Related
Hey guys,
I've done some dev on *NIX before, including writing ways to sign my own packages using encrypted hashes and the like. Does anyone know the method that HTC is using to sign the zip files?
The reason that I ask is because I'm interested in trying my hand at reverse-engineering the signature. I am sure some of you guys have already done some work in that area, and I'd rather not repeat someone else's effort if y'all have already taken steps to break the signature. My CSI teacher told me to never start from scratch if someone else has already done good work. It's insulting to them, and makes more work for you.
Where are you folks at with breaking the signature? Is the method known (i.e., is it based on files inside the zip, is based on the bits of the zip, is an additional hash or added metadata, etc)? I would really appreciate any feedback on this if you have the time.
EDIT: For those of you who are leakers or users et. al. DO NOT get any hopes up about this thread. I'm just getting started and this idea could fizzle within minutes of you reading this particular sentence. Anyone posting, please focus on practical suggestions or comments such as sickbox's initial comment below. Thank you!
I've wondered about this since the beginning.
I understand just how complex signing can be (to some degree, I'm not a math guy but I understand scale).
My thought though is we can utilize several tools to make this process possible - though I have no idea how to implement most of this to make this possible. Maybe I'm nuts, but here goes...?
- We now have what, three or four different HTC signed images in the wild with another on the way (OTA). Would it be possible when trying to reverse the sig to utlize the differences between the packages to narrow the cope a bit?
And next
- Using GPUs to process data like this has been shown to be exponentially more efficient and effective than CPUs. What would it take to use some of our awesome GPU power ( a la CUDA) to attempt this task?
Lastly:
- Can we break up the processing required among several of us to speed things further?
I know this has probably been thought of before and discarded for good reason, but I guess the more ideas the merrier.
I'm no CS guy, but I would love to help! I'm one of those unfortunate leakers but rather than whine I'm looking for ways to help. Reversing the HTC key would make life sooo easy. Who knows, maybe they'll use the same key on the next few phones?
Pretty much why I'm asking NOW is because I have enough packages for me to examine and compare and test against. I'm not the best or the most experienced at it, but this kind of thing is fun for me and fits into my spare time. When I have spare time.
It's not the signing we need to know how to do its the cryptographic key that they use to sign their packages that we need. The private key changed with the last bootloader so even if we cracked the key before the couple hundred years it would have taken us to crack the one used for 1.5 we would have to do it again now for 2.1 stuff.
Just look around for test signing and such and you can find the test key that people use to sign stuff as well as the method used to sign the package.
As far as getting the key... you will have to know someone from HTC who would risk their job to get you a copy of their private key.
Greetings Sickbox,
I guess my intention isn't clear. I want to be able to sign packages regardless of what key HTC uses. We have a signature, and we have keyhole. I've noted that the behavior on my Eris is that the signed packages check out just fine each time no matter what version I'm trying to flash (obviously, cannot downgrade, I know, but trying to downgrade still passes the signature and it is the version that fails). So what I would like to do is reverse engineer the signature not necessarily to find the key, but to discover how to create keys. I have 4 different packages, and two test keys that I can examine.
I'm only wanting to know if someone knows how the packages are signed so that I can eliminate looking at all the signing methods. In my research so far, I haven't been able to google, bing, or yahoo anyone who knows what method is used to sign the HTC official packages.
That help, Sickbox? Thanks for your input, I really appreciate it.
So the intent is to reverse engineer the key correct? Then we can sign whatever we want...
Or are you trying something else?
Just want to see if we're on the same page.
1234567ten
I don't necessarily want to reverse engineer the specific key that HTC used to sign any one package, but rather the template for the keys. A prime example of this kind of key decryption would be DeCSS written by DVDJon. He quit trying to reverse engineer the keys used to encrypt DVDs and reverse engineered the decryption of DVD signatures.
I'm not using technical terms for the following, but basically when you sign or encrypt something, the key used is not found within the package or signature, nor is it in the program used to verify the signature or decrypt the package.
If I can do nothing with the signatures of the Eris roms, it's no waste to me. I have fun with this because I want to design an open source DRM system someday. *Sigh* dreams.
Try these. I'm still not sure if I fully understand your question but this as much as I could come up with.
Found by searching "android signing" & "android sign rom" on google if you wanna see what else might come up.
http://developer.android.com/guide/publishing/app-signing.html
http://androidforums.com/developer-101/8665-how-signing-roms.html
sickbox said:
Try these. I'm still not sure if I fully understand your question but this as much as I could come up with.
Found by searching "android signing" & "android sign rom" on google if you wanna see what else might come up.
developer.android.com/guide/publishing/app-signing.html
androidforums.com/developer-101/8665-how-signing-roms.html
Click to expand...
Click to collapse
Hmm... maybe I was being too specific when looking for "htc sign rom" and "eris htc sign rom," etc. I'll see what I can cull from those broader searches. Thanks for the tip, sickbox.
np
34567ten
You might have noticed that there is a little bit of confusion in the posts here when "signing" is brought up; there are two completely different signing methods in use.
The first applies to applications (.apk bundles), "update.zip" files (which could be used with Amon_RA's recovery), and OTA-delivered update files. The distinguishing feature of these .zip files are: 1. They have a META-INF folder in them with two Manifest files and a RSA public key file, and 2. there is nothing "unusual" about the zip file itself. (The contents of the zip file are signed, but the whole zip file is not.)
The second type is the "rom.zip" files buried inside the MR1/MR2 " RUU" updates. These files, when renamed to PB00IMG.ZIP, can be used with the bootloader to update the phone. The distinguishing feature of this type of file is that: it has a mystery blob of binary data at the front of the zip file - 256 bytes. The rest of the file is an ordinary .zip file, and if you unpack it you will find that there are no manifests, no META-INF file, and no public key certs. (In this case, the entire zip is signed, but none of the individual content files are.) I think it is this second type of signing you were referring to in your posts, but honestly I am not certain.
The first form of signing is perfomed with a java tool called "jarsigner", and its behavior is well understood: it creates the first manifest file by computing SHA-1 hashes for every file to be included in the .zip archive. Then, it creates a second manifest file which shadows the first one, and for each SHA-1 hash value, it "signs" them using the signer's private key. In this 2nd file, it also computes the hash for the complete (1st) manifest file, and signs that hash. In any event, what I mean by " well understood" is that this is just a standard use of RSA public key cryptography, using widely deployed Sun Java tools. Break it and you will have made quite a name for yourself.
Now, as for the 2nd type of file - rom.zip/PB00IMG.ZIP, I have not seen anyone (yet) describe the format of that MIC (Message Integrity Check) 256-byte blob. I poked at it a little, but certainly not exhaustively.
If you want to add to the knowledge here, try and discover what the "format" of that MIC is. I suspect that even if you do that, you will find that the sig uses exactly the same PK tools that are already built in to the bootloader - from the standpoint of practicality, it really doesn't make any sense why HTC would " roll their own" when they already went to the effort of coding RSA tools into their botloader(s).
bftb0
Hey bftb0,
You answered my question PERFECTLY. Nobody I've spoken with elsewhere has yet brought up the RSA encryption that's already built into it. You're probably only second guy to mention it, beyond some dude in an IRC somewhere (and I think he was drunk at the time).
Knowing that it is just additional bits on the zip, has anyone thought off hacking it off and paring it to another zip in an attempt to "sign" the zip (I've done this successfully with various signed ISOs)? Also, the public key could be arrived at, given two factors, 1. The same key was used for all Eris 2.1 packages; and 2. The "blobs" of data can be sufficiently compared and I have enough computing power.
Thank God I may be getting an intel I7.
Or I'll just borrow my friend's PC.
I hope I'm not just blowing steam, because it would suck to get working on this and then find it's impossible. But they say that about a lot of key encryption schemes. LIKE RSA on Blu-Ray.
Thank you so much bftb0
Don't read too much "encouragement" into my post; I responded in order to shed some light on the way that HTC is doing things, and that's about all.
If you think about it carefully, you will understand that the manifest-signing operation gives you hundreds, if not thousands, of individual plaintext/crypt-text pairs that are all signed with the same private key. That doesn't mean that a known-plaintext attack is easy, though.
The EFF commissioned a project a couple of years back where they built custom hardware that would brute-force key searches for short keys- 256 bit keys IIRC. The machine they built was a parallel processor built from fpgas/DSPs, and it could recover keys in a few days. Their budget for that was in the low 100,000s. Offhand, I don't know what key length HTC is using, but I doubt it is 256 bits.
I don't recommend you spend any cycles trying to brute force a key recovery.
bftb0
bftb0 said:
Don't read too much "encouragement" into my post; I responded in order to shed some light on the way that HTC is doing things, and that's about all.
I don't recommend you spend any cycles trying to brute force a key recovery.
Click to expand...
Click to collapse
Dude, I was so encouraged that I want to rip open my PS3 and put it to work RIGHT NOW.
Not really. I'm too lazy-assed to spend much time brute forcing it. I'd rather pick it apart and see if there's anyway to mimic the signature. Your advice that it may be RSA based is more exciting in that it helps me know what I may be dealing with. I hope to pick at the binary data appended to the signed roms either tomorrow or next weekend.
And thats what I appreciate.
I'm not sure what you're trying to do. You either brute force the private key, using various bits of super-math (e.g. elliptic curve cryptography?), or you give up and move on -- perhaps looking at patching the subsystem responsible for validating signatures (dangerous for production use).
There are no "mimicing" possibilities and swapping blobs/zips around is just silly. You should spend your time elsewhere, like reading up on how public-key cryptography works.
Thanks WithinRafael,
I think some of what I've written above shows I'm researching public-key cryptography. I really appreciate your thoughts, and it became clear by the end of sunday that the signature is specific to the package. Without me doing much work, mostly research. RSA is a load of work and I do not want to mess with trying to crack that.
I recently became interested in trying to turn S-off. Someone recently gained RW access to NVRAM, and I'm hoping this weekend to move on as you mentioned. Thanks for the good discussion, guys!
with a pen....duh j/k
Anyone have a supercomputer? ...lets brute force it.
Is there a way to check if a rom passes the signature test without trying to load into the phone? Can we check if the signature passes on a computer?
If so we could sign it with all possible keys and see which one passes.
Is this frowned upon and shouldn't even be discussed? or would it just take too long to do? ... or is it just not possible to check the signature on a computer?
... or all of the above?
DarthMowzy said:
Anyone have a supercomputer? ...lets brute force it.
Is there a way to check if a rom passes the signature test without trying to load into the phone? Can we check if the signature passes on a computer?
If so we could sign it with all possible keys and see which one passes.
Is this frowned upon and shouldn't even be discussed? or would it just take too long to do? ... or is it just not possible to check the signature on a computer?
... or all of the above?
Click to expand...
Click to collapse
We can check the signatures based on what is stored in the Manifest file inside the PB00IMG.zip file.
It is possible to brute-force it but it would take years to do so it isn't really worth the effort.
PLEASE, PLEASE post all your issues and bug reports regarding the converter at github. https://github.com/yifanlu/PSXperia/issues Also, include detailed information such as a copy of the converter output, android's logcat, etc. If your bug is reported already, make a comment with your system information and logs on the issue so I know multiple people are experiencing it.
Links
My site http://yifan.lu/
First writeup, about the formats and disassembling
Second writeup, about decrypting files, cracking the format, and such
YouTube video of Xperia Play running Crash 3
Source code
1.0 binary jar (command line & gui)
Wiki: detailed usage guide, compatibility list, etc
Stuff that's done
Reversed engineered all propriety formats (image.ps,zpak,toc,etc)
Extracted and decrypted emulator binary
Mapped out important functions
Patched TOC functions to load unencrypted tables (wrapper library)
Tool to extract image.ps into an ISO
Tool to convert an ISO to image.ps
Tool to generate modified APK with wrapper library, custom text, icon, and data (converter backend)
Tool to extract Crash Bandicoot and patch some files for the converter
Command line interface (frontend)
GUI (frontend)
Remove requirement for "aapt" and "jarsigner" in PATH.
Bug bashing
Stuff for the future (no promises)
Load gamedata/icon into converter from XML file (name,titleid,etc)
Batch convert
Multidisk
Game manual
Check out this guide if you are having any problems. It contains a detailed usage directions, some guidelines for settings, and troubleshooting advice. If you still can't get it working, submit a bug report here.
Nice to see someone starting on this ,, I Bought syphon filter. Just tell me what to do and I ll do it.
good luck m8
We cannot share paid games, you will have to get someone who has bought the game to do a memory dump for you ........
Sent from my R800i using Tapatalk
Why doesn't someone just donate the money so he can buy a game? I'd do it but I'm buying a house.
How much does any multi-disk game costs? SE's PSX market is not available here.
The problem is... AFAIK, no multidisk game is available in the PSX market.
AndroHero said:
We cannot share paid games, you will have to get someone who has bought the game to do a memory dump for you ........
Sent from my R800i using Tapatalk
Click to expand...
Click to collapse
Yes, I know. I only really need the first 40 bytes or so of image.ps from the ZPAK.
gojoechris said:
Why doesn't someone just donate the money so he can buy a game? I'd do it but I'm buying a house.
Click to expand...
Click to collapse
First, I can't access the store because I have the R800i and am in US. Second, it is a rule of mine to never accept donations until after a project is completely finished.
yifanlu said:
First, I can't access the store because I have the R800i and am in US. Second, it is a rule of mine to never accept donations until after a project is completely finished.
Click to expand...
Click to collapse
That's interesting to learn. My phone is an unlocked R800a that I'm using on AT&T. I installed the unlocked UK firmware on it and it now reports as an R800i in the "About phone" section. However, as of the last month or so, I can finally see games in the PlayStation Pocket app store. I wonder if it's using the IMEI or something like that to report to the store for the region?
If you use a User Agent String changer to match that of the r800a and use a proxy so that the website thinks you are in the proper country you can maybe able to download the games that way.
I can confirm this worked for the gameloft wapshop from my desktop. I have never seen where the psx games come from so I cant guarantee it, but it is worth a shot.
They're actually in the Android Marketplace. For the longest time, they were limited to Europe, but now they're available in the US. Perhaps it might be possible to purchase them from there and remote install them to the phone?
Again all that can be done with the ua switcher and a
Proxy in firefox. Android market is available via your browser. Could be worth a shot.
sent from the original unlocked R800x.
I'm sure there'll be no need to break a sweat about this.
LOL @ashergray's sig
Logseman said:
I'm sure there'll be no need to break a sweat about this.
LOL @ashergray's sig
Click to expand...
Click to collapse
I figured I earned it. I was for about 20 minutes the only unlocked R800x.
That felt pretty awesome.
So I have extracted ALL the encrypted files now, this means libdefault.so, image_ps_toc, and ps1_rom.bin. It was pretty hard because it was obfuscated in memory, but I got it using another, unorthodox method. Now, here's the weird thing. I can't figure out how the PS1 bios works. It's not a copy of any of the BIOS floating around the internet, in fact, it's not even the same format (all the bios that can be found on the internet have a similar structure). In addition, I still can't figure out what image_ps_toc is for. If anyone wants to take a look at these files for me (I've already decrypted them, you're welcome), PM me.
EDIT: I spoke too soon, I found out that the PS1 ROM is actually part of the PS2 BIOS. Yea, wtf. It seems to be using the PS1 emulator bios from the PS2, or something like that. Now, to find what the toc file is.
yifanlu said:
So I have extracted ALL the encrypted files now, this means libdefault.so, image_ps_toc, and ps1_rom.bin. It was pretty hard because it was obfuscated in memory, but I got it using another, unorthodox method. Now, here's the weird thing. I can't figure out how the PS1 bios works. It's not a copy of any of the BIOS floating around the internet, in fact, it's not even the same format (all the bios that can be found on the internet have a similar structure). In addition, I still can't figure out what image_ps_toc is for. If anyone wants to take a look at these files for me (I've already decrypted them, you're welcome), PM me.
EDIT: I spoke too soon, I found out that the PS1 ROM is actually part of the PS2 BIOS. Yea, wtf. It seems to be using the PS1 emulator bios from the PS2, or something like that. Now, to find what the toc file is.
Click to expand...
Click to collapse
TOC maybe contains sub-channel data, known from original PSX CD-s, which served in copy-protection mechanism?
I've been trying to find some information on the PSX iso format, like what's at the different offset, where checksums are, where the executable starts, etc, but google isn't helping. Can you tell me more about this? If this copy protection thing is true, that means every game has a different libjava-activity.so. Could someone with another game pm me with /data/data/packagename/libs/libjava-activity.so where package name starts with com.sony and ends with the titleld? Also, Blagus, if you want, I can let you take a look at the decrypted toc files.
yifanlu said:
I've been trying to find some information on the PSX iso format, like what's at the different offset, where checksums are, where the executable starts, etc, but google isn't helping. Can you tell me more about this? If this copy protection thing is true, that means every game has a different libjava-activity.so. Could someone with another game pm me with /data/data/packagename/libs/libjava-activity.so where package name starts with com.sony and ends with the titleld? Also, Blagus, if you want, I can let you take a look at the decrypted toc files.
Click to expand...
Click to collapse
You may want to download original Crash PSX image in CloneCD format, which comes with CUE, IMG and SUB files. Check the SUB file size, if it's approximate to TOC fle, then it might be worth downloading it.
Blagus said:
You may want to download original Crash PSX image in CloneCD format, which comes with CUE, IMG and SUB files. Check the SUB file size, if it's approximate to TOC fle, then it might be worth downloading it.
Click to expand...
Click to collapse
I made an image using CloneCD and looked at the subdata file. It's 25MB uncompressed and 4MB compressed. The TOC file is 67KB, so I don't think that's it.
maybe it stands for Table Of Contents.
sort of a way to keep track of all the files within the package.
ashergray said:
maybe it stands for Table Of Contents.
sort of a way to keep track of all the files within the package.
Click to expand...
Click to collapse
It seems like a license or license check. I used the libjava-activity for another game, and it said could not authenticate the licensed content.
at my own experience, htc phones are really hard to root, especially the legend, scince it's a mid-end device, and the effort put into hacking it isn't even half of the effort put into high-end devices such as sensation or dhd.
i came across a simple idea that may able to hack most android phones, not only the legend, in a relatively easy way, but i need expert help to make the concept functional.
part one: softroot.
the "universal androot" worked fine for a softroot, and it gave me full access to all system files and folders.
second part: finding and changing the update domain.
here is the first time i need help.
i need someone to tell me whitch file contains the update domain address, so it can be changed to a personal server address in the network we work on, so that the phone serches for a new rom in a server we decide.
third part:server preparation.
i guess this is the most difficult part, scince i first have to find out what protocol is used to make OTA updates and find a server program that works with android.
then it's simply the matter of transferring the rom file (.ruu) to the server.
the idea is still a concept, scince i am not an android developer nor windows developer, but i guess that the idea is posible and can help people change roms in a safer and faster way.
if anyone can make the idea usable, i would really like to know about it.
Dont want to spoil your enthusiasm but something like this already exist.
Its called ROM Manager...
Sent from my Legend using xda premium
Hey guys,
I have an issue I'm facing at the moment. I have purchased 3 Samsung Galaxy Nexus devices for my family, and one for myself. I wanted to setup all our devices for them and pre-install essential apps for them, and lay it out in a way which makes each device identical so that my family (which is new to Android) can all get the same easy experience from their devices, rather than everyone getting a different LG/Samsung/HTC device and having to deal with differences in skins every time someone phones me with a question about their device.
Here is what I have done:
1. Unlocked bootloader, root, installed CM10.1.2 + gapps onto my own personal device. Clean install, wiped everything.
2. Setup android with a temporary Gmail account, installed about 20 apps, setup the homescreen, changed a few settings for simplicity, change wallpapers, etc.
3. Once I was satisfied, I removed the google account, rebooted to recovery (CWM 6.0.3.2) and made a Nandroid backup which was later copied to my home server.
4. Unlocked Bootloader, rooted and installed CM10.1.2 + gapps on all the other devices, booted the device then transferred the Nandroid backup from my home server to each of these other three devices. Restore the backup, reboot, all seems fine so I setup new individual google accounts, and away I went. Everything works fine, at least so it seems.
Now the issue is that I'm having came a day or two after I got everything setup on each device. At the moment I'm having serious issues with the Google Play Store and Push Notifications. Almost all devices intermittently have issues with this. The play store issue I'm getting is [RPC:S-5:AEC-0], and prevents me from downloading or updating apps. Push notifications is not working either. For example, Google hangouts notifications don't notify me of messages on devices intermittently unless I manually check the app. Same goes with facebook and snapchat notifications. Very annoying. Tried all sorts of fixes such as removing the Google account, rebooting and adding it again, but no luck.
It seems like there is some sort of conflict with each device, but I don't understand why. I changed the Android ID on each device hoping that would help, but still no luck. If anyone could offer an explanation why this issue is occurring I would love to hear it!
Cheers.
Edit: Tried making a titanium backup of one device and moved it to a rooted Galaxy S2 running CM10.1 nightlies, and no such issue. Also, updated one nexus device to the latest nightly, still no fix. Hopefully this information will help someone be able to point out the problem somewhere.
Okay, so I've been playing with a couple of these devices today, and by removing a google account, rebooting the device and then adding the google account again, it makes the play store work on that device, but breaks functionality on the other devices. Would someone with a low-level understanding of Android care to explain why this is?
I'm going to try doing a factory reset on one of these Nexus devices and restore a Titanium Backup and see if that helps, unless anyone has any suggestions?
The different accounts are linked to the play store separately, you are best off to just downloaded each app and set up each phone with its own gmail account. I know it sounds time consuming but it would take less time than you've been spending already.
As you learn more about android there are lots of ways of doing almost exactly what you want here, but learning right now will take less time and effort than downloading 20 apps to three different phones
Sent from my Nexus 4 using xda premium
demkantor said:
The different accounts are linked to the play store separately, you are best off to just downloaded each app and set up each phone with its own gmail account. I know it sounds time consuming but it would take less time than you've been spending already.
As you learn more about android there are lots of ways of doing almost exactly what you want here, but learning right now will take less time and effort than downloading 20 apps to three different phones
Sent from my Nexus 4 using xda premium
Click to expand...
Click to collapse
Thanks for the advice, but at the same time I'm using my family as guinea pigs to test whether it's possible to clone devices like this, as I'm in charge of the IT department at our organisation and I suggested it may be possible to deploy a large number of identical rooted android devices through the organisation (probably around 30-40 devices to start with). At this stage though, there seems to be some issues with doing this. Would you be able to point me in the direction of how I could clone Android to several devices, or at least deploy an identical setup to several devices? Perhaps I'll need to customize my own ROM based on Cyanogenmod? Chances are I'll be having to support different hardware as well. This may include the Galaxy Nexus, Nexus 4, Xperia Z and the LG Optimus 4X HD.
Well the absolute best way, in my opinion, would be to create your own ROM.
And by this I don't mean you need to learn how to port or build from source (at least not at first) just some simple zipkanging will do for something like this
Take the ROM.zip, open it, take out apps and such you don't want, add it the ones you do, rezip and sign
Now flash this to each phone and they will all have the same ROM and can just add their Google account.
Now if you want to have certain settings or the system ui look different than this you will need to learn how to decompile some apks and edit xml files, but start slow, do what is easy and what you can't figure out let me know and I'll try to help
Sent from my Nexus 4 using xda premium
demkantor said:
Well the absolute best way, in my opinion, would be to create your own ROM.
And by this I don't mean you need to learn how to port or build from source (at least not at first) just some simple zipkanging will do for something like this
Take the ROM.zip, open it, take out apps and such you don't want, add it the ones you do, rezip and sign
Now flash this to each phone and they will all have the same ROM and can just add their Google account.
Now if you want to have certain settings or the system ui look different than this you will need to learn how to decompile some apks and edit xml files, but start slow, do what is easy and what you can't figure out let me know and I'll try to help
Sent from my Nexus 4 using xda premium
Click to expand...
Click to collapse
Thought this might be the case.
Is it relatively simple to copy the changes I make to one ROM (eg for a Galaxy Nexus) for another ROM (eg. for a Nexus 4)? Is there some sort of Android virtual machine I can test or build this in?
Not simple at all, I was referring to multiple phones of the same type. Its easy to create identical ROMs to be flashed between 30 n4s or 30 genexs, but to create the same identical ROM to work in both types of phones would require source builds matched to each device tree
Which if you know little about android, java, c++ etc, then you have a real long journey ahead of you.
If you want to have an identical ROM (based off one already in existence) be flashed to 30 identical phones this is relatively easy depending on what all you want
Like I said, start small, learn what's easily obtained, then try for something bigger
Sent from my Nexus 4 using xda premium
demkantor said:
Not simple at all, I was referring to multiple phones of the same type. Its easy to create identical ROMs to be flashed between 30 n4s or 30 genexs, but to create the same identical ROM to work in both types of phones would require source builds matched to each device tree
Which if you know little about android, java, c++ etc, then you have a real long journey ahead of you.
If you want to have an identical ROM (based off one already in existence) be flashed to 30 identical phones this is relatively easy depending on what all you want
Like I said, start small, learn what's easily obtained, then try for something bigger
Sent from my Nexus 4 using xda premium
Click to expand...
Click to collapse
The idea was to use CM10.1 as a base and simply add in some apps + app data and change some settings. Setting up the homescreen in a certain way would be part of that. The Galaxy Nexus, Nexus 4, Xperia Z, and LG Optimus 4X HD all support CM10.1 stable.
If I setup a device the way I want it, would it be possible to extract some of these custom configurations from the live device to a flashable ROM?
Just because there is the same ROM for each phone doesn't mean they are exact, but in your case probably good enough. But the change you would make would be to each individual ROM (on computer not on phone) and then flashed these new versions of your ROM to each phone.
You can not make changes to your phone when running the os and extract these changes and flash them to another phone easily, near impossible to do it to a different phone make
Like I have been saying, take a ROM, open it up on PC, change what you need, flash to phone. The simpler the changes the easier it is to do. This will have to be done on a case by case basis if you are doing it to multiple types of phones
Now if you give me a list of what you want to change exactly there may be a few things you can do on your phone but in reality this is the harder way, doing all the work on PC is the easier way
Sent from my Nexus 4 using xda premium
Yes, I understand that. I think what I'll have to do is record the changes I make to one ROM in a changelog of some sort, and then simply recreate these changes manually to other ROMs. Through the PC of course.
demkantor said:
Just because there is the same ROM for each phone doesn't mean they are exact, but in your case probably good enough. But the change you would make would be to each individual ROM (on computer not on phone) and then flashed these new versions of your ROM to each phone.
You can not make changes to your phone when running the os and extract these changes and flash them to another phone easily, near impossible to do it to a different phone make
Like I have been saying, take a ROM, open it up on PC, change what you need, flash to phone. The simpler the changes the easier it is to do. This will have to be done on a case by case basis if you are doing it to multiple types of phones
Now if you give me a list of what you want to change exactly there may be a few things you can do on your phone but in reality this is the harder way, doing all the work on PC is the easier way
Sent from my Nexus 4 using xda premium
Click to expand...
Click to collapse
Well for example, here are the outdated and rough changes I need to make to the settings (this is just a note of the changes in the settingsof the ROM to make it run way I wanted on the device). Attached it as a PDF as I couldn't copy the formatting.
Most of that should be doable by decompiling systemui.apk and settings.apk, somewhat time consuming and depending on your experience a steep learning curve, but should be able to do it
Sent from my Nexus 4 using xda premium
Learning about Android and other things. Is it possible to open up developer options and remotely root or write files to someone's phone? I mean not just apps but the bootloader and entire OS of the phone?
$$$$$$$77aaa said:
Learning about Android and other things. Is it possible to open up developer options and remotely root or write files to someone's phone? I mean not just apps but the bootloader and entire OS of the phone?
Click to expand...
Click to collapse
I don't think it's possible to root the phone wirelessly since it need a reboot. If you're talking about privilege escalation hacks, that's a whole other planet, that I'm not qualified to help in (and would not want to since this technique is misused very often)
Well this is happening with me I've started noticing files from 1969 and I know Android was invented in 1969 least of all system files so I dove a little deeper and I'm in need some help. I ain't the cleanest person in the world but I'm not hacking anybody I did download programs to learn more about file systems and programming so I could customize my own devices. This is twice this is happened now in the past 2 years. I'll just say anything this is just a hobby of mine to take and learn my devices and computers and the games for my kid but guys like this or just making it where I don't even want to have a computer or a phone. It says my phone is rooted and it also says that abd is used on it. I downloaded a toolbox and started looking around and system processes that I tried to disable let's just say Facebook I have uninstalled it over seven times yet it keeps appearing is it because they are installed factory version and he's using Android auto which is another dumb program I never use and I have disabled it but somehow it always is enabled with all the permissions enabled.
By the way I have many of these files saved on external cards and I have logs on this. and this is not just one device its multiple devices in my household and I don't know why this guy chose me because I don't have anything of value he can take in real life that's just being honest