Separate names with a comma.
Discussion in 'Android Hacks and Help' started by tujj99, Apr 22, 2010.
Hey, guys, how to make SBF file for Droid?
I'm sorry to say, but if you are asking this question, it is way above your abilities
Haha, got it handed to ya by the sweetish chef! What is a SBF file for droid anyways?
SBF file is a Superbase 95 file. It is used to program a device like your droid. The sbf files for the droid will flash the intenals back to stock as if you just pulled the unit out of the manufacturers box.
OK, I finally found this post. I am doing some digging and found a program that will decompile the SBF to sub files, but beyond that, nothing useful. I do remember that there was a SPRecovery SBF for 2.1, so how did "they" make it? Its not above my abilities, but learning more never hurts.
IIRC, they split the original SBF and then hexedited the su binary and the superuser.apk into it - after that, they joined it back together.
Similar to the process for changing the power on logo from the Motorola "M" to something custom, just a bit more involved.
Since there is now a Linux based SBF flasher, presumably the structure of these files is well understood at this point -- at least from the standpoint of taking one and pumping it into a phone. It would seem that knowledge would also let someone write a tool to do the opposite -- take a phone and make an SBF of it's brains. There's a tool out there called "SBF-ReCalc" that can open an SBF file and split it into the correct pieces and then put it back together again. I don't pretend to know what to do with it, but if you want to put the time in you might be able to do something useful with it. It opens the FRG01B SBF file just fine, so in the hands of someone who knows what they are doing it would probably be useful.
We were discussing this amongst some of the RS. Gonna keep my eye on this one and see if anyone comes up with anything good.
Because I just can't seem to put this crap down and go to bed I went ahead and used SBF-ReCalc to split the original ESD56 SBF file since I have an image file of the recovery (by itself) from that build. Lo and behold one of the files that SBF-ReCalc spit out (VZW_A855_ESD56_QSC6085BP_C_01.3E.01P_SW_UPDATE_03CG35.smg) contains the same data (on quick observation) as my image file -- just without all the extra padding on the end.
What this means to me is that, at a minimum, it should be possible to make an IMG file of the "stock recovery" from any of our SBF files and just flash it on with flash_image (assuming you're root). Assuming just a little knowledge of SBF-ReCalc can be had (which must be possible since this is a hacker tool, not something written by Motorola), then making an SBF for virtually any recovery image you have (Clockwork, etc.) so you can flash it on with RSDLite (if you're not already root) should be a breeze.
It also looks like replacing the recovery in any of the other SBF's we've got (e.g. FRG01B) might be similarly easy. I really need to sleep for at least a couple hours but I'm sure I'm going to take a stab at making an FRG01B SBF that has SPRecovery baked into it later today.
I think a few of us would be interested in that. I've talked to others and as near as I can tell the sbf files come from moto. This makes sense that there is a 2.01 sbf file to reload a stock phone if some customer ended up with a glitch from an app or something.
What makes no sense to me is moto releasing a sprecovery sbf file. I hope that guy didn't get himself fired because I doubt it was an officially released item.
Likewise, the ese81 rooted stock file is also an odd release. Of course, moto may have still been making up their mind about open bootloaders at the time too. For them this rooting community may very well have been a marketing experiment to see how it went.....who knows.
It would be nice to have a 2.2 rooted stock sbf file too. If such a thing was easy, I'd think someone would have made it already, and for those trying such a thing, I wish you luck and the thanks of our community.
SPRecovery isn't a Motorola utility. Perhaps you meant to say it doesn't make any sense for them to release a SBF of just the recovery? Presumably that's what happened, and then the SBF was hacked and the image replaced with the SPRecovery image. It's also feasible for someone who knew what they were doing to have started with the complete ESE81 SBF and then just remove all of the parts not related to recovery.
I've never seen a "stock rooted" ESE81 SBF. Seen plenty of ROMs, but not an SBF. If you have a download link for an ESE81 rooted SBF I'd like to take a look at the file and compare to a non-rooted ESE81 SBF and how they did it.
My personal opinion on this is that Motorola didn't intentionally make it easy to root these devices, but they didn't go out of their way to prevent it either. I think providing the SBF files to the Verizon stores and repair shops is necessary to prevent getting 10 times the number of returns. If the store can flash a SBF on and send the customer on their way it is a win for everybody.
Also, from Motorola's statement about having a "business reason" for not locking down the boot loader on the Droid, it's pretty obvious to me that we were the business reason. Give the hacker community a nifty hackable toy to play with it and it will become their favorite above other less-hackable but otherwise similar toys. If we like it, then our non-hacking friends will probably also be convinced of how cool it is and buy one, and their friends and so on.
Personally, I'd rather install a bone stock SBF and root it myself so I know what I'm starting with. Making a SBF that is rooted is tougher than just replacing the recovery system in the SBF. The recovery system is a monolithic image. Find it in the file, replace it, fix the checksums, and you should be good. The /system partition however -- I have no idea how that is stored (yet) - but tacking a couple extra files into /system/bin and /system/app is bound to be a little tougher.
I'll let you know how it goes.
I was tied up for a bit, but finally got a little time to look at this. I have successfully made a SBF that can flash clockwork onto an unrooted ESE81 phone. It's somewhat amusing how easy it was. I guess it was sort of cheating since I had an ESE81 SBF that would flash SPRecovery on to start with. That told me which code groups I needed to mess with and it was pretty elementary from there. I'm going to see how that knowledge translates into making a SBF for FRG01B that only flashes the recovery. If this works the way I think it does, that will be easy as well.
Wish me luck.