Possibly Useful Backflip Certificate
This is a discussion on Possibly Useful Backflip Certificate within the Motorola Backflip Development & Hacking forums, part of the Motorola Backflip category; I just extracted this from cefs.mbn which I extracted from the 0.13.35 update SBF using PSAS analyzer software .. It appears to be a valid ...
Possibly Useful Backflip Certificate(s)
I just extracted this from cefs.mbn which I extracted from the 0.13.35 update SBF using PSAS analyzer software.. It appears to be a valid certificate, but I'm not sure if it's a public key or a private key.. Can anyone make any use of this? When I get home from work, I will try signing a copy of the SuperUser hack update.zip with this cert, and see if the phone will accept it..
I have a feeling that is probably not going to be useful, but let's not be pessimistic.
Plus, SkrilaxCZ is getting VERY close to r00ting the Backflip. Much closer than I've been able to get. He understands the internal workings of the Motus hardware much more intimately than I do. My only real experience with Moto stuff has been hacking seem files on ancient TDMA/CDMA handsets up to the V3 series.. This new Android-capable hardware is new to me, but I am definitely learning a lot of new stuff.
EDIT: It isn't a signing cert. It is a CA cert, establishing a chain of trust. HOWEVER, the next two certs I am posting here ARE Motorola certs, and are unverifiable (I imagine without the chain established by THIS cert, hehe)
Android.net is the premier Android Forum
. Registered users do not see these ads. .
Two certs I extracted from bootsec.mbn. They absolutely do appear to be Motorola certificates. Whether or not they can sign stuff is a different story, the ending of which is to be determined later tonight.
OK, ignore the previous two attachments. I went ahead and used PSAS to extract all the certs from all of the secured MBN files. Here's what I found:
Attached file, 0.13.35-all-certs-found.zip:
- systemsec.mbn-certs(67!!).zip - 67 certificates found!
I need to compare these files when I get home and see how many of them are copies of the same cert(s).
Wow... good luck!!! Keep us posted and congrats!!!
I made a quick perl script (if u want it ill post it) to go through the dirs and diff everything with every other cert. these are the same. (groups are all the same file, newlines denote new group.)
So are these the private keys that are needed to root the Backflip?
@Mimaketi: Awesome, thank you for that, saved me some time! This means, however, that the bulk of those 67 certs are unique! I need to do more analysis on them and see if I can't figure out exactly what they are for.
@monday: Not sure yet.. Maybe! ^_^ Still need to do some experimenting..
It's a class 3 signing cert containing an encrypted public key, thumbprint and thumbprint algorithm.
Originally Posted by weasel5i2
Ive posted some more CA Certs in this thread if they can be of any use to you,they are available
OK, so it is obvious I know nothing about PKI. :P
There are no Private Keys, which is what we need. These all appear to be Public Keys, which is not useful. Using openssh, I scanned all the files for useful stuff, which found nothing. Lots of public keys and various CA certs, but not a single private key to be found.
If, in a PKI usage situation, one were to release the Private keys, the whole point of PKI would be invalid. To have even imagined that the private keys would have been included in the public released images, is just plain silly.
Sorry for wasting everyone's time re: these certs.
Still hacking away at the Backflip, though..
Search tags for this page
certs but that backflip tho
Click on a term to search our sites for related topics.