[R&D] Pit file, aboot, partition info

Surge1223

Surge1223

Recognized Contributor
Nov 6, 2012
2,603
7,395
203
Florida
Nov 29, 2013 at 2:49 PM
beanstown106 said:
never
Click to expand...
I see lots of posts mentioning that the dev edition firmware can't be extracted into flashable odin tar(s) but none saying why. Whats blocking it? All partitions on the dev edition should be flashable..the fact that kernels and recoveries are able to be flashed means aboots not the problem. Did you upload any part of the dev firmware anywhere? Just curious.

The reason I ask is because when I asked the Samsung rep at Best Buy if we could get the dev edition firmware for the Vzw S4 and N3 last night, he said he couldnt get into it much but that there was a way to get them and it had already been done on the S4. He said there is an S4 thread on xda where they extracted the signed dev firmware. (Yes, he referred me to my own S4 thread. ) When I got into more detail about it he got more reluctant to talk about it and eventually refused to answer and then walked away.

Sent from my SCH-I545 using XDA Premium 4 mobile app
 
  • Like
Reactions: LillieBennett
LillieBennett

LillieBennett

Senior Member
Mar 5, 2012
609
215
0
Swoope
Nov 29, 2013 at 8:57 PM
Surge1223 said:
I see lots of posts mentioning that the dev edition firmware can't be extracted into flashable odin tar(s) but none saying why. Whats blocking it? All partitions on the dev edition should be flashable..the fact that kernels and recoveries are able to be flashed means aboots not the problem. Did you upload any part of the dev firmware anywhere? Just curious.

The reason I ask is because when I asked the Samsung rep at Best Buy if we could get the dev edition firmware for the Vzw S4 and N3 last night, he said he couldnt get into it much but that there was a way to get them and it had already been done on the S4. He said there is an S4 thread on xda where they extracted the signed dev firmware. (Yes, he referred me to my own S4 thread. ) When I got into more detail about it he got more reluctant to talk about it and eventually refused to answer and then walked away.

Sent from my SCH-I545 using XDA Premium 4 mobile app
Click to expand...
We have been hoping for an Odin tar file from Samsung. If you are thinking of extracting an equivalent from a phone itself that would be cool. Someone who has that knowledge would have to chime in.

Sent from my SM-N900V using Tapatalk
 
Surge1223

Surge1223

Recognized Contributor
Nov 6, 2012
2,603
7,395
203
Florida
Nov 29, 2013 at 11:11 PM
LillieBennett said:
We have been hoping for an Odin tar file from Samsung. If you are thinking of extracting an equivalent from a phone itself that would be cool. Someone who has that knowledge would have to chime in.

Sent from my SM-N900V using Tapatalk
Click to expand...
Yeah that was my intention. Thought id ask to see if there was something I didnt know before I started though. Samsungs 4.3 partitions are harder to edit but ive still done it successfully. On the s4 we got the MJ7 ota a week or so before the odin tar was released I posted a pic of the md5's from the odin tar vs the dd'ed backups that we modded and they were the same. I was just wondering how you guys know for sure that its impossible to get the stock firmware? You should still be able to to flash the bootloaders (including the modem) if we mod them. The system partition is a little more difficult because the actual dd command has to be split into two different commands and to get the stock recovery the dd cant be of a custom recovery.


Sent from my SCH-I545 using XDA Premium 4 mobile app
 
LillieBennett

LillieBennett

Senior Member
Mar 5, 2012
609
215
0
Swoope
Nov 30, 2013 at 12:30 PM
I'm not sure the impossible word was used much but the idea that most devs have abandoned samsung is very heavy. Sounds like a fresh, out of the box dev device will be needed. I wonder where the heck we'll get one but I would love to do this procedure. An alternative restore to custom recovery (Odin) is all most will want since the maximum warranty on an unmodified device is 30 days! Ridiculous snobbish holier-than-thou samsung, lol! Bless your heart for starting this topic. :)

Sent from my SM-N900V using Tapatalk
 
M

moin786

Senior Member
Sep 29, 2009
188
28
0
Hyderabad
Jan 11, 2014 at 4:33 AM
LeftyGR said:
Not sure. But if it does happen to lock, you can reunlock it.

http://www.sidhtech.com/news/samsung-galaxy-note-3-quickest-way-unlock/10027727/

♢NoteIII♢
Click to expand...
I flashed my device using ODIN and pit file...selected Re-partition also...everything went well and the sim was also not locked...

Thanks to all for the support...

---------- Post added at 10:03 AM ---------- Previous post was at 09:42 AM ----------

Steps i followed to Re-partition and flash Stock ROM MJE in ODIN 3.09:

1) Download ODIN 3.09, Download pit file and Download MJE Stock Rom
2) Boot into Stock Recovery using Vol Up+Home+Power Button
3) Wipe Factory Reset/Data
4) Wipe Cache Partition
5) Rebooted the device, as soon as screen goes black i pressed Vol Down+Home Button to enter Download mode
6) Open ODIN as administrator in PC
7) Connected Device to PC
8) Selected Pit file and AP file...make sure that only Auto Reboot, Re-partition and F.Reset Time are selected
9) After the MD5 is checked...Click on start and wait till the process is completed.
10) The device will start, but do not unplug the device until the status in ODIN is passed
11) After the First boot, power off the device and boot into Stock Recovery using Vol Up+Home+Power Button.
12) Wipe Factory Reset/Data
13) Wipe Cache Partition & Reboot the device.
14) All steps are done...Thank You...
 
Last edited:
L

lkspencer

Member
Jun 26, 2009
18
9
0
San Tan Valley
Jan 11, 2014 at 5:18 PM
Different Sizes and Hex dump

I ran the following from a shell prompt using adb:

Code: 
dd if=/dev/block/platform/msm_sdcc.1/by-name/aboot of=/sdcard/aboot.mbn
I looked at the size of the file compared to the one in the op and my file was larger. I opened the files in a hex editor and pulled a substantial amount of the hex code out from each into a diff tool and they are identical. The difference I can see is that the one from the op ends after 66,341 lines of hex. The last chunk from the op file is unreadable and is preceded by a bunch of 0xFF. My file has this same chunk, but the one that I pulled appears to continue on to line 66,342 with 6 more hex values before it starts with another chunk of 0xFF hex values and then it has one more blip of unreadable values. After that last chunk of unreadable values on my file it is followed by several thousands of lines of 0x00 hex values.

My main question is this: why is mine slightly different, and only at the tail end? TIA for any input!
 
B

bftb0

Senior Member
Feb 5, 2010
2,594
1,040
0
Jan 11, 2014 at 8:22 PM
lkspencer said:
My main question is this: why is mine slightly different, and only at the tail end? TIA for any input!
Click to expand...
because

(a) the partition is bigger than the size of the aboot image in order to accommodate future changes to aboot, and

(b) a crypto hash (MD5, SHA-1, etc) depends on the length of the input - even if the trailing stuff at the end is all zeros.

This is not specific to aboot - any backup you make of a full partition (e.g. boot, recovery, etc) will have a different MD5/SHA-1 hash than the file that was installed there, and will be larger than the orignal file flashed there 99.9999999999% of the time.

do a "ls" of the aboot.mbn file from the same (Odin TAR) release you have installed on your N3 and then dump the same number of bytes from your aboot partition into the "md5sum" program:

Code: 
dd if=/dev/block/platform/msm_sdcc.1/by-name/aboot bs=1 count=<file-length> | md5sum
and you will find they have identical hashes.

.
 
  • Like
Reactions: Frank Westlake and lkspencer
B

bftb0

Senior Member
Feb 5, 2010
2,594
1,040
0
Jan 12, 2014 at 7:28 AM
ryanbg said:
Is the dev aboot signed?
Click to expand...
Got a copy I can look at?

You *might* be able to infer this by looking at coding entropy in the bytestream. ARM code (whether 4 byte or thumb) won't have a high bit entropy, nor will ASCII text strings (and of course are immediately visible to the eye), whereas PKI sigs should have nearly 8 bits of entropy per byte over their length(s).

The only caveat to this method of discrimination is if you are looking at executables with .data segments with compressed data. (For instance JPEGs, which the aboot.mbn indeed has). Compressed data by definition looks identical to crypto unless you can eliminate it with other means (e.g. jpeg/pkzip magic numbers, .zip footers etc) Only if you observe low entropy throughout the entire length can you conclusively say "no signature here". (Or if you can identify all such stretches as being conclusively attributed to some other use)
 
A

andym1964

Member
Feb 18, 2014
12
0
0
56
cleveland
Jul 19, 2014 at 2:23 AM
Thanks

My noye 3 SM-900V was down I thought I bricked it . I tried everything .Then I found this . Thank you for the pit download It got me back up and running, thanks again to all.
 
J

jaw20

Senior Member
Nov 16, 2013
62
120
0
Aug 31, 2015 at 8:20 PM
Hey,
Just thought everyone should know about this. This should work if you can modload working on the N3. This is compatible with nc4/nc2/ (Possibly nk1) with some modification to some symbol (you can find those ida). The reason for modload is that you will need to make a kernel module to add some custom things to qssecom and scm.c . Happy Hunting.

p.s. PM me if you want to join the telegram chat that is currently focused on unlocking the s4's and n3 bootloader
 
Last edited:
  • Like
Reactions: sandvich123127, RuggedHunter and AlexanderJohn
You must log in or register to reply here.

New posts

Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone