[LOKI] Bootloader hack official FAQ thread
- Thread starter djrbliss
- Start date
You're aware that the post you quoted was, in fact, also two months old?
Ouch - bit myself on the *ss. My apologies, and I'll clean my post. Danger of watching a slow moving post...
HELP!!!
Hi, I bought this AT&T S4 and it has MF3, I rooted the phone.. but when i am trying to do the loki patch for custom recovery via terminal emulator i am getting this message " LOKI ABOOT VERSION DOES NOT MATCH DEVICE".. any one can help me on this???
Hi, I bought this AT&T S4 and it has MF3, I rooted the phone.. but when i am trying to do the loki patch for custom recovery via terminal emulator i am getting this message " LOKI ABOOT VERSION DOES NOT MATCH DEVICE".. any one can help me on this???
Can't do it to MF3. They patched it. Your out of luck currently. Can only root it atm. No custom recovery / custom roms
Sent from my AT&T Galaxy S4 I337
It's a harsh reality I know. All we can do is hope Adam and others will continue pushing to find a new work around.
For now, you could root and install the Xposed Framework along with the module for the S4 found in our dev section. As much as I don't like TW, the module made it bearable and even enjoyed the experience. The mods available within the module have only expanded since I used it waiting for the original Loki work around. You can expect a good user experience.
Between the Xposed module, Adaway and TiBu you should be able to hold out. It's not ideal, but it's certainly not bad.
Sent from my AT&T Galaxy S4 I337
Last edited:
If you're on mf3 amd you flash twrp using terminal emulator, you're going to bork the stock recovery and begin a download mode loop. Albeit that is fixable, you wont be able to reset your phone to stock, with a corrupted stock recovery.
This is the Galaxy S4, usng XDA Premium
If you don't like TW then install nova or another launcher of some sort that is what I did
Yea stuff...
If you don't like TW then install nova or another launcher of some sort that is what I did
Yea stuff...
I'm on Slim Bean 4.3. I realize my post was confusing in that it may have seemed as if I was in the same boat with mf3 as the person I quoted.
Sent from my AT&T Galaxy S4 I337
Looking for assistance.
I noticed that support has been added for the LG Optimus F7, I recently purchased the F3 and have tried every attempt possible to unlock the bootloader. This phone was released in may and I was hoping to add my own support to LOKI even though it may not work. I have no idea how to find the needed addresses and convert them. This phone is across 4 separate carriers and I know people are dying to get some custom sw. Any links or guidance would be much appreciated. Thank you in advance!
Thank you Dan for all your hard work! If i get this to work on my phone I will definitely be sending a donation.
I noticed that support has been added for the LG Optimus F7, I recently purchased the F3 and have tried every attempt possible to unlock the bootloader. This phone was released in may and I was hoping to add my own support to LOKI even though it may not work. I have no idea how to find the needed addresses and convert them. This phone is across 4 separate carriers and I know people are dying to get some custom sw. Any links or guidance would be much appreciated. Thank you in advance!
Thank you Dan for all your hard work! If i get this to work on my phone I will definitely be sending a donation.
Seeing how this is the galaxy s4 forum for the att/Canadian variants (i337/i337m)...I don't think your gonna get the answer you want, try asking in your devices forum
Sent from my SAMSUNG-SGH-I337 using Tapatalk 4
I just released Loki, a set of tools for developers and users to flash custom kernels and recoveries on the AT&T and Verizon branded Samsung Galaxy S4.
The tool is available at:
https://github.com/djrbliss/loki
The technical details on how the exploit works are described at:
http://blog.azimuthsecurity.com/2013/05/exploiting-samsung-galaxy-s4-secure-boot.html
This is a support thread that I will check regularly until I decide to hand over support to the community. Feel free to ask any questions, and I may add the answers to this post. As a guideline, if it's a question that's already been answered in this thread or in the README for Loki, I will ignore it.
Does this make any permanent changes to the device?
No permanent changes are made to your device when using loki_flash. The bootloader itself is untouched. By restoring the original system, boot, and recovery images (via Odin or otherwise), the device will be in a stock state.
Can this be patched?
Absolutely. Any update that includes a new aboot will almost definitely cause your custom kernel or recovery to fail to boot without running it through loki_patch again, and if the update contains a fix for the vulnerability Loki exploits, it may permanently prevent using the tool. It's possible for Samsung to ship an update that prevents downgrading aboot to a vulnerable version, so I recommend avoiding installing any OTA updates without confirmation that it's safe.
What about the bounty?
As usual, I encourage anyone looking to donate (as part of the bounty or otherwise) to give their money to a reputable charity organization instead. If you insist on donating to me, I'm sure you can find my Paypal account somehow.
This all seems complicated. What about a step-by-step guide?
These tools are primarily intended for developers, who will be able to use them and provide ordinary users with easy ways to flash custom ROMs. Be patient, I'm sure your favorite ROM developer will come up with something for you.
I've installed a Loki-patched recovery. Can I just install regular custom ROMs now?
Any ROMs that include a replacement boot.img must be modified to include a Loki-patched boot.lok file instead. Otherwise, your phone will fail to boot until you restore a Samsung-signed boot.img or a custom boot.lok image via your custom recovery, or flash a stock image via Odin.
So this is just like kexec?
This is similar to kexec in that it works around a locked bootloader, but this approach is much more flexible and robust. Kernel and recovery developers can build their projects just as they would for an unlocked device, run the final result through Loki, and then it's ready to be flashed. No hackery and brokenness required.
would you be able to port this exploit to the moto x ? I thought samsung was using a version of the motorola bootloader?
Quoting the entire OP is frowned upon in this establishment
Please play nice and edit your post.
Dear @djrbliss (Dan), thanks for always giving what the people want, freedom :beer:
My fellow Optimum L9 users are seeking freedom from our selfish carriers, and your Loki exploit, might be the answer to our prayers. Our bootloader resides in a u-boot, we will like to create a thread in our forum, to try and port your Loki exploit with your grace of course.
Oh and if you can share any info you may have on a u-boot.
Lol, sorry for brown noising
Sent from my LGMS769 using XDA Premium 4 mobile app
Root checker by free android tools on the market...you can check build and bootloader.
Sent from my SGH-I337 using Tapatalk 4
Sent from my SGH-I337 using Tapatalk 4
I'm assuming you mean motochopper? Unless you're building your own ROMs you wouldn't give a **** about LOKI (most ROMs in this forum are auto-lokied). And to answer your question go into Settings-More-About Phone and check the baseband version. If it ends in MDL then you can use motochopper, if it ends in MF3 then you'll have to use Hashcode's safestrap.
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
402I just released Loki, a set of tools for developers and users to flash custom kernels and recoveries on the AT&T and Verizon branded Samsung Galaxy S4.
The tool is available at:
https://github.com/djrbliss/loki
The technical details on how the exploit works are described at:
http://blog.azimuthsecurity.com/2013/05/exploiting-samsung-galaxy-s4-secure-boot.html
This is a support thread that I will check regularly until I decide to hand over support to the community. Feel free to ask any questions, and I may add the answers to this post. As a guideline, if it's a question that's already been answered in this thread or in the README for Loki, I will ignore it.
Does this make any permanent changes to the device?
No permanent changes are made to your device when using loki_flash. The bootloader itself is untouched. By restoring the original system, boot, and recovery images (via Odin or otherwise), the device will be in a stock state.
Can this be patched?
Absolutely. Any update that includes a new aboot will almost definitely cause your custom kernel or recovery to fail to boot without running it through loki_patch again, and if the update contains a fix for the vulnerability Loki exploits, it may permanently prevent using the tool. It's possible for Samsung to ship an update that prevents downgrading aboot to a vulnerable version, so I recommend avoiding installing any OTA updates without confirmation that it's safe.
What about the bounty?
As usual, I encourage anyone looking to donate (as part of the bounty or otherwise) to give their money to a reputable charity organization instead. If you insist on donating to me, I'm sure you can find my Paypal account somehow.
This all seems complicated. What about a step-by-step guide?
These tools are primarily intended for developers, who will be able to use them and provide ordinary users with easy ways to flash custom ROMs. Be patient, I'm sure your favorite ROM developer will come up with something for you.
I've installed a Loki-patched recovery. Can I just install regular custom ROMs now?
Any ROMs that include a replacement boot.img must be modified to include a Loki-patched boot.lok file instead. Otherwise, your phone will fail to boot until you restore a Samsung-signed boot.img or a custom boot.lok image via your custom recovery, or flash a stock image via Odin.
So this is just like kexec?
This is similar to kexec in that it works around a locked bootloader, but this approach is much more flexible and robust. Kernel and recovery developers can build their projects just as they would for an unlocked device, run the final result through Loki, and then it's ready to be flashed. No hackery and brokenness required.15
The biggest benefit is that this actually exists, and the other doesn't.
Also, there are some perks to not permanently modifying the hardware, such as not setting off any irreversible "warranty voided" flags. Note: I do not encourage warranty fraud in any way.13
You'll definitely be able to flash a Nandroid backup for everything except for the recovery and boot partitions. As for recovery and boot, I suspect that would work fine (assuming the aboot hasn't changed), but I don't know for sure, so I don't encourage you to try it unless you really know what you're doing.12
I'm not sure what you mean by "actually hack into the bootloader". Loki allows me to execute code in the context of the bootloader, which is pretty much the definition of "hacking" it. For the picture, rather than booting a custom kernel or recovery, I had my code cause the bootloader to print that teaser message. So yes, it was the same method, just a different payload.
