-
Notifications
You must be signed in to change notification settings - Fork 1
/
dump-repack-flash.sh
executable file
·60 lines (47 loc) · 1.33 KB
/
dump-repack-flash.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/bin/bash
# by François SIMOND, 2011
#
# License: WTFPL
#
# See comments and README for description and requirements
OUTDIR=output/
OUTIMG=insecure-bootimage.img
BASE_DIR=`dirname $(readlink -f $0)`
# setup nvflash bootloader
cd $BASE_DIR/nvflashtf
./nvflash \
--bct transformer.bct \
--setbct \
--configfile flash.cfg \
--bl bootloader.bin \
--odmdata 0x300d8011 \
--sbk 0x1682CCD8 0x8A1A43EA 0xA532EEB6 0xECFE1D98 \
--sync
cd $BASE_DIR
# setup output directory
rm -rf $OUTDIR && mkdir -p $OUTDIR && cd $OUTDIR || exit 1
# read the kernel directly from the device
nvflash -r --read 6 kernel
# unpack the kernel
bootunpack kernel
mkdir -p "ramdisk" && cd "ramdisk"
gunzip -c "../kernel-ramdisk.cpio.gz" | cpio -i
# "open" default.prop
sed s/ro\.secure=.*/ro.secure=0/ default.prop \
| sed s/persist\.service\.adb\.enable=.*/persist.service.adb.enable=1/ \
> default.prop-insecure
mv default.prop-insecure default.prop
# build a new initramfs
find | fakeroot cpio -o -H newc | gzip -9 > ../insecure-initramfs.cpio.gz
cd -
# make a new bootimage
mkbootimg \
--kernel kernel-kernel.gz \
--ramdisk insecure-initramfs.cpio.gz \
-o $OUTIMG || exit 1
# flash the new insecure kernel on the device and also boot!
nvflash -r --download 6 $OUTIMG --go
cd $BASE_DIR
ln -f output/$OUTIMG
ln -f output/kernel original-kernel.img
ls -lh *.img