User:Chipmunk - Revision history

Chipmunk at 02:55, 9 March 2026

2026-03-09T02:55:00Z

← Older revision		Revision as of 02:55, 9 March 2026
Line 3:		Line 3:
	I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices.		I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices.

	Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024~~<!-- as of writing this, last year -->~~, and have since learned many things. I am also still quite new to low-level programming and reverse engineering.		Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024, and have since learned many things. I am also still quite new to low-level programming and reverse engineering.

	Some things I aim to do eventually:		Some things I aim to do eventually:
	* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my AT&T Galaxy S5.
	* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!) ''(some reversing work done)''.		* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!) ''(some reversing work done)''.
	* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki) (~~making progress now!~~).		* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki) ([https://code.chipmunk.land/chipmunkmc/osmium.git done] except for steady).
	* Port an EFI implementation to an x86 phone (Asus Z00D).		* Port an EFI implementation to an x86 phone (Asus Z00D).
	* Write a tool to ''reliably'' exploit [[wikipedia:Dirty Cow\|Dirty Cow]], preferably ''without'' touching <code>/system</code> and escalating to the ''init'' context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out~~...~~).		* Write a tool to ''reliably'' exploit [[wikipedia:Dirty Cow\|Dirty Cow]], preferably ''without'' touching <code>/system</code> and escalating to the ''init'' context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out).
	* Look into unlock methods for various phones... (I own too many).		* Look into unlock methods for various phones... (I own too many).

Chipmunk: Update info

2025-10-20T04:13:15Z

Update info

← Older revision		Revision as of 04:13, 20 October 2025
Line 6:		Line 6:

	Some things I aim to do eventually:		Some things I aim to do eventually:
	* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my AT&T Galaxy S5 ~~(currently borrowed), and AT&T Samsung Gear S (vulnerability is questionable due to the different boot image format)~~.		* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my AT&T Galaxy S5.
	* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).		* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!) ''(some reversing work done)''.
	* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki).		* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki) (making progress now!).
	* Port an EFI implementation to an x86 phone (Asus Z00D).		* Port an EFI implementation to an x86 phone (Asus Z00D).
	* Write a tool to ''reliably'' exploit [[wikipedia:Dirty Cow\|Dirty Cow]], preferably ''without'' touching <code>/system</code> and escalating to the ''init'' context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out...).		* Write a tool to ''reliably'' exploit [[wikipedia:Dirty Cow\|Dirty Cow]], preferably ''without'' touching <code>/system</code> and escalating to the ''init'' context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out...).
	* Look into unlock methods for various phones... (I own too many).		* Look into unlock methods for various phones... (I own too many).

Chipmunk at 04:46, 30 June 2025

2025-06-30T04:46:10Z

← Older revision		Revision as of 04:46, 30 June 2025
Line 8:		Line 8:
	* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my AT&T Galaxy S5 (currently borrowed), and AT&T Samsung Gear S (vulnerability is questionable due to the different boot image format).		* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my AT&T Galaxy S5 (currently borrowed), and AT&T Samsung Gear S (vulnerability is questionable due to the different boot image format).
	* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).		* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).
	* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki).		* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki).
	* Port an EFI implementation to an x86 phone (Asus Z00D).		* Port an EFI implementation to an x86 phone (Asus Z00D).
			* Write a tool to ''reliably'' exploit [[wikipedia:Dirty Cow\|Dirty Cow]], preferably ''without'' touching <code>/system</code> and escalating to the ''init'' context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out...).
	* Look into unlock methods for various phones... (I own too many).		* Look into unlock methods for various phones... (I own too many).

Chipmunk: the phone also checks for a value derived from the steady partition, which appears to be signed

2025-06-30T04:41:53Z

the phone also checks for a value derived from the steady partition, which appears to be signed

← Older revision		Revision as of 04:41, 30 June 2025
Line 8:		Line 8:
	* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my AT&T Galaxy S5 (currently borrowed), and AT&T Samsung Gear S (vulnerability is questionable due to the different boot image format).		* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my AT&T Galaxy S5 (currently borrowed), and AT&T Samsung Gear S (vulnerability is questionable due to the different boot image format).
	* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).		* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).
	* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible).		* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki).
	* Port an EFI implementation to an x86 phone (Asus Z00D).		* Port an EFI implementation to an x86 phone (Asus Z00D).
	* Look into unlock methods for various phones... (I own too many).		* Look into unlock methods for various phones... (I own too many).
	~~<!-- lol -->~~

Chipmunk: oops i meant persistent

2025-06-28T18:30:59Z

oops i meant persistent

← Older revision		Revision as of 18:30, 28 June 2025
Line 11:		Line 11:
	* Port an EFI implementation to an x86 phone (Asus Z00D).		* Port an EFI implementation to an x86 phone (Asus Z00D).
	* Look into unlock methods for various phones... (I own too many).		* Look into unlock methods for various phones... (I own too many).
			<!-- lol -->

Chipmunk: sboot doesnt actually have symbols afaik, it just has lots of logging with format strings with function parameters... also j3 prime seems unlockable via param partition

2025-06-28T18:24:34Z

sboot doesnt actually have symbols afaik, it just has lots of logging with format strings with function parameters... also j3 prime seems unlockable via param partition

← Older revision		Revision as of 18:24, 28 June 2025
Line 6:		Line 6:

	Some things I aim to do eventually:		Some things I aim to do eventually:
	* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my ~~<s>Verizon Galaxy Core Prime</s> (probably not vulnerable!),~~ AT&T Galaxy S5, and AT&T Samsung Gear S (vulnerability is questionable due to the different boot image format).		* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my AT&T Galaxy S5 (currently borrowed), and AT&T Samsung Gear S (vulnerability is questionable due to the different boot image format).
	* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).		* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).
	* Figure out the 'sboot' file format, and how the included symbols come into play
	* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible).		* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible).
	* Port an EFI implementation to an x86 phone (Asus Z00D).		* Port an EFI implementation to an x86 phone (Asus Z00D).
	* Look into unlock methods for various phones... (I own too many).		* Look into unlock methods for various phones... (I own too many).

Chipmunk at 01:49, 28 June 2025

2025-06-28T01:49:10Z

← Older revision		Revision as of 01:49, 28 June 2025
Line 6:		Line 6:

	Some things I aim to do eventually:		Some things I aim to do eventually:
	* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my Verizon Galaxy Core Prime, AT&T Galaxy S5, and AT&T Samsung Gear S.		* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my <s>Verizon Galaxy Core Prime</s> (probably not vulnerable!), AT&T Galaxy S5, and AT&T Samsung Gear S (vulnerability is questionable due to the different boot image format).
	* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).		* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).
	* Figure out the 'sboot' file format, and how the included symbols come into play		* Figure out the 'sboot' file format, and how the included symbols come into play
	* Use ~~a particular~~ exploit ~~(forgot the URL)~~ to unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible).		* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible).
	* Port an EFI implementation to an x86 phone (Asus Z00D).		* Port an EFI implementation to an x86 phone (Asus Z00D).
	* Look into unlock methods for various phones... (I own too many).		* Look into unlock methods for various phones... (I own too many).

Chipmunk at 18:13, 26 June 2025

2025-06-26T18:13:03Z

← Older revision		Revision as of 18:13, 26 June 2025
Line 5:		Line 5:
	Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024<!-- as of writing this, last year -->, and have since learned many things. I am also still quite new to low-level programming and reverse engineering.		Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024<!-- as of writing this, last year -->, and have since learned many things. I am also still quite new to low-level programming and reverse engineering.

	~~Things~~ I aim to do eventually:		Some things I aim to do eventually:
	* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my Verizon Galaxy Core Prime, AT&T Galaxy S5, and AT&T Samsung Gear S.		* Port [https://github.com/oscardagrach/galaxy_s5_dev_tree_appended_bug galaxy_s5_dev_tree_appended_bug] to my Verizon Galaxy Core Prime, AT&T Galaxy S5, and AT&T Samsung Gear S.
	* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?).		* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!).
			* Figure out the 'sboot' file format, and how the included symbols come into play
	* Use a particular exploit (forgot the URL) to unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible).		* Use a particular exploit (forgot the URL) to unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible).
			* Port an EFI implementation to an x86 phone (Asus Z00D).
	* Look into unlock methods for various phones... (I own too many).		* Look into unlock methods for various phones... (I own too many).

Chipmunk: Created page with "Hello. I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices. Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024