User:Chipmunk: Difference between revisions
From Somewhat Obscure Computing
Jump to navigationJump to search
sboot doesnt actually have symbols afaik, it just has lots of logging with format strings with function parameters... also j3 prime seems unlockable via param partition |
No edit summary |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices. | I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices. | ||
Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024 | Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024, and have since learned many things. I am also still quite new to low-level programming and reverse engineering. | ||
Some things I aim to do eventually: | Some things I aim to do eventually: | ||
* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!) ''(some reversing work done)''. | |||
* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!). | * Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki) ([https://code.chipmunk.land/chipmunkmc/osmium.git done] except for steady). | ||
* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible). | |||
* Port an EFI implementation to an x86 phone (Asus Z00D). | * Port an EFI implementation to an x86 phone (Asus Z00D). | ||
* Write a tool to ''reliably'' exploit [[wikipedia:Dirty Cow|Dirty Cow]], preferably ''without'' touching <code>/system</code> and escalating to the ''init'' context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out). | |||
* Look into unlock methods for various phones... (I own too many). | * Look into unlock methods for various phones... (I own too many). | ||
Latest revision as of 02:55, 9 March 2026
Hello.
I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices.
Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024, and have since learned many things. I am also still quite new to low-level programming and reverse engineering.
Some things I aim to do eventually:
- Reverse engineer Samsung's reactivation lock (
libterrier.so?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!) (some reversing work done). - Use an exploit to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the
steadypartition on the wiki) (done except for steady). - Port an EFI implementation to an x86 phone (Asus Z00D).
- Write a tool to reliably exploit Dirty Cow, preferably without touching
/systemand escalating to the init context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out). - Look into unlock methods for various phones... (I own too many).
