Related
I have searched, read, and tested my butt off on this so, I'm not posting without doing my own homework. I promise.
I'm looking for CURRENT documentation on how to create a standard update.zip file that simply copies a file into /system/foo/bar and chmods it.
All the links I've looked at seem to have old deprecated syntax on the update-script file, or the examples given simply do not work.
I do NOT want to download someone else's script-pak, windows app, or any other such thing that makes it for me.
As for signing, I'm completely comfortable signing using the SDK, although I'll probably take the easy route with ZipSigner/Signapktic running on the phone/tab now that I've discovered those.
Can someone please post a very simple howto?
Thanks for posting this -- I'm with you, I'm not a script-kiddie using someone else's tools, I want to learn it for myself, but like you, I've searched, and what I've found -- while probably correct and accurate -- isn't working the way they say it should. I've even followed the directions on android.com itself and they fail, so I'm starting to suspect my recovery or my ROM is at fault, not the signing itself.
I have a bunch of files I want to place in /system/foo/bar and chmod, as you say, and the error I'm getting is "No signature (172 files) Verification Failed". I do indeed have signatures in the file, as when I open them I see CERT.RSA and others that weren't there before signing, so IDK what the deal is with the error I'm getting (obviously something's missing -- maybe a public key verification from a trusted authority like Thawte or VeriSign).
I see you, too, are getting as much help as I am seeing others get. They start threads, get all sorts of praise from script kiddies who have no clue and just see a point-click solution, and then someone asks for real help and everyone shuts up for months until the thread eventually dies.
But kudos to you, sir, for being in the same boat as I!
cj chitwood said:
Thanks for posting this -- I'm with you, I'm not a script-kiddie using someone else's tools, I want to learn it for myself, but like you, I've searched, and what I've found -- while probably correct and accurate -- isn't working the way they say it should. I've even followed the directions on android.com itself and they fail, so I'm starting to suspect my recovery or my ROM is at fault, not the signing itself.
I have a bunch of files I want to place in /system/foo/bar and chmod, as you say, and the error I'm getting is "No signature (172 files) Verification Failed". I do indeed have signatures in the file, as when I open them I see CERT.RSA and others that weren't there before signing, so IDK what the deal is with the error I'm getting (obviously something's missing -- maybe a public key verification from a trusted authority like Thawte or VeriSign).
I see you, too, are getting as much help as I am seeing others get. They start threads, get all sorts of praise from script kiddies who have no clue and just see a point-click solution, and then someone asks for real help and everyone shuts up for months until the thread eventually dies.
But kudos to you, sir, for being in the same boat as I!
Click to expand...
Click to collapse
See my other reply to you in a similar topic.
I may be wrong but dont you have to sign system apps with the same key that the rom was signed with.
You can compile and sign from source and then add system apps or data
From something awesome
killersnowman said:
I may be wrong but dont you have to sign system apps with the same key that the rom was signed with.
You can compile and sign from source and then add system apps or data
From something awesome
Click to expand...
Click to collapse
System apps must be signed using the same key that is used to sign the platform. This has nothing to do with the ZIP signature that may or may not be present on a recovery update. The actual platform public key is stored within the ROM and gets extracted just like any other file in the system image.
If you compile from source, you use the platform key provided in the source; typically: build/target/product/security/platform.x509.pem. If you are an OEM like say HTC, you'll use your own key to compile the platform and sign the system apps.
Gene Poole said:
System apps must be signed using the same key that is used to sign the platform. This has nothing to do with the ZIP signature that may or may not be present on a recovery update. The actual platform public key is stored within the ROM and gets extracted just like any other file in the system image.
If you compile from source, you use the platform key provided in the source; typically: build/target/product/security/platform.x509.pem. If you are an OEM like say HTC, you'll use your own key to compile the platform and sign the system apps.
Click to expand...
Click to collapse
So in order to put ringtones in the appropriate system folder, I have to sign the update.zip with the same key that e.g. Roalex uses to sign the ROM? Of course that won't work, as I don't have his key, and then there are kernels and themes that other people make that work, and surely they don't have Roalex's key.
So I think I'm misunderstanding this still.
But if I compile from source, I sign with the key that's in the source, so if I know Roalex compiles from source, if he signs with the source key, I can sign an update.zip with that key and it will work?
Also, Recovery says there is NO signature in the file, but does that not necessarily mean really what it says?
I don't know who Roalex is. I don't know anything about your device per se. I don't know anything about Amon-Ra recovery. I was hoping some others would jump into this thread to help out with these unknowns. I've always used clockworkmod recovery so that's all I can speak for, but I did D/L an Amon-Ra recovery to analyze it.
As far as custom ROMs go, most are based on some OEM ROM and still contain system files signed by the OEM and the OEM certs are still included with the ROM so no modifications are necessary.
If you have a simple update.zip with just some files to be written to the system partition, then signing the update.zip file is unnecessary. A signed update.zip is only useful when it is distributed by an OEM with an official OEM update since the stock recovery will refuse anything not signed by the OEM. One of the reasons for using a custom recovery on rooted devices is that it gets around this security check to allow you to install custom stuff written by someone other than the OEM.
If you are having trouble installing an update.zip that contains an otherwise valid working "amend" or "edify" script, then I don't know what the issue might be. Clockworkmod recovery (at least all the versions I've run) has an option to toggle signature checks in the "apply update from SD card" sub-menu, but I don't know of any good reason that it is there since it only has one key and it is the same "test" key distributed in official source distributions, and the toggle is off by default.
I've been poking around github and grabbed the current source for amon-ra recovery (https://github.com/packetlss/amonra_bootable_recovery) and interestingly, amon-ra has a signature verifyer that is missing from clockworkmod recovery. It actually parses the zip file for the META information and ensures that the included signing key for the zip is consistent with the manifest and each file's signature.
So, it would seem that your update.zip should be signed the same way an APK is signed, using jarsigner.
Do you have a valid signing certificate and are you signing your update.zip correctly?
After learning to compile cm from source I found it easiest just to edit the .zip and then resigning the zip. I have added a few programs into /system and never had an issue. Perhaps this is because it's cm?
Gene Poole said:
I've been poking around github and grabbed the current source for amon-ra recovery (https://github.com/packetlss/amonra_bootable_recovery) and interestingly, amon-ra has a signature verifyer that is missing from clockworkmod recovery. It actually parses the zip file for the META information and ensures that the included signing key for the zip is consistent with the manifest and each file's signature.
So, it would seem that your update.zip should be signed the same way an APK is signed, using jarsigner.
Do you have a valid signing certificate and are you signing your update.zip correctly?
Click to expand...
Click to collapse
i was just going to conjecture that perhaps the amon-ra recovery is verifying sigs. you however have found proof. thank you
the only way someone would have the valid sig is for it to either be public, or for them to have signed the platform themselves and have there own private key. i ran into this same problem when investigating the android.intent.action.REBOOT intent which can only be broadcast by system apps signed with the same sig as the platform.
Gene Poole said:
I don't know who Roalex is [...]
Click to expand...
Click to collapse
Sorry, he's the guy who put together the COS-DS ROM for G1/HTC Dream based on CyanogenMod and AOSP sources.
Gene Poole said:
As far as custom ROMs go, most are based on some OEM ROM and still contain system files signed by the OEM and the OEM certs are still included with the ROM so no modifications are necessary.
Click to expand...
Click to collapse
Wait... can signing the zip be as easy as including the CERT.MSA and related other two files as found in the other update.zip files I have that work? Seems that would be too easy... I assumed there would be something in the zip file headers that would be modified to reflect a key as well so that they would also have to match. Maybe this is getting too in-depth...
Gene Poole said:
If you have a simple update.zip with just some files to be written to the system partition, then signing the update.zip file is unnecessary.
Click to expand...
Click to collapse
So just put together a common zip file with the update-script and the right folder structure in it, and I'm good? I tried that too and it also failed. Does the NAME of the file have to be update.zip in that case, though? I didn't actually try that. My unsigned one was named "CJ-Audio-Update_unsigned.zip" or something like that.
Gene Poole said:
A signed update.zip is only useful when it is distributed by an OEM with an official OEM update since the stock recovery will refuse anything not signed by the OEM. One of the reasons for using a custom recovery on rooted devices is that it gets around this security check to allow you to install custom stuff written by someone other than the OEM.
If you are having trouble installing an update.zip that contains an otherwise valid working "amend" or "edify" script, then I don't know what the issue might be. Clockworkmod recovery (at least all the versions I've run) has an option to toggle signature checks in the "apply update from SD card" sub-menu, but I don't know of any good reason that it is there since it only has one key and it is the same "test" key distributed in official source distributions, and the toggle is off by default.
Click to expand...
Click to collapse
Okay then. From here it's a lot clearer than a week ago. Thanks for taking the time to explain it so thoroughly... I think so many people understand so little and they're so quick to say "here, just use this other guy's tool LOL!!!111!1 he r0x0r$!!!1!1". I mean, that's great, that there are tools, but I want to understand it, not just be a script kiddie with someone else's tools, blindly trusting that they're doing it right and all that. Not saying the tools are bad or wrong, but by knowing myself, I know whether it's done right, you know? Same reason I learned automotive mechanicals, computers, and electrical wiring. Oh, and plumbing is slowly being added and in a few years roofing
Then it's on to framing as I build a 20-by-20-foot "workshop" in the back yard but I digress...
Thanks again!
Well this is interesting...
I took the MSA and other two files from the COS-DS update, and put them in a new zip containing my other files (not signed) and it didn't complain about no signature... instead, it failed saying some lib file is missing. Stagefright or some such. Progress is still progress though...
EDIT:
Okay, so it looks like there's something in those signats that says, "hey, look for all these other files too", so I'ma try a different tack...
EDIT2:
I guess I'm just gonna have to use Testkeys. They appear to have worked. :/ But if everyone else is doing it that way, I guess there's no harm.
Alright, guys, I decided to put a little binary together for you guys. It's called "flashpak", which stands for flash package. The usage is very easy, and I hope developers use this in they're apps.
Works on CWM, TWRP, AMON, and any other recovery ... erm... Let me rephrase that.. it works on all recoveries
Usage:
Code:
flashpak file.zip
^ If the file "file.zip" is in the root of your SDCARD, just type what's above
It will then reboot you into your recovery and begin to flash the package.
Please note:
*Only works on devices that use "reboot recovery".
*Must be ran under su.
*I'm not responsible for anything if any of you mess up... well.. I am, but I won't be available to fix your device right and then.
*Since I used the Android-9 toolchain, I'm assuming that it only for 2.3+... not sure.
*Package must be on your SDCARD!
Changelog:
v1.01 - Fixed errors with confusion of the external storage's.
What to add:
*Able to reboot to recovery on devices that can't do "reboot recovery".
How to install, just extract the "flashpak" binary from the zip provided.. Extract it somewhere and run it
I'll try my best to keep this updated as much as I can. School is gonna start soon, and it's my last year in HS, and I might not update it as often as I will throughout this week :\
Source code: https://github.com/Simran/adbNetScan
Like me on Facebook: https://www.facebook.com/SimranApps
Follow me on Twitter: http://www.twitter.com/SimranDevs
Add me on Google+: https://plus.google.com/114069302448745664287
Good one
Can I use this in my tool over at my signature?
Can you compile it with lower toolchain and add support for 2.1+ devices
There are large number of 2.1 and 2.2 devices.
And this sends the extended commandline to recovery right?
varun.chitre15 said:
Good one
Can I use this in my tool over at my signature?
Can you compile it with lower toolchain and add support for 2.1+ devices
There are large number of 2.1 and 2.2 devices.
And this sends the extended commandline to recovery right?
Click to expand...
Click to collapse
Sure! Just make sure whatever you're going to flash is on the SDcard. If it's in another folder on the sdcard... mm.. say folder "foo" and zip "bar.zip", then simple type in:
Code:
flashpak foo/bar.zip
It doesn't accept a backslash at the beginning, but I'll work on that.
Updated to v1.01. Please give results.. gonna update tomorrow!
Since this is in the Moto G (Falcon) forum, these steps are for the Falcon. This does not mean that it isn't the same for other phones! Even if you don't own a Falcon device, feel free to ask for help here!
Prerequisites:
- You must have a Linux firmware running on your computer (I suggest Builduntu because you can skip the next one [build environment setup])
- Build environment setup (Put the this in terminal and follow instructions)
- Patience and a heart willing to learn
- You need to know the languages C, C++, Java, Ruby, Python... NOT! You don't need to know ANY coding languages.
[MOTIVATIONAL SPEECH]
Truth be told, when I first started out developing, I knew NO coding languages except for HTML and a little bit of Java. Both have nothing to do with kernels! I actually learned how to do this when I suffered from a concussion. So if you really want to learn how to kernel dev and you give up halfway, just know that a 14 year old kid with a concussion beat you .
[/MOTIVATIONAL SPEECH]
Click to expand...
Click to collapse
WARNING: I am not responsible for any damages to your phone or computer or pet unicorn. When you modify the wrong partitions, set too many jobs for your compiler etc., that is not anyone's fault but yours.
Your Personal Handbook to the Following:
- Anything inside "CODE" boxes, type it into your terminal. If you can't find terminal, then press CTRL, ALT, t.
- If I were you, I would write these by hand instead of copying and pasting it because after a certain amount of times, you will remember the linux commands and it will be easier for you to compile more kernels for different devices
- Use this thread as a "Help Me" button. Ask for help!
Click to expand...
Click to collapse
A New Beginning:
Let's start out with something simple, getting the actual code:
Code:
git clone https://github.com/cyanogenmod/android_kernel_motorola_msm8226
This could range from 3 minutes to 2 hours! Read a book, count your fingers, watch ****, and wait patiently.
Once that's done, open up your file manager and rename the folder (should be android_kernel_motorola_msm8226) to whatever you want. I will refer it as "mykernel".
Click to expand...
Click to collapse
Pokemon!
For this tutorial, we will be using a Sabermod 4.7 toolchain to compile. I WOULD teach you how to compile with 4.8+, but it creates errors that will take even longer for me to write about sooooooooo :fingers-crossed:. Now to get the toolchain:
Code:
git clone https://github.com/SaberMod/android_prebuilts_gcc_linux-x86_arm_sabermod-arm-eabi-4.7
Rename this to whatever you like, but I will be referring this as "toolchain"
Now go into you folder where the kernel source is stored...
Code:
cd mykernel
Click to expand...
Click to collapse
Almost done :
Time to set-up the compiler!
Code:
export CROSS_COMPILE=/home/*your linux name*/toolchain/bin/arm-eabi-
This tells the toolchain that "OK, we want to make ALL this code here into a kernel".
This next line tells it that your defconfig (the toolchain's manual for compiling the kernel) that it's in the arch/arm/configs folder.
Code:
export ARCH=arm
Now to tell the it what the defconfig is!
Code:
make falcon_defconfig
Hehe, now to the hardest part of all...
MuHAHHAHAHa
Click to expand...
Click to collapse
THE HARD PART
You ready for this? HERE IT IS! TIME TO BUILD THE KERNEL!
Code:
make -j4
Now sit back, relax, and watch the code! Or you could read a book, watch ****, count your fingers, play with your toes...
If you have an error during the waterfall of code, find the part where it actually says *error* (you'll probably have to scroll upwards) and search it on Google or post it here.
Click to expand...
Click to collapse
THE EASY PART
If you manage to get something that says "the kernel zImage is ready" or something like that, that means you've made it!
You have officially compiled your own kernel from source! Now you need to put it in a flashable zip.
Download this file and open it up, but DON'T EXTRACT IT.
Now go to your kernel source then "CTRL + F" and search for "zimage-dtb".
Find it and put it in the "kernel" folder of "FalconKernel - Signed.zip". Then "CTRL + F" and search ".ko".
Copy radio-iris-transport.ko and put it in the system/lib/modules (not pronto) of the zip.
Then find wlan.ko and rename it to pronto_wlan.ko. Copy and paste it in system/lib/modules/pronto of the zip.
Click to expand...
Click to collapse
Now you can put it on your phone and flash it!
Reserved
Here I will walk you through on how to add the intelliplug feature made by @faux123
First, fetch my Green Machine kernel source (go into your kernel folder in terminal):
Code:
git fetch https://github.com/YoshiShaPow/green_machine_falcon
Then you could cherry-pick (basically copy) all my cherry picks for intelliplug from my source.
If you do check my source out, you can see there's a little link to a history of commits near the middle of the screen, right above the files/folders. You can see at this page of my features history, you'll see a bunch of commits for intelliplug. I will use those commits and copy it to your own kernel.
This copies the initial coding/first commit of intelliplug!
Code:
git cherry-pick 01a850f
This cherry-picks the remaining commits so that your newly added intelliplug is updated.
Code:
git cherry-pick 6623f2f^..4e1ece7
One more thing though, you need to add the line to compile intelliplug!
Almost all things compiled along with the zImage are in a file called defconfig. What a defconfig does, is tell your machine to build certain modules, kernel objects, drivers, governors, etc.etc.etc.. Now, all of them are found in the folder
arch/arm/configs
Click to expand...
Click to collapse
As stated in the OP, you have to modify the defconfig you use. (CM11 Kernel is falcon_defconfig, Gummy Kernel is msm8226_mmi_defconfig). Open up the corresponding defconfig and add this to ANY line anywhere.
Code:
CONFIG_INTELLI_PLUG=m
Now, for those who are familiar with "y=yes/n=no/m=maybe", you'll see that I specifically told you to put the "m=maybe" one. That's because when you compile the kernel again, right after you're about to start your build. Since you put that "m", the terminal will prompt you with a "y=yes/n=no" question on whether or not you would like to add the following feature. Since you would like to add the feature, put in "y". Later on when you feel more comfortable with adding features to your kernel, you can go back into the defconfig and put it as
Code:
CONFIG_INTELLI_PLUG=y
So that it will compile it without asking, since you have given it an answer.
Now you have officially compiled a "Custom Kernel" and with the knowledge you know, you could create a feature packed one by just kanging (copying one's work/features).
Always remember to
Code:
make clean && make mrproper
after every build to prevent errors and such!
Click to expand...
Click to collapse
One More
One more
Nice guide!
I think it lacks one thing- how to modify the kernel.
The guide only mentions how to compile a preconfigured kernel, just the way it is. Modding kernels and adding new features (like OC, schedulers, s2w etc.) is the cool part about making a kernel yourself IMO.
Just a suggestion.
Sent from my XT1033 using XDA Premium 4 mobile app
KDB223 said:
Nice guide!
I think it lacks one thing- how to modify the kernel.
The guide only mentions how to compile a preconfigured kernel, just the way it is. Modding kernels and adding new features (like OC, schedulers, s2w etc.) is the cool part about making a kernel yourself IMO.
Just a suggestion.
Sent from my XT1033 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Well, I will be putting the reserve posts to good use later
What would be the best way to test a kernel w/o bricking the phone?
adizz4 said:
What would be the best way to test a kernel w/o bricking the phone?
Click to expand...
Click to collapse
You can't brick a phone with an unmodified kernel!
Oops double post
adizz4 said:
What would be the best way to test a kernel w/o bricking the phone?
Click to expand...
Click to collapse
Does "fastboot boot kernel.img" work from bootloader mode?
Also why wouldn't the any kernel zip work if I decompressed and compressed it again. I did that before this thread and it didn't work.
P.Kosunen said:
Does "fastboot boot kernel.img" work from bootloader mode?
Click to expand...
Click to collapse
I've been using that to test. Its a really good way but you'll have to build a boot.img
adizz4 said:
Also why wouldn't the any kernel zip work if I decompressed and compressed it again. I did that before this thread and it didn't work.
I've been using that to test. Its a really good way but you'll have to build a boot.img
Click to expand...
Click to collapse
I specifically said in the tutorial nor to unzip it... The zip is already signed (a prerequisite for flashing) and unzipping will break it.
Did we need sudo before make -j4 command?
Sent from my XT1032
Siekil said:
Did we need sudo before make -j4 command?
Sent from my XT1032
Click to expand...
Click to collapse
Not necessary
I'll be writing more posts on how to add features to your kernel and basic cherry-picking features
I syncd gummy kernel sources and tried to build using linaro and sm but I keep getting this error.
sound/soc/msm/msm8226.c:30:40: fatal error: qdsp6v2/msm-pcm-routing-v2.h: No such file or directory
Click to expand...
Click to collapse
Any inputs on that?
adizz4 said:
I syncd gummy kernel sources and tried to build using linaro and sm but I keep getting this error.
Any inputs on that?
Click to expand...
Click to collapse
Probably a gcc error... I'd try compiling with a 4.7 toolchain. And also, make sure you're using the msm8226_mmi_defconfig since gummy's different
@YoshiShaPow thanks for the guide. I'm using it to begin fooling around with some building.
May I be a pain in the *** and ask you for a lil help? If using the file you provided to insert the build, I get trouble with wifi (in latest Aospa). I don't expect you to solve that, but I was wondering how to make out of the zimage a boot.img file, but I've read around the ramdisk needs to be merged into that, and honestly I'm not so sure how to do that. I found some guides, but none of them is specific for falcon, so I might be goofing around if I follow them?
Also checked the flashing script in the file you provided and noticed that it makes a boot.img on the go, but couldn't figure out how to reproduce that either.
If what I'm asking is too hard or long to be answered , I understand :good:
Edit: now I tried building with Linaro and after sorting out a couple of errors, voilá, I got a build. But again, my wifi gets smashed. Everything else seems to work fine, but when I try to turn wifi on, it's dead, nothing happens. My ideas: could it be something about the way the kernel's flashed skipping a boot.img (ramdisk?)? Is it something about AOSPA (think it shouldn't since it uses CM kernel)? Or should I be looking into my build, making a logcat about the issue and working it back?
fermasia said:
@YoshiShaPow thanks for the guide. I'm using it to begin fooling around with some building.
May I be a pain in the *** and ask you for a lil help? If using the file you provided to insert the build, I get trouble with wifi (in latest Aospa). I don't expect you to solve that, but I was wondering how to make out of the zimage a boot.img file, but I've read around the ramdisk needs to be merged into that, and honestly I'm not so sure how to do that. I found some guides, but none of them is specific for falcon, so I might be goofing around if I follow them?
Also checked the flashing script in the file you provided and noticed that it makes a boot.img on the go, but couldn't figure out how to reproduce that either.
If what I'm asking is too hard or long to be answered , I understand :good:
Edit: now I tried building with Linaro and after sorting out a couple of errors, voilá, I got a build. But again, my wifi gets smashed. Everything else seems to work fine, but when I try to turn wifi on, it's dead, nothing happens. My ideas: could it be something about the way the kernel's flashed skipping a boot.img (ramdisk?)? Is it something about AOSPA (think it shouldn't since it uses CM kernel)? Or should I be looking into my build, making a logcat about the issue and working it back?
Click to expand...
Click to collapse
Sorry, I wanted to wait till I could use a computer to respond.
You must be missing the *.ko files:
You have officially compiled your own kernel from source! Now you need to put it in a flashable zip.
Download this file and open it up, but DON'T EXTRACT IT.
Now go to your kernel source then "CTRL + F" and search for "zimage-dtb".
Find it and put it in the "kernel" folder of "FalconKernel - Signed.zip". Then "CTRL + F" and search ".ko".
Copy radio-iris-transport.ko and put it in the system/lib/modules (not pronto) of the zip.
Then find wlan.ko and rename it to pronto_wlan.ko. Copy and paste it in system/lib/modules/pronto of the zip.
Click to expand...
Click to collapse
kernel for x86 device [Asus zenfone5] can be made using this method?
YoshiShaPow said:
Sorry, I wanted to wait till I could use a computer to respond.
You must be missing the *.ko files:
Click to expand...
Click to collapse
Uhm, no, I followed that part step by step. I did it once more to double check, and I'm still in the same place. Actually, I suspected something and tried your kernel (TGM) and had the same problem (WTF?). I need to try wiping everything and reinstalling aospa to make sure there isn't some other thing going on down there.
But it's ok, I'll figure it out somehow. What I'd really need if you can point me in the right direction, si how to step further into building a boot.img
Or for that I MUST follow the official CM method, meaning syncing the full repo and building just the kernel?
Thanks for your help!
---------- Post added at 10:42 AM ---------- Previous post was at 10:18 AM ----------
sanjib734 said:
kernel for x86 device [Asus zenfone5] can be made using this method?
Click to expand...
Click to collapse
I'd guess it's not about the method. I think there's no CM official support for this device. Do you have any unofficial source to build from (Github)? If so, I guess you could try.
Edit: should check if Sabermod is compatible with the device's arch too.
Android Boot Manager (ABM), my goal is to make the procedure (Backup, Unpack, Edit, Repack and Flashe boot.img or recovery.img) so easy and accessible to all users without resorting to the command prompt , only a single click to get a quick and successful outcome at the same time .
This is the third version of the program.
Source (GITHUB SOURCE https://github.com/aToxyD/android_boot_image_manager_apk).
WHAT'S NEW
- Some optimization.
- Add new Text Editor with high syntax.
THANKS
* xiaolu, original author of boot.img tool(GITHUB SOURCE https://github.com/xiaolu/mkbootimg_tools).
* Modding.MyMind, for his heavily modification of boot.img tool.
* Tah Wei Hoon, for TextWarrior.
* Dmytro Tarianyk, for Android Floating Action Button.
* Anthony Restaino, for Grant.
IMPORTANT
- Root is only necessary for Unpacking boot patched by "superSu or Magisk" and Backup/Flash Operations, so if you want to unpack stock boot or you have your favorite flasher apk like "Rachr", if so you dont need to check "Root Access" in settings menu.
- Please uninstall any previous version of ABM before installing the newer.
I do not like people to coming here and take what they wanted and leave like a thief , at least leave a comment. . .
This work is for all, so help your self.
atoxyd said:
Android Boot Manager (ABM), my goal is to make the procedure (Backup, Unpack, Edit, Repack and Flashe boot.img or recovery.img) so easy and accessible to all users without resorting to the command prompt , only a single click to get a quick and successful outcome at the same time .
This is the second version of the program.
WHAT'S NEW
- Corrected some bugs related to compatibility with Android 6.
- Use xiaolu mkbootimg tools (GITHUB SOURCE https://github.com/xiaolu/mkbootimg_tools)
TODO
- add support to x86, mips arch.
- add support to put files to unpacked folder.
- add support to combinedboot , in Xperia device recovery ramdisk is combined with system ramdisk.
IMPORTANT
- The apk need root access to work.
- Note that make change by adding files to unpacked folder with root explorer, the owner will be root and the apk will not work, if you do this you must change the owner to ABM apk.
THANKS
* xiaolu, original author of boot.img tool(GITHUB SOURCE https://github.com/xiaolu/mkbootimg_tools).
* modding.MyMind, for his heavily modification of boot.img tool.
* @bigsupersquid for his support and motivate from the beginning.
Click to expand...
Click to collapse
mtk support?
lixia1998 said:
mtk support?
Click to expand...
Click to collapse
Certainly I am working on this , but you should help me.
New version won't install on Kit Kat
PiggyFlooper said:
New version won't install on Kit Kat
Click to expand...
Click to collapse
Okay my friend, try to uninstall the old version, and tell me.
atoxyd said:
Okay my friend, try to uninstall the old version, and tell me.
Click to expand...
Click to collapse
You were right, I'll start project tonight editing ramdisk on my LG Volt
Are extracted files accessible in file system? I can't find them
levone1 said:
Are extracted files accessible in file system? I can't find them
Click to expand...
Click to collapse
Unpacked to /data/local/ABM
PiggyFlooper said:
Unpacked to /data/local/ABM
Click to expand...
Click to collapse
But beware when you add new files to the unpacked folder , you must take into account that owner will be. root , so you must set owner to ABM apk.
atoxyd said:
But beware when you add new files to the unpacked folder , you must take into account that owner will be. root , so you must set owner to ABM apk.
Click to expand...
Click to collapse
So I tested with twrp IMG, and successful unpack to /data/local. Then I tried with my current kernel, and nothing's happening. I get a message that's not clear to me, (screenshot 2), and no output. Any ideas?
levone1 said:
So I tested with twrp IMG, and successful unpack to /data/local. Then I tried with my current kernel, and nothing's happening. I get a message that's not clear to me, (screenshot 2), and no output. Any ideas?
Click to expand...
Click to collapse
It seems that you delete the directory /data/local/ABM, So close the apk and open it again or wipe apk data and try again, if any problems tell me please :thumbup:
atoxyd said:
It seems that you delete the directory /data/local/ABM, So close the apk and open it again or wipe apk data and try again, if any problems tell me please :thumbup:
Click to expand...
Click to collapse
That was my original thought, so I wiped data and tries again, but no different... I'll just uninstall and reinstall, and probably be fine. Thanks
atoxyd said:
It seems that you delete the directory /data/local/ABM, So close the apk and open it again or wipe apk data and try again, if any problems tell me please :thumbup:
Click to expand...
Click to collapse
Same thing after reinstall. I tried with twrp file again, and works fine, but with kernel file, error msg...
It seems that the image you want to unpack it is not an android image.
atoxyd said:
It seems that the image you want to unpack it is not an android image.
Click to expand...
Click to collapse
It's the AOSP kernel from the ROM I'm currently using.
https://mega.nz/#!do51zAZS!QG5jTdpynPjNs7jrbERsdwRKjdac9tz-0SxUX6HyJsk
Try to edit devices.xml in /sdcard/ABM directory and backup kernel using ABM app, after try to unpack boo.img backed up, you find it in /sdcard/ABM/backup directory.
levone1 said:
It's the AOSP kernel from the ROM I'm currently using.
https://mega.nz/#!do51zAZS!QG5jTdpynPjNs7jrbERsdwRKjdac9tz-0SxUX6HyJsk
Click to expand...
Click to collapse
Well my friend, try to delete space in the name of image.
Linux ..........img will be
Linix_..........img
levone1 said:
It's the AOSP kernel from the ROM I'm currently using.
https://mega.nz/#!do51zAZS!QG5jTdpynPjNs7jrbERsdwRKjdac9tz-0SxUX6HyJsk
Click to expand...
Click to collapse
Well my friend, delete space in the name of the image.
Linux 3.10....img
will be
Linux_3.10....img
Well my friend @levone1, delete space in the name of the image.
Linux 3.10....img
will be
Linux_3.10....img
Hey, I noticed while looking through the Stock Firmware AP file, that in meta-data/fota.zip there are .jar files that have to do with package signing. Only issue is that the zip is password protected. If someone has the Compute power and skills to decrypt a zip and look at the jar files and ****, maybe we could find a way to sign our own TWRP recoveries and roms. Just a thought, i'll post a link to the fota.zip file i was talking about in a bit if anyone wants to take a crack at it. (Google drive is taking forever to upload cause of AT&T's ****ty DSL speeds, sorry)
Download Link: htt*ps:/*/drive.*google*.com/file/*d/0B9tb-svjqaVD*b3Y0V0tXR3drSzA/vie*w?usp=sharing (Remove all *'s from link, stupid 10 post until you can post links limitation)
Thanks,
Lavavex
Did you saw this Thread?
https://forum.xda-developers.com/an...signing-boot-images-android-verified-t3600606
About fota.zip...
Did you heard about plain text attack?
In few Seconds... minutes done... no password required but you can unpack.
Best Regards
Yesterday I have download this fota.zip... and yes... same password as for instance from my prior test with:
SM-J330F and 1 more...
Here are the 3 keys to decrypt if somebody want try...
Code:
2b4d493c
6142b289
1b7024aa
Code:
Key0
Key1
Key2
I have used Advanced Archive Password Recovery from elcomsoft...
Best Regards
adfree said:
Yesterday I have download this fota.zip... and yes... same password as for instance from my prior test with:
SM-J330F and 1 more...
Here are the 3 keys to decrypt if somebody want try...
Code:
2b4d493c
6142b289
1b7024aa
Code:
Key0
Key1
Key2
I have used Advanced Archive Password Recovery from elcomsoft...
Best Regards
Click to expand...
Click to collapse
Which will allow unpacking of the above zip? I thought it needed a zip password.
osm0sis said:
Which will allow unpacking of the above zip? I thought it needed a zip password.
Click to expand...
Click to collapse
We never found the Password... but for Decryption you need only these 3 Keys...
They can be easily found in few Minutes... with the right Tool...
Code:
2b4d493c
6142b289
1b7024aa
Here Key0 Key1 Key2 for Samsungs fota.zip...
This is really no rocket science...
Simple read about plain-text attack...
You can see all filenames...
You can see all filesizes etc...
Many files are floating around the Internet... to create ZIP for attack...
Then result is in few Minutes possible... :angel:
Use these 3 Keys in Tool:
Code:
Advanced Archive Password Recovery
And try self to unpack...
Best Regards
Edit 1.
Screenshot added...
Then maybe more clear...
Trial Version have mabye limtations... but to see it work... it is enough to play with trial.
@adfree or to anyone who can answer.
Quick question, what are the legal limitations to what is going on here? I may or not have a file from inside the fota.zip, but will sharing it put me in the legal wrong? If it is within the legal boundaries, I'd be happy to upload it for anyone to take a look at, but I don't want to land on the wrong side of the law by doing so. Please do let me know, as this is the most exciting development we've had when it comes to bootloader unlocking in a while. Also, it seems as though we can't view the entirety of the contents of the fota.zip with the trial version of the zip extraction tool mentioned in this thread, so if someone with more knowledge about this can confirm we could unlock our bootloaders with the contents of the zip (based on what is currently known about this), I'd be happy to bite the bullet of paying for the premium version given we can do this within the boundaries of the law.
Thanks.
1.
Maybe you can answer your question self...
Samsung PROTECTED this ZIP with password.
2.
IMHO it is Kernel related...
Yeah I know... Boot is every irritating...
But it is not sboot.bin related...
3.
About decrypting all files...
There are floating around Command Line Tool...
Code:
pkcrack
Try to Google it...
I have not tried...
I am 1 click Button user...
Best Regards
zipdecrypt from the pkcrack package plus those 3 keys worked flawlessly. :good:
Edit: Crazy number of utilities in this zip, but no script to run them all, and a lot of references to external files. No smoking gun like a "sbootimg_signer" binary or anything to make their proprietary footer signature, and no Samsung signature files.
the password for that zip is fotatest1234
Correct. All fota zips passwords are fotatest1234
Drdra3 said:
Correct. All fota zips passwords are fotatest1234
Click to expand...
Click to collapse
@lavavex , @osm0sis
Yes it is, but now the question still to be answered is, do the tools within the fota.zip file, actually work for legitimately repacking the boot/recovery image? Because in the fota.zip I checked from Android Pie's release it mentioned the "user/test-keys" and very much so had all of the compiled tools to actually patch a system and create and ADB flashable zip for stock recovery.
Could we technically make a signed sideloadable update.zip if the the update package was created on the device itself? The scripts included, along with the updated compiled binary tools, really do seem to be the Toolkit we've been looking for but have overlooked. I haven't tested it out fully, but I'm still reading about how to proceed. It isn't just the S7 either. So are the tools customized to the device, the android branch, or the bootloader?
Delgoth said:
@lavavex , @osm0sis
Yes it is, but now the question still to be answered is, do the tools within the fota.zip file, actually work for legitimately repacking the boot/recovery image? Because in the fota.zip I checked from Android Pie's release it mentioned the "user/test-keys" and very much so had all of the compiled tools to actually patch a system and create and ADB flashable zip for stock recovery.
Could we technically make a signed sideloadable update.zip if the the update package was created on the device itself? The scripts included, along with the updated compiled binary tools, really do seem to be the Toolkit we've been looking for but have overlooked. I haven't tested it out fully, but I'm still reading about how to proceed. It isn't just the S7 either. So are the tools customized to the device, the android branch, or the bootloader?
Click to expand...
Click to collapse
Presumably what I previously said still stands:
osm0sis said:
Crazy number of utilities in this zip, but no script to run them all, and a lot of references to external files. No smoking gun like a "sbootimg_signer" binary or anything to make their proprietary footer signature, and no Samsung signature files.
Click to expand...
Click to collapse