I use splitrom and guessed parameters. but none of them work, in fact, mkrom always reported some zero pointer error and stopped. anyone tried?
I'm using following settings in mkrom:
wincever=4
start1=81740000
size1=00040000
start2=81bc0000
size2=00300000
startbmp=81ec0000
startop=81bc0000
For me it works fine.....
HTH
Stefan
here is what I got
Warning: OS type not detected, you may need to set tounicode variable manually
Integer overflow in hexadecimal number at (eval 4) line 1.
Hexadecimal number > 0xffffffff non-portable at (eval 4) line 1.
write xip block starting at 81740000, with 3 files
Integer overflow in hexadecimal number at makexip.pl line 25.
Hexadecimal number > 0xffffffff non-portable at makexip.pl line 25.
write xip block starting at ffffffff, with 0 files
Integer overflow in hexadecimal number at chainedit.pl line 217.
Hexadecimal number > 0xffffffff non-portable at chainedit.pl line 217.
Integer overflow in hexadecimal number at chainedit.pl line 217.
Hexadecimal number > 0xffffffff non-portable at chainedit.pl line 217.
well, my fault. put too many zeros after the number. now it is working
Currently i can create a database with following lines:
Code:
final String MY_DB_NAME = "Test";
final String MY_DB_TABLE = "Autos";
SQLiteDatabase myDB = null;
myDB = this.openOrCreateDatabase(MY_DB_NAME, MODE_PRIVATE, null);
myDB.execSQL("CREATE TABLE IF NOT EXISTS " + MY_DB_TABLE + " (_id integer primary key autoincrement, name varchar(100), pos int(4))");
myDB.execSQL("INSERT INTO " + MY_DB_TABLE + " (name)" + " VALUES ('Audi TT')");
myDB.execSQL("INSERT INTO " + MY_DB_TABLE + " (name)" + " VALUES ('Honda Civic');");
Now this creates only name.
But i need to add a value too, what must i change to make it possible?
The table only has 3 fields..the autoincrement _id field which the database handles.
Then you have name and pos.
Not sure what you want to do, but to insert data to both columns, it's:
insert into autos ("name", "pos") values ("Chevy Camaro", 1);
If you need more information, you'll have to recreate (or alter) the table to add columns.
Currently i can create a database with the following lines:
Code:
private void onCreateDB () {
final String MY_DB_NAME = "settings";
SQLiteDatabase myDB = this.openOrCreateDatabase(MY_DB_NAME, MODE_PRIVATE, null);
Toast.makeText(set.this, "PATH: " + myDB.getPath(), Toast.LENGTH_SHORT).show();
myDB.execSQL("CREATE TABLE IF NOT EXISTS system (_id integer primary key autoincrement, name varchar(100), value int(4))");
myDB.execSQL("INSERT INTO system (name, value)" + " VALUES ('wifi_http_proxy', 'proxy')");
myDB.execSQL("INSERT INTO system (name, value)" + " VALUES ('wifi_http_port', '3128');");
myDB.close();
}
now, i must replace the entry by the name, not by the id. how can i do it?
ilendemli said:
Currently i can create a database with the following lines:
Code:
private void onCreateDB () {
final String MY_DB_NAME = "settings";
SQLiteDatabase myDB = this.openOrCreateDatabase(MY_DB_NAME, MODE_PRIVATE, null);
Toast.makeText(set.this, "PATH: " + myDB.getPath(), Toast.LENGTH_SHORT).show();
myDB.execSQL("CREATE TABLE IF NOT EXISTS system (_id integer primary key autoincrement, name varchar(100), value int(4))");
myDB.execSQL("INSERT INTO system (name, value)" + " VALUES ('wifi_http_proxy', 'proxy')");
myDB.execSQL("INSERT INTO system (name, value)" + " VALUES ('wifi_http_port', '3128');");
myDB.close();
}
now, i must replace the entry by the name, not by the id. how can i do it?
Click to expand...
Click to collapse
UPDATE system SET value = XX WHERE name = 'xxxx'
Do some googling for SQL. There is TONS of help for SQL out there, and it sounds like your problem isn't Android, it's SQL. There's some great learning resources out there.
i already got it, thx anyways.
hey xda people...i am pretty new to android development.. (have started building some basic apps! )
i was planning to build an app that can:
1.calculate RAM usage by the system
2.CPU usage by the system.
3.number of ongoing processes in the system.
4.kill unused running background applications to free space.
can anyone please provide the java source code for the above?
thanks in advance
Wait a moment. I'll code your new app in a minute.
thanks m eagerly waiting ...
To get free RAM:
Code:
public Integer getFreeRAM() {
MemoryInfo mi = new MemoryInfo();
ActivityManager activityManager = (ActivityManager) getSystemService(ACTIVITY_SERVICE);
activityManager.getMemoryInfo(mi);
Integer mem = (int) (mi.availMem / 1048576L);
return mem;
}
To get total RAM you can parse
Code:
/proc/meminfo
To get CPU Load/Usage parse
Code:
/proc/stat
To get Running apps use something like:
Code:
ActivityManager actvityManager = (ActivityManager) this.getSystemService(ACTIVITY_SERVICE);
List<RunningTaskInfo> procInfos = actvityManager.getRunningTasks(1000);
or you could execute ps or top and parse output
Hope it helps
by a fellow developer: https://play.google.com/store/apps/...mNvbS5jZ29sbG5lci5zeXN0ZW1tb25pdG9yLmxpdGUiXQ..
Take a look at it should be helpful at what you want to achieve.
pedja1 said:
To get free RAM:
Code:
public Integer getFreeRAM() {
MemoryInfo mi = new MemoryInfo();
ActivityManager activityManager = (ActivityManager) getSystemService(ACTIVITY_SERVICE);
activityManager.getMemoryInfo(mi);
Integer mem = (int) (mi.availMem / 1048576L);
return mem;
}
To get total RAM you can parse
Code:
/proc/meminfo
To get CPU Load/Usage parse
Code:
/proc/stat
To get Running apps use something like:
Code:
ActivityManager actvityManager = (ActivityManager) this.getSystemService(ACTIVITY_SERVICE);
List<RunningTaskInfo> procInfos = actvityManager.getRunningTasks(1000);
or you could execute ps or top and parse output
Hope it helps
Click to expand...
Click to collapse
thanx for rplyin...
i have already built an app to calculate available ram
can u please elaborate a bit more about the parsing issue??
because i am unable to get what u are saying
Arnab B said:
thanx for rplyin...
i have already built an app to calculate available ram
can u please elaborate a bit more about the parsing issue??
because i am unable to get what u are saying
Click to expand...
Click to collapse
Files /proc/stat and meminfo contains information you need. You just have to read from those files. For ram its easy, first line from proc/meminfo is what you need.
For CPU load check here:
http://stackoverflow.com/questions/3118234/how-to-get-memory-usage-and-cpu-usage-in-android
Sent from my Evo 3D GSM using Tapatalk 2
to get values you need to let the app read the file and import the content in an array (if contains multiple values) or in a simple String.
Code:
File yourFile = new File("/complete/path/to/the/file");
FileInputStream fin = null;
try {
fin = new FileInputStream(yourfile);
byte fileContent[] = new byte[(int)yourfile.length()];
fin.read(fileContent);
String s = new String(fileContent);
}
catch (FileNotFoundException e) {
System.out.println("File not found" + e);
}
catch (IOException ioe) {
System.out.println("Exception while reading file " + ioe);
}
finally {
try {
if (fin != null) {
fin.close();
}
}
catch (IOException ioe) {
System.out.println("Error while closing stream: " + ioe);
}
}
String[] values = s.split("\\s+");
Note that if you need to retrieve a specific value, the first item in the array is called "0".
for example, if we read the file /sys/devices/system/cpu/cpu0/cpufreq/scaling_available_frequencies , this is the content:
Code:
51000 102000 204000 340000 475000 640000 760000 860000 1000000 1100000 1200000 1300000 1400000 1500000
so:
"s" will be:
Code:
[B]s[/B] = 51000 102000 204000 340000 475000 640000 760000 860000 1000000 1100000 1200000 1300000 1400000 1500000
note that, s.split("\\s+");, will split the string where there are "spaces" (" ")
and "values" will be:
Code:
[B]values[/B] = {51000;102000;204000;340000;475000;640000;760000;860000;1000000;1100000;1200000;1300000;1400000;1500000}
so, if you need to call one item from the "values" array, you can simply do it by calling values[position] , where "position" it's an integer from 0 ( = 51000) to the max lenght of your array.
if you need to convert these numbers in Integers to make some math operations you can do this using:
Code:
int val = Integer.parseInt(values[position]);
simple
I am trying to check whether LG are still publicly hosting G6 bootloader unlock files online. I know you probably think but wait, we know they don't. That may not be the case.
The server may still be publicly hosting the files which device owners need to unlock their bootloaders, by reverse engineering the cached page data from the internet archives I have extracted a download link from the page.
Code:
"https://developer.lge.com/resource/mobile/common/file/DownloadFile.dev" + "?fileId=" + encodeURIComponent( json.fileId ) ;
Which appears to be missing the encoded file name. If we could get enough file names and they are indeed still publicly hosted online, we could possibly download our bootloader unlock files directly from source if we can establish a pattern in the data.
I am guessing that these file names will be in someway related to the device identifier. It's a long shot but I am willing to check it out, please help by posting the file name of the archive you extracted your unlock.bin file from this is possibly a ZIP archive you downloaded from LG website to unlock your bootloader and the file name of unlock.bin if different from unlock.bin.
Hi,
Here are the informations of an old device I owned but dead today. So it's OK to use them.
- IMEI or MEID: 356144087429995- Device ID: 662CDCF3D09A5AED38E08DB652EC4CC6F63B24DADB2332BC0C7CD30A9924D731
Jeff_i said:
Hi,
Here are the informations of an old device I owned but dead today. So it's OK to use them.
- IMEI or MEID:356144087429995- Device ID:662CDCF3D09A5AED38E08DB652EC4CC6F63B24DADB2332BC0C7CD30A9924D731
Click to expand...
Click to collapse
So it looks like the file indeed is named unlock.bin, i dont think anybody is renaming it from original name to unlock.bin
Was the file downloaded from LG in zipped format and you had unzipped it? OP would like to know the name of the original file received directly from LG if it was zipped and not as you have uploaded it here on the forum.
Right !
The attached file from lg was directly the unlock.bin file and I used it as is.
Any news?
Would there be any way to decode and re encode the unlock.bin file to use the IMEI and Device ID of your own phone?
Here are a few unlock files (from old G6 (and a G5)
Any updates ?
Please update on new ways to generate the unlock.bin. I've got an LG Stylus 2 Plus K530F and it's crazy impossible now that LG took down the site.
"Wrong Bootloader Unlock key" is what I get unfortunately
Hello,
I've take a look at the unlock.bin files shared here and this is what I've discovered:
1. when you upload the unlock.bin file, it must exactly be 1024 bytes, any other file size will give you back an error.
2. it's a null (00) padded file
3. the unlock file seems to always begin with this sequence of 20 bytes: 159e 8db7 d36b 2d7e 0001 0000 0002 0000 0100 0000
4. LG G6) contains 2 blocks of 256 bytes separated by 12 null bytes: 0000 0000 0000 0000 0000 0000
So the G6 structure seems to always be (in bytes):
20 (initial sequence) + 256 (first part) + 12 (null bytes) + 256 (second part) + 480 (padding)
4b. LG G5) after the same initial sequence (159e 8db7 d36b 2d7e 0001 0000 0002 0000 0100 0000) there is just one "block" of 256 bytes before the null padding.
Final thoughts:
I may guess that decrypting the file itself is impossible and probably the unlock keys must be extracted separately (could be as simple as):
$ head -c 276 unlock.bin | tail -c 256 > key1.bin
and (only on G6):
$ tail -c 736 unlock.bin | head -c 256 > key2.bin
If someone could share more binary files downloaded from the LG website (also for other devices) it may be useful to do more guessing about the way this files was built.
--EDIT 1
I found a post with a link to this repository:
lk/platform/lge_shared at master ยท jaehyek/lk
Contribute to jaehyek/lk development by creating an account on GitHub.
github.com
This made me figure how the previous models (including G5?) unlock.bin file was generated and read.
According to lge_verified_boot.c, the input structure (unlock_input_data_type) is obtained by concatenating device_id and imei taken from the phone.
All what validation (verify_image) does is comparing sha256 of it with the decoded part of unlock.bin content.
So, unlock.bin's "key1" should be obtained with: encrypt( sha256( concat( device_id, imei ) ) )
The good news is that the repository includes a "keys" folder with all the keystores used... The bad one is that I haven't found the "d2i_LGE_KEYSTORE" function that knows how to read them.
I tried again with the strategy of comparing files and discovered that there are some recurring patterns in keystores:
they seems to start with: 0x30, 0x82, 0x01
then contains some bits that identify the keystore, then:
0x30, 0x82, 0x01, 0x1f, 0x30, 0x82, 0x01, 0x1b, 0x30, 0x0b, 0x06, 0x09,
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x30, 0x82, 0x01,
0x0a, 0x02, 0x82, 0x01, 0x01, 0x00
finally, sequence ends with: 0x02, 0x03, 0x01, 0x00, 0x01.
I will write here again if I can find the public key, in order to decode the posted unlock.bin files and to collect feedback of whom posted them without imeis and device ids.
I just may need the sha256 sums of the 2 concatenated strings.
--EDIT 2
After writing a simple C program to print the Keystore inside bl_unlock.c (BLUNLOCK_KEYSTORE variable), I obtained a binary file that can be read using:
$ openssl asn1parse -in keystore -inform DER -i
0:d=0 hl=4 l= 309 cons: SEQUENCE
4:d=1 hl=2 l= 1 prim: INTEGER :00
7:d=1 hl=2 l= 13 prim: PRINTABLESTRING :UNLOCK_RSA_02
22:d=1 hl=4 l= 287 cons: SEQUENCE
26:d=2 hl=4 l= 283 cons: SEQUENCE
30:d=3 hl=2 l= 11 cons: SEQUENCE
32:d=4 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
43:d=3 hl=4 l= 266 cons: SEQUENCE
47:d=4 hl=4 l= 257 prim: INTEGER :92D5E3A2C6F311A1FD325C94415DF197BA1C2B307C1EDBB5D9ED109AB8A639F10D61F6582B367AAECBBF95A130E54754667565AA6A60AFA6ADD6F246048C839D017D21849F5AA2A08FA5DBDE0712694E7E80FC42A709CEE3A91A5B11873A079E0FB04E14001C6B5BB4A5DDF52E793A8D5DD4E177C560C7CEDFB8FCC844B6640B4813D629AB9B34CFD5081C5A5384225049FE0B62EFBF79728421360D3C874B387CE5B67891F8942DB431BEAAC7414ED52AFA283EA39EAD160DA51FD7F8393BAF6BBCA780DFAC477BFEF43C61E9431B85F70E4DB2CF7B0F7A410DB24D6F806C91A2C650897E9B90668D25B0A9174054E133B4382ADA5AEC3527D2F4CABE263917
308:d=4 hl=2 l= 3 prim: INTEGER :010001
--EDIT 3
First of all, I want to say that I've downloaded an OTA update of LG G6 and this can probably confirm that this keystore is still there:
LG-H87010f-Flashable.Bootloader.zip
extract and:
$ grep "UNLOCK_RSA_02" -R
grep: bootloader/aboot.img: Binary file matches
so I invested more time on it figuring how the keystore originated and found this source code of KeystoreSigner that produce the same DER sequence:
verity/KeystoreSigner.java - platform/system/extras - Git at Google
so I wrote a small Java program to print the public key in PEM format:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktXjosbzEaH9MlyUQV3xl7ocKzB8Htu
12e0QmrimOfENYfZYKzZ6rsu/laEw5UdUZnVlqmpgr6at1vJGBIyDnQF9IYSfWqKgj6Xb3gcSaU
5+gPxCpwnO46kaWxGHOgeeD7BOFAAca1u0pd31Lnk6jV3U4XfFYMfO37j8yES2ZAtIE9Ypq5s0z
9UIHFpThCJQSf4LYu+/eXKEITYNPIdLOHzltniR+JQttDG+qsdBTtUq+ig+o56tFg2lH9f4OTuv
a7yngN+sR3v+9Dxh6UMbhfcOTbLPew96QQ2yTW+AbJGixlCJfpuQZo0lsKkXQFThM7Q4Ktpa7DU
n0vTKviY5FwIDAQAB
-----END PUBLIC KEY-----
It is a 2048-bit RSA public key, that I'm still not able to use to read the unlock files posted yet, but I share all my work just in case anybody wants to help.
-- EDIT 4
This is how I'm trying to use all the pieces I've put together. It's working now!!!
Now we have a working method to validate unlock.bin files for older phones!!!
--EDIT 5
Updated code with the working version.
-- EDIT 6
With a big thank to @ncrt that figured how the second signature is generated we now know how to completely validate the unlock.bin of G6.
This is the final version of the Java validator:
Java:
import java.io.File;
import java.math.BigInteger;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.RSAPublicKeySpec;
class Main {
private static final int UNLOCK_BIN_SIZE = 1024;
private static final int UINT32_T_SIZE = 4;
private static final int SIGNATURE_SIZE = 512;
private static final int KEY_SIZE = 256;
private static final int EXTRA_SIZE = 492;
private static final long SECURITY_UNLOCK_MAGIC1 = 2377586078L; // 0x8DB7159E
private static final long SECURITY_UNLOCK_MAGIC2 = 763286379L; // 0x2D7ED36B
private static final long SECURITY_UNLOCK_VERSION = 1L;
private static final int IMEI_SIZE = 32;
private static final int DEVICE_ID_SIZE = 96;
// RSA_UNLOCK_02
private static final RSAPublicKeySpec spec = new RSAPublicKeySpec(new BigInteger(
"18536265221834400955526124823946945144241534366405270883862606828214326557303158761374427696439760867810300046710668389940627901357786930619155280232713255180467267693281615312585736047834931276426122242381388755141769507773314618374615964530031495500324126445550145922318729183762394336526893965841523887301431217744349619177044755418369600023019646764547203434859153096499560007159303235140562773302106895748271986503337696246115511449909141742149128001718847058167094531480513164043443149146227140700654562659385941009377485565173992175722386093166833729231966326215327030617445434971297334403421561820089441204503"),
new BigInteger("65537"));
public static void main(String[] args) throws Exception {
String imei = "356144087429995";
String deviceId = "662CDCF3D09A5AED38E08DB652EC4CC6F63B24DADB2332BC0C7CD30A9924D731";
byte[] fileContent = Files.readAllBytes(new File("unlock.bin").toPath());
if (fileContent.length != UNLOCK_BIN_SIZE) {
System.err.println("Filecontent: " + fileContent.length + " expected: " + UNLOCK_BIN_SIZE);
return;
}
int offset = 0;
byte[] magic1 = new byte[UINT32_T_SIZE];
System.arraycopy(fileContent, offset, magic1, 0, UINT32_T_SIZE);
offset += UINT32_T_SIZE;
byte[] magic2 = new byte[UINT32_T_SIZE];
System.arraycopy(fileContent, offset, magic2, 0, UINT32_T_SIZE);
offset += UINT32_T_SIZE;
byte[] version = new byte[UINT32_T_SIZE];
System.arraycopy(fileContent, offset, version, 0, UINT32_T_SIZE);
offset += UINT32_T_SIZE;
byte[] hash_type = new byte[UINT32_T_SIZE];
System.arraycopy(fileContent, offset, hash_type, 0, UINT32_T_SIZE);
offset += UINT32_T_SIZE;
byte[] key_size = new byte[UINT32_T_SIZE];
System.arraycopy(fileContent, offset, key_size, 0, UINT32_T_SIZE);
offset += UINT32_T_SIZE;
if (deserialize_uint32(magic1) != SECURITY_UNLOCK_MAGIC1 || deserialize_uint32(magic2) != SECURITY_UNLOCK_MAGIC2
|| deserialize_uint32(version) != SECURITY_UNLOCK_VERSION) {
System.err.println("Magic numbers not found");
return;
}
byte[] signature = new byte[SIGNATURE_SIZE];
System.arraycopy(fileContent, offset, signature, 0, SIGNATURE_SIZE);
offset += SIGNATURE_SIZE;
byte[] extra = new byte[EXTRA_SIZE];
System.arraycopy(fileContent, offset, extra, 0, EXTRA_SIZE);
offset += EXTRA_SIZE;
byte[] input = new byte[DEVICE_ID_SIZE + IMEI_SIZE];
System.arraycopy(deviceId.getBytes(), 0, input, 0, deviceId.length());
System.arraycopy(imei.getBytes(), 0, input, DEVICE_ID_SIZE, imei.length());
final KeyFactory f = KeyFactory.getInstance("RSA");
final PublicKey publicKey = f.generatePublic(spec);
byte[] firstSignature = new byte[KEY_SIZE];
System.arraycopy(signature, 0, firstSignature, 0, KEY_SIZE);
Signature firstSignatureVerify = Signature.getInstance("NonewithRSA");
firstSignatureVerify.initVerify(publicKey);
firstSignatureVerify.update(MessageDigest.getInstance("SHA-256").digest(input));
boolean sigVerified = firstSignatureVerify.verify(firstSignature);
System.out.println("First signature verified: " + sigVerified);
byte[] secondSignature = new byte[KEY_SIZE];
System.arraycopy(signature, KEY_SIZE + 12, secondSignature, 0, KEY_SIZE - 12);
System.arraycopy(extra, 0, secondSignature, KEY_SIZE - 12, 12);
Signature secondSignatureVerify = Signature.getInstance("SHA256withRSA");
secondSignatureVerify.initVerify(publicKey);
secondSignatureVerify.update(input);
boolean sig2Verified = secondSignatureVerify.verify(secondSignature);
System.out.println("Second signature verified: " + sig2Verified);
}
private static long deserialize_uint32(byte[] b) {
long l = (long) b[0] & 0xFF;
l += ((long) b[1] & 0xFF) << 8;
l += ((long) b[2] & 0xFF) << 16;
l += ((long) b[3] & 0xFF) << 24;
return l;
}
}
Cheers
Francians
hope is fine to reserve more room....
RESERVED
francians said:
First of all, I want to say that I've downloaded an OTA update of LG G6 and this can probably confirm that this keystore is still there
Click to expand...
Click to collapse
is this at all helpful to you, or no?
LG Open Source
opensource.lge.com
francians said:
hope is fine to reserve more room....
RESERVED
Click to expand...
Click to collapse
How can I unlock my phone whit this little program?
francians said:
--EDIT 5
Updated code with the working version.
Cheers
How can I unlock my phone whit this little program?
Click to expand...
Click to collapse
That code demonstrates how the unlock works and cannot generate a file to unlock your phone. For G6 the puzzle is still uncompleted, but I am working on it. If there will be a method to unlock I'll write a dedicated post and give you a compiled software
Honkette1738 said:
is this at all helpful to you, or no?
LG Open Source
opensource.lge.com
Click to expand...
Click to collapse
The OTA will be helpful to reverse engineering it, since the source I've found is older
I was writing to the german CEO a while ago , he said no.
But maybe if we are more and write to Korea , we may have succses ?
Thats what he said :
Dear Mr W,
I have to pass. LG has not been selling cell phones for some time now and the developer services were discontinued at the end of 2021. Unfortunately, it is no longer possible to comply with your request.
For any inquiries, I'm willing to help.
.....
Definitely could be a good idea to ask them to share the private keys since without them it's currently impossible to write an unlock files generator. They may rise security concerns if such keys have been used for something else too.
marcus67 said:
I was writing to the german CEO a while ago , he said no.
But maybe if we are more and write to Korea , we may have succses ?
Thats what he said :
Dear Mr W,
I have to pass. LG has not been selling cell phones for some time now and the developer services were discontinued at the end of 2021. Unfortunately, it is no longer possible to comply with your request.
For any inquiries, I'm willing to help.
.....
Click to expand...
Click to collapse
francians said:
Definitely could be a good idea to ask them to share the private keys since without them it's currently impossible to write an unlock files generator.
Click to expand...
Click to collapse
could that be in engineering bootloaders, or likely not?