5,601,062 Members 47,655 Now Online
XDA Developers Android and Mobile Development Forum

[DEVS ONLY] Crack/bypass/trick Boot.img Signature

Tip us?
 
designgears
Old
(Last edited by designgears; 21st February 2011 at 12:02 AM.)
#1  
designgears's Avatar
Recognized Developer - OP
Thanks Meter 8542
Posts: 4,843
Join Date: Feb 2010
Location: SLC

 
DONATE TO ME
Default [DEVS ONLY] Crack/bypass/trick Boot.img Signature

Ok, so lets get cracking on this bootloader.

boot.img and recovery.img certs (thanks to ntwrkwizard):
http://ponack.net/designgears/atrix/...%20extract.zip
http://ponack.net/designgears/atrix/...%20extract.zip

Flaw in the X.509 certs:
http://www.darkreading.com/security/...008/index.html

Boot.img & Recovery.img
http://www.ponack.net/designgears/dump.7z
"haters can make like bees with no stingers, and drop dead" -Eminem

Follow me on Twitter!
The Following 9 Users Say Thank You to designgears For This Useful Post: [ Click to Expand ]
 
theknub
Old
#2  
Member
Thanks Meter 5
Posts: 95
Join Date: Oct 2009
DG, afaik, that exploit deals with the md2 hash algorithm. it is a good possible starting point. has the signing cert been found/recovered/viewed yet?

if moto signed it with an md5 hash cert, then that may not be possible.
AtrixHD rooted
 
dtmcnamara
Old
#3  
Senior Member
Thanks Meter 17
Posts: 237
Join Date: Oct 2007
Well if you guys need any processing power to help crack anything let me know. I am willing to donate my system. Current specs:
i7-970 six core 4.8ghz overclocked
4 gtx580 gpus
24gb ddr3 2000
HSDL 240gb ssd

Like I said, if you guys need any processing power let me know.

Sent from my "5 inch Galaxy Tab"
Atrix here on the 22nd
 
perdurabo2
Old
#4  
perdurabo2's Avatar
Senior Member
Thanks Meter 21
Posts: 137
Join Date: Jun 2007
Location: NJ
Quote:
Originally Posted by dtmcnamara View Post
Well if you guys need any processing power to help crack anything let me know. I am willing to donate my system. Current specs:
i7-970 six core 4.8ghz overclocked
4 gtx580 gpus
24gb ddr3 2000
HSDL 240gb ssd

Like I said, if you guys need any processing power let me know.

Sent from my "5 inch Galaxy Tab"
Atrix here on the 22nd
Please don't post here. This is a dev only thread. Post your offer in General.

Thanks!
---
Various CDMA/LTE phones

If you want to get ahold of me about technical matters, PM me. I'm not able to read through everything in the forums anymore.

If my post helped you, please click Thanks, so I know.

I don't speak for or represent my employer.
 
perdurabo2
Old
#5  
perdurabo2's Avatar
Senior Member
Thanks Meter 21
Posts: 137
Join Date: Jun 2007
Location: NJ
These downloads look like just CA certs. Could someone extract the x.509 cert embedded in the beginning of the boot.img and post it to this thread? I'm out and about this weekend and don't have a box with a hex editor handy.
---
Various CDMA/LTE phones

If you want to get ahold of me about technical matters, PM me. I'm not able to read through everything in the forums anymore.

If my post helped you, please click Thanks, so I know.

I don't speak for or represent my employer.
 
Fixter
Old
#6  
Fixter's Avatar
Senior Member
Thanks Meter 91
Posts: 1,404
Join Date: Jun 2009
Location: Durham

 
DONATE TO ME
Quote:
Originally Posted by perdurabo2 View Post
These downloads look like just CA certs. Could someone extract the x.509 cert embedded in the beginning of the boot.img and post it to this thread? I'm out and about this weekend and don't have a box with a hex editor handy.
If you could tell me how to do that I will be more than happy to get those for you. I'm the go to guy, remember?
Galaxy Note 3, Galaxy Gear or Note 10.1 2014? Add me on GTalk or Twitter
Twitter: GSoulPR
GTalk: Gc0814@gmail.com
Did I help? Press the Thanks button!
The Following User Says Thank You to Fixter For This Useful Post: [ Click to Expand ]
 
ntwrkwizard
Old
(Last edited by ntwrkwizard; 20th February 2011 at 06:49 PM.) Reason: Add additional file.
#7  
Member
Thanks Meter 8
Posts: 51
Join Date: Apr 2006
Here is the extracted cert from within mmcblk0p10.img. This hex dump is extracted from 7FF7FC through 7FFDF9.
Also is the extracted cert from within mmcblk0p11.img. This hex dump is extracted from 7FF7FC through 7FFE79.

Not sure the value of an extracted public side of the x.509 is post signature but I'm sure someone will define that.

Good luck..

NW
The Following 2 Users Say Thank You to ntwrkwizard For This Useful Post: [ Click to Expand ]
 
Mr. Clown
Old
#8  
Mr. Clown's Avatar
RC-RT Committee / Senior Moderator - Fear the Clown
Thanks Meter 2228
Posts: 5,741
Join Date: Nov 2008
Location: Lake Ridge, Virginia

 
DONATE TO ME
back on topic please.

Devices:
Samsung Galaxy SIII I9300 - Stock Rom 4.2.2 (Stolen)
T-Mobile SGH-T999 - Stock Rom 4.3
HTC HD2 : Nexus HD2 JB 4.1.2 (RIP)

 
The Following 4 Users Say Thank You to Mr. Clown For This Useful Post: [ Click to Expand ]
 
perdurabo2
Old
(Last edited by perdurabo2; 21st February 2011 at 05:02 AM.) Reason: I was a bit too harsh.
#9  
perdurabo2's Avatar
Senior Member
Thanks Meter 21
Posts: 137
Join Date: Jun 2007
Location: NJ
Quote:
Originally Posted by Mr. Clown View Post
back on topic please.
Who are you talking to? The cert conversation is applicable.
---
Various CDMA/LTE phones

If you want to get ahold of me about technical matters, PM me. I'm not able to read through everything in the forums anymore.

If my post helped you, please click Thanks, so I know.

I don't speak for or represent my employer.
 
djsven
Old
#10  
Senior Member
Thanks Meter 36
Posts: 885
Join Date: Jan 2007
Hi friend,

is the bootloader encrypten the same as defy or milestone?
Or a new one?
Maybe we could get all a free bootloader if this would work?
Or other technical?
Thanks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes