[Q] Latest bootloader hacking

Search This thread
By:
Advanced…
krystianp

krystianp

Senior Member
May 14, 2012
705
11,807
Rzeszow
I became owner of RAZR HD recently, unfortunatelly locked with latest firmware. I have some basic knowledge in reverse engineering and kernel development, so I decided to look into Dan Rosenberg's work. My question is are there any devs/hobbists who played with it? I tried to contact Dan but he's not responding, so I guess I'm all alone with it, am I? I'm especially interested in smc command handling. Any insight would be greatly appreciated.

Regards,
Krystian
 
  • Like
Reactions: thewraith420
Playb3yond

Playb3yond

Senior Member
Dec 15, 2012
250
16
krystianp said:
I became owner of RAZR HD recently, unfortunatelly locked with latest firmware. I have some basic knowledge in reverse engineering and kernel development, so I decided to look into Dan Rosenberg's work. My question is are there any devs/hobbists who played with it? I tried to contact Dan but he's not responding, so I guess I'm all alone with it, am I? I'm especially interested in smc command handling. Any insight would be greatly appreciated.

Regards,
Krystian
Click to expand...
Click to collapse

No one is wanting to go back into unlocking another bootloader, rather you should try looking into downgrading the trustzone (tz) partition to the unlockable version. That would be greatly appreciated.
 
krystianp

krystianp

Senior Member
May 14, 2012
705
11,807
Rzeszow
Playb3yond said:
No one is wanting to go back into unlocking another bootloader, rather you should try looking into downgrading the trustzone (tz) partition to the unlockable version. That would be greatly appreciated.
Click to expand...
Click to collapse

You might not want to go back but I do want to go back into unlocking another bootloader. Why do you think downgrading trustzone partition would be easier than exploiting bootloader?
 
  • Like
Reactions: Trebuchette
P

progrockguy

Senior Member
Feb 9, 2013
157
210
krystianp said:
You might not want to go back but I do want to go back into unlocking another bootloader. Why do you think downgrading trustzone partition would be easier than exploiting bootloader?
Click to expand...
Click to collapse

kexec might be easier than finding another qcom exploit to unlock the bootloader. Hashcode was giving it a shot, but without uart he was working blind and then Dan's exploit changed everything.

Beware of downgrading since you're locked. I remember a few bricking on the Atrix hd.
 
iBolski

iBolski

Senior Member
Nov 30, 2010
2,138
825
Columbus, OH
Motorola Droid RAZR HD
Nexus 7
krystianp said:
You might not want to go back but I do want to go back into unlocking another bootloader. Why do you think downgrading trustzone partition would be easier than exploiting bootloader?
Click to expand...
Click to collapse

The problem is, Dan's work was finding an exploit. Pure and simple. it was not meant to happen, but he found a way to make it happen. Once Moto knew of this, they put out a patch so that anyone in the future who hadn't unlocked their bootloader would never be able to again. That exploit was a million in one chance of being there. It's not like he cracked the encryption key. That's an even more impossible feat.

No developer is going to put their time and effort into an old phone like the RAZR HD.

Kexec would be nice (using Safestrap recovery like on the RAZR and RAZR MAXX XT912 phones), but even that takes time to figure out how to make it work. I doubt people are willing to put much time and effort into this what with all the new phones that have been released since the HD was released.
 
  • Like
Reactions: aviwdoowks
You must log in or register to reply here.

Similar threads

G
[Q] Help doing factory reset through adb with non-functional screen
Replies
14
Views
107K
dan60
dan60
Z
[Q] Noob Alert! Razr HD xt926 stuck in AP Fastboot. Root, locked bootloader.
Replies
14
Views
19K
K
khan0340
J
[Q] unlock bootloader or downgrading system under 9.18.79.XT926
Replies
15
Views
15K
RikRong
RikRong
yutzyscott
[Q] [HELP] <bootloader> Variable Not Supported
Replies
5
Views
11K
RikRong
RikRong
TheGman125
Unlocked Bootloader =$345
Replies
52
Views
9K
R
RCOO

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 1
    krystianp
    krystianp
    I became owner of RAZR HD recently, unfortunatelly locked with latest firmware. I have some basic knowledge in reverse engineering and kernel development, so I decided to look into Dan Rosenberg's work. My question is are there any devs/hobbists who played with it? I tried to contact Dan but he's not responding, so I guess I'm all alone with it, am I? I'm especially interested in smc command handling. Any insight would be greatly appreciated.

    Regards,
    Krystian
    View
    1
    krystianp
    krystianp
    Playb3yond said:
    No one is wanting to go back into unlocking another bootloader, rather you should try looking into downgrading the trustzone (tz) partition to the unlockable version. That would be greatly appreciated.
    Click to expand...
    Click to collapse

    You might not want to go back but I do want to go back into unlocking another bootloader. Why do you think downgrading trustzone partition would be easier than exploiting bootloader?
    View
    1
    iBolski
    iBolski
    krystianp said:
    You might not want to go back but I do want to go back into unlocking another bootloader. Why do you think downgrading trustzone partition would be easier than exploiting bootloader?
    Click to expand...
    Click to collapse

    The problem is, Dan's work was finding an exploit. Pure and simple. it was not meant to happen, but he found a way to make it happen. Once Moto knew of this, they put out a patch so that anyone in the future who hadn't unlocked their bootloader would never be able to again. That exploit was a million in one chance of being there. It's not like he cracked the encryption key. That's an even more impossible feat.

    No developer is going to put their time and effort into an old phone like the RAZR HD.

    Kexec would be nice (using Safestrap recovery like on the RAZR and RAZR MAXX XT912 phones), but even that takes time to figure out how to make it work. I doubt people are willing to put much time and effort into this what with all the new phones that have been released since the HD was released.
    View

New posts