• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[DEV] Bootloader Signature Bypass

Search This thread

ggow

Recognized Developer
Feb 28, 2014
3,892
10,557
Amazon Fire
Samsung Galaxy Tab S7 / S7 Plus
Hello @rbox,

I have implemented a bootloader signature bypass and was wondering if you could help me verify my method.

Because we know this works for the firetv, my plan is:

1. You could send me one of your unsigned custom recoveries for firetv.
2. I would then sign it and send it back to you to check it works.

Hope you don't mind me contacting you this way.

ggow
 

r3pwn

Inactive Recognized Developer
Jul 11, 2012
1,745
2,046
Lakeland, FL
r3pwn.com
Woah! Props! I still don't plan on picking up an HDX, but at least it'll get some development now! Now just to get root on KitKat for you guys.
 
Last edited:

ggow

Recognized Developer
Feb 28, 2014
3,892
10,557
Amazon Fire
Samsung Galaxy Tab S7 / S7 Plus
@rbox,

I should add some information which I forgot to include earlier:

I tried the recovery image on the device but failed to boot which is why I need some help to verify my method to find out whether our bootloader is susceptible to this approach, mathematically it looks good (I think). See what you think. I have PM'ed you a link to the modified recovery image as we discussed.
 
  • Like
Reactions: taette

ggow

Recognized Developer
Feb 28, 2014
3,892
10,557
Amazon Fire
Samsung Galaxy Tab S7 / S7 Plus
Conclusions

@rbox

In short I found our bootloader is NOT susceptible to the signature bypass method.
I tried first on stock 13.3.2.4 and then on stock 13.3.1.0.

Thanks for your help rbox. I really appreciate you taking the time.

I had some implementation issues in my work which led to to the differences between our output files.
I believe I have fixed those now.
 
Last edited:

gbgadgets

Senior Member
Feb 15, 2008
85
40
Chicago
LG V30
Google Pixel 5
Bootloader question

How much has been done with anyone looking into the unlock code functionality for the bootloader? I have spent a ton of time (mostly wasted time it has turned out), trying to make any kind of sense of the bootloader using IDA Pro with hex-rays decompilation. It seems easy enough to write an unlock code for the device using idme, but not knowing what the code is, and not knowing where in the bootloader decompilation the unlock checking is done has just lead to dead ends. I assume from some posts in much older development threads that some very smart people already spent some time attempting to decompile the bootloader and didn't have much luck. Does anyone think anything can be gained from further muddling around with the decompilation?
 
  • Like
Reactions: Grtschnk

r3pwn

Inactive Recognized Developer
Jul 11, 2012
1,745
2,046
Lakeland, FL
r3pwn.com
How much has been done with anyone looking into the unlock code functionality for the bootloader? I have spent a ton of time (mostly wasted time it has turned out), trying to make any kind of sense of the bootloader using IDA Pro with hex-rays decompilation. It seems easy enough to write an unlock code for the device using idme, but not knowing what the code is, and not knowing where in the bootloader decompilation the unlock checking is done has just lead to dead ends. I assume from some posts in much older development threads that some very smart people already spent some time attempting to decompile the bootloader and didn't have much luck. Does anyone think anything can be gained from further muddling around with the decompilation?
I did the same as you and found "unlock_code" can be read from idme, but not without unlocking the bootloader. I can't seem to find it in any partition either.
@rbox

In short I found our bootloader is NOT susceptible to the signature bypass method.
I tried first on stock 13.3.2.4 and then on stock 13.3.1.0.

Thanks for your help rbox. I really appreciate you taking the time.

I had some implementation issues in my work which led to to the differences between our output files.
I believe I have fixed those now.
Have you taken a look at the 2nd_init hack? Safestrap uses it to load a recovery, but it can also be used to load new kernels.
 

ggow

Recognized Developer
Feb 28, 2014
3,892
10,557
Amazon Fire
Samsung Galaxy Tab S7 / S7 Plus
I did the same as you and found "unlock_code" can be read from idme, but not without unlocking the bootloader. I can't seem to find it in any partition either.

Have you taken a look at the 2nd_init hack? Safestrap uses it to load a recovery, but it can also be used to load new kernels.

Hi r3pwn, I looked at 2nd init. I can use it to load a new ramdisk which is great. But I don't think you can load a different kernel. Also correct me I'm wrong, I don't think we can boot kitkat on the jelly bean kernel with a modified ramdisk.

Sent from my Nexus HDX 7 using Tapatalk
 

r3pwn

Inactive Recognized Developer
Jul 11, 2012
1,745
2,046
Lakeland, FL
r3pwn.com
Hi r3pwn, I looked at 2nd init. I can use it to load a new ramdisk which is great. But I don't think you can load a different kernel. Also correct me I'm wrong, I don't think we can boot kitkat on the jelly bean kernel with a modified ramdisk.

Sent from my Nexus HDX 7 using Tapatalk
Oh. My bad. Meant ramdisk. Not sure why kernel came out. The devs over with the Sony Xperia SP (I think, lemme double check) managed to run Lollipop on their JB 4.3 device using the 2nd init. Let me look some more and report back with (hopefully) useful info.

Edit: Yep, it is the SP. Their rd hijack process: https://bitbucket.org/bagyusz/hijack-ramdisk-huashan/src/20a66537e120?at=cm-10.2_LBL. They list the rest of their sources at the bottom of the post here (Device tree, vendor tree, how to make the ramdisk alone, etc...): http://forum.xda-developers.com/xperia-sp/development/xperiasp-locked-bootloader-lbl-t2947194
 
Last edited:
  • Like
Reactions: EncryptedCurse

ggow

Recognized Developer
Feb 28, 2014
3,892
10,557
Amazon Fire
Samsung Galaxy Tab S7 / S7 Plus
Oh. My bad. Meant ramdisk. Not sure why kernel came out. The devs over with the Sony Xperia SP (I think, lemme double check) managed to run Lollipop on their JB 4.3 device using the 2nd init. Let me look some more and report back with (hopefully) useful info.

Edit: Yep, it is the SP. Their rd hijack process: https://bitbucket.org/bagyusz/hijack-ramdisk-huashan/src/20a66537e120?at=cm-10.2_LBL. They list the rest of their sources at the bottom of the post here (Device tree, vendor tree, how to make the ramdisk alone, etc...): http://forum.xda-developers.com/xperia-sp/development/xperiasp-locked-bootloader-lbl-t2947194

@r3pwn,

Thanks for the pointing me in that direction... With the 13.3.2.4 stock kernel I have a build of aosp lollipop 5.0.1 which now boots to some degree. Very early days yet but some progress. I now have adb access. I can see that in logcat services are starting up and then dying.

I can't see the boot animation yet because the video driver / surfaceflinger is not starting. First goal is to get that and full hw graphical support working.

Definitely a way forward :)
 

r3pwn

Inactive Recognized Developer
Jul 11, 2012
1,745
2,046
Lakeland, FL
r3pwn.com
@r3pwn,

Thanks for the pointing me in that direction... With the 13.3.2.4 stock kernel I have a build of aosp lollipop 5.0.1 which now boots to some degree. Very early days yet but some progress. I now have adb access. I can see that in logcat services are starting up and then dying.

I can't see the boot animation yet because the video driver / surfaceflinger is not starting. First goal is to get that and full hw graphical support working.

Definitely a way forward :)
Thanks! Glad I could help! If there's anything you need help with, let me know and I could try to get in contact with the Xperia SP devs and maybe even get a Hangout set up.
 

vortox

Senior Member
Jan 20, 2012
50
132
I have examined aboot for some time now and I can think of 3 methods to unlock the bootloader:
  1. Provide the unlock code. The code seems to be a 512 byte image, that is flashed by "fastboot flash unlock code.img". The code is somehow verified using a X509 certificate. Writing an arbitrary code to unlock_code won't work, because the code will be verified the same way the code.img is verified.
  2. Overwrite the certificate a custom one and create a custom code. For this approach we have to understand the verification process and we obliviously need to know the location of the certificate and write access.
  3. There is some variable called "production" we would have to change. The variable is obtained by
    Code:
    MOV             R3, 0xFD511004
    LDR             R0, [R3,R0,LSL#4]
    AND             R0, R0, #1
    R0 has the value 0x5C.
    In C pseudocode:
    Code:
     int production = *(0xFD511004 + 92*2^4) & 1;
    The default value of that variable is 1.

Anyone with ideas here?
 
Last edited:

EncryptedCurse

Senior Member
Jul 9, 2014
650
300
I have examined aboot for some time now and I can think of 3 methods to unlock the bootloader:
  1. Provide the unlock code. The code seems to be a 512 byte image, that is flashed by "fastboot flash unlock code.img". The code is somehow verified using a X509 certificate. Writing an arbitrary code to unlock_code won't work, because the code will be verified the same way the code.img is verified.
  2. Overwrite the certificate a custom one and create a custom code. For this approach we have to understand the verification process and we obliviously need to know the location of the certificate and write access.
  3. There is some variable called "production" we would have to change. The variable is obtained by
    Code:
    MOV             R3, 0xFD511004
    LDR             R0, [R3,R0,LSL#4]
    AND             R0, R0, #1
    R0 has the value 0x5C.
    In C pseudocode:
    Code:
     int production = *(0xFD511004 + 92*2^4) & 1;
    The default value of that variable is 1.

Anyone with ideas here?
I can't answer that, but @Cpasjuste may be revealing something soon according to this thread: http://forum.xda-developers.com/kindle-fire-hdx/development/cm-11-t2971457
 

gbgadgets

Senior Member
Feb 15, 2008
85
40
Chicago
LG V30
Google Pixel 5
I was using some information from this source aboot reverse engineering to try and figure more out about the structure of aboot. The fact that the strings are obfuscated and don't appear through the decompiled functions was the biggest hurdle I was running into starting with this. I tried to use the open source little kernel code to see if a few of these functions could be put into better pseudocode and perhaps crack the string obfuscation to be able to xref more strings throughout the decompilation of the hundreds of functions. Just kept getting stuck.
 

vortox

Senior Member
Jan 20, 2012
50
132
I've been using this loader for IDA. I see a lot of strings and they have been very useful .
Further I've found the certificate in the aboot partition. This means my 2. suggestion probably wouldn't work.
This leaves me with 2 two possible options:
  • Brute force the image (unlikely)
  • Looking at the production variable to see if it can be safely overwriten without a side effect
 
  • Like
Reactions: Antagonist42

D0ubl3_X

Senior Member
Dec 9, 2007
110
34
Stuttgart
I've been using this loader for IDA. I see a lot of strings and they have been very useful .
Further I've found the certificate in the aboot partition. This means my 2. suggestion probably wouldn't work.
This leaves me with 2 two possible options:
  • Brute force the image (unlikely)
  • Looking at the production variable to see if it can be safely overwriten without a side effect

Could you share the certificate? I think there should be no legal problem with that.
@vortox
This article may refer to the production variable your talking about.

http://blog.azimuthsecurity.com/2013/05/exploiting-samsung-galaxy-s4-secure-boot.html
Seems to be following CVE: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0974


Besides of that, has somebody tried to insert the kexec module into the kernel? http://forum.xda-developers.com/galaxy-note-3/devs-only/kernel-kernel-execution-loading-custom-t2812650
 
Last edited:

vortox

Senior Member
Jan 20, 2012
50
132
Could you share the certificate? I think there should be no legal problem with that.
I will try my best to obtain the cerificate.

Thanks for the link.

I will take a look at that.

Edit:
@D0ubl3_X
Here the certificate used for checking the unlock code. http://www45.zippyshare.com/v/82885181/file.html

Edit2 :
The post in the blog does not match the CVE. This is the right one. This exploit hat been patched.
But the CVE you posted seems unpatched. Atleast on my device with .3.2.4. The newer version are probably patched.

Edit3:
Another possible exploit: https://www.codeaurora.org/projects...tion-leads-to-signature-forgery-cve-2014-0973
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 25
    Merry Christmas!
    img_20141226_234209.jpg


    This is not an unlock

    I have been able to boot a custom TWRP . Using this exploit I crafted a signature that passes the check in the x.3.1.0 bootloader. I'm planning to release a tool the sign custom recoveries/boot images.
    13
    @vortox do you need help with programming ?

    Thank you for the offer, but the coding is done and I'm starting to write the guide for the tool :)
    12
    Hello @rbox,

    I have implemented a bootloader signature bypass and was wondering if you could help me verify my method.

    Because we know this works for the firetv, my plan is:

    1. You could send me one of your unsigned custom recoveries for firetv.
    2. I would then sign it and send it back to you to check it works.

    Hope you don't mind me contacting you this way.

    ggow
    12
    Just some small update: I'm almost done writing the signing application and I will probably release it before the new year.
    11
    Hi !

    The first signed recovery is there, thanks to @vortox for the exploit ! Please some experienced users test it :)

    Happy new year !

    http://forum.xda-developers.com/kindle-fire-hdx/development/recovery-twrp-2-8-1-0-thor-t2986004