Hacking the Droid X

Discussion in 'Android Devices' started by mitchellmyler, Jul 11, 2010.

  1. mitchellmyler

    mitchellmyler Well-Known Member
    16

    Jul 8, 2010
    60
    3
    16
    Naval Academy
    So Being involved in xbox 360 community I was apart of the group of hackers who broke one of Microsoft's highly secured signatures, and continued to stay up with them. So now that I see Motorola/Verizon want to limit root access to the droid it brings me back to day everyone panic about the 360.
    So useing the skills that I have picked up from that experience I would like to apply them to the Droid X problem.

    When a company encrypts a rom its denying access to you unless you have the correct key. the xbox 360 had no cracks in this encryption so we had to work with what we had at the time. the only way we could gain access was to use the extensions that the rom would allow us to use. for the xbox 360 it was .xex. we would take our software and mimic it with the .xex extension so when the device read it, it would allow it.

    so the droid extension is .nbh if i'm not mistaking (I dont have my droid x yet) what we could do is a make a similar firmware to attach to the rom and make our favorite droid hacks look like friendly software that anyone could just download.

    A new firmware would not be that difficult to mimic it would be the flashing it to the rom that makes me scratch my head.

    I've convinced myself that simply connecting my droid x phone to my pc and gaining access to the encryption "gate" so to say just might be enough to flash it with. the other option is taking the phone apart (which to my understanding is not too difficult, just requires a t-5 screwdriver) and physically flashing it.

    well its worth a try anyway, i will only have 10 day to play with this before I go to the Naval Academy Prep School, (no electronics for 3 weeks) so maybe this can be a starting block for some of you too
     

    Advertisement

  2. damstr

    damstr Well-Known Member
    38

    Feb 9, 2010
    408
    18
    38
    Well I hope you can break it!
     
  3. EKG

    EKG Well-Known Member
    93

    Feb 7, 2010
    667
    103
    93
    Even though I didn't understand a word of what you said (other than the few times "the" was mentioned), good luck bro! get it!
     
  4. masse

    masse Well-Known Member
    36

    Jun 25, 2010
    106
    5
    36
    Avionics Engineer for Delta Air Lines, and Undergr
    Atlanta
    Is there a good reason they don't just let users do whatever they want with their phones?
     
  5. damstr

    damstr Well-Known Member
    38

    Feb 9, 2010
    408
    18
    38
    Yes it potentially costs the manufacture more money. Let says John Smith wants to flash a custom rom and some how it bricks his phone. He takes it back to Verizon and says it doesn't power on. There isn't a way Verizon can test the phone in store to find out if it was bricked because of tampering or not so they will replace it under warranty even though it isn't their or Motorola's fault the phone is bricked.

    Just an example.
     
  6. gamby

    gamby Active Member
    15

    May 23, 2010
    26
    0
    15
    someone should start a prize "fund" for whoever cracks the DX. I'd give $10 to the cause!
     
  7. D13

    D13 Well-Known Member
    143

    May 28, 2010
    2,088
    234
    143
    Elkridge, Maryland
    I would definitely donate to the dev who cracks it. As long as in doesn't require a jtag.:D

    Btw...we still don't even know if the x has an encrypted bootloader and not totally locked down. Who knows maybe if it is encrypted, there will be a "leak" of the key or something else that allows the flashing of customs roms and root access.:D
     
  8. Deathshead

    Deathshead Well-Known Member
    38

    Oct 29, 2008
    173
    15
    38
    the community needs more structure, like the iphone dev team,.. and guys like GEOHOT to come to the darkside.. he has got to be bored with the iphone by now and he cracked ps3 when no one else got very far.
     
  9. Greavous

    Greavous Well-Known Member
    98

    Jan 3, 2010
    589
    67
    98
    Male
    Leather Wheel re-Skinner
    New Braunfels, Texas
    ^ Jtag.... reminds me of Directv for some reason...

    Godspeed to the OP
     
  10. xWraith

    xWraith Member
    16

    Jun 21, 2010
    17
    3
    16
    Have fun, when your done with that try cracking the ps3 for a real challenge.
     
  11. droidSPARX

    droidSPARX Well-Known Member
    38

    Jun 26, 2010
    237
    14
    38
    I wonder when the 2.2 OTA comes out people will be able to find a crack through that and DX recognizes it as an official firmware
     
  12. CRPercodani

    CRPercodani OFWGKTA
    VIP Member
    213

    Oct 24, 2009
    2,940
    564
    213
    Real Estate Agent
    M A dub'l dolla sign
    .nbh is what HTC uses IIRC, and Motorola uses .sbf. However the kind of OTA updates we get are always in a zip format. Making a .sbf isn't enough as we still need to sign it with whatever method they use. Also the OMAP uses M-Shield which is a piece of actual silicon on the SoC but I don't know if Moto is actually using it or not. You definitely seem motivated and talented so best of luck to you, just know Android is a whole other beast then the 360.
     
  13. swazedahustla

    swazedahustla Well-Known Member
    43

    Jun 1, 2010
    178
    28
    43
    BMORE.......4G ALL DAY
  14. arcturussage

    arcturussage Well-Known Member
    36

    Jun 26, 2010
    113
    6
    36
    I've been wondering for a while if there's any way we can 'sign' custom roms or something to make the phone think it's legit.

    I dunno enough about the software or encryption to know if it's possible or not.
     
  15. CRPercodani

    CRPercodani OFWGKTA
    VIP Member
    213

    Oct 24, 2009
    2,940
    564
    213
    Real Estate Agent
    M A dub'l dolla sign
  16. residentgiant

    residentgiant Member
    16

    Jun 3, 2010
    14
    4
    16
    I think we should just hire Kevin Mitnick to sneak the key out of Motorola. :p
     
  17. swazedahustla

    swazedahustla Well-Known Member
    43

    Jun 1, 2010
    178
    28
    43
    BMORE.......4G ALL DAY
  18. CRPercodani

    CRPercodani OFWGKTA
    VIP Member
    213

    Oct 24, 2009
    2,940
    564
    213
    Real Estate Agent
    M A dub'l dolla sign
    The M-Shield is just a part of the OMAP3630 and quite a few other OMAP SoC's (System on a Chip). The link you saw is the chip in the X, sorry if I didn't make that clear.

    P.S. You don't want a phone that has enabled the M-Shield, look at all the security protocols it can handle.
     
  19. jroc

    jroc Well-Known Member
    363

    Apr 10, 2010
    2,614
    358
    363
    All I saw was eFuse to know this wont be easy....this is the thing JTAG helps bypass in a way. But if its similar to the 360, it has to be done while an exploit is there before the fuses get blown. eFuses can get blown with updates too.

    Again, I'm basing all this off of how it works on the 360.

    eFUSE - Wikipedia, the free encyclopedia

    Dammit. So whoever has a phone with firmware ending with .514 has a better shot then the phones released at retail. Those come with .516 and I read there will be an OTA update to .604

    Motorola DROID X MB810 (Xtreme/Shadow) Pre-Release Thread Part 3 - Information Only

    Whatever the case is.....this will not be easy.....
     
  20. CRPercodani

    CRPercodani OFWGKTA
    VIP Member
    213

    Oct 24, 2009
    2,940
    564
    213
    Real Estate Agent
    M A dub'l dolla sign
    According the the OP of that linked thread the eFuse isn't the same as in the 360.
     
    jroc likes this.
  21. 2009m6

    2009m6 Well-Known Member
    53

    Jul 7, 2010
    315
    51
    53
    hence why i said dont update your X's.

    this is becoming a headache in itself.
     
  22. sanjeeva7

    sanjeeva7 Well-Known Member
    38

    Jun 30, 2010
    172
    14
    38
    So can this bootloader be hacked with utilities used by law enforcement like encase?
     
  23. VIO

    VIO Well-Known Member
    53

    May 12, 2010
    263
    62
    53
    just when Moto won me over with the DROID...back to never buying another one of their phones.

    the droid2 as well COME ON...
     

Share This Page

Loading...