M
moonbutt74
Guest
V,
is it possible to build cuber full static for portability ?
https://www.androidfilehost.com/?w=files&flid=23541
the file names are stock-t337a-milletatt-boot.img.tar.md5 and stock-t337a-milletatt-recovery.tar.md5
the tab 4 line as far as the 10.1 and 8.0 are quite nice !
Thanks for you reply and for the project ! Subscribed.
m
okay, cool. i didn't think so either but it was worth a shot, but a question borne from that, the sum/hash is compared against the image or the kernel ? if the latter could i flip the proposed "hack" and account for size by padding ? or still nutz ?This doesn't work as the the signature contains the encrypted hash of the image which is then encrypted and compared to the calculated hash of the image. Copying the signature will result in a signature mismatch and therefore an invalid image.
okay neat, my other option may be to look at the grub4android option, but that will most likely be a one way ticket to brick-town.I'm not sure about that approach. On the HDX and in LK reference code the signature shouldn't be checked if the device is unlocked.
The HDX is 32bit, too. My application is written for 32bit images. ( I should add that in the description)
okay, you might like this then, i run debian wheezy on my tab {the underlying system, not gui, gcc-4.7, etc, needed to build mpc from source outside of repo} and compiled your tool to run native, i get the same result as on pc so it has to be a problem with the "stock" image.The prodcert.pem shouldn't matter in an exploitable implementation. It's just there because my code is almost a 1:1 copy of the LK code, which requires certificate.
is it possible to build cuber full static for portability ?
the stock images are for the galaxy tab 4 8.0 sm-t337a [ATT]Could you send me the image?
https://www.androidfilehost.com/?w=files&flid=23541
the file names are stock-t337a-milletatt-boot.img.tar.md5 and stock-t337a-milletatt-recovery.tar.md5
how do i determine the modulus? this is good stuff here and i want to learn it ! :good:The only thing you may have to change would be the modulus, but shouldn't do that. The prefix is static and doesn't need to change and the hash of image is passed using a file created by the application.
these are qcom based devices so i think they are using the little kernel, and after the tab 3 which was a disaster IMOYou said you are using a Samsung device and as far as I know Samsung likes to create their own implementation of something. Without an analysis of the bootloader I'm not able to say if they are using a LK bootloader or if it is exploitable.
the tab 4 line as far as the 10.1 and 8.0 are quite nice !
Thanks for you reply and for the project ! Subscribed.
m