Exploits Known To NOT Work On The AT&T Backflip (05/2010)

This is a discussion on Exploits Known To NOT Work On The AT&T Backflip (05/2010) within the Motorola Backflip Development & Hacking forums, part of the Motorola Backflip category; These won't help, will they?...

Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 41

Thread: Exploits Known To NOT Work On The AT&T Backflip (05/2010)

  1. #31
    Junior Member knigitz's Avatar
    Join Date
    Jun 2010
    Posts
    14
    These won't help, will they?
    Attached Files Attached Files

  2. #32
    Junior Member justflorin's Avatar
    Join Date
    Mar 2010
    Location
    behind a keyboard
    Posts
    9
    where did you get these...?

  3. #33
    Junior Member knigitz's Avatar
    Join Date
    Jun 2010
    Posts
    14
    Quote Originally Posted by justflorin View Post
    where did you get these...?
    Grabbed them with adb pull from /etc/security

    They contain the public keys for manufacturer and carrier (AT&T) in .crt and .cer format for various things.

  4. #34
    Moderator SSeymour's Avatar
    Join Date
    Mar 2010
    Posts
    97
    Ive looked at these before but i dont think they will help us.Opened them up with a certificate viewer and they all seem to have something to do with certain web addresses.Dont know much more about them though.

  5. #35
    Member weasel5i2's Avatar
    Join Date
    May 2010
    Location
    Austin, TX
    Posts
    87
    If they're public keys, they are not of any use to us.. We need the private keys to sign stuff so the handset will accept it..

    I'm also trying the ADB-in-recovery exploit, but it doesn't seem to be working for me (yet!) -- I'll just have to keep trying...

    --W5i2

  6. #36
    Member weasel5i2's Avatar
    Join Date
    May 2010
    Location
    Austin, TX
    Posts
    87
    Quote Originally Posted by SSeymour View Post
    Ive looked at these before but i dont think they will help us.Opened them up with a certificate viewer and they all seem to have something to do with certain web addresses.Dont know much more about them though.
    Sounds like they're SSL certs, and not code-signing certs, although they CAN be one and the same. Those URLs are probably certification authority chain seeds, to verify the certificates' authenticity and revocation status.

    --W5i2

  7. #37
    Moderator moosefist's Avatar
    Join Date
    Mar 2010
    Posts
    121
    Quote Originally Posted by weasel5i2 View Post
    If they're public keys, they are not of any use to us.. We need the private keys to sign stuff so the handset will accept it..

    I'm also trying the ADB-in-recovery exploit, but it doesn't seem to be working for me (yet!) -- I'll just have to keep trying...

    --W5i2
    I wasn't able to get it working myself. Have you tried getting in touch with shrilax at m3?

  8. #38
    Junior Member honz's Avatar
    Join Date
    Jun 2010
    Posts
    3
    I apologize for thinking, let alone uttering, the following sillyness.. but is there not a root-leveled user account on the phone whose credentials could be brute forced? Or some other way to force the system to boot from a 3rd party device which then could provide access to the phones file system where the passwd file could get overwritten? Or if the phone itself requires a signed bootloader, could not this requirement be even physically hacked out? or hit it with a jtag editor and given a completely new soul?

  9. #39
    Member weasel5i2's Avatar
    Join Date
    May 2010
    Location
    Austin, TX
    Posts
    87
    That would be awesome if we could get the bootloader to boot from a different partition on the sdcard.. Then just mount everything from there to edit it..

    As far as I know, there are no credentials of any kind to be had, due to the lack of a passwd file.. Any attempt to run busybox login or busybox sulogin complains about the missing passwd file to authenticate against.

    If I could mount stuff in user mode, or at least make some kind of fake /etc that my login would recognise, I could trick sulogin/login into letting me be another account..

    There are a couple of root-suid executables, but I don't think any of them allow any kind of interaction beyond what they're programmed to do..

    --W5i2

  10. #40
    Moderator SSeymour's Avatar
    Join Date
    Mar 2010
    Posts
    97
    You can add InstantRoot.apk to the list.Even tried extracting the asroot file and the scripts and modfying them to read from a different directory and it still didnt work.Still playing around with different options!

Page 4 of 5 FirstFirst ... 2345 LastLast

Remove Ads

http://www.scramblerducati.org/

Sponsored Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Similar Threads

  1. Full backup of phone
    By Epic Forums User in forum Samsung Epic 4G
    Replies: 2
    Last Post: 09-15-2010, 02:13 AM
  2. Samung Epic 4g HD Video Test by Server09
    By Epic Forums User in forum Samsung Epic 4G
    Replies: 0
    Last Post: 09-01-2010, 09:07 AM

Search tags for this page

at&t backflip root
,
bootloader usb init motorola backflip
,
engineering code for motorola backflip at&t
,
fastboot backflip
,
gayros
,
impeldown.c
,

motorola backflip bootloader usb init

,
motorola backflip rsd lite error sending jump command
,
motorola backflip rsd lite error sending jump command device
,
put moto backflip in fast boot
,
su binary update fail motorola backflip
Click on a term to search our sites for related topics.
Android Forum