Related
I was trying to learn about unpacking boot.img and tried to remove my initlogo.rle inside it since I do have a oemlogo.mbn (have 2 splash screens when booting). So I tried this tutorial on how to get that done in windows as I don't have a working Ubuntu as of now (although I still don't know how to do this the right way using Ubuntu). So I managed to unpack without errors, deleted initlogo.rle and repacked it without any errors. Then put the new boot.img inside an update.zip I made and flashed it into my phone. It was flashed successful. When I rebooted the system (from recovery) it was stucked at the oemlogo. Did I miss anything. My guess is that I didn't find out what my kernel base address is (don't know how to get it) and the script from the cygwin used a default address instead of the right one. So I tried to get my base address, unfortunately, I can't figure out how to do it. Can anyone help me out?
CANCELLED! GOT A NEW PHONE
Tried so many methods , non worked , I'd keep trying until one works , then I could port hTC Aria's CM10 to hTC HD MINI and redo all this again so that we can have 4.1 on our devices. Till then , I'd love it if munjeni or schlund helped me with the process , because it seems that the kernel extracted from boot.img needs modification , and that every OS needs its own initrd , I hope someone can help.
Update:
I found the required file's details , I have the ramdisk , I have the system.ext2 , what I'm missing is the required kernel , 3.0.1 , I just need a download link to that kernel, can't seem to find any.
Hi,
So I recently got into Android Development and so far , everything is good.
What I'm doing is using munjeni's CM9 ROM as a base for me to get the boot.img and the files in the folder /system/.
I tried to use iPlasm's CM9 ROM but I got some extraction problems , which I'll look into later.
I'm also using the initrd found in Shlund's posts , and the original HD Photon (Froyo 2.2).
I compared the two initrds and found out that the Froyo one was smoother and had lots of unnecessary stuff and that the CM7 one is better , but it may freeze , so I'm going to test both for maximum results.
To-Do:-Ability to Extract zImage from boot.img Done
-Extract system files Done
-Put System Files into system.ext2 Done
-Use shlund's both kernels and see which one works.
-Create a system.ext2
-Extend Data.ext2's size to allow higher storage on higher SD cards.
If you are willing to help on this project...then please help me with these:
I need an empty system.ext2 in ext3 format (so I can put the system files inside).
Or I need someone to be able to empty the system.ext2 that I have which I got from the Froyo 2.2.
Problems :Currently I'm facing these problems that may get fixed later:
Cannot delete bin and xbin from system.ext2 , which leads to files to be read when they are not needed.
No empty system.ext2 file present.
Cannot Modify the initrd to increase the space , looking forward to use this code:
When using the kernel from munjeni (extracted) all what happens is G1 logo appearing and nothing else.
Bases :
zImage from mujeni's CM9 from boot.img
iPlasm's boot.img
initrd from either schlund's CM7.2 or shlund's Froyo 2.2
/system/ from munjeni's CM9
HARET_PHOTON7227.exe from PhotonAndroid Developement
Startup File from schlund's Startup.
All help appreciated
I found a 200mb system.ext2 , however , whenever i put files in it , the next time I mount it I loose everything I put inside , but everything deleted remains deleted. -_-
Glad to see you're trying to do some,
You should not try cm7 kernel with CM9, You're trying to make CM9 SDcard version so forget about cm7 kernel (you may do only for comparing)
please, try the munjeni's boot.img from (update 04.Jun. for rom 24.May.2012) or mine, because the munjeni's rom (24.May.2012) boot.img is older kernel. the new one includes bluetooth fix (NOT Handset Car).
what i see in system.ext2 i don't think you should empty or even use them, it should be writing in command (terminal) that will create those files into EXT2 file.
here is an example: http://forum.xda-developers.com/showthread.php?t=1055923
You can collect more informations in HTC HD2 forums which include SDCard versions,
Have fun,
Will try that , because the kernel from munjeni showed me .T...Mobile and then did nothing. hopefully yours work
I just tried your way iplasm , and guess what , I get the same splash screen G1 TMobile.
any thoughts?
thethiny said:
Will try that , because the kernel from munjeni showed me .T...Mobile and then did nothing. hopefully yours work
I just tried your way iplasm , and guess what , I get the same splash screen G1 TMobile.
any thoughts?
Click to expand...
Click to collapse
Sorry to say that, this htc mini is not my phone, so I'm so limited to work on it. especially going back to windowsmobile for testing sdcard again. :silly:
Let me say, are you still using both these together froyo and merging them with other? don't do that.. this won't work. froyo things with other ROMs won't work!
You should do one ROM for it's settings, don't catch another things, for example froyo or things.
just those files be their,
1- HARET.exe
2- STARTUP.TXT
and begin to do, and choose the only one ROM you want to make it SDCard version,
about splash screen, it means you didn't applied them correctly, because none of these bootscreen include t-mobile,
I remember the cotulla's version was include AT&T splash screen.
iPlasm said:
Sorry to say that, this htc mini is not my phone, so I'm so limited to work on it. especially going back to windowsmobile for testing sdcard again. :silly:
Let me say, are you still using both these together froyo and merging them with other? don't do that.. this won't work. froyo things with other ROMs won't work!
You should do one ROM for it's settings, don't catch another things, for example froyo or things.
just those files be their,
1- HARET.exe
2- STARTUP.TXT
and begin to do, and choose the only one ROM you want to make it SDCard version,
about splash screen, it means you didn't applied them correctly, because none of these bootscreen include t-mobile,
I remember the cotulla's version was include AT&T splash screen.
Click to expand...
Click to collapse
I found the problem , I'm using a new system.ext2 created by me , I put the /system/ files of yours inside , then I took the kernel from your rom , and then I used schlund's initrd (because I compared it to the original initrd and found that the only differences were in :
1-splash screen
2-mounting the sd or mounting the ext/sd
3-order of command execution)
so I found out the Cotulla (the original creator of the init inside the initrd.gz ) has put a G1 .T...Mobile splash screen , and when the kernel is loaded , it is loading it as rom , not as sd boot so it launches the splash screen instead of launching the android bootloader , I'll have a look and see and luckily munjeni will reply to the pm I sent him (he helped me with creating the system.ext2 and the initrd)
thethiny said:
Hi,
may you help me with something?
I have a ramdisk (initrd.gz)
and a kernel (boot.img)
and an zImage (kernel main)
however , I cannot seem to be able to extract the zImage , but I did extract the boot.img and the initrd .
In order for me to make it SD Boot , I should allow SD boot from zImage , but I can't open , do you think you can do that for me?
Click to expand...
Click to collapse
look, zImage is Kernel, you're doing to open Kernel.. zImage isn't an Archive file. so You don't need to edit or open zImage
Boot.img contains RAMDISK & Kernel, RAMDISK=intrd.gz, Kernel=zImage
You will need to extract the Boot.img from CM9, and convert them to initrd.gz and zImage,
iPlasm said:
look, zImage is Kernel, you're doing to open Kernel.. zImage isn't an Archive file. so You don't need to edit or open zImage
Boot.img contains RAMDISK & Kernel, RAMDISK=intrd.gz, Kernel=zImage
You will need to extract the Boot.img from CM9, and convert them to initrd.gz and zImage,
Click to expand...
Click to collapse
ok I already did that , but the zImage extracted from CM7 , doesn't match the zImage from CM7 SD Boot (same ROM , same Dev , diff size).
So I wanna extract the zImage so I can modify the Boot section to SD Boot.
it's not easy to edit kernels, just a Q: have you tried from extracted cm9 two files the kernel & ramdisk and rename them to zimage and initrd.gz to SDCard and see results?
and if you really want to modify zimage (needs unpacking and repack), click here: http://lmgtfy.com/?q=Modify+zImage+Android
iPlasm said:
it's not easy to edit kernels, just a Q: have you tried from extracted cm9 two files the kernel & ramdisk and rename them to zimage and initrd.gz to SDCard and see results?
and if you really want to modify zimage (needs unpacking and repack), click here: http://lmgtfy.com/?q=Modify+zImage+Android
Click to expand...
Click to collapse
Yes I tried , also I'm a Windows User , so I use Cygwin , and none of the commands above worked! I tried using Ubunty 12 and I get error at line 12
I want to unpack the img but don't want to use in my pc(too confused).
so I want to unpack by the phone,
thank you
ytyyutianyun said:
I want to unpack the img but don't want to use in my pc(too confused).
so I want to unpack by the phone,
thank you
Click to expand...
Click to collapse
I don't think there is. Maybe I'm wrong too.
Basically all these boot.img tools are written in shell/bash and is made specifically to run in Linux distros.
Anyways there is an Android app called, Complete Linux Installer that lets you install any Linux OS in your phone. But I doubt whether boot.img tools work, as it needs various library files for it to work.
On a side note, I guess it would be more complex to do it in phone rather than in PC, if there is some way for it to work.
coolsandie said:
I don't think there is. Maybe I'm wrong too.
Basically all these boot.img tools are written in shell/bash and is made specifically to run in Linux distros.
Anyways there is an Android app called, Complete Linux Installer that lets you install any Linux OS in your phone. But I doubt whether boot.img tools work, as it needs various library files for it to work.
On a side note, I guess it would be more complex to do it in phone rather than in PC, if there is some way for it to work.
Click to expand...
Click to collapse
Thank you for your reply, but do you feel strange that the IMG is created by the recovery, so it is rational that there is a tool about IMG building. then why there is no apk. I mean some professional can extract just from the CWM recovery, I think.
need root
if you wanna get boot.img i think you must be rooted.
k0tsompakos said:
if you wanna get boot.img i think you must be rooted.
Click to expand...
Click to collapse
yes, I root, so I can use the recovery to back and restore,
I think any app that can access zip files in the internal and external memory can extract boot.img.
Like ASTRO File Manager and stuff...
recovery?
You wanna install a rom?
or recovery??
or we speak about boot.img? (Boot img is the boot animation when you turn on your phone.)
k0tsompakos said:
You wanna install a rom?
or recovery??
or we speak about boot.img? (Boot img is the boot animation when you turn on your phone.)
Click to expand...
Click to collapse
Nooooo
boot.img is the kernel (zImage + Ramdisk packed into an image file) that lies in the /boot partition
@ OP - If you want to extract boot.img itself, there are various methods and from CWM recovery like you said. I thought you were mentioning about how to unpack the contents of the boot.img say like zImage, Ramdisk and other files.
0ops
0ops yeah... :silly:
Searching for 1 minute and found this tool :good:
--> [TOOL] Boot.img tools [unpack, repack, ramdisk] <--
( I do not send link cause i am new here and can't :angel: )
It works. Have a nice day
k0tsompakos said:
0ops yeah... :silly:
Searching for 1 minute and found this tool :good:
--> [TOOL] Boot.img tools [unpack, repack, ramdisk] <--
( I do not send link cause i am new here and can't :angel: )
It works. Have a nice day
Click to expand...
Click to collapse
Yes, that's the tool and it works :good:
But as OP mentioned, he wanted to do it within phone, I highly doubt though.
coolsandie said:
Yes, that's the tool and it works :good:
But as OP mentioned, he wanted to do it within phone, I highly doubt though.
Click to expand...
Click to collapse
It could be done using this post http://forum.xda-developers.com/showpost.php?p=20227868&postcount=1124 and a hex editor from play store on your phone. But would be even more fiddly than on pc I would imagine, unless your phone has a largish screen. It could be done though.
If editing the ramdisk, you would need to unpack and repack after editing, which usually requires linux. I recently found http://forum.xda-developers.com/showthread.php?t=2036528 for PC, but have not had a chance to try it yet, seems best solution for OP
coolsandie said:
Yes, that's the tool and it works :good:
But as OP mentioned, he wanted to do it within phone, I highly doubt though.
Click to expand...
Click to collapse
thank you coolsandie, the android is based on linux, isn't it, and if I can, I can install busybox.and using the terminal like Android Terminal Emulator, but I do not know the procedure. like you, it's more complex,
Robbie P said:
It could be done using this post http://forum.xda-developers.com/showpost.php?p=20227868&postcount=1124 and a hex editor from play store on your phone. But would be even more fiddly than on pc I would imagine, unless your phone has a largish screen. It could be done though.
If editing the ramdisk, you would need to unpack and repack after editing, which usually requires linux. I recently found http://forum.xda-developers.com/showthread.php?t=2036528 for PC, but have not had a chance to try it yet, seems best solution for OP
Click to expand...
Click to collapse
it's good tool, it can unpack the boot.img, but as to the kernel, I don't know how to unpack. but this tool add to my favorite, thanks Robbie.
OK, I find the app, names: yaffs, the author I don't know because I found in the search engine. so I also cannot find the course
then the app,
Hi folks.
I have an unusual smartphone from a Brazilian manufacturer, CCE, who have been bought for Lenovo.
This manufacturer are not exactly knowed for their support our product quality and I'm prety sure my device will not be updated or suported for any longer.
It's the SK504 and I want to try to customize the rom, build tunning apps (battery consumption sucks) and things like that. I have a good programming backgroung but not for mobile devices so I'm stepping on eggs for now.
The first thing I tried to do was get a backup from my actual rom so if I mess with something I shouldn't I would be able to come back to a working version through fastboot.
long story short, I managed to obtain through romdump 5 files; checksum.md5, config.gz, system.info.gz and system.tar
but, in the posts I been reading, it gives me the idea that I should get a boot.img, a recovery.img and a system.tar.gz
And with this I would be able to generate my own system.img through a different process.
Since I'm not being able to find what I did wrong, can anyone tell me if there are a different way to get those boot.img and recovery.img?
I tried the "adb backup -f boot.img boot" but it generates a 1kb .img file and I don't believe this is a valid boot.img.
rhodesbauer said:
Hi folks.
I have an unusual smartphone from a Brazilian manufacturer, CCE, who have been bought for Lenovo.
This manufacturer are not exactly knowed for their support our product quality and I'm prety sure my device will not be updated or suported for any longer.
It's the SK504 and I want to try to customize the rom, build tunning apps (battery consumption sucks) and things like that. I have a good programming backgroung but not for mobile devices so I'm stepping on eggs for now.
The first thing I tried to do was get a backup from my actual rom so if I mess with something I shouldn't I would be able to come back to a working version through fastboot.
long story short, I managed to obtain through romdump 5 files; checksum.md5, config.gz, system.info.gz and system.tar
but, in the posts I been reading, it gives me the idea that I should get a boot.img, a recovery.img and a system.tar.gz
And with this I would be able to generate my own system.img through a different process.
Since I'm not being able to find what I did wrong, can anyone tell me if there are a different way to get those boot.img and recovery.img?
I tried the "adb backup -f boot.img boot" but it generates a 1kb .img file and I don't believe this is a valid boot.img.
Click to expand...
Click to collapse
Instead of making a backup, have you tried to find original restore image? Usually it is a an .IMG file.
qwertyu123 said:
Instead of making a backup, have you tried to find original restore image? Usually it is a an .IMG file.
Click to expand...
Click to collapse
I used Root Explorer to look for both, recovery.img and *.img.
No result.
try this http://forum.xda-developers.com/showthread.php?t=2450045
Hello!
Device: i535PP
Kernel version: 3.4
Build date: July 22(futex(towelroot) patched)
So, I am trying to get the symbol table or whatever the heck it is.
I do not have root access, that is what I need the symbol table for > read about that here
So I can't do this the easy way of just open /proc/kallsyms
I have the zImage from boot.img.
I have kept reading on google ect that the most common type of compression used by Android kernels is gzip.
I have looked for the gzip magic numbers in a hex editor and also using hexdump/grep and dd.
I tried using binwalk zImage | head and it didn't see any gzip headers in the file, it found lzo and "pcrypt" or something like that but. I found the magic numbers for gzip... I did some googling and. I belive the whole "pcrypt" is because I had my device encrypted, and I had the OTA flash able rom on my and did all the extracting and Shia on my phone. I have since then decrypted the device and reextract everything.
I believe I am supposed to be after piggy.gz...
When I get the offset and use dd to skip to the beginning of the gzip header and save, I do gunzip piggy.gz and it says that it's corrupted. When I use a hex editor it's also corrupted...
Anyone who has done this before, mind helping me out?
I'll upload the zImage if needed.
Just don't go get the addresses yourself and post them here, I want to get some of the experience out of this
I will be more than happy to add to the list of thankyous/credits when it's all done and I test then make a release. I would also be able to port the exploit to other devices too.
I think I know why....
Probably messed it up when I tried going it on a pc I moved it back and forth via ftp... I didnt have a usb cable at the time.
If anyone wants to take a shot at this, please do. I will love you forever.
No clue what you're trying to do, but my ArchiKitchen should be able to split kernel into zImage and ramdisk, and also unpack the ramdisk, allow you to make changes, and repack it back. You can also replace zImage only if you wish... However, beware, invalid zImage may lead to brick.
You're interested in barebones project. Then you put boot.img in proper folder, restart kitchen, and unpack boot.img.
And if you're interested in decompressing zImage, then sorry, but you're doing it wrong, zImage is compressed binary, and you can't unpack the binary, even if you manage to decompress it.
@JustArchi
Well, thanks for getting me some info about that. But if I understand correctly, zImage is the kernel yes? From what I have read on boot it decompresses itself and copies it into memory. I am not really trying to modify anything, trying to get to the kernel symbols for a device that currently has not working rooting method I am aware of(i535pp on latest build...). Locked boot loader, signature verification of system.img.ext4 so no adding su binary and done. Futex is a no go, kernel compiled July 22. I am trying to port cve 4322 to the device from poc code by retme7 to get a root shell and go from there. If you know how I can go about doing that or point me to a tut, would be great.
Would this help? http://opensource.samsung.com/reception/receptionSub.do?method=sub&sub=F&searchValue=I535pp
OpenSourcererSweg said:
@JustArchi
Well, thanks for getting me some info about that. But if I understand correctly, zImage is the kernel yes? From what I have read on boot it decompresses itself and copies it into memory. I am not really trying to modify anything, trying to get to the kernel symbols for a device that currently has not working rooting method I am aware of(i535pp on latest build...). Locked boot loader, signature verification of system.img.ext4 so no adding su binary and done. Futex is a no go, kernel compiled July 22. I am trying to port cve 4322 to the device from poc code by retme7 to get a root shell and go from there. If you know how I can go about doing that or point me to a tut, would be great.
Would this help? http://opensource.samsung.com/reception/receptionSub.do?method=sub&sub=F&searchValue=I535pp
Click to expand...
Click to collapse
If device has locked bootloader, you won't be able to flash custom kernel you made anyway.
Otherwise, you just compile kernel from sources, get zImage, and combine it with the ramdisk through my kitchen.
JustArchi said:
If device has locked bootloader, you won't be able to flash custom kernel you made anyway.
Otherwise, you just compile kernel from sources, get zImage, and combine it with the ramdisk through my kitchen.
Click to expand...
Click to collapse
I am not trying to make a custom kernel. I am trying to extract information from the kernel required for exploitation. I am not even sure I am going about this correctly. I need to symbol table. I believe I ptmx_fops and perhaps a few other things... I have the src, anything valuable?
OpenSourcererSweg said:
I am not trying to make a custom kernel. I am trying to extract information from the kernel required for exploitation. I am not even sure I am going about this correctly. I need to symbol table. I believe I ptmx_fops and perhaps a few other things...
Click to expand...
Click to collapse
Stop it, you're talking nonsense. You won't achieve the thing you want in that way.
JustArchi said:
Stop it, you're talking nonsense. You won't achieve the thing you want in that way.
Click to expand...
Click to collapse
How do I go about making cve 2014 4322 work on my device?
I have been looking and looking...
You dont understand what not having root does to me....