• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root Bootloader cracked **Update - This was a fake **

Status
Not open for further replies.
@Aggie: I know right. Out of nowhere. I wonder why he called out TBH. :eek:

@Irmac: From what I understand, you can sign your own sbf and flash it on the DX.

Edit:
which should mean that the Blurless GB build can be signed and flashed onto regular DXs. I went into RSDlite but I don't see any related options.
 
Upvote 0
Well they have the keys to something but I don't see anything about them saying its the keys to the efuse. hmm after reading a few more tweets it looks/sounds like they have cracked motomobiles custom encryption and found the keys

nenolod William Pitcock



props to @motomobile for cooking their own modified elgamal signature scheme and doing a bad job at it. no props to TBH.

1 hour ago

buddy_icon_1745_normal.gif

nenolod William Pitcock



frequently asked question: what are these keys for? answer: signing SBF update files for rsdlite.
buddy_icon_1745_normal.gif

nenolod William Pitcock



continuing... SBF files can be used to load a new recovery on the phone. or to flash entirely different software (e.g. non-android)

1 hour ago http://twitter.com/#http://twitter.com/#http://twitter.com/#http://twitter.com/#

KLzCIfgiiXxCTWFuKTdTnAIs1KgALjVD8NkfQsmRUHKEedz9MH6Djts8nBXICPbPBPtnIvIhEfnQHThLxs544p97OCsdt4Wm7sTkYQDKLwpzS9J8Ud4JtO275ObbJAoRqgoEbT07659+RgmKE7nFSHa4FdJx26jvKpCBnLTFw7Z72Haa76L5LlbqFBSnFmixqPwvpcXyqp8XOboAAAAASUVORK5CYII=


Sounds good!



http://twitter.com/#http://twitter.com/#http://twitter.com/#http://twitter.com/#
 
Upvote 0
Sholes signing key leak explained

Sholes signing key leak explained

The Motorola(r) sholes platform uses a trusted bootloader environment. Signatures are stored as part of the CDT stored on the NAND flash. mbmloader verifies the signature on mbm before passing control. mbm verifies all other signatures before allowing the device to boot.
There is a vulnerability in the way that Motorola generated the signatures on the sections stored in the CDT. This vulnerability is very simple. Like on the PlayStation 3, Motorola forgot to add a random value to the signature in order to mask the private key. This allowed the private key and initialization vector to be cracked.
The keys can be cracked using Mathematica. Read up on how the Elgamal signature scheme works.
Ok, what does this mean?

Please refer to the following table:
Boot chain component Status OMAP secure bootrom secure Secure keystore replaceable mbmloader secure, but irrelevant, replaceable but unnecessary mbm secure, but irrelevant, replaceable but unnecessary recovery replaceable (providing new keys is recommended) system replaceable (providing new keys is recommended) bootimage replaceable (providing new keys is recommended) I do not plan on doing any more work on this. But all information has been handed over to people who are working on this. Follow the FreeMyMoto people for their progress.
Advisory history


  • December 20th, 2010 — Motorola notified of keystore vulnerability. No response received from Motorola.
  • February 20th, 2011 — Motorola notified again of keystore vulnerability. No response received from Motorola.
  • February 27th, 2011 — Motorola notified that keystore vulnerability will be disclosed to public on March 20th. No response received from Motorola.
  • March 20th, 2011 — Keystore signature generation vulnerability publically disclosed including private key leak. Response received from Motorola legal.


LOL I love the last line....typical Motorola lol
 
Upvote 0
http://nenolod.net/~nenolod/sholes-k...explained.html

Sholes signing key leak explained

The Motorola(r) sholes platform uses a trusted bootloader environment. Signatures are stored as part of the CDT stored on the NAND flash. mbmloader verifies the signature on mbm before passing control. mbm verifies all other signatures before allowing the device to boot.

There is a vulnerability in the way that Motorola generated the signatures on the sections stored in the CDT. This vulnerability is very simple. Like on the PlayStation 3, Motorola forgot to add a random value to the signature in order to mask the private key. This allowed the private key and initialization vector to be cracked.

The keys can be cracked using Mathematica. Read up on how the Elgamal signature scheme works.
Ok, what does this mean?

Please refer to the following table:
Boot chain component Status
OMAP secure bootrom secure
Secure keystore replaceable
mbmloader secure, but irrelevant, replaceable but unnecessary
mbm secure, but irrelevant, replaceable but unnecessary
recovery replaceable (providing new keys is recommended)
system replaceable (providing new keys is recommended)
bootimage replaceable (providing new keys is recommended)

I do not plan on doing any more work on this. But all information has been handed over to people who are working on this. Follow the FreeMyMoto people for their progress.
Advisory history

* December 20th, 2010
 
Upvote 0
I don't see anything about the bootloader?
Sholes signing key leak explained

The Motorola(r) sholes platform uses a trusted bootloader environment. Signatures are stored as part of the CDT stored on the NAND flash. mbmloader verifies the signature on mbm before passing control. mbm verifies all other signatures before allowing the device to boot.
There is a vulnerability in the way that Motorola generated the signatures on the sections stored in the CDT. This vulnerability is very simple. Like on the PlayStation 3, Motorola forgot to add a random value to the signature in order to mask the private key. This allowed the private key and initialization vector to be cracked.
The keys can be cracked using Mathematica. Read up on how the Elgamal signature scheme works.
Ok, what does this mean?

Please refer to the following table:
Boot chain component Status OMAP secure bootrom secure Secure keystore replaceable mbmloader secure, but irrelevant, replaceable but unnecessary mbm secure, but irrelevant, replaceable but unnecessary recovery replaceable (providing new keys is recommended) system replaceable (providing new keys is recommended) bootimage replaceable (providing new keys is recommended) I do not plan on doing any more work on this. But all information has been handed over to people who are working on this. Follow the FreeMyMoto people for their progress.
Advisory history


  • December 20th, 2010
 
  • Like
Reactions: chacen.droid
Upvote 0
BTW, you don't bypass the key check... The private key was cracked and leaked. This means you can use the private key to sign the file, making it totally legit as far as the phone is concern.

After you do this, you pack an SBF file to replace the keys in the keystore, and then the keys that the phone verifies against are not Motorola's keys - they are whatever you put there. Prevents Motorola from pushing a system update to overwrite it (i.e. Motorola no longer has access to your bootloader), and prevents malicious applications from being able to write to the bootloader.

Thus, you get the security of the locked bootloader (i.e. no malicious app can write to it), but we can still have a custom recovery.
 
Upvote 0
Status
Not open for further replies.

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones