Give me link. I suspect its not actually qhusb mode they are using, but this other mode that pops up prior. The 2 get mistaken for one another often. Link me and I'll look.
Sent from my SCH-I535 using xda app-developers app
Root 2.20 ThinkTank [Absolutely NO off-topic discussion]
- Thread starter gunnyman
- Start date
Sent from my SCH-I535 using xda app-developers app
OK that is real qhusb stuff. Get a .hex and .mbn file for our device and it could be extremely useful. Problem is getting them....
Sent from my SCH-I535 using xda app-developers app
Someone look at this please. http://forum.xda-developers.com/showthread.php?p=32888705
New exploit. On a business call so can't play with it or even examine what its doing.
Might be exclusive to moto devices :/
Sent from my HTC One X using xda app-developers app
New exploit. On a business call so can't play with it or even examine what its doing.
Might be exclusive to moto devices :/
Sent from my HTC One X using xda app-developers app
Last edited:
Its a Motorola specific exploit.
Sent from my SCH-I535 using xda app-developers app
---------- Post added at 03:58 PM ---------- Previous post was at 03:42 PM ----------
I must've clicked on wrong link. Dexter's unbrickable sensation method uses eMMC recovery mode as I suspected, NOT qhusbdl mode.......
Uh, so what about that wrong link you clicked on? haha.
Can we not use a hex editor to look at the signature on a RUU and put that into our modified RUU with SU on it? Sure this has already been asked but I don't fully understand how the signatures work.
Sent from my HTC One X using xda app-developers app
Sent from my HTC One X using xda app-developers app
Signatures are encrypted... We won't ever be able to get it
Sent from my HTC One X using xda app-developers app
Sent from my HTC One X using xda app-developers app
Ya but it has to decrypted at somepoint right?
Sent from my HTC One X using xda app-developers app
Sent from my HTC One X using xda app-developers app
I get that the RUU's are encrypted, but is it a specific file within the RUU that holds the encryption or the whole thing?
Sent from my HTC One X using Tapatalk 2
Sent from my HTC One X using Tapatalk 2
They aren't encrypted, they are signed. We cannot do anything with this.
Sent from my SCH-I535 using xda app-developers app
Yes, the difference between encryption and a signature is important. Encryption is used to stop a person/computer from being able to read your files in plain text (unencrypted). A signature is used to make sure a file has not been tampered with in any way, and is exactly in the state it was when the person who signed the package/document sent it.
In android, we can open up RUU's and other files and look at them no problem. If it was encrypted, we would open the file and see nothing but nonsense (crazy characters, and other odd symbols). If we try to flash a file that has SU put in by someone who is NOT the person who signed it on a bootloader that checks and expects a certain signature, since the file has been tampered with, it will not accept the tampered file. If the bootloader accepted an XDA signature for example, we would be able to sign files with our key and everything would be fine, as long as the bootloader was programmed to accept an XDA key.
Now that being said, we CANNOT break the signature (or even if it was encrypted we couldn't break that either) since the signature is a long one and the companies have their own algorithms. It would literally take decades using a super computer to break it, considering you have to try each and every single combination of words, symbols, and letters in the english (and even other) language(s).
EDIT:
I have read the last pages and what are you guys talking about? This WON'T be easy. How are you going to convince the phone to accept our spoofed address over AT&T's? What happens when our phones see 2 of the same address? Oh and just "sniff the traffic", uh, no. You can't sniff mobile traffic on your 1337oMfGb4CkTr4Ck computer. Someone needs a wireless GSM traffic sniffing device. That *s*hi*t is hard to do and you need a rooted device to easily do it on android itself.
If someone who is stock rooted can go here https://sites.google.com/site/androidarts/packet-sniffer and then try to OTA update, we could see where it connects to and the goodies. Then we could go from there.
Oh and you need to use wifi and then try to OTA update, the app doesn't do mobile traffic.
Last edited:
so for those of us who are non dev's, you can't root because the boot loader wants a certain signature, and you can't change the boot loader because you need root... so we're in the middle of a catch 22...
---------- Post added at 07:15 PM ---------- Previous post was at 07:13 PM ----------
and to try and replace the whole system of checks and balances in it's entirety is beyond the average civilian's capability, and would most likely brick the phone?
---------- Post added at 07:15 PM ---------- Previous post was at 07:13 PM ----------
and to try and replace the whole system of checks and balances in it's entirety is beyond the average civilian's capability, and would most likely brick the phone?
or we could try it from another device on the same network using this assumption being you already have the pre-reqs
For the catch 22, yes, that's exactly right.
As for bricking the phone, with the bootloader locked, there's not much harm you can do unless you're trying to short out the phone on purpose, opening the back and pulling the battery, things of that nature. But without root, there's nothing software wise that I know of that can be done to softbrick or hardbrick.
---------- Post added at 09:21 PM ---------- Previous post was at 09:19 PM ----------
It needs to be rooted for that to work, and that's what I was saying in my post. Someone that has a rooted device to use some sort of packet sniffer to see where the phone connects to the OTA update.
then how hard would it be to go a step above and replace everything? i get that it would take longer and be more complicated but is it possible? basically erase everything on the phone, and i mean everything, and substitute it with the system from a one x on 1.85? as opposed to trying to do an ota or cracking the boot loader etc...
I don't know, ask whoever put the idea up. In order to start hex editing, you need superuser privileges for it to be saved. No idea how that would work, if it even could.
take note of the "the assumption being you already have the pre-reqs"
surely its not that hard for people to figure out the basic sh!t like comprehending the requirements to run the program before stating something that had initially been said in an attempt to belittle them, anyone would gather that information by looking at the link rather than being told stuff they already know.
surely there has to be another method of pushing files across at a pre-bootloader level, nvidia has NVflash, whats not to say qualcomm has something similar
Last edited:
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone