had an idea of how to extract the bootloader

[tdpolo26]

i may be way off target here but i have an idea to extract the bootloader. I am willing to risk my friends droid x on it. so from what i understand the bootloader lives on a piece of rom on the motherboard. so it is not in the main storage area. that means its probably not a very big program. So if it does reside on its own little piece of rom there is a chance depending on what type of pic it is that you can use a pic programmer to read the rom. I am not sure if i am off in let field but if i am right it would mean getting the bootloader directly without having to pass throught the phone to get it.
Also on a encryption stand point. I am not the best on this. I was thinking there most be something that unencrypts the kernel and the bootloader so they can talk, because two encrypted things cant talk to eachother i dont think. There has to be something. well i have a pic programmer and i may possibly have a phone i can rip apart let me know if anyone thinks this is legit. I would also need to know where to look. there is obviously going to be alot of pics. i may have to send it to a friend more skilled then me to do the extraction.
I got this idea when i built a programmable christmas lights show at doityourselfchristmas.com. the guys there are great and know a ton about circuitry.

 

[guidot]

Umm, I think you may be a little bit off base.

A lot of conversation has occurred on the bootloader issue. I don't think hardware modification is something an average user would be doing.

Sent from the best 3G phone on Verizon.

 

[tdpolo26]

Umm, I think you may be a little bit off base.

A lot of conversation has occurred on the bootloader issue. I don't think hardware modification is something an average user would be doing.

Sent from the best 3G phone on Verizon.

no i am not speaking of hardware modification. i am talking about getting the source code to the bootloader off the piece of rom. Once you have that getting someone who is better then i to reverse it from hex code (if thats what it is programmed in)

 

[myfishbear]

no i am not speaking of hardware modification. i am talking about getting the source code to the bootloader off the piece of rom. Once you have that getting someone who is better then i to reverse it from hex code (if thats what it is programmed in)

omg too funny you dont seem to get what source code is. you build the bootlader with source... it isnt source itself, its compiled. anyway hex is a representation of a compiled app or a definition of a color, again having nothing to do with source code. basicily you are asking someone to read machine code off of a pried off rom chip on a old droid x which has nothing to do with a d4. your comments kind of remind me of an american dad episode where steve drinks too many energy drinks and takes apart the tv :icon_ rofl:

 

[tdpolo26]

omg too funny you dont seem to get what source code is. you build the bootlader with source... it isnt source itself, its compiled. anyway hex is a representation of a compiled app or a definition of a color, again having nothing to do with source code. basicily you are asking someone to read machine code off of a pried off rom chip on a old droid x which has nothing to do with a d4. your comments kind of remind me of an american dad episode where steve drinks too many energy drinks and takes apart the tv :icon_ rofl:

I guess I misstyped saying programmed instead of compiled in but it shouldn't have been to tough to follow the idea
Thankyou for insulting me, I have programmed pics before and I compile them to hex code onto the pic then if u want you can extract and decompile. I wasn't sure if it was protected on the chip. The idea was if you pull the hex off a dx and are able to decompile into regular readable code that we may be able to find something usefull from a signed bootloader. Then if there is something there, tear into a d4 possibly it was an idea. if u noticed in my original post I mentioned using a pic programr to extact code I didn't realize I was going to have to walk throygh how I do it. If you look at doitoyourselfchristmas.org they have whole sections dedicated to it. I built a bunch of renard motherboards after a few attempts was able to get programming the pics down.

But your very funny thankyou for your useless post, btw the hex code has everything to do with the source code where do u think it comes from

 

[tdpolo26]

I was kinda hoping someone would have a usefull idea on this the droid x I have is shot so I am not worried about breaking it but I don't want to buy the chipreader if it is encrypted on the chip to. If I can read the hex off the chip it may lead to decompiling the code. I am only trying to help. I figured no headway has been made trying to hack in from the outside maybe the key is on the inside

 

[pc747]

If you have an idea and you think it might work then try it. If you fail you can learn from it. Hopefully your friend has another device other than the droid x.

 

[myfishbear]

But your very funny thankyou for your useless post, btw the hex code has everything to do with the source code where do u think it comes from

it comes from the programmer. he/she at motorola programs in the source code... like in a programming language... then he/she compiles it ... that's it... plus a dx boot loader is probably different than a d4.

 

[tdpolo26]

it comes from the programmer. he/she at motorola programs in the source code... like in a programming language... then he/she compiles it ... that's it... plus a dx boot loader is probably different than a d4.

ok when i load to a pic, i load firmware on to that is just some code written in c,then i compile and send it to the chip....is that what you are trying to say because thats what i meant by hex code comes from the source code... my thought was the source code that makes the bootloader is compiled to hex then fed into the chip using a programmer which understands how each chip works...

i know the dx is def different then the D4 i completely understand that idea... i was kinda thinking that if i can do it to one phone, maybe i could do it to others, or maybe who really understand where i am trying to go with better equipment and knowledge of nand and flash would be able to duplicate the idea.


i guess i was just really hoping i could read the chip and decompile to regular code and find a weakness

 

[tdpolo26]

If you have an idea and you think it might work then try it. If you fail you can learn from it. Hopefully your friend has another device other than the droid x.

i am def planning on it.... kinda hoping that someone new where to look on the mb. it would make life a bit easier. i even talked to a friend that has access to a local colleges microchip lab and would be willing to help... we are not sure if anything will be found. If the chip is encrypted or locked (which i doubt it is) it will be impossible but they prolly dont think of anyone trying this.

oh he has a few phones the dx was retire after a broken screen

 

[tdpolo26]

well that is a lost cause, unless anyone has something that can read ti chips, i was looking at the chip that is in our phones and it has a boot/rom section so there is a good chance its on there and i have no clue were to get something that could read off that oh darn.....even if it was another chip persay the hynix pop chip, i was looking at them i dont have anything that can read something this advanced, most the stuff i am programming are tiny little pics i have readers for bigger things just not so intricate. well it would have been neat to try
[

 

[kptphalkon]

I believe the only way to break moto's bootloaders is either brute forcing the encryption or somehow finageling the keys. This is a topic that has been chewed through many times, spawning too many rumors, failed ideas, and failed attempts.

 

[mattlgroff]

I believe the only way to break moto's bootloaders is either brute forcing the encryption or somehow finageling the keys. This is a topic that has been chewed through many times, spawning too many rumors, failed ideas, and failed attempts.

That pretty much sums it all up...

 

[guidot]

I believe the only way to break moto's bootloaders is either brute forcing the encryption or somehow finageling the keys. This is a topic that has been chewed through many times, spawning too many rumors, failed ideas, and failed attempts.

That pretty much sums it all up...

I think I said this in post #2.

 

[tdpolo26]

I think I said this in post #2.

yeah you did i really was hoping looking at it a different way would help i just thought of it while programming some of my renard boards