Hey guys,
I've done some dev on *NIX before, including writing ways to sign my own packages using encrypted hashes and the like. Does anyone know the method that HTC is using to sign the zip files?
The reason that I ask is because I'm interested in trying my hand at reverse-engineering the signature. I am sure some of you guys have already done some work in that area, and I'd rather not repeat someone else's effort if y'all have already taken steps to break the signature. My CSI teacher told me to never start from scratch if someone else has already done good work. It's insulting to them, and makes more work for you.
Where are you folks at with breaking the signature? Is the method known (i.e., is it based on files inside the zip, is based on the bits of the zip, is an additional hash or added metadata, etc)? I would really appreciate any feedback on this if you have the time.
EDIT: For those of you who are leakers or users et. al. DO NOT get any hopes up about this thread. I'm just getting started and this idea could fizzle within minutes of you reading this particular sentence. Anyone posting, please focus on practical suggestions or comments such as sickbox's initial comment below. Thank you!
I've wondered about this since the beginning.
I understand just how complex signing can be (to some degree, I'm not a math guy but I understand scale).
My thought though is we can utilize several tools to make this process possible - though I have no idea how to implement most of this to make this possible. Maybe I'm nuts, but here goes...?
- We now have what, three or four different HTC signed images in the wild with another on the way (OTA). Would it be possible when trying to reverse the sig to utlize the differences between the packages to narrow the cope a bit?
And next
- Using GPUs to process data like this has been shown to be exponentially more efficient and effective than CPUs. What would it take to use some of our awesome GPU power ( a la CUDA) to attempt this task?
Lastly:
- Can we break up the processing required among several of us to speed things further?
I know this has probably been thought of before and discarded for good reason, but I guess the more ideas the merrier.
I'm no CS guy, but I would love to help! I'm one of those unfortunate leakers but rather than whine I'm looking for ways to help. Reversing the HTC key would make life sooo easy. Who knows, maybe they'll use the same key on the next few phones?
Pretty much why I'm asking NOW is because I have enough packages for me to examine and compare and test against. I'm not the best or the most experienced at it, but this kind of thing is fun for me and fits into my spare time. When I have spare time.
It's not the signing we need to know how to do its the cryptographic key that they use to sign their packages that we need. The private key changed with the last bootloader so even if we cracked the key before the couple hundred years it would have taken us to crack the one used for 1.5 we would have to do it again now for 2.1 stuff.
Just look around for test signing and such and you can find the test key that people use to sign stuff as well as the method used to sign the package.
As far as getting the key... you will have to know someone from HTC who would risk their job to get you a copy of their private key.
Greetings Sickbox,
I guess my intention isn't clear. I want to be able to sign packages regardless of what key HTC uses. We have a signature, and we have keyhole. I've noted that the behavior on my Eris is that the signed packages check out just fine each time no matter what version I'm trying to flash (obviously, cannot downgrade, I know, but trying to downgrade still passes the signature and it is the version that fails). So what I would like to do is reverse engineer the signature not necessarily to find the key, but to discover how to create keys. I have 4 different packages, and two test keys that I can examine.
I'm only wanting to know if someone knows how the packages are signed so that I can eliminate looking at all the signing methods. In my research so far, I haven't been able to google, bing, or yahoo anyone who knows what method is used to sign the HTC official packages.
That help, Sickbox? Thanks for your input, I really appreciate it.
So the intent is to reverse engineer the key correct? Then we can sign whatever we want...
Or are you trying something else?
Just want to see if we're on the same page.
1234567ten
I don't necessarily want to reverse engineer the specific key that HTC used to sign any one package, but rather the template for the keys. A prime example of this kind of key decryption would be DeCSS written by DVDJon. He quit trying to reverse engineer the keys used to encrypt DVDs and reverse engineered the decryption of DVD signatures.
I'm not using technical terms for the following, but basically when you sign or encrypt something, the key used is not found within the package or signature, nor is it in the program used to verify the signature or decrypt the package.
If I can do nothing with the signatures of the Eris roms, it's no waste to me. I have fun with this because I want to design an open source DRM system someday. *Sigh* dreams.
Try these. I'm still not sure if I fully understand your question but this as much as I could come up with.
Found by searching "android signing" & "android sign rom" on google if you wanna see what else might come up.
http://developer.android.com/guide/publishing/app-signing.html
http://androidforums.com/developer-101/8665-how-signing-roms.html
sickbox said:
Try these. I'm still not sure if I fully understand your question but this as much as I could come up with.
Found by searching "android signing" & "android sign rom" on google if you wanna see what else might come up.
developer.android.com/guide/publishing/app-signing.html
androidforums.com/developer-101/8665-how-signing-roms.html
Click to expand...
Click to collapse
Hmm... maybe I was being too specific when looking for "htc sign rom" and "eris htc sign rom," etc. I'll see what I can cull from those broader searches. Thanks for the tip, sickbox.
np
34567ten
You might have noticed that there is a little bit of confusion in the posts here when "signing" is brought up; there are two completely different signing methods in use.
The first applies to applications (.apk bundles), "update.zip" files (which could be used with Amon_RA's recovery), and OTA-delivered update files. The distinguishing feature of these .zip files are: 1. They have a META-INF folder in them with two Manifest files and a RSA public key file, and 2. there is nothing "unusual" about the zip file itself. (The contents of the zip file are signed, but the whole zip file is not.)
The second type is the "rom.zip" files buried inside the MR1/MR2 " RUU" updates. These files, when renamed to PB00IMG.ZIP, can be used with the bootloader to update the phone. The distinguishing feature of this type of file is that: it has a mystery blob of binary data at the front of the zip file - 256 bytes. The rest of the file is an ordinary .zip file, and if you unpack it you will find that there are no manifests, no META-INF file, and no public key certs. (In this case, the entire zip is signed, but none of the individual content files are.) I think it is this second type of signing you were referring to in your posts, but honestly I am not certain.
The first form of signing is perfomed with a java tool called "jarsigner", and its behavior is well understood: it creates the first manifest file by computing SHA-1 hashes for every file to be included in the .zip archive. Then, it creates a second manifest file which shadows the first one, and for each SHA-1 hash value, it "signs" them using the signer's private key. In this 2nd file, it also computes the hash for the complete (1st) manifest file, and signs that hash. In any event, what I mean by " well understood" is that this is just a standard use of RSA public key cryptography, using widely deployed Sun Java tools. Break it and you will have made quite a name for yourself.
Now, as for the 2nd type of file - rom.zip/PB00IMG.ZIP, I have not seen anyone (yet) describe the format of that MIC (Message Integrity Check) 256-byte blob. I poked at it a little, but certainly not exhaustively.
If you want to add to the knowledge here, try and discover what the "format" of that MIC is. I suspect that even if you do that, you will find that the sig uses exactly the same PK tools that are already built in to the bootloader - from the standpoint of practicality, it really doesn't make any sense why HTC would " roll their own" when they already went to the effort of coding RSA tools into their botloader(s).
bftb0
Hey bftb0,
You answered my question PERFECTLY. Nobody I've spoken with elsewhere has yet brought up the RSA encryption that's already built into it. You're probably only second guy to mention it, beyond some dude in an IRC somewhere (and I think he was drunk at the time).
Knowing that it is just additional bits on the zip, has anyone thought off hacking it off and paring it to another zip in an attempt to "sign" the zip (I've done this successfully with various signed ISOs)? Also, the public key could be arrived at, given two factors, 1. The same key was used for all Eris 2.1 packages; and 2. The "blobs" of data can be sufficiently compared and I have enough computing power.
Thank God I may be getting an intel I7.
Or I'll just borrow my friend's PC.
I hope I'm not just blowing steam, because it would suck to get working on this and then find it's impossible. But they say that about a lot of key encryption schemes. LIKE RSA on Blu-Ray.
Thank you so much bftb0
Don't read too much "encouragement" into my post; I responded in order to shed some light on the way that HTC is doing things, and that's about all.
If you think about it carefully, you will understand that the manifest-signing operation gives you hundreds, if not thousands, of individual plaintext/crypt-text pairs that are all signed with the same private key. That doesn't mean that a known-plaintext attack is easy, though.
The EFF commissioned a project a couple of years back where they built custom hardware that would brute-force key searches for short keys- 256 bit keys IIRC. The machine they built was a parallel processor built from fpgas/DSPs, and it could recover keys in a few days. Their budget for that was in the low 100,000s. Offhand, I don't know what key length HTC is using, but I doubt it is 256 bits.
I don't recommend you spend any cycles trying to brute force a key recovery.
bftb0
bftb0 said:
Don't read too much "encouragement" into my post; I responded in order to shed some light on the way that HTC is doing things, and that's about all.
I don't recommend you spend any cycles trying to brute force a key recovery.
Click to expand...
Click to collapse
Dude, I was so encouraged that I want to rip open my PS3 and put it to work RIGHT NOW.
Not really. I'm too lazy-assed to spend much time brute forcing it. I'd rather pick it apart and see if there's anyway to mimic the signature. Your advice that it may be RSA based is more exciting in that it helps me know what I may be dealing with. I hope to pick at the binary data appended to the signed roms either tomorrow or next weekend.
And thats what I appreciate.
I'm not sure what you're trying to do. You either brute force the private key, using various bits of super-math (e.g. elliptic curve cryptography?), or you give up and move on -- perhaps looking at patching the subsystem responsible for validating signatures (dangerous for production use).
There are no "mimicing" possibilities and swapping blobs/zips around is just silly. You should spend your time elsewhere, like reading up on how public-key cryptography works.
Thanks WithinRafael,
I think some of what I've written above shows I'm researching public-key cryptography. I really appreciate your thoughts, and it became clear by the end of sunday that the signature is specific to the package. Without me doing much work, mostly research. RSA is a load of work and I do not want to mess with trying to crack that.
I recently became interested in trying to turn S-off. Someone recently gained RW access to NVRAM, and I'm hoping this weekend to move on as you mentioned. Thanks for the good discussion, guys!
with a pen....duh j/k
Anyone have a supercomputer? ...lets brute force it.
Is there a way to check if a rom passes the signature test without trying to load into the phone? Can we check if the signature passes on a computer?
If so we could sign it with all possible keys and see which one passes.
Is this frowned upon and shouldn't even be discussed? or would it just take too long to do? ... or is it just not possible to check the signature on a computer?
... or all of the above?
DarthMowzy said:
Anyone have a supercomputer? ...lets brute force it.
Is there a way to check if a rom passes the signature test without trying to load into the phone? Can we check if the signature passes on a computer?
If so we could sign it with all possible keys and see which one passes.
Is this frowned upon and shouldn't even be discussed? or would it just take too long to do? ... or is it just not possible to check the signature on a computer?
... or all of the above?
Click to expand...
Click to collapse
We can check the signatures based on what is stored in the Manifest file inside the PB00IMG.zip file.
It is possible to brute-force it but it would take years to do so it isn't really worth the effort.
I have a question about WinMo / Batch files
I want to keep 'certain' images in one folder, along with 2 batch files
show.bat
hide.bat
If hide.bat is executed it converts all the file extensions (.jpg) to .895 (or anything random)
If show.bat is executed it reverses the process.
Where as this entire process is working flawlessly on the PC the batch files do not execute on Winmo, what is the way around?
I feel this should be the easiest way to hide unwanted content when you leave your phone unattended around home or work OR worse, give it to your partner to play with
thanks
V
P.S. - if there is already a utility that does that please let me know!
have a read up on mortscript.
http://www.sto-helit.de/index.php?module=page&entry=ms_overview
Methinks someone is trying to keep their Pr0n hidden ....
Mortscript is your way to go ....
but there are , I know I've seen them in action , just don't know what it is called, a program that keeps an encrypted file store on WM that can only be access with a pw.
I know a little off base from your question but .........
samsamuel said:
have a read up on mortscript.
Click to expand...
Click to collapse
Thanks Sam I will read up on this.
watcher64 said:
Methinks someone is trying to keep their Pr0n hidden ....
Click to expand...
Click to collapse
Ofcourse, what else???
Its pr0n for them..... for us its 'me' time
disregarding the nature of yours khmmm... "important documents of sensitive nature", I'd rather recommend more adult solution, i.e.
FreeOTFE: "free, open source, on-the-fly transparent disk encryption program for PCs and PDAs"
p107r0 said:
disregarding the nature of yours khmmm... "important documents of sensitive nature", I'd rather recommend more adult solution, i.e.
FreeOTFE: "free, open source, on-the-fly transparent disk encryption program for PCs and PDAs"
Click to expand...
Click to collapse
+1 That was one I had seen but could not remember the name ....
But what I wonder who does the OP give his phone to that might see his "Sensitive" Documents, hell my HD2 rarely leaves my hand when it is on , except when I need a free one .......
Oops, seem to have cross posted due to having two tabs open, cant make sense of the changed layout!
Mods please feel free to delete this thread if no one has answered!
Hi all!
An oldie but a goldie!
I've changed from S6 32g, to S6Eedge 64g since I was running out of space.
Now I need to transfer 4000 photos (sorted by date) to the new phone. A direct copy from PC converts all the created dates to the current date (ie when transfer is done) which as you can imagine screws everything up royally!
Ive tried and failed in many many many ways including:
Samsung Smart Switch
FTP
Syncing programs from pc to phone
ADB push
WEBdav
Hail marys, and praying to every god out there
They all bugger up the dates...........
The ONLY ONLY way Ive found out that works is by zipping up the original files, transferring to new phone, and unzipping locally with Total Commander. ONLY Total Commander seems to be able to unzip and preserve the dates, all the other file managers and extracting programs (I tried 10-15) out there can NOT manage this. Total Commander probably works cuz im rooted, and it can use this.
HOWEVER this only worked with smaller directories, but my main pics folder is a 8 gig compressed zip, and when I try the same way Total Commander only manages to unzip the same 700 files and stops (anyone else come across this limitation?). So the only way I can manage is to zip up the original files in 7-8 different zip files and unzip locally individually, which is a big hassle.
Ive googled many threads on this problem, most of them were unresolved and some solutions refer to previous android versions or software and dont work anymore.
I'm hoping that you all dont spend four days setting up a new phone everytime ( home screen and app settings is a whole different drama! Thank you Titanium backup! iOS really has the jump on Andoird when it comes to changing phones...)
The only thing I can think of which I havent tried yet is USB OTG, since I dont have the cable. Anyone can confirm whether this method keeps the dates unchnaged?
So in your experience, whats the best way of doing this? How do you guys do it?
To be honest for 4 thousand photos swapping back and forth between devices you are better off using a could storage. Especially if you want to minimise the risk of loosing them all if something goes wrong. All zip folders will extract with the original date it. You could try and torrent you DCIM folder and language download it to your computer. Torrents download with their file dates intact.
Thanks for your reply!
IMHO this cloud thing is actually whats causing so many of the problems in hardware design these days in general.
Why is it so hard for companies to realise that when you are two floors underground, or roaming or even in middle of central london, net connection is not guaranteed......
Let alone the speed, convenience, security issues etc etc etc
As to the loss risk, I back them up on my home pcs regularly with a sync application, which ironically enough works perfectly well thank god!
So for me cloud is a no go....
As to your other suggestion, sounds great
Can I torrent just on the local net? ie direct from phone to pc?
Any apps you can reccomend? will save me trawling through a hundred crap apps in GPlay.
Thanks again for your time, its appreciated!
PS re what you said about all zips extracting correctly. Can you try on your device? Zip up a few small old files on your pc, transfer the zip to phone, extract there, and check the dates.
All except one of the ones I have tried do it, as mentioned above.
PPS Gave your torrent suggestion a go, no joy. All the transferred files had the new date ;-(.
I tried the the utorrent android app...
Update and for future help for people who will come across this issue.
I managed it!
I used Total Commander on the phone through the LAN plugin function, to access my backup folder on the pc, select all files and copy to local phone directory.
You need to initiate the copy from the PHONE on Total Commander, ie pull the files onto the phone, dont copy them by drag and drop from PC.
It took a while but it was done!
Dates and timestamps all preserved and correct!
I'm trying to open and see a lot of files from my HP notebook running windows 10. There's files like "data" and "bin" and "dot". Some are "db" files. Hell there's even their type just says "file". What's the best app that can open and view these types of files on Android? Or do I need to get a app for that on the laptop?
Michael Romanov said:
I'm trying to open and see a lot of files from my HP notebook running windows 10. There's files like "data" and "bin" and "dot". Some are "db" files. Hell there's even their type just says "file". What's the best app that can open and view these types of files on Android? Or do I need to get a app for that on the laptop?
Click to expand...
Click to collapse
Just Curious! Why on earth does anybody need to open system files manually?
Michael Romanov said:
What's the best app that can open and view these types of files on Android?
Click to expand...
Click to collapse
Depends on what the contents of those files are. The file extensions don't provide much of an indication. "data" could refer to ANYTHING. "db" is probably a database file, maybe sqlite? Or maybe not. Who is to know?
Michael Romanov said:
I'm trying to open and see a lot of files from my HP notebook running windows 10. There's files like "data" and "bin" and "dot". Some are "db" files. Hell there's even their type just says "file". What's the best app that can open and view these types of files on Android? Or do I need to get a app for that on the laptop?
Click to expand...
Click to collapse
.bin is a binary file. It and a .db (database) file cannot be read using a text editor. I will guess the same issue will occur trying to view a .data file. Even viewing them on a laptop is problematic as they aren't in a human-readable form. The only exception to the above would be if the files have had their file extensions changed from their originals.
Outside of that exception the only way I can think of to view information inside of these files is with a Windows hex editor like HxD, and even then what you see will be limited. Regardless, I wouldn't bother with Android for this task, even though I'm sure Android has hex editors. The laptop's screen makes such work easier than on Android.
aimsjahan said:
Just Curious! Why on earth does anybody need to open system files manually?
Click to expand...
Click to collapse
Lol for the sake of plain curiosity. I'm new to a lot of this so I'm not sure what is and isn't possible or in this case practical.
Strephon Alkhalikoi said:
.bin is a binary file. It and a .db (database) file cannot be read using a text editor. I will guess the same issue will occur trying to view a .data file. Even viewing them on a laptop is problematic as they aren't in a human-readable form. The only exception to the above would be if the files have had their file extensions changed from their originals.
Outside of that exception the only way I can think of to view information inside of these files is with a Windows hex editor like HxD, and even then what you see will be limited. Regardless, I wouldn't bother with Android for this task, even though I'm sure Android has hex editors. The laptop's screen makes such work easier than on Android.
Click to expand...
Click to collapse
So basically the juice ain't gonna justify the squeeze for this. Alright. Thank you for letting me know this is basically a waste of time. I'm new to all this and was just poking around in the laptop and kept running into **** I couldn't read is all.
Michael Romanov said:
So basically the juice ain't gonna justify the squeeze for this. Alright. Thank you for letting me know this is basically a waste of time. I'm new to all this and was just poking around in the laptop and kept running into **** I couldn't read is all.
Click to expand...
Click to collapse
Don't poke too hard. If you don't know what you're doing you could alter or delete an important file and wreck your Windows install. If that happens you get to spend a few hours restoring your laptop.
Strephon Alkhalikoi said:
Don't poke too hard. If you don't know what you're doing you could alter or delete an important file and wreck your Windows install. If that happens you get to spend a few hours restoring your laptop.
Click to expand...
Click to collapse
I appreciate the warning but it's a little late for that. Soft bricked my pixel 6 "poking around" with stuff I didn't know. That's how I ended up here in the first place. Nah I learned my lesson after that whole clusterf*ck. Now before I actually mess with it I come ask people far more experienced and knowledgeable than me. Like you for example. Thank you for being patient and answering my noob questions.