[Q] A genious needs help for unlock - great chance! - Transformer TF300T Q&A, Help & Troubleshooting

Hi all,
I've been quite happy with my TF300, but after RMA (like many, many, MANY before me), there's no way to unlock the bootloader. I know there have been numerous threads here on XDA, and they all end in "It can't be done, unless you have some sort of genious working for you". So: I went out and got myself a genious!
Dan J. Rosenberg, The one who unlocked the Moto bootloader, made -through motochopper- root available for our RMA'd TF300's, the genious himself. I've been in touch with him through e-mail, and basically he's more than willing to have a look at our bootloader. For him it's just another hobby
...But... I'm not a dev in any sense. I'm just a user who wants freedom when it comes to his purchase. And now the e-mails get technical. So I need your help, my dearest XDA'ers!
Here's the e-mail I received from him:
"I'd be happy to take a look at your bootloader, but I can't make any
promises, since it's entirely possible Asus has implemented the unlock
process in a cryptographically strong way that is impossible to bypass.
Would you be able to pull the boot partition from your device and send
it to me? Let me know if you need instructions on how to do this."
Is there anyone out here able to help me out??!
I guess if there is ANYONE out there who can do this, Dan is the man. Let's do this!

If your tablet went through RMA you can't unlock it? Seriously?

Sphinix said:
"I'd be happy to take a look at your bootloader, but I can't make any
promises, since it's entirely possible Asus has implemented the unlock
process in a cryptographically strong way that is impossible to bypass.
Would you be able to pull the boot partition from your device and send
it to me? Let me know if you need instructions on how to do this."
Click to expand...
Click to collapse
Our bootloaders encrypted which is probably what he means.
Also the bootloader has changed from version 4.0 to 4.1 to 4.2!
It would be interesting to find out if you can do a brute force attack to try and work out the keys.

Related

Looking For Volunteers To Test BL Unlock (you could get money)

Hi, so jimbridgman and I have been working on the Boot Loader unlock stuff, and may have an idea. It seems to easy to be true but is worth a shot.
Now, this means we need someone to test it. Here is what we are asking for:
1. at least 1 person to test, we will not need more than 1 person for this initially, but if it fails we will likely need more so feel free to volunteer anyways and we can renegotiate the terms for a later test
2. you must have access to a computer with fastboot and be familiar with how to use it.
3. You must be familiar with how to get yourself out of a general softbrick, such as a bootloop.
4. You will be paid 20% or $150 of the bootloader unlock bounty (http://forum.xda-developers.com/showthread.php?t=1837363), whichever is lower if and only if this method of unlocking succeeds.
5. If this fails, which it most likely will, You will almost definitely be HARD BRICKED. That means you now own an expensive paper weight. That said you will likely be able to get a replacement through AT&T if you are with them so make sure you know your options.
6. You must be on ICS or Be willing and know how to upgrade to it.
7. Your phone must be a U.S. AT&T model
Click to expand...
Click to collapse
You must also fully understand that we do not take responsibility for what happens to your phone and we are well aware that it will likely brick. you CANNOT hold us or anyone else responsible if you are unable to restore or get a replacement.
That said we will do our best to help you unbrick if possible, but it likely will not be.
Please reply here if you are interested and Jim or I will PM you with more info. feel free to ask any questions you have here as well.
I'm in. PM me in you need to, I have nothing to lose, and (hopefully) everything to gain! :good:
Thanks lkrasner!
So this will test to see if we are even able to use that BL we found, just so that everyone has an inkling of what we are doing.
If your still looking for volunteers Im in
I have fastboot on both windows and ubuntu
I have recovered from many soft bricks
I am willing to sacrafice my phone if I need to
I've got to do a bit of charging - didn't realize I let my phone power off with no juice, so I'll report back in about an hour or so... Sorry.
Edit: I will PM Jim and lkrasner my results. Stay tuned guys.
Sent from my SAMSUNG-SGH-I747 using xda premium
I'm down. PM me if it's still on the table. You might know me better as Gonz013 from IRC, or the guy with the unrootable phone...
lkrasner said:
Hi, so jimbridgman and I have been working on the Boot Loader unlock stuff, and may have an idea. It seems to easy to be true but is worth a shot.
Now, this means we need someone to test it. Here is what we are asking for:
You must also fully understand that we do not take responsibility for what happens to your phone and we are well aware that it will likely brick. you CANNOT hold us or anyone else responsible if you are unable to restore or get a replacement.
That said we will do our best to help you unbrick if possible, but it likely will not be.
Please reply here if you are interested and Jim or I will PM you with more info. feel free to ask any questions you have here as well.
Click to expand...
Click to collapse
Good luck gentleman....may the gods be with you.
Sent from my Galaxy Nexus using xda app-developers app
Tuned in here .....
Godspeed gentlemen...and good luck.
Sent from my MB865 using xda premium
I'll try it if you need another tester.
Sent from my MB865 using xda app-developers app
Thanks guys. We are still tweaking. We did a test run today and it did not brick nor unlock. So... back to the drawing board.
Sent from my SAMSUNG-SGH-I747 using xda premium
I'm in when y'all are done with tweaking. Building a Linux server for my daughter's school. It's going too good I have to have some excitement over the weekend.
...
Can you tell us what you tried or a simplified run down?
mind sharing the details & result?
Without getting too involved in details, basically the awesome developers here made up a flashable .zip using the NS Bootloader. Flashed fine, no brick, but as Jim mentioned above, still locked. Also, as mentioned by Jim, he and the other guys are still tweaking things, so please... EVERYONE... stay patient and don't start getting all worked up just yet. I'll leave the rest of the updates to him, lkrasner, alteredlikeness, and/or cogeary.
And guys, please don't explode this thread with asking for updates, when they come, you will be informed as soon as they are discovered. Just stay calm, patient, and keep fingers and toes crossed...
Thanks for letting us know what's going on. I'm just an info junkie. Its all for the bigger picture. Plus when I talk about it with people like my pops who's been using Linux and embedded systems since the beginning I can give a little run down. Who knows maybe a fresh idea might pop out. Again thanks for the update and all the work.
Sent from my MB865 using Tapatalk 2
Once you have flashed have you tried doing the fastboot commands to attempt to retrieve the device id and unlock keys that are needed for the Moto unlock bootloader site? Maybe the NS Bootloader is locked but has the ability to be unlocked via this site. Just a thought.
jboxer said:
Once you have flashed have you tried doing the fastboot commands to attempt to retrieve the device id and unlock keys that are needed for the Moto unlock bootloader site? Maybe the NS Bootloader is locked but has the ability to be unlocked via this site. Just a thought.
Click to expand...
Click to collapse
I was thinking the same thing.
I am no expert, but that seems highly unlikely. considering that moto doesn't support unlocking our device, and it is their web site you need to get the codes from.

Exactly how do you root a phone?

I've always been curious about the way the developers/"hackers" actually root/unlock the phone. It seems that many release their rooting/bootloader unlocks but never explain how they did so. Why is that?
It just doesn't make sense that people go through all the work and never explain the how and what...So, my question to all of the bootloader/root developers is; how did you figure it out/get it working/un hard brick/etc. your phone? What exactly did you do to root/unlock your phone?
Note: I'm referring not to the '1-click' utilities that people use, but rather to the people who made them (Just to avoid confusion).
The only resource I've found on how someone unlocked a bootloader is the azimuth security blog post on unlocking the Atrix HD bootloader (I can't post a link)
Yes, I would like to know this as well. What little I do know, is that Developers use SDK/Android tools for the rooting (and as far as I know, unlocking the bootloader) process.
I'll admit my guilt in not searching XDA for these answers, but hopefully someone will chime in and give us a path to follow.
is that mean we must mastering java languange to be able modifying? or is there anothar way?

[Investigation] Android Security - possibility to (re)lock bootloader / harden phone

Hello girls and guys,
I am looking for a method to safely sign my own custom ROM the same way the "stock" system/recovery gets signed, so that I still have the feature to relock the bootloader after installing a recovery that only accepts zips signed with my private key.
What I have found so far are the following resources:
Android Specific:
https://source.android.com/devices/tech/ota/sign_builds.html
https://mjg59.dreamwidth.org/31765.html
http://www.cs.cuhk.hk/~cslui/PUBLICATION/ASIACCS2014DROIDRAY.pdf
http://wiki.rootzwiki.com/Signing
Device/Bootloader specific:
https://developer.qualcomm.com/download/db410c/little-kernel-boot-loader-overview.pdf
https://www.codeaurora.org/blogs/little-kernel-based-android-bootloader
https://github.com/littlekernel/lk
https://www.w3.org/2012/webcrypto/webcrypto-next-workshop/papers/webcrypto2014_submission_25.pdf
https://sturmflut.github.io/mediatek/2015/07/04/mediatek-details-partitions-and-preloader/
https://sturmflut.github.io/mediatek/2015/07/05/mediatek-details-little-kernel/
https://groups.google.com/forum/embed/#!topic/android-kernel/cafLHDWTOiE (some explanation)
http://newandroidbook.com/Articles/aboot.html http://newandroidbook.com/index.php (book about it)
http://forum.xda-developers.com/android/help/phones-secure-boot-locked-bootloader-t3276098
http://forum.xda-developers.com/oneplus-one/help/oneplus-one-lk-little-kernel-bootloader-t3269111
Goal of my reasearches is to have a locked down experience just like when I have bought a device.
I currently have a Oneplus 2 and a Nexus 5 for research and testing purposes.
Excuse me if I have not any technical expertise in this area in future posts,
all I want is to collect documentation, understand how the concept works
and maybe build my own ecosystem where I compile or only sign things I want to have on my phone and possible third partys can't modify anything.
Not even one person that knows a person who knows a person?
I'm happy for every hint!
Jann F said:
Not even one person that knows a person who knows a person?
I'm happy for every hint!
Click to expand...
Click to collapse
I'm on a oneplus 2 with a locked bootloader. Custom ROM

I really want root

I'm a noob at programming and I want someone to make an exploit to root SM-G950U on Oreo. I got this phone on ebay and it was on Oreo when I got it and I can't downgrade. Please, I had a rooted SM-J327P and it was cool but this phone has way better specs. I didn't get to do some things on that phone because it got stuck in a boot loop and I couldn't fix it. My software version is G950USQS3CRE2. I know it will be difficult but I was told that it's impossible to stop a hacker by a family member who is good at programming. I can't take people being defeatist saying "It's impossible." If my dad who's good at programming says it's possible, then it's possible.
No one replying
Why has no one replied yet? Is it because people just started working on the exploit when they saw my post so it's not finished yet or are people just ignoring me? I hope it's the first one because I don't like to be ignored. I might be able to give suggestions as to what the exploit could look like. Here's one. We could try to bypass the fuse checks like with hekate on the Nintendo switch.
Respectfully, search the forums. There is as of yet no way to root Oreo but the devs are working on it. And please have a bit more respect for those who spend countless hours working on it who'll make it available to you FOR FREE. Do what I did and make a donation out of your appreciation. Perhaps if they charged for root methods, you would have a bit of a different tone.
Melsbacksfriend said:
Why has no one replied yet? Is it because people just started working on the exploit when they saw my post so it's not finished yet or are people just ignoring me? I hope it's the first one because I don't like to be ignored. I might be able to give suggestions as to what the exploit could look like. Here's one. We could try to bypass the fuse checks like with hekate on the Nintendo switch.
Click to expand...
Click to collapse
The root method was patched there is no root past rev 2 bootloader and more than likely wont be. If you want root get a root friendly device.

Question Anybody have any clue as to how one would go about unlocking A536W or other models' locked bootloaders?

I've tried looking around online and whatnot and have asked many people (even going as far as to email Samsung's team in hopes they might help out somehow) but I always end up back at square one. I genuinely doubt that it's impossible, but I don't know where else to go or what else to do. Does anybody know of a device with a similar situation that I might be able to work a method off of? Perhaps another Samsung device previously thought of to be "impossible to unlock" that I may learn something from? I'd really love to be able to unlock and root and flash this device, as its hardware is quite nice and fast: it's just unfortunate that it gets stuck with OneUI (I know everyone has different opinions on the matter, but I just really don't like Samsung's OS, personally).
Any help or guidance or advice - no matter how small - will be greatly appreciated. Thank you in advance.
you are not having the able to unlock the locked phone that has locked bootloader because they don't wnat you to unlock your phone
TringQuack said:
you are not having the able to unlock the locked phone that has locked bootloader because they don't wnat you to unlock your phone
Click to expand...
Click to collapse
Realme RMX2155 was previously thought to be not unlockable for awhile but somebody ended up cracking it via editing firmware files via hexeditor and some other stuff. Eventually, somebody found an even easier exploit. It's not quite the same as the A53, which is why I'm asking if anybody has any ideas. Tons of unofficial methods exist for different models - some easier and some more difficult. If everybody thought that an official method had to be the only way, I'm near-certain XDA forums would be mostly dead with only a few device-forums active.
I've asked on here previously about unlocking the bootloader for my A536U, but it really went to dead ends. The best asset to cracking these devices is time. Just be patient, someone may find an exploit soon.
Although, finding an exploit has been done for phones, I read years ago that someone who did that for one only got it by chance. Its not easy.
Anyone however can sell it or trade it in and buy a device that's unlockable. Much easier.

Categories

Resources