Thanks to a tip for another device, the full schematics are available for many Samsung models, including the GT-I9100. Just Google for this:
gt-i9100 svcm final anyservice
However, the resulting PDF file has some kind of spooky Fasoo encryption, that is used for DRM and to track file usage. I have no idea how to use or extract it? Any ideas?
Code:
[SIZE=2]<!-- FasooSecureContainer - Ver. 3.0.01 -->[/SIZE]
Related
Some of you already know me from the MiTAC Scoter device comunity (offered as Mio A701, Mio A700, Medion MDSP1000 and Medion MD95856). We have been researching a lot and now we have the same amount of control over our device than you have over your HTC devices. I even build a nice kitchen based on the Bepe's Kitchen, very similar but adapted to our device and drivers.
It seems that WM5 is capable of safely upgrade the ROM by package instead of doing a full CEimage flash. We already knew that when we finally were able to acces the SRPX segments. SRPX is the new compressed format for the XIP chains, used in recent designed devices. The first one, SRPX0, was the Update Loader (UL) and the second, SRPX1, the upgradeable OEM Kernel (KN) segment.
I was researching on how to relocate modules in order to avoid module overlaps when I found 5 interesting patents by M$. Yes, they describe the Upgrade Loader, the format of DSM files, PKG, PKU, PKS and the MSFLSH50 image format specification. It seems that they have designed 3 kind of upgrade files, they can upgrade the ROM image package by package offering full package replacement, incremental replacement or both.
I have uploaded the text files in HTML and the original applications in PDF format to ShareBig. So you can get all the info from a single download point:
http://tinyurl.com/y6cnpy
Enjoy!
Oki
Thanks for sharing.
This could do a lot for the community!
Cheers and Happy New Year!!!
Oki said:
I have uploaded the text files in HTML and the original applications in PDF format to ShareBig. So you can get all the info from a single download point:
http://tinyurl.com/y6cnpy
Enjoy!
Oki
Click to expand...
Click to collapse
Sorry, but seems like this URL is not working now. Can you re-upload these files anywhere? Thanks in advance!
No download from this url.
Anybody can upload it?
I'm not sure if the Wizard forum has particular trouble with virii/trojans or maybe I just notice it more but I thought I would cross-post a thread I started in the General section.
Howto verify uploads and downloads
I'll respond here as i seem to only fly around the Wizard forums...
How will this actually help? I don't mind a uploader posting an MD5 hash or SFV file to verify the file is what they uploaded, but if they are attaching it to the forum post or providing a direct link to the file on their server (or another server) then it wouldn't be tampered with. This kind of protection is only useful then you have a large number of mirror sites. As in the case of a virus or trojan it wouldn't detect that in any way...
It would only tell us that the file is what the uploader says it is. To that regard we end up still having to put a lot of trust in the uploader...
As I said I don't mind an uploader posting a hash, but in the context of what you're promoting it for I think it is useless...
You are right, for attached files the problem is already solved. However files available from 3rd party sites (rapidshare, etc) are not necessarily uploaded by the author. Often the author's rapidshare link (for example) may be broken so users end up sourcing the file elsewhere.
I believe it will help because the files being 'impersonated' seem to be popular files from recognised users such a mUn, Faria, and so on. In this instance the author has a reputation attributed to them. What file verification does is associates a certain file with that author. Forum users should already be evaluating the legitimacy of an upload based on the user. Someone with 1 post uploading a ROM should not be as trusted as someone known in the forum.
In the recent case of ShellTool being replaced I believe a hash would work. In this instance a trusted forum user uploaded a tool but duplicate copies were made available. Had the file being identified as different to the trusted version based on checksum it should have cast doubt on its legitimacy.
The problems found here are usually caused by people going to XDA FTP and downloading stuff based on their names directly, not with respect with any post, hence MD5 will not help much in this situation. And, when certain software were suggested on the forum, somehow, some people tend to look at FTP instead of the forum.
ANYWAY, using MD5 is good if people dont find it troublesome to take the extra security precaution. Still, I hope that people will at least state their file size of their uploaded file. It is unlikely to have a functional EXE with the same file size while performing totally different thing (at least it is not easily done).
Hi,
I've found this today:
http://klaig.blogspot.com/2011/05/running-gentoo-linux-as-chroot-on.html
Happy emerging!!! ;-)
htop
emerged htop and love to have tap-comp...
He also makes a how-to for cross-compiling... ;-)
http://klaig.blogspot.com/2011/05/speedup-compilation-with-distcc-cross.html
yay!
I basically did what he did except I created a file and used that as a disk to avoid needing to dedicated an entire card to it and placed it on the internal storage.
When I try and emerge something, screen for example, it doesn't like the local file:
('Filesize does not match recorded size', 352L, 840602)
and of course it fails when it tries to fetch. While it would be nice to fix the checksum errors, it would be even nicer to allow it to actually be able to open up sockets. Is there any way to enable this functionality?
Anyone installed X yet?
Tip for emerge latest binutils:
add the file /etc/portage/package.accept_keywords with the following
Code:
sys-devel/binutils ~arm
padanfain said:
yay!
I basically did what he did except I created a file and used that as a disk to avoid needing to dedicated an entire card to it and placed it on the internal storage.
When I try and emerge something, screen for example, it doesn't like the local file:
('Filesize does not match recorded size', 352L, 840602)
and of course it fails when it tries to fetch. While it would be nice to fix the checksum errors, it would be even nicer to allow it to actually be able to open up sockets. Is there any way to enable this functionality?
Anyone installed X yet?
Click to expand...
Click to collapse
Do you have set the FEATURES="-userfetch" in your make.conf?
Do you have tried it with a real sd?
x and vnc-server is working. Now I am on enlightenment(http://enligthenment.org/)...
Moved to general, as the guide is not hosted on XDA. Thanks for sharing, though!
Hi,
I am going to add notes relating to investigations into the possibility of customising the firmware on this MiFi device.
Observations:
As seen elsewhere there is a link to some firmware on the German Huawei site. By running the installer and then inspecting the contents of the temp dir (I did this under wine) one finds .wine/drive_c/users/dan/Temp/<random name>
Within a sub-folder in there is a 60ish Meg .exe named UpdateWizard.exe, within this lots if strings relating to the flashed firmware can be seen, including the html for the web admin page etc.
Both the firmware and nmap will show the kernel 2.6.35, and the firmware reveals its an android build, running on ARM.
So, any good company should be honouring the GPL, a quick search "huawei gpl source", sure enough turns up a link, though this forum wont let me post it
From here a .rar of the kernel drivers, (though wifi seems omitted ?), wpa_supplicant source etc. can be found.
As yet I am still looking for an easy "way in" to the device, it would be convenient if dropbear/telnetd could be launched if loaded onto an inserted microSD. Some exploit or hidden functions in the webserver binary would seem like an obvious place to start.
What does this AT command do?
AT^SDLOAD - looks like it may load factory defaults.
busybox was built with telnetd, it just needs starting somehow.
Would anyone be willing and able to create a dump of a clean Windows 10 for Phones system image and share it with me? I searched around in the installation for non-supported devices threads, but did not see a reference to anything.
An FFU image extracted from the updater would also work, thanks in advance!
Why is that?
I see.
But at least it's possible, even if not very probable.
Although, we should check if we can use WinRAR, since it's possible to edit the images without breaking the signiture.
Assuming we have a signed image.
Not possible. There are many threads trying to achieve what you're hoping to do with cabs and such, and it's not possible when the bootloaders are signed and damn near everything in the system requires a signed cert.
But how does that prevent us from opening and modifying them with WinRAR?
Even if we can't boot the new files, it's still a step.
So open it with WinRAR, if possible.
At least to get an idea of the structure of the OTA, that peice of information may help us form an idea as to at least part of the structure of the system.
It's better to have (theoretical) partial read access, than no access at all.
feherneoh said:
FFU is not OTA
Click to expand...
Click to collapse
Alright, but can you open it inside WinRAR?
Now we're talking, what we need now is someone to examine the partitions and their layouts.
Unfortunately , I'm not at that level but at least I can understand these things, so I would like to hear the results.
Is anyone exporting the partitions yet?
Unfortunately, I don't know the partition layout in Windows 10 Mobile, but perhaps they should all be exported and examined?
Not for myself, however I had thought that it may help others attempting to port Windows 10 Mobile in the future.
you can try to download MI4 rom
http://en.miui.com/thread-189556-1-1.html