Search results

With the best current published factoring algorithm, you are probably correct that it would take that much computing power that much time, but with a better non-published algorithm it could be much quicker with much less computing power. It's a long shot, but worth putting the idea out there...

The knowledge of a factor to the given number would enable us to recreate the private key and sign a new bootloader of our choosing such that we could simply flash the new bootloader as if it were an official Samsung bootloader. More than likely it would not be a brand new bootloader from...

It's not prime, but rather the product of 2 numbers that are probably prime. We're looking for one of those probable primes.

Here's a challenge, with a promise: If anyone can tell me a *whole* number, that is greater than 1, less than the number below, and can divide evenly (no remainders) into this given number, then I will post an unlocked version of this bootloader...

I think of the fuses as set-only bits, that start out as 0's, and you can set them individually to 1's, but once they are set to 1 they can never go back to 0. At least that is the idea. I find it difficult to believe any statement that contains the word "never". Each upgrade has a maximum value...

1) I am very much hoping I still have the source code. I wrote this in the days before I used GitHub. And it was a few computers ago. 2) I might release the source code, but I have a concern about how I made it work for the Microsoft Bluetooth Stack. The Widcomm stack was straight forward, but...

Can I? Yes. I can do anything. Will I? ... I suppose.... I don't have a Windows Phone any longer. I got the very first HTC Windows Phone the day it came out, a few years ago. Had it for a week. Exchanged it for an Android phone. I miss Windows Mobile...

v0.5.1 released

IDA shows you all the instructions, and you have to read it and keep track of variables in your head or on paper as you follow the code, trying to figure out what it's doing. With CobaltDebugger, you can step through these instructions one at a time and see for yourself what the result of that...

The image is not encrypted, but rather signed. An HMAC hash is created based on the image. This hash is then signed using a private 2048 bit RSA key. The public key is already on the device, we have the public key, and it can be used to verify the signature. So although RSA can be used for...

I got a bit side tracked. Thanks to Tal Aloni, Cobalt Debugger now shows and validates the certificate chain and image signature, which started me down the rabbit hole of potentially cracking RSA. When I come back up for air I'll post my latest changes.

v0.5 v0.5

v0.4 v0.4 runs Verizon S4 NK1 aboot to completion, and you can view and modify the active Instruction Set (ARM vs Thumb).

Yep. I need to re-implement MCR. I wasn't doing all that needed to be done.

IDA Pro has always been able to read mbn files. You just need to set the processor type to ARM little endian and set the proper address offsets. You can get those address values from my program CobaltDebugger which is no IDA substitution by any means, yet, but it's a good companion tool for now...

It is possible that at some point I will consider sharing my source code to the public. But first I need to look into different licensing steps I should take to make sure that if I do release it, it will remain open source and not be stolen and licensed by someone else, forcing me to take my...

I just uploaded v0.3. Now it runs the Verizon S4 aboot file without exception until it gets to a section where keeps incorrectly executing ANDEQ R0, R0, #0x3. I know that's not what it is supposed to do, and that it is a result of BX R14, when R14 is holding 0x880C7000, but 0x880C7000 has only...

v0.2 I Implemented the SP Minus Immediate instruction, which should resolve the NotImplemented exception reported by dmt010 . I also implemented a bunch more instructions needed by the S4 aboot, although I'm still not done. I went ahead and uploaded an update anyway. This one doesn't blow up...

Next feature to add is the ability to load and run elf files like tz and sdi

CobaltDebugger http://forum.xda-developers.com/android/software-hacking/cobaltdebugger-t3052263 If you load aboot.mbn and just let it run, it will eventually throw an exception when it hits an instruction I have not yet implemented, but it may still be helpful. It's not complete but I don't...

Latest Version 0.5.1 (beta) What is CobaltDebugger? An ARM Processor Simulator/Emulator/Debugger. At its current state, it reads Android bootloader files, and runs them in a simulator, giving you control over which instructions execute and when. For optimal experience, use this in conjunction...

I'm not sure what the goal would be. Maybe we can discuss it outside of this thread.

I'm building this to help. CobaltDebugger: http://youtu.be/L5NDob2rCmI

What kind of hash? How is it generated? When you say aboot are you talking about just the code portion? Because if you take the code portion of aboot and generate the SHA256 hash, it does not match the decrypted signature.

NC2 Odin tars - no padding

Thank you very much for this. And now that that has been explained, I'd like to restate my original question: What the *regular* signature a hash of? I can't seem to reproduce it?

Sorry, I should have specified. I'm studying to unlock non dev editions. In order to flash aboot on a non dev edition, the signature in the non dev edition must be verified, and is unique per baseband version, and is not just a straight SHA256 hash of just aboot code section, and most likely...

Incorrect. We can flash aboot.mbn using Odin. Odin interfaces with the currently running aboot (or earlier running process) and does verify the signature. You can flash an unmodified aboot.mbn and sbl because they are signed properly. If you want to alter these files before flashing, you can...

Ok now I'm confused, as some information given seems to contradict. Given that the CID partition is unique per device, I fail to see how it could possibly be used to generate the signature embeded inside aboot.mbn when aboot.mbn, as a whole, including this embeded signature, is quite definitely...

I am having trouble finding the cid partition on my Note 3. And I don't have an S4. Is there an S4 cid partition dump I can access online somewhere? I'd like to study one.

So first, generate the SHA256 hash of the cid partition. Then append that to the code portion of aboot. Then generate another SHA256 hash of that, and that should match the decrypted signature in aboot?

The Verizon S4 NC5 aboot.mbn signature when decrypted is this: [8A 82 E9 37 80 74 A4 53 4B 08 4C 99 DC DD 23 4C DF AD 1C BE 7D DC F2 6A 78 65 7A 3B 5E FD E7 D9] Which looks like a SHA256 hash, but of what? The SHA256 hash of the code section of aboot.mbn is [38 8A F2 B6 6C FD B0 CA 31 32 FF A5...

Further NC2 boot.img studies Still no matching hashes... What are these decrypted signatures a hash of? Here's some info on the NC2 boot.img Boot Magic: [ANDROID!] Kernel Size: 0x7E1198 Kernel Address: 0x8000 Ramdisk Size: 0xF245B Ramdisk Address: 0x2000000 Second Size: 0x0 Second Address...

After further studying the NC2 boot.img, where I expected to find the signature/encoded SHA256 hash of the boot image, instead I found the string SEANDROIDENFORCE followed by what's looks like the signature, except the 256 bytes do not decrypt using the certs from aboot as I had expected they would.

From my Note 3 LK Area: 0xF800000 - 0xFA00000 Kernel Addr: 0x8000 Ramdisk Addr: 0x2000000 Second Addr: 0xF00000 Tags Adddr: 0x1E00000 use_signed_kernel=0, is_unlocked=0, is_tampered=0. Loading boot image (9256960): start Loading boot image (9256960): done I was not expecting to see use...

I'm not writing a plugin. I'm writing a standalone app, an ARM debugger, so I can step through the binary, follow branches, keep track of memory changes and registers, etc. Probably all things you could do with IDA python, but my current expertise is in .Net so I'm leveraging my strengths to...

I believe the purpose in both pieces of code is calculate the hash using the SHA256 algorithm. I know that is the purpose in the C# code because I wrote that. But the decrypted signature does not match the hash from the C# implementation. So either the C# implementation is different than the C...

C vs C# hash_find(image_ptr, image_size, (unsigned char *)&digest, hash_type); from https://android.googlesource.com/kernel/lk/+/f248846c6df77e59157f01172f9f6dec3b472a95/platform/msm_shared/image_verify.c Is the above c code likely to yield a different result than the following C#? SHA256...

The signatures in aboot and sbl1 definitely decrypt to SHA256 hashes, but hashes of what exactly? The SHA256 hashes I've tested don't match up... aboot sig decrypted: C9 00 3E FE 04 87 6B DC 3C BE CC CE EE 75 EF D5 A9 57 28 F8 2B 77 F4 CA E6 6F 9C D9 A7 41 7C C8 aboot image SHA256 hash...

We can alter sbl with the same issues that arise with altering aboot, but aboot is what loads the kernel, so that's why aboot is our target. Each binary file/image: sbl, aboot, boot, has a signature, and a cert chain containing the public key used to verify .... its own image?.... no that...

Yes and no. It's a chain process. Each process in the boot chain verifies the signature of the next step. The part we are focused on is sbl verifies aboot which verifies kernel. There's also something before sbl that verifies sbl. We can patch aboot so it skips the check for kernel, but then...

It's easy to patch aboot and sbl. But then the signature verification fails and breaks the boot process. So if you patch the code, you also have to patch the signature. I'm thinking we can forge a signature without access to the private key. Sent from my SAMSUNG-SM-N900A using XDA Premium 4...

I compiled the openssl project for WIN64 to get libeay32.dll and slleay32.dll. I use DllImport to expose the functions necessary to replicate image_decrypt_signature from image_verify.c from LK. I use that to decrypt the signature extracted from aboot. My unit test verifies that the decrypted...

I'm using IDA Pro, and also Visual Studio to make my own program to analyze aboot and sbl. I haven't had time recently and hope to get back to this soon. aboot was easier because it's all arm 32 bit instructions. sbl switches back and forth between thumb and arm and there are still more...

I'm in the process of writing a program in C# that reads the aboot.mbn file. So far what it does is output the header information and "soft-executes" each instruction one at a time, all the while keeping track of the state of each register, and memory, and following all branches according to the...

Here's the link to the zip file where I got the aboot.mbn. http://www.mediafire.com/?53pz69lc3l152og I found it on this page: http://forum.xda-developers.com/showthread.php?t=2703006 Sent from my SAMSUNG-SM-N900A using XDA Premium 4 mobile app

The aboot binary has a section of 0x100 bytes which contains a signature. This section is clearly identified in the header. Unless I'm mistaken, this is the pcks 1.5 padded sha 256 signature of the aboot binary file itself (thanks ryanbg). But I'm assuming the signature is generated prior to...

Consider the following assembly in aboot.mbn If you were to run the aboot.mbn file, executing each instruction, following each branch, you would end up here 0x0F810A5C 00 50 93 E5 LDR R5, [R3] (Loading value 0x0 from memory at 0xFC4CF808) 0x0F810A60 00 00 55 E3 CMP R5, #0x0...

Does anyone know the address of the function which validates the signature? I've been looking at the NC2 binaries, but a more recent version would be just as helpful.

Thank you ryanbg! This information is truly helpful! Sent from my SAMSUNG-SM-N900A using XDA Premium 4 mobile app