FORUMS
Remove All Ads from XDA

success to hack Technisat MIB2 infotainment system

3 posts
Thanks Meter: 5
 
By mengxp, Junior Member on 4th April 2017, 09:22 AM
Post Reply Email Thread
25th November 2017, 11:19 AM |#11  
Junior Member
Thanks Meter: 0
 
More
Which version of QNX VMWare do U use?

Quote:
Originally Posted by mengxp

Device: Technisat MIB STD2 PQ nav

This device does not have serial shell .
But I successfully hacked the emmc filesystem
Now serial port has a shell

Step1.
Desolder the EMMC chip

Step2.
Dump EMMC chip via SD card reader

Step3.
qemu-img convert -f raw d:\682C_EMMC_DUMP.bin -O vmdk d:\682c.vmdk

Step4.
Start QNX x86 vmware machine to modify the 682c.vmdk

Step5.
modify the file /fs/hd1-qnx6/tsd/bin/system/startup
add following line
--------------------
echo ser1 "/bin/login -f root" qansi-m on > /tmp/ttys
/sbin/tinit -f /tmp/ttys &
--------------------
Save the file

Step6.
Shutdown QNX6 VM

Step7.
qemu-img convert -f vmdk d:\682c.vmdk -O raw C:\682C_EMMC_DUMP.bin

Step8.
write C:\682C_EMMC_DUMP.bin to EMMC via SD card reader

Step9.
Solder the EMMC chip back

done.

 
 
26th November 2017, 11:23 PM |#12  
Junior Member
Thanks Meter: 0
 
More
5C0 035 680 C hi is this for this MIBSTD2? anyone have any success ? ive read about the patches etc is there any other way ?
15th January 2018, 09:42 AM |#13  
Junior Member
Thanks Meter: 1
 
More
Quote:
Originally Posted by mengxp

Device: Technisat MIB STD2 PQ nav

This device does not have serial shell .
But I successfully hacked the emmc filesystem
Now serial port has a shell

Step1.
Desolder the EMMC chip

Step2.
Dump EMMC chip via SD card reader

Step3.
qemu-img convert -f raw d:\682C_EMMC_DUMP.bin -O vmdk d:\682c.vmdk

Step4.
Start QNX x86 vmware machine to modify the 682c.vmdk

Step5.
modify the file /fs/hd1-qnx6/tsd/bin/system/startup
add following line
--------------------
echo ser1 "/bin/login -f root" qansi-m on > /tmp/ttys
/sbin/tinit -f /tmp/ttys &
--------------------
Save the file

Step6.
Shutdown QNX6 VM

Step7.
qemu-img convert -f vmdk d:\682c.vmdk -O raw C:\682C_EMMC_DUMP.bin

Step8.
write C:\682C_EMMC_DUMP.bin to EMMC via SD card reader

Step9.
Solder the EMMC chip back

done.

As I see this only gives you a shell access. Not a complete hack of system like activating all functions and removing component protection on device, does not it ?
24th March 2018, 07:49 PM |#14  
Junior Member
Thanks Meter: 0
 
More
Can you post the dump please?
Can you post the dump please?
31st March 2018, 09:05 PM |#15  
Junior Member
Thanks Meter: 0
 
More
Hello

do you have idea how we can remove Component protection? I need make retrofit with 100% clean components but Skoda auto cannot remove CP because dotn have online data for Old car and New radio.....grrrrr....

thank you for more info....
22nd June 2018, 08:18 PM |#16  
Junior Member
Thanks Meter: 0
 
More
Hey guys, anyone here willing to share any version of firmware files for VW MIB2 (preferably v0343 or newer) or anyone willing to make full dump of the VW MIB2's flash?
4th August 2018, 07:49 AM |#17  
Junior Member
Thanks Meter: 1
 
More
reading MMC without desoldering
Maybe somebody found a way to read eMMC without desoldering chip?
The Following User Says Thank You to vierchatura For This Useful Post: [ View ] Gift vierchatura Ad-Free
6th October 2018, 05:19 PM |#18  
Junior Member
Thanks Meter: 0
 
More
Harman mib2 pro unit
Hi I have Harman discovery pro mib2 unit black screen green menu corrupt anybody know how to recover
14th June 2019, 06:56 PM |#19  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by vierchatura

Maybe somebody found a way to read eMMC without desoldering chip?

I have propper tools and knowledge and when ISP pinout exist U can use ISP for eMMC chip.
14th August 2019, 08:48 PM |#20  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by bell38

Hi I have Harman discovery pro mib2 unit black screen green menu corrupt anybody know how to recover

I can help you. Write PM
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes