OTA packages have update script inside in folder "\META-INF\com\google\android\updater-script".
There is "range_sha1" function used for calculation SHA1 hash.
Code:
range_sha1("/dev/block/bootdevice/by-name/system", "2,0,1") == "2e0b37350f70a4f3d241e933d03c507e14aa25db"
I'm trying to find definition (source) of the function to know how SHA1 is exactly calculated and what second argument means.
Do you have any idea where I could find it?
Ok, I've finally found it here.
"2, 0, 1" mean 2 numbers, 0 = min, 1 = max, it is parsed to one RangeSet(0, 1)
for the specified range is SHA1 calculated:
bytes: [0..1*BLOCKSIZE] where BLOCKSIZE = 4096
It means that the range_sha1("/dev/block/bootdevice/by-name/system", "2,0,1") calculates SHA1 hash of first 4096 bytes of "/dev/block/bootdevice/by-name/system".
Related
[script] reliable interface stats
pro: reliable, works on any Linux; low battery consumption; runs only when necessary
contra: no GUI
prerequisites: script manager able to trigger on network changes
root is not needed, because the script uses the readable-for-all /proc/net/dev interface to gather statistics.
My problem was that I could not find any app that would give me the megabytes sent from/to the device. They would either ignore GPRS, WiFi or count from reboot to reboot, display stupid ads or cost even money without delivering. I'm on a data flatrate with throttling from 200MB up, and I only want to know how much I already "spent".
The following script should run on network changes, but it can be run at any time. You get more data entries in the log files for the various active interfaces when running it more often.
EDIT: it turns out the "network change" event works perfectly for interface wlan0, but not for pdp0, which happens to be the GPRS/G2/G3/G4 packet interface. Maybe "Tasker" does better than "Script Manager" with this, try and find out. What will always work is manual mode: after using an interface, run the script. This will enter the numbers from any interface that traffic into the respective log.
The script is run with zero or one argument. If given, it can be the name of an interface or the string "all" to get just a readout of the current counters of all interfaces that had traffic without logging anything.
The output is lines with bytes, data packets, errornous and dropped packets for "rx" (received) and "tx" (transmitted) for all or the selected interfaces. Without arguments all active interfaces are logged to separate files in /sdcard/. If you want to change this directory or the names or the date format, well, it should be easy to adapt.
Note that this first script does only data gathering as to the byte counts and it must run on network events. See below for the script(s) that do evaluation according to date to find out how much to go until throttling.
Code:
#!/system/bin/sh
want_if="${1:-*}"
all=""
case "-${want_if}" in
-all)
want_if="*"; all=all;
;;
esac
log_prefix="/mnt/sdcard/interface-stats"
now="$(date '+%d.%m.%y-%H:%M:%S')"
# rx: bytes packets errs drop fifo frame compressed multicast
# tx: bytes packets errs drop fifo colls carrier compressed
# lo: 4944 74 0 0 0 0 0 0 4944 74 0 0 0 0 0 0
# wlan0: 42447725 41554 302 0 0 0 0 0 3280981 33753 0 0 0 0 0 0
while read intf rb rp re rd x x x x tb tp te td rest
do
case "-${intf}" in
-${want_if:-*}:)
case "${rb}--${tb}" in
0--0) continue;;
esac
stats="rx: $rb $rp $re $rd tx: $tb $tp $te $td"
intf_="${intf%:}"
echo "${intf} ${stats}"
[ -z "${all}" ] &&
echo "${now} ${stats}" >> "${log_prefix}-${intf_}.txt"
;;
esac
done < /proc/net/dev
exit 0
Here's the script to output the megabytes. It gets zero, one or two arguments, the first being a date pattern that needs to match the dates in the log file, the second the name of said logg.
An optional third argument, if given, gives debug output. Use only if the number doesn't look plausible.
It doesn't need any special privileges and can be run anytime.
If less than one megabyte has been hit so far, then the output is the number of bytes. Due to limitations of "awk" there can still be decimals in the output!
Code:
# /home/ino/interface-stats.sh _date: 20120225-2103_
# vim: set filetype=sh ts=4:
# -*- mode: sh; -*-
#
# <url:man:1 awk>
# sample:
#
# 25.02.12-02:28:28 rx: 182909647 374371 462 0 tx: 681742703 542899 0 0
# 25.02.12-12:15:00 rx: 3 374464 494 0 tx: 5 542974 0 0
#
# at around noon the device was rebooted, so the stats start at low
# values.
#
# algorithm:
#
# initialize old-accumulator and offset to zero.
#
# since received and transmitted bytes are accumulated by the kernel,
# the script has to just store the sum of the received and transmitted
# bytes into an accumulator, unless the current value is less than the
# running count. this happens after a reboot. so store this first low
# value into $offset, store the old accumulator and keep the running game
# until either the next reboot or EOF. now
# accumulator = old-accumulator + accumulator - offset.
awk_prog='
BEGIN {
debug = debug > 0
accu=0
accu_old=0
offset=0
accu_sum=0
# megabytes
mb_scaler=1024*1024
# field definitions
rx_bytes=3
rx_packets=4
rx_errors=5
rx_dropped=6
tx_bytes=8
tx_packets=9
tx_errors=10
tx_dropped=11
# date pattern
# 25.02.12-12:15:00 rx: 3 374464 494 0 tx: 5 542974 0 0
pat_date_dflt = "[0-9][0-9]\.[0-9][0-9]\.[0-9][0-9]-[0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
pat_date = length(pat_date) == 0 ? pat_date_dflt : pat_date
}
function dbg(x) {
if (debug > 0) print("debug: " x);
}
# no particular validity check: if there are 11 fields and the first one
# matches the date the user is after, we will use the record.
(NF == 11) && ($1 ~ pat_date) {
dbg("select line: " $0)
accu_sum = $rx_bytes + $tx_bytes
if (accu_sum < accu) {
dbg("break: accu_sum=" accu_sum "; accu_old=" accu_old "; accu=" accu "; offset=" offset);
accu = accu_old + accu - offset
accu_old = accu
offset = accu_sum
accu = accu_sum
} else {
accu = accu_sum
}
}
END {
dbg("eof: accu_sum=" accu_sum "; accu_old=" accu_old "; accu=" accu "; offset=" offset);
accu = accu_old + accu - offset
if (accu > mb_scaler) accu = (accu / mb_scaler) "MB"
print(accu)
}
'
debug=0
log_prefix="/mnt/sdcard/interface-stats"
dates="${1:-.}"
want_if="${2:-wlan0}"
debug="${3+1}"
input="${log_prefix}-${want_if}.txt"
awk -v pat_date="${dates}" -v debug="${debug}" "${awk_prog}" "${input}"
And finally this one is for quick inspection of a logg. Gets the name of an interface as argument if needed. Again it needs no privileges and is appropriate for use as a SMwidget.
Code:
#!/system/bin/sh
want_if="${1:-wlan0}"
log_prefix="/mnt/sdcard/interface-stats"
logg="${log_prefix}-${want_if}.txt"
[ -r "${logg}" ] &&
while read tim rx rb rp re rd tx tb tp te td rest
do
case "${rb}--${tb}" in
0--0) continue;;
esac
stats="rx: $rb $rp $re $rd tx: $tb $tp $te $td"
echo "${tim} ${stats}"
done < "${logg}"
exit 0
Does somebody know what tags to brace code with in order to keep formatting intact? To me all my stuff has no indentation and lines seem to break at other points than just and only newlines!
EDIT: just found out that there's no problem in the web view, it's just the "forum runner" that can't render what the "\[ code \]" tag generates.
Well, as an alternative, what's the least-hassle file dump?
I want to modify the Saihon X6 ROM, but the system.img is different from I've ever met, they put the system.img into 8 img, now do not know how to unpack/repack, I need help, need a detailed tutorial. Thank you
ht tp://pan.baidu.com/s/1pJAvLer
I tried this,and it not working
Run sudo mount -o loop system_1.img system
displays
Mount: wrong fs type, bad option, bad superblock on / dev/loop0,
Missing codepage or helper program, or Other Error
system log may have some important information,
try using dmesg | tail like a command.
Run dmesg | tail view LOG
display
[74.005499] audit_printk_skb: 18 callbacks suppressed
[74.005518] type = 1400 Audit (1360118240.727:23): AppArmor = "DENIED" operation = "capable" parent = 1 Profile = "/ usr / lib / Telepathy / mission-control-5 "pid = 1553 COMM =" mission-control "Capability = 23 capname =" sys_nice "
[74.415356] type = 1400 Audit (1360118241.135:24): AppArmor = "DENIED" operation = "Open" parent = 1 profile = "/ usr/lib/telepathy/mission-control-5" name = "/ usr / share / gvfs / remote-volume-monitors /" pid = 1553 comm = "mission-control" requested_mask = "r" denied_mask = "r" fsuid = 0 ouid = 0
[365.116251] EXT4-fs (loop0): bad geometry: Block count 97 656 Exceeds Size of device (32767 Blocks)
[579.113993] hrtimer: interrupt took 5,682,946 ns
[630.545278] EXT4-fs ( loop0): bad geometry: Block count ninety-seven thousand six hundred and fifty-six Exceeds Size of device (32767 Blocks)
[644.026965] EXT4-fs (loop0): Unrecognized Mount option "loop1" or Missing value
[670.312507] EXT4-fs (loop0): bad geometry: Block count ninety-seven thousand six hundred fifty-six Exceeds Size of device (32767 Blocks)
[788.599457] EXT4-fs (loop0): bad geometry: 76800 Block count Exceeds Size of device (1657 Blocks)
[1008.514549] EXT4-fs (loop0): bad geometry: Block count 97,656 exceeds size of device (32767 blocks)
file system_1.img
results
system_1.img: Linux rev 1.0 ext4 filesystem data, UUID = 57f8f4bc-abf4-655f-bf67-946fc0f9f25b (extents) (large files)
https://forum.xda-developers.com/an...ide-how-to-unpack-repack-system1-img-t3567741
I want to modify the Saihon X6 ROM, but the system.img is different from I've ever met, they put the system.img into 8 img, now do not know how to unpack/repack, I need help, need a detailed tutorial. Thank you
ht tp://pan.baidu.com/s/1pJAvLer
I tried this,and it not working
Run sudo mount -o loop system_1.img system
displays
Mount: wrong fs type, bad option, bad superblock on / dev/loop0,
Missing codepage or helper program, or Other Error
system log may have some important information,
try using dmesg | tail like a command.
Run dmesg | tail view LOG
display
[74.005499] audit_printk_skb: 18 callbacks suppressed
[74.005518] type = 1400 Audit (1360118240.727:23): AppArmor = "DENIED" operation = "capable" parent = 1 Profile = "/ usr / lib / Telepathy / mission-control-5 "pid = 1553 COMM =" mission-control "Capability = 23 capname =" sys_nice "
[74.415356] type = 1400 Audit (1360118241.135:24): AppArmor = "DENIED" operation = "Open" parent = 1 profile = "/ usr/lib/telepathy/mission-control-5" name = "/ usr / share / gvfs / remote-volume-monitors /" pid = 1553 comm = "mission-control" requested_mask = "r" denied_mask = "r" fsuid = 0 ouid = 0
[365.116251] EXT4-fs (loop0): bad geometry: Block count 97 656 Exceeds Size of device (32767 Blocks)
[579.113993] hrtimer: interrupt took 5,682,946 ns
[630.545278] EXT4-fs ( loop0): bad geometry: Block count ninety-seven thousand six hundred and fifty-six Exceeds Size of device (32767 Blocks)
[644.026965] EXT4-fs (loop0): Unrecognized Mount option "loop1" or Missing value
[670.312507] EXT4-fs (loop0): bad geometry: Block count ninety-seven thousand six hundred fifty-six Exceeds Size of device (32767 Blocks)
[788.599457] EXT4-fs (loop0): bad geometry: 76800 Block count Exceeds Size of device (1657 Blocks)
[1008.514549] EXT4-fs (loop0): bad geometry: Block count 97,656 exceeds size of device (32767 blocks)
file system_1.img
results
system_1.img: Linux rev 1.0 ext4 filesystem data, UUID = 57f8f4bc-abf4-655f-bf67-946fc0f9f25b (extents) (large files)
Hi,
I have searched the forums and still haven't found any useful information.
I've been trying to edit a ubifs image (system.img) for a generic mediatek tablet.
These are the many things I have tried:
1) Edit the boot.img so that ro.secure=0 etc to see if I can get root. Unfortunately selinux is enabled and I don't even have busybox on the system (something called toolbox)
2) Work out what nand flash is being used (in my case its - SanDisk SDTNRGAMA 64G 3.3V 8-bit). And emulate the nand by using nandsim on a linux computer, but it causes a segmentation fault:
Code:
sudo modprobe nanDsim id_bytes=0x45,0xde,0x94,0x93,0x76,0x50 cache_file=./test.img
Note - I have included a spelling mistake (nanDsim should be nandsim) because I dont' want anyone to just cut and paste this command - it causes a segmentation fault on Ubuntu and Debian and I have found that if you are running on an ssd system it will hard lock your pc! (You have been warned).
3) Use ubireader (github.com/jrspruitt/ubi_reader).
Code:
$ ubireader_display_info ./system.img
UBI File
---------------------
Min I/O: 16384
LEB Size: 4161536
PEB Size: 4194304
Total Block Count: 122
Data Block Count: 120
Layout Block Count: 2
Internal Volume Block Count: 0
Unknown Block Count: 0
First UBI PEB Number: 0
Image: 1101756791
---------------------
Image Sequence Num: 1101756791
Volume Name:system
PEB Range: 0 - 121
Volume: system
---------------------
Vol ID: 0
Name: system
Block Count: 120
Volume Record
---------------------
alignment: 1
crc: 3336263623
data_pad: 0
errors:
flags: autoresize
name: system
name_len: 6
padding:
rec_index: 0
reserved_pebs: 248
upd_marker: 0
vol_type: dynamic
but when I run 'ubireader_extract_files' I get all the files, but they are all corrupted.
I'm currently trying to use the information in the ubireader_display_info to create a blank ubifs image and using 'linux dd' to try and read the image that I have.
Has anyone got any tips on how to progress, your help and advice would be appreciated.
Hello ... so i have an Radio.img and i know inside there are this files
(bootloader) Validating 'radio.default.xml'
(bootloader) Committing 'radio.default.xml'
(bootloader) - flashing 'NON-HLOS.bin' to 'modem'
(bootloader) - flashing 'fsg.mbn' to 'fsg'
(bootloader) - erasing 'modemst1'
(bootloader) - erasing 'modemst2'.
How can i extract NON-HLOS and fsg ? thanks in advance ...
I know this is an ancient thread, but it's still the first search result, so I figured a solution could help anyone else that stumbles upon this..
I made a quick and dirty extractor that works at least for motorola edge 2021 xt2141 radio images. These files seem to start with magic "SINGLE_N_LONELY" and end with "LONELY_N_SINGLE". Filenames are provided, followed by the length of the contents (in little endian), then the contents.
This script will try to open radio.img in the current dir if a filename is not provided. Dumped files will go right in the working dir, so be careful. File content reading isn't done in chunks here, so be mindful of memory usage. Likely not an issue, but you can code in some chunking if needed.
Code:
#!/usr/bin/env python
import io
import sys
# supply filename as argument or default to 'radio.img'
try:
filename = sys.argv[1]
except IndexError:
filename = 'radio.img'
with open(filename, 'rb') as f:
magic = f.read(0x100).strip(b'\0').decode()
print(magic)
assert magic == 'SINGLE_N_LONELY'
while True:
# filename
fn = f.read(0xF0).strip(b'\0').decode()
print(fn)
if fn == 'LONELY_N_SINGLE':
break
# size of file in little endian
f.seek(0x08, io.SEEK_CUR)
l = int.from_bytes(f.read(0x08), 'little')
print(l)
# warning: not reading in chunks...
# warning: outputs to working dir
with open(fn, 'wb') as o:
o.write(f.read(l))
# seek remainder
rem = 0x10 - (l % 0x10)
if rem < 0x10:
f.seek(rem, io.SEEK_CUR)
# seek until next filename
while not f.read(0x10).strip(b'\0'):
continue
# rewind back to start of filename
f.seek(-0x10, io.SEEK_CUR)
Note the resulting images will likely be in sparse format. You'll need simg2img to convert to raw images if you're trying to mount or otherwise manhandle the images.
If interested in dumping carrier profiles (from inside the fsg image), EfsTools has an extractMbn function. Not sure how to reassemble though. https://github.com/JohnBel/EfsTools
ziddey said:
I know this is an ancient thread, but it's still the first search result, so I figured a solution could help anyone else that stumbles upon this..
I made a quick and dirty extractor that works at least for motorola edge 2021 xt2141 radio images. These files seem to start with magic "SINGLE_N_LONELY" and end with "LONELY_N_SINGLE". Filenames are provided, followed by the length of the contents (in little endian), then the contents.
This script will try to open radio.img in the current dir if a filename is not provided. Dumped files will go right in the working dir, so be careful. File content reading isn't done in chunks here, so be mindful of memory usage. Likely not an issue, but you can code in some chunking if needed.
Code:
#!/usr/bin/env python
import io
import sys
# supply filename as argument or default to 'radio.img'
try:
filename = sys.argv[1]
except IndexError:
filename = 'radio.img'
with open(filename, 'rb') as f:
magic = f.read(0x100).strip(b'\0').decode()
print(magic)
assert magic == 'SINGLE_N_LONELY'
while True:
# filename
fn = f.read(0xF0).strip(b'\0').decode()
print(fn)
if fn == 'LONELY_N_SINGLE':
break
# size of file in little endian
f.seek(0x08, io.SEEK_CUR)
l = int.from_bytes(f.read(0x08), 'little')
print(l)
# warning: not reading in chunks...
# warning: outputs to working dir
with open(fn, 'wb') as o:
o.write(f.read(l))
# seek remainder
rem = 0x10 - (l % 0x10)
if rem < 0x10:
f.seek(rem, io.SEEK_CUR)
# seek until next filename
while not f.read(0x10).strip(b'\0'):
continue
# rewind back to start of filename
f.seek(-0x10, io.SEEK_CUR)
Note the resulting images will likely be in sparse format. You'll need simg2img to convert to raw images if you're trying to mount or otherwise manhandle the images.
If interested in dumping carrier profiles (from inside the fsg image), EfsTools has an extractMbn function. Not sure how to reassemble though. https://github.com/JohnBel/EfsTools
Click to expand...
Click to collapse
Thanks for making python script to unpack these SINGLE_N_LONELY header files(bootloader.img, radio.img, singleimage.bin, gpt.bin) from Moto Stock ROM zips.
But why reading filename only 240 bytes and skipping 8 bytes instead of reading whole 248 bytes?
This guy wrote to read 248 bytes instead https://forum.xda-developers.com/t/...t-of-the-moto-g-5g-plus.4371213/post-87807175
I also made quick and dirty unpacked using Lua 5.3 at https://forum.xda-developers.com/t/...t-of-the-moto-g-5g-plus.4371213/post-87931915
I guess one of us has to post this to github, since I can't find any Open Source tool to unpack this simple format image files.
Currently, only star tool that we can find from some of blankflash files(eg. this) and imjtool can unpack these SINGLE_N_LONELY header files as far as I know. But I guess these are not Open Source.
Thanks
HemanthJabalpuri said:
But why reading filename only 240 bytes and skipping 8 bytes instead of reading whole 248 bytes?
This guy wrote to read 248 bytes instead https://forum.xda-developers.com/t/...t-of-the-moto-g-5g-plus.4371213/post-87807175
Click to expand...
Click to collapse
Ah neat. I only used xt2141 radio images as reference for approximating the file format. It's been a while, but I think based on the actual positioning of the filenames in the images I was testing, I wasn't sure if the final 8 bytes were part of the filename or padding.
Likewise, I wasn't sure of how padding works after the file data, so I just did a dumb seek and rewind.