• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[DEV] Bootloader Signature Bypass

Search This thread

ggow

Recognized Developer
Feb 28, 2014
3,892
10,557
Amazon Fire
Samsung Galaxy Tab S7 / S7 Plus

ggow

Recognized Developer
Feb 28, 2014
3,892
10,557
Amazon Fire
Samsung Galaxy Tab S7 / S7 Plus
But how? i assuming that this fuseblown-process started at sbl1...
But, I am not dev, of course.

- The issue is not just fuse...

- I remember looking at this in the past, there are a number of things that have changed in the bootloader images between the jelly bean and kitkat updates. The format of the header for boot and recovery images have changed. I suspected also the format of the header that sbl1 bootloader expects for aboot partition may have also changed.

And another thing is you can't dd .mbn files as they are packed and if you did - that alone would result in a brick.
 
Last edited:

ONYXis

Senior Member
Dec 7, 2013
436
328
Kyiv
Last edited:

ggow

Recognized Developer
Feb 28, 2014
3,892
10,557
Amazon Fire
Samsung Galaxy Tab S7 / S7 Plus

Top Liked Posts

  • There are no posts matching your filters.
  • 25
    Merry Christmas!
    img_20141226_234209.jpg


    This is not an unlock

    I have been able to boot a custom TWRP . Using this exploit I crafted a signature that passes the check in the x.3.1.0 bootloader. I'm planning to release a tool the sign custom recoveries/boot images.
    13
    @vortox do you need help with programming ?

    Thank you for the offer, but the coding is done and I'm starting to write the guide for the tool :)
    12
    Hello @rbox,

    I have implemented a bootloader signature bypass and was wondering if you could help me verify my method.

    Because we know this works for the firetv, my plan is:

    1. You could send me one of your unsigned custom recoveries for firetv.
    2. I would then sign it and send it back to you to check it works.

    Hope you don't mind me contacting you this way.

    ggow
    12
    Just some small update: I'm almost done writing the signing application and I will probably release it before the new year.
    11
    Hi !

    The first signed recovery is there, thanks to @vortox for the exploit ! Please some experienced users test it :)

    Happy new year !

    http://forum.xda-developers.com/kindle-fire-hdx/development/recovery-twrp-2-8-1-0-thor-t2986004