use ES Explorer, by pressing on "/" on navigation bar).
- Go to "/dev/block/platform/" folder
- Here you will see some files and folders, we need to open folders and search for the folder called "by-name" inside one of them; in my situation it was "dw_mmc" folder which has the folder "by-name" inside it.
- At the end, my targeted piece info will be (/dev/block/platform/dw_mmc/by-name)
- Now open adb shell and put that command..


Way #3
By pushing parted binary to /system/bin folder and run it (you can find it in attachment).
Code:
adb remount
adb shell "su" "" "mount -o remount,rw /system"
adb push parted /system/bin/parted
adb shell
chmod 0755 /system/bin/parted
parted /dev/block/mmcblk0
print

Here, your mounting points will start with /dev/block/mmcblk0p* where (*) is the number shown in the table above for each partition.
example:
The hidden partition mounting point will be mmcblk0p10
The radio partition mounting point will be mmcblk0p7
The system partition mounting point will be mmcblk0p9
The recovery partition mounting point will be mmcblk0p6

and so on

Don't forget to "quit" the parted action after grasping your device mounting points.

N.B:
- You may need to run first:
Code:
adb shell
cat /proc/partitions
to know what is the initial name for your device partition.. In the example above, it was mmcblk0.


- Also to be able to do adb push to /system partition for parted binary, you will need insecure boot.img used in your ROM or adbd insecure installed in your device (Check this thread for that app), or just push parted binary manually by any root explorer and then fix permissions to rwxr-xr-x (755).

***


Section 2:
Dumping ROM partition
After locating the mounting point of the partition you want to dump, open adb shell command prompt and type:
Code:
adb shell
su
dd if=/yourMountingPoint of=/yourDestination/partitionType
Let's say I want to take a dump out of system partition from above example. So the adb commands will be:
Code:
adb shell
su
dd if=/dev/block/mmcblk0p9 of=/sdcard/system.img
This may take a while to complete the dumping process, depending on the size of your dumped partition; so be patient..

Note:
If the partition is formatted as ext3/4 then the dumped partition will have .img as an extension.
Other partition dumps have different extensions; examples:
  • radio.bin
  • param.lfs
  • Sbl.bin
  • zImage (without extension)

***


Optional:
Read Partition Image
After dumping an image from android partition, you can mount it to extract a particular file for sharing, or the whole dump content in case the ROM chief wants to make a ROM out of dump files..
For Linux Users:
- Open terminal and type:
Code:
su -
mkdir -p /mnt/disk
mount -o loop yourImage.img /mnt/disk
cd /mnt/disk
ls -l
For Windows Users:
- Download LinuxReader from this site here.
- Open it -> Drives -> Mount Image -> Then choose your dumped image and hit Mount. A new driver will appear that contains all files inside the dumped image called "Linux native Volume 1". Just double click it to get inside the dumped image.





I hope you will find this tutorial beneficial,,,
Yours;

Attached Files
File Type: rar parted.rar - [Click for QR Code] (155.2 KB, 2331 views)
Last edited by majdinj; 17th November 2013 at 11:43 AM. Reason: new parted binary is added
The Following 116 Users Say Thank You to majdinj For This Useful Post: [ View ]
19th September 2013, 10:34 AM   |  #2  
majdinj's Avatar
OP Recognized Contributor / Themer
Flag AlAhsa
Thanks Meter: 2,980
 
980 posts
Join Date:Joined: Nov 2006
More
Sign Actions Explanation
★ Tutorial Legends ★


In this post, I will try to explain the use of each binary used in the tutorial, so you can make sense of each action taken.

Quote:

#1

Code:
adb shell
Run remote shell interactively, as if you are in linux terminal.

Quote:

#2

Code:
cat /proc/partitions
cat binary is used to concatenate file(s) and print them to standard output display. In our example, it prints the content of partitions file which is found in proc folder to screen display.

Quote:

#3

Code:
ls -al /dev/block/platform/dw_mmc/by-name
ls binary is used to list directory contents.
-al is the used option for ls which means to include entries that started with "." in long listing format. There are a lot of options for ls binary. You can always print ls --h to display help menu for other options available.

Quote:

#4

Code:
adb remount
Remounts the /system partition on the device read / write. This has been disabled in some devices (those with secure boot image); so you need to make sure that you have patched adbd that can run this command effectively.

Quote:

#5

Code:
su
Used to get super-user privilege.


Quote:

#6

Code:
mount -o remount,rw /system
Specific command to mount the /system partition on the device read / write (rw).
If you change rw to ro, you will get /system partition mounted as read only.

Quote:

#7

Code:
adb push parted /system/bin/parted
adb push is used to copy file/dir from your local computer to android device. The usual format is adb push <local> <remote>

Quote:

#8

Code:
chmod 0755 /system/bin/parted
chmod binary is used to set permissions for the specified file/dir.
The number after chmod is the permission used. See the next box for better understanding of chmod formatting:
Code:
---------------- | CHMOD SCHEME | ----------------
r w x 4 2 1 = 7 (Full Permissions) User ( ) ( ) ( ) --> 2nd digit Group ( ) ( ) ( ) --> 3rd digit Other ( ) ( ) ( ) --> 4th digit Special UID GID STK ( ) ( ) ( ) --> 1st digit, ignored on most cases or put 0
In the above example, it is set to 0755 which means the following scheme:
Code:
           r     w     x
           4     2     1

  User    (*)   (*)   (*)   --> This equals to 7 (rwx)
  Group   (*)   ( )   (*)   --> This equals to 5 (r-x)
  Other   (*)   ( )   (*)   --> This equals to 5 (r-x)

  Special UID   GID   STK
          ( )   ( )   ( )   --> This equals to 0 (---)
As you can see, if you said 0755, it will be as same as saying ---rwxr-xr-x

Quote:

#9

Code:
dd if=/dev/block/mmcblk0p9 of=/sdcard/system.img
dd binary is used to copy a file with converting and formatting.
if means input file; here we pointed to the whole partition, not specific file.
of means outputting file to specific destination path; here it is to sdcard with system.img name.

Quote:

#10

Code:
mkdir -p /mnt/disk
mkdir binary is used to make folder dir.
-p is mkdir option which means to create folder with sub-folder at the same time. Here we want to create mnt folder that contains disk sub-folder in it. If the folder and or sub-folder(s) are already exists, it will not give error but nothing will be created.

Quote:

#11

Code:
mount -o loop yourImage.img /mnt/disk
This is linux way to mount images into specific directory (/mnt/disk in this example).

Quote:

#12

Code:
cd /mnt/disk
cd used to get inside specific dir path.

Quote:

#13

Code:
ls -l
ls binary is used to list directory contents as described above.
-l is the used option for ls which means to list contents in long listing format.


Cheers
Last edited by majdinj; 20th September 2013 at 11:19 AM.
The Following 43 Users Say Thank You to majdinj For This Useful Post: [ View ]
7th November 2013, 11:26 PM   |  #3  
insink71's Avatar
Senior Member
Flag Greenville, SC
Thanks Meter: 251
 
607 posts
Join Date:Joined: Nov 2010
Donate to Me
More
Thumbs up another way to get common names
on way #2, I've often used:
Code:
cat /proc/emmc
on a few devices to reveal similar info.

Rob
The Following 2 Users Say Thank You to insink71 For This Useful Post: [ View ]
13th November 2013, 09:48 AM   |  #4  
hasan4791's Avatar
Senior Member
Flag Bangalore
Thanks Meter: 365
 
1,070 posts
Join Date:Joined: Nov 2011
More
can i able to mount boot.img in android itself...actually i wanted to extract boot.img frm mobile without any tools or without the help of PC...if there be any possibilities..??
13th November 2013, 08:22 PM   |  #5  
majdinj's Avatar
OP Recognized Contributor / Themer
Flag AlAhsa
Thanks Meter: 2,980
 
980 posts
Join Date:Joined: Nov 2006
More
Quote:
Originally Posted by hasan4791

can i able to mount boot.img in android itself...actually i wanted to extract boot.img frm mobile without any tools or without the help of PC...if there be any possibilities..??

if you mean extract to modify boot.img, then I don't think there is away to do that from device itself in the moment..
if you mean dumping boot.img then yes you can, just install terminal emulator from Google play and you can run adb shell commands directly from the device
The Following 3 Users Say Thank You to majdinj For This Useful Post: [ View ]
17th November 2013, 10:43 AM   |  #6  
Ricky Divjakovski's Avatar
Recognized Contributor
Flag Sydney
Thanks Meter: 5,292
 
3,588 posts
Join Date:Joined: Feb 2013
Donate to Me
More
Great guide hopefully makes it easier for us to get dumps! if you add logcats etc, i find they have trouble executing "adb logcat >> log.txt" -.-
also you should teach them the easy tar method, so while booted "tar -c /system/* >> /sdcard/system.tar" or via adb shell
Last edited by Ricky Divjakovski; 17th November 2013 at 11:08 AM.
The Following 2 Users Say Thank You to Ricky Divjakovski For This Useful Post: [ View ]
17th November 2013, 11:39 AM   |  #7  
majdinj's Avatar
OP Recognized Contributor / Themer
Flag AlAhsa
Thanks Meter: 2,980
 
980 posts
Join Date:Joined: Nov 2006
More
Quote:
Originally Posted by ricky310711

Great guide hopefully makes it easier for us to get dumps! if you add logcats etc, i find they have trouble executing "adb logcat >> log.txt" -.-
also you should teach them the easy tar method, so while booted "tar -c /system/* >> /sdcard/system.tar" or via adb shell

Yup that is possible and easy to extract but it is only for partitions that is shown in android os,,, you can't use it for boot.img, sbl.bin, modem.bin...etc right
17th November 2013, 12:03 PM   |  #8  
Ricky Divjakovski's Avatar
Recognized Contributor
Flag Sydney
Thanks Meter: 5,292
 
3,588 posts
Join Date:Joined: Feb 2013
Donate to Me
More
Quote:
Originally Posted by majdinj

Yup that is possible and easy to extract but it is only for partitions that is shown in android os,,, you can't use it for boot.img, sbl.bin, modem.bin...etc right

ofcoarse, i actually had a project going where it detects all partitions(modems, boot.img, system etc..) that archives itself into a .zip
it was going well until i did something in the script, now it only works on the s3 it shall be continued one day!
The Following User Says Thank You to Ricky Divjakovski For This Useful Post: [ View ]
17th November 2013, 07:38 PM   |  #9  
slicingtaco's Avatar
Senior Member
Flag C:\Earth\USA\California\Freakmont
Thanks Meter: 318
 
901 posts
Join Date:Joined: May 2012
More
Such great tutorial, this is definitely going to come in handy for me. I have a question, how can you dump (extract) a bootloader? Can i use the same method as dumping the ROM?
17th November 2013, 07:43 PM   |  #10  
mitchst2's Avatar
Senior Member
Thanks Meter: 279
 
954 posts
Join Date:Joined: Nov 2011
Could you explain how to extract stock recovery image please?

Sent from my HTC One using xda app-developers app

Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes