User:Chipmunk: Difference between revisions
From Somewhat Obscure Computing
Jump to navigationJump to search
the phone also checks for a value derived from the steady partition, which appears to be signed |
No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices. | I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices. | ||
Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024 | Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024, and have since learned many things. I am also still quite new to low-level programming and reverse engineering. | ||
Some things I aim to do eventually: | Some things I aim to do eventually: | ||
* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!) ''(some reversing work done)''. | |||
* Reverse engineer Samsung's reactivation lock (<code>libterrier.so</code>?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!). | * Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki) ([https://code.chipmunk.land/chipmunkmc/osmium.git done] except for steady). | ||
* Use [https://i.blackhat.com/USA-20/Wednesday/us-20-Chao-Breaking-Samsungs-Root-Of-Trust-Exploiting-Samsung-Secure-Boot.pdf an exploit] to tethered unlock my Galaxy J3 Prime and/or my Galaxy J3 Orbit (if possible) (also document the <code>steady</code> partition on the wiki). | |||
* Port an EFI implementation to an x86 phone (Asus Z00D). | * Port an EFI implementation to an x86 phone (Asus Z00D). | ||
* Write a tool to ''reliably'' exploit [[wikipedia:Dirty Cow|Dirty Cow]], preferably ''without'' touching <code>/system</code> and escalating to the ''init'' context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out). | |||
* Look into unlock methods for various phones... (I own too many). | * Look into unlock methods for various phones... (I own too many). | ||
Latest revision as of 02:55, 9 March 2026
Hello.
I created this wiki, originally as a place for me to document useful information I find about various hardware. This was actually going to be a personal wiki originally, however I realized the wiki would potentially be much more useful if others could add information. Who knows, maybe someday, it might document high amounts of devices.
Also, I am actually fairly new to the Android device hacking scene. I began looking into it in 2024, and have since learned many things. I am also still quite new to low-level programming and reverse engineering.
Some things I aim to do eventually:
- Reverse engineer Samsung's reactivation lock (
libterrier.so?) and document it (that's where the 'obscure' in 'Somewhat Obscure Computing' comes from - I doubt this feature is well documented!) (some reversing work done). - Use an exploit to tethered unlock my Galaxy J3 Prime, Galaxy J7 Prime and/or my Galaxy J3 Orbit (if possible) (also document the
steadypartition on the wiki) (done except for steady). - Port an EFI implementation to an x86 phone (Asus Z00D).
- Write a tool to reliably exploit Dirty Cow, preferably without touching
/systemand escalating to the init context (for legacy devices of course) (also, can I easily write process memory? I suppose I will find out). - Look into unlock methods for various phones... (I own too many).
