| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The data at the end of the PIT was removed.
The PIT was first obtained with:
$ sudo heimdall download-pit --output GT-I9515.pit
But if we use hexdump on it we have:
$ hexdump -C GT-I9515.pit
000010e0 73 67 70 74 2e 69 6d 67 00 00 00 00 00 00 00 00 |sgpt.img........|
000010f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00001120 [some random data]
[...]
00001210 [last line of random data with non-zero at the end]
00001220 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00002000
Since the user that provided me that PIT only gave me the permission
to upload it without that additional data, I minimized the PIT before
adding in git.
The last string before the random data is this here:
000010e0 73 67 70 74 2e 69 6d 67 00 00 00 00 00 00 00 00 |sgpt.img........|
So if we take the first 0x10e8 bytes, we get a file that ends with '73
67 70 74 2e 69 6d 67', and don't have the following zeros.
0x10e8 is 4328 bytes:
$ python3
Python 3.9.9 (main, Jan 1 1970, 00:00:01)
[GCC 10.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> 0x10e8
So we simply use dd to extract the first 4328 bytes:
$ dd if=GT-I9515.pit of=16G.pit count=4328 bs=1
4328+0 records in
4328+0 records out
4328 bytes (4.3 kB, 4.2 KiB) copied, 0.0658494 s, 65.7 kB/s
And we then compare with the text obtained with heimdall print-pit on
the original file:
$ heimdall print-pit --file GT-I9515.pit > GT-I9515.txt
$ heimdall print-pit --file 16G.pit > 16G.txt
$ cmp 16G.txt GT-I9515.txt
16G.txt GT-I9515.txt differ: byte 10694, line 516
We repeated that process while increasing the file size until it
reached 4333, and that point 16G.txt GT-I9515.txt became identical:
$ rm -f 16G.pit
$ dd if=GT-I9515.pit of=16G.pit bs=1 count=4333
$ heimdall print-pit --file 16G.pit > 16G.txt
$ cmp 16G.txt GT-I9515.txt
And at end we had the following file sized:
$ du -b *
4333 16G.pit
10695 16G.txt
8192 GT-I9515.pit
10695 GT-I9515.txt
We also tested the installation of a recovery with heimdall on that
device.
For some reasons, LineageOS and /e/ installation instructions for that
device both tell to use odin to install a recovery, but they don't
mention heimdall at all.
And using the following command and then trying to boot in the
recovery didn't work:
$ sudo heimdall flash --RECOVERY /path/to/recovery.img --no-reboot
But installing the recovery to BOOT as well worked fine without any
issues:
$ sudo heimdall flash \
--BOOT /path/to/recovery.img \
--RECOVERY /path/to-recovery.img
After that, at boot it printed a text probably to inform the user that
the bootloader was unlocked, and it loaded the recovery fine. A
community Android distribution was then installed and it worked fine.
That device ran the stock Android distribution (I don't remember the
version though) and we didn't have to do any OEM unlocking.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
| |
This enables to reuse the certificate with scripts directoy in
the Replicant source code.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
| |
The /proc/mtd file has been extracted from two different devices and the
exact same file was produced: the files were compared with the 'cmp'
command and their content was identical.
Both were obtained with 'adb pull /proc/mtd' under Replicant 4.2 0004.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
| |
The GPT has been extracted from two different devices and the exact same 3
files were produced: the files were compared with the 'cmp' command and
their content was identical.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
| |
Given the address, we can safely assume that the backup GPT was
not backuped as it's supposed to be at the end of the block device.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
That device was shipped with Android 2.3.6 and it has not been
updated to the new Stock OS versions.
Among other information, the bootloader download screen shows the
following:
ODIN MODE
PRODUCT NAME: GT-I9100G_CHN_CHN
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the 16G.pit file we have the following information:
- Device variant: GT-I9305
- eMMC size: 16G
- Data at 0xA6C:
0000 0A4C: 72 65 6D 61 69 6E 65 64 00 00 00 00 00 00 00 00 remained ........
0000 0A5C: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
0000 0A6C: 7B 99 2D 9E F9 FA 12 39 08 2D 43 69 29 C5 54 EB {.-....9 .-Ci).T.
With another PIT we have differences starting at 0x85C:
- Device variant: GT-I9305
- eMMC size: 16G
- ro.bootloader: I9305XXSFQD1
- Data at 0xA6C:
0000 0A4C: 72 65 6D 61 69 6E 65 64 00 00 00 00 00 00 00 00 remained ........
0000 0A5C: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
0000 0A6C: 32 62 8B D1 9F 21 FC 70 E7 A2 AB 4F B9 84 57 43 2b...!.p ...O..WC
I've no idea what that data is, so it's better to remove it as it may
contain data that is either privacy or security sensitive or data that
we may not be able to redistribute.
The comparison was done with vbindiff and stripping the data was
achieved with the following commands:
$ dd if=16G.pit of=new.pit count=2668 bs=1
$ mv new.pit 16G.pit
The output of 'heimdall print-pit --file' is exactly the same between the
old 16G.pit, the new one, and all other PITs mentioned above.
Once stripped, all the PITs were identical bit by bit. This was verified
with the cmp command.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the 16G.pit file we have the following information:
- Device variant: GT-I9300
- eMMC size: 16G
- Data at 0x85C:
0000 083C: 72 65 6D 61 69 6E 65 64 00 00 00 00 00 00 00 00 remained ........
0000 084C: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
0000 085C: 5D C7 0A F1 25 B1 B9 7A 86 DA CA DB AD 08 1B 07 ]...%..z ........
With another PIT we have differences starting at 0x85C:
- Device variant: GT-I9300
- eMMC size: 16G
- ro.bootloader: I9300XXUGOF1
- gsm.version.baseband: I9300XXUGNB1
- Data at 0x85C:
0000 083C: 72 65 6D 61 69 6E 65 64 00 00 00 00 00 00 00 00 remained ........
0000 084C: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
0000 085C: 46 05 D4 53 B4 3E 69 B8 B8 D9 FD 9E E6 4B B4 A9 F..S.>i. .....K..
With yet another PIT we also see differences starting at 0x85C:
- Device variant: GT-I9300
- eMMC size: 16G
- ro.bootloader: I9300XXELLC
- gsm.version.baseband: I9300XXELKB
- Data at 0x85C:
0000 083C: 72 65 6D 61 69 6E 65 64 00 00 00 00 00 00 00 00 remained ........
0000 084C: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
0000 085C: 66 E7 66 D2 BF FC 42 53 FA 58 5F FB CF 5B 24 DA f.f...BS .X_..[$.
And with yet another PIT we still see differences starting at 0x85C:
- Device variant: GT-I9300
- eMMC size: 16G
- ro.bootloader: I9300XXUGMK6
- gsm.version.baseband: I9300XXUGMK6
- Data at 0x85C:
0000 083C: 72 65 6D 61 69 6E 65 64 00 00 00 00 00 00 00 00 remained ........
0000 084C: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
0000 085C: B0 A1 A0 D7 8C BC EB 63 C1 1A 14 77 5E A8 D6 DF .......c ...w^...
I've no idea what that data is, so it's better to remove it as it may
contain data that is either privacy or security sensitive or data that
we may not be able to redistribute.
The comparison was done with vbindiff and stripping the data was
achieved with the following commands:
$ dd if=16G.pit of=new.pit count=2140 bs=1
$ mv new.pit 16G.pit
The output of 'heimdall print-pit --file' is exactly the same between the
old 16G.pit, the new one, and all other PITs mentioned above.
Once stripped, all the PITs were identical bit by bit. This was verified
with the cmp command.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
| |
Signed-off-by: David Ludovino <dllud@riseup.net>
|
|
|
|
| |
Signed-off-by: David Ludovino <dllud@riseup.net>
|
|
|
|
|
|
|
|
| |
This PIT was created by GrimKriegor in order to permit the setup of an
encrypted emulated storage. Details can be found at:
https://redmine.replicant.us/boards/39/topics/13707
Signed-off-by: David Ludovino <dllud@riseup.net>
|
|
|
|
| |
Signed-off-by: David Ludovino <dllud@riseup.net>
|
|
|
|
| |
Signed-off-by: David Ludovino <dllud@riseup.net>
|
|
|
|
|
|
| |
Facilitates organization into models and stock vs custom PIT files.
Signed-off-by: David Ludovino <dllud@riseup.net>
|
|
|
|
|
|
|
| |
This has been obtained with heimdall download-pit on a device running
the unmodified stock OS.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|