What's new
DroidForums.net | Android Forum & News

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Possible Ways to Crack the Bootloader

droidx8791 said:
I am just learning to theme so im not very knowledgeable on programming at all lol. But when moto releases an ota what file or whatever do they use for the phone to accept it? Is there a way to get what you need from any of that? Probably a stupid noobie thought but I was just thinking in my little brain.

Sent from my DROIDX using DroidForums App
Click to expand...

I think that's the one most likely of doing any good however it requires waiting till gb is released which some people don't want to do.

Sent from my Liberated D2G
 
Well true 13angel but we already had froyo ota and P3droid has a developers dx with gingerbread ( i think)so there is gotta be something. When we got froyo ota our phones had to read some file to acknowledge it was legit. I might not be making any sense cause I don't know anything about the process.

Sent from my DROIDX using DroidForums App
 
I think it just parses your build.prop for ro.fingerprint and device and id, and then checks for all the stock apps... I could just be making that up though.. thats just what I thought...

{{ WugFresh }}
 
WugFresh said:
I think it just parses your build.prop for ro.fingerprint and device and id, and then checks for all the stock apps... I could just be making that up though.. thats just what I thought...

{{ WugFresh }}
Click to expand...

Wouldnt it have to open the bootloader and all that jazz in order to upgrade the kernel to the gingerbread one though? That would require the key to be sent along with the ota update.
 
13th angel said:
WugFresh said:
I think it just parses your build.prop for ro.fingerprint and device and id, and then checks for all the stock apps... I could just be making that up though.. thats just what I thought...

{{ WugFresh }}
Click to expand...

Wouldnt it have to open the bootloader and all that jazz in order to upgrade the kernel to the gingerbread one though? That would require the key to be sent along with the ota update.
Click to expand...

Ahh.. I see what you are saying, yes it would.. but rest assured that key is also encrypted/hidden somehow and also probably not easy to locate on the file. But you are correct... there has to exist something on that file to let it do what it does. I suppose that could be a course of action... I just don't see that being a way to get around the encryption scheme though. It's not like the gb image is gonna have a txt file on it called moto keys.. lol.. I wish though...

{{ WugFresh }}
 
Last edited:
WugFresh said:
13th angel said:
WugFresh said:
I think it just parses your build.prop for ro.fingerprint and device and id, and then checks for all the stock apps... I could just be making that up though.. thats just what I thought...

{{ WugFresh }}
Click to expand...

Wouldnt it have to open the bootloader and all that jazz in order to upgrade the kernel to the gingerbread one though? That would require the key to be sent along with the ota update.
Click to expand...

Ahh.. I see what you are saying, yes it would.. but rest assured that key is also encrypted and also probably not easy to locate on the file. But you are correct... there has to exist something on that file to let it do what it does...

{{ WugFresh }}
Click to expand...

Even if its encrypted its still there. Probably encrypted just as heavily but still, gives another shot at something to crack.
 
13th angel said:
WugFresh said:
13th angel said:
Wouldnt it have to open the bootloader and all that jazz in order to upgrade the kernel to the gingerbread one though? That would require the key to be sent along with the ota update.
Click to expand...

Ahh.. I see what you are saying, yes it would.. but rest assured that key is also encrypted/hidden somehow and also probably not easy to locate on the file. But you are correct... there has to exist something on that file to let it do what it does. I suppose that could be a course of action... I just don't see that being a way to get around the encryption scheme though. It's not like the gb image is gonna have a txt file on it called moto keys.. lol.. I wish though...

{{ WugFresh }}
Click to expand...

Even if its encrypted its still there. Probably encrypted just as heavily but still, gives another shot at something to crack.
Click to expand...

If you're trying to crack the encryption, it won't matter.. either way you are doing hash collisions. Its math not roulette.

{{ WugFresh }}
 
true but its another thing to try lol. By the way, great find on that long post earlier about the SHA - 1 encryption being broken.
 
I agree with the posts above. There is some sort of equation we have to find that Motorola uses for encryption. I wrote an encryption program last year and math is how it works.
 
Im with the guys up top. I don't think this thing will be cracked by anyone. Its like looking for one grain of sand on every beach on the world. I just hope there is a leak when this thing hits eol.

Sent from a galaxy far far away......
 
WugFresh said:
SHA-1 encryption has been broken by a team of researchers; Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu, and apparently they have been shadily distributing their paper, but its not readily publicly available. They used hash collisions to break the encryption. I personally know calculus, differential equations, greens and stokes theorem, and linear albegra, but this type of math is still way over my head. From my limited understanding on this...hash collisions would be the only real way to actually crack the encryption (vs. bypass, or the work you have been doing..), and considering that it has already been done, then I suppose that makes it a viable solution. I don't know if a team of researchers from Shandong University in China would care enough about the android hacker community to share their findings... but I suppose anything is possible. If in fact they were willing to share this information, the function could be used in a powerful computational program such as Maple, Matlab, or Mathmatica, to generate the private keys... but I think you might need the public key..? Like I said...I really only have a surface-level understanding of whats involved.
Click to expand...

Well RSA is just linear algebra, as it SHA-*. It's just linear algebra on a vector quantity or matrix instead of a single number.

I have been looking into hash collisions, but I'm not sure how viable it would be to pad our modded bootloader with 0x00's to actually collide.
 
All I can say is that I hope this thing gets cracked and whoever does it or gets a hold of a leaked sbf that is unlocked will get a fat donation cause I just got this thing cause my wife is a tight a** and wouldn't let me get a tb.

Sent from a galaxy far far away......
 
aliasxerog said:
WugFresh said:
SHA-1 encryption has been broken by a team of researchers; Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu, and apparently they have been shadily distributing their paper, but its not readily publicly available. They used hash collisions to break the encryption. I personally know calculus, differential equations, greens and stokes theorem, and linear albegra, but this type of math is still way over my head. From my limited understanding on this...hash collisions would be the only real way to actually crack the encryption (vs. bypass, or the work you have been doing..), and considering that it has already been done, then I suppose that makes it a viable solution. I don't know if a team of researchers from Shandong University in China would care enough about the android hacker community to share their findings... but I suppose anything is possible. If in fact they were willing to share this information, the function could be used in a powerful computational program such as Maple, Matlab, or Mathmatica, to generate the private keys... but I think you might need the public key..? Like I said...I really only have a surface-level understanding of whats involved.
Click to expand...

Well RSA is just linear algebra, as it SHA-*. It's just linear algebra on a vector quantity or matrix instead of a single number.

I have been looking into hash collisions, but I'm not sure how viable it would be to pad our modded bootloader with 0x00's to actually collide.
Click to expand...

Well then I have a solid understanding of all of the components involved if that's really what it is... and I think I still have my Matlab textbook somewhere in my room in the rubble.. lol. The problem is I lack understanding on the android end.. like where are the input values coming from? Your understanding of linux vs mine is very different... you are on a whole other level than me. My understanding of the way the recovery works and all that is very limited.. But if I don't have to understand any of that ridiculousness, and I am just presented with input values and a really difficult math problem... I certainly could take a stab at it.. I also am presently at college so there are plenty of graduate students I could hit up if I were completely lost. I'm just not a legit programmer like you are.. I know a little.. enough to do the things I have tried to build.. but I followed what you have been doing and that stuff is completely foreign to me.

I can offer my brain for math.... as for the rest.. I really am lost.

I don't understand how the bootloader actually works... so the second part of your post is hard for me to understand.

{{ WugFresh }}
 
Last edited:
You must log in or register to reply here.

Similar threads

I
Possible way to unlock the bootloader! Here me out on this!
Replies
4
Views
3K
Graymayre
G
A
Twitter and Motorola's Stance
2 3 4
Replies
54
Views
11K
aliasxerog
A
A
Let's start trying to crack the bootloader!
Replies
11
Views
6K
jtsativa420
J
M
Motorola's bootloader allegedly cracked!
Replies
1
Views
4K
mohitrocks
M
R
Cracked my screen today :(
Replies
6
Views
3K
captdroid
C
Back
Top