slayher has quit [Read error: Connection reset by peer]
slayher has joined #teamhacksung
n3tchip has joined #teamhacksung
n3tchip has left #teamhacksung [#teamhacksung]
krabador has joined #teamhacksung
krabador has quit [Remote host closed the connection]
white has quit [Ping timeout: 252 seconds]
slayher has quit [Changing host]
slayher has joined #teamhacksung
white has joined #teamhacksung
DuperMan has quit []
r3zoid has quit [Read error: Connection timed out]
r3zoid has joined #teamhacksung
r3zoid has quit [Ping timeout: 240 seconds]
sud3n has quit [Ping timeout: 240 seconds]
ldiamond has quit [Ping timeout: 256 seconds]
q3k has joined #teamhacksung
r3zoid has joined #teamhacksung
sud3n has joined #teamhacksung
r3zoid_ has joined #teamhacksung
sud3n_ has joined #teamhacksung
r3zoid has quit [Read error: Operation timed out]
yath has quit [Ping timeout: 244 seconds]
yath has joined #teamhacksung
sud3n has quit [Ping timeout: 240 seconds]
UnknownzD has quit [Ping timeout: 272 seconds]
Napsterbater has quit [Read error: Connection reset by peer]
Napsterbater has joined #teamhacksung
white has quit [Ping timeout: 252 seconds]
Rebellos has quit [Read error: Connection reset by peer]
Rebellos has joined #teamhacksung
scarFortyFive has joined #teamhacksung
scarFortyFive is now known as Guest85428
scar45 has quit [Ping timeout: 256 seconds]
white has joined #teamhacksung
slayher has quit [Ping timeout: 248 seconds]
_white_ has joined #teamhacksung
white has quit [Killed (barjavel.freenode.net (Nickname regained by services))]
_white_ is now known as white
Guest85428 is now known as scar45
sud3n_ has quit [Ping timeout: 240 seconds]
DemonWav has joined #teamhacksung
DemonWav has left #teamhacksung [#teamhacksung]
Johnsel has quit [Ping timeout: 246 seconds]
Johnsel has joined #teamhacksung
Turilo has joined #teamhacksung
Kaik541 has joined #teamhacksung
tat- has quit [Ping timeout: 240 seconds]
tat- has joined #teamhacksung
Rebellos has quit [Read error: Connection reset by peer]
CoreISP has quit [Quit: Leaving]
somevietchick has joined #teamhacksung
somevietchick has quit [Ping timeout: 252 seconds]
Oranav_ has joined #teamhacksung
Oranav has quit [Remote host closed the connection]
budmang_ has joined #teamhacksung
budmang has quit [Ping timeout: 260 seconds]
ricotz has joined #teamhacksung
ricotz has quit [Changing host]
ricotz has joined #teamhacksung
valloc has joined #teamhacksung
drupol has joined #teamhacksung
Oranav_ is now known as Oranav
OwariDa has joined #teamhacksung
<OwariDa> anyone worked on reversing the GT-i9300 baseband?
<OwariDa> i've just started working on it. couldn't find any info about anyone else doing any (public, at least) reversing of the S3 baseband.
<OwariDa> in case anyone else here has worked on it / knows anyone that has worked on it / wants to join me in my effort, let me know. :)
<OwariDa> working on the NELK2 baseband available from http://forum.xda-developers.com/showthread.php?t=2076857 right now, since that's the version used in my GT-i9300.
<OwariDa> things i'd like to determine includes how the /efs/nv_data.bin file is encrypted and how the MD5 is calculated (since it's not a straight MD5 of the file).
Turilo has quit [Quit: Why is the alphabet in that order? Is it because of that song?]
gladiac1337 has joined #teamhacksung
<OwariDa> no reversers here? :P
chris41g has quit [Read error: Operation timed out]
ricotz has quit [Quit: Ex-Chat]
chris41g has joined #teamhacksung
pawitp has joined #teamhacksung
sunri5e has quit [Ping timeout: 276 seconds]
sunri5e has joined #teamhacksung
toxicthunder has joined #teamhacksung
mad-murdock has joined #teamhacksung
sunri5e has quit [Ping timeout: 252 seconds]
sunri5e has joined #teamhacksung
ncultures has joined #teamhacksung
ncultures has left #teamhacksung [#teamhacksung]
sunri5e has quit [Read error: Operation timed out]
sunri5e has joined #teamhacksung
peterperfect has joined #teamhacksung
peterperfect has left #teamhacksung [#teamhacksung]
ricotz has joined #teamhacksung
ricotz has quit [Changing host]
ricotz has joined #teamhacksung
ldiamond has joined #teamhacksung
ldiamond has quit [Changing host]
ldiamond has joined #teamhacksung
Rebellos has joined #teamhacksung
mad-murdock has quit [Ping timeout: 248 seconds]
toxicthunder has left #teamhacksung [#teamhacksung]
angelsl has joined #teamhacksung
mad-murdock has joined #teamhacksung
Turtuga has quit [Read error: Connection reset by peer]
thens has joined #teamhacksung
datagutt has joined #teamhacksung
jsermer has joined #teamhacksung
mad-murdock has quit [Ping timeout: 252 seconds]
<angelsl> do any samsung phones use /dev/gsmtty%d?
Turtuga has joined #teamhacksung
mad-murdock has joined #teamhacksung
mad-murdock has quit [Ping timeout: 252 seconds]
peterperfect has joined #teamhacksung
gladiac1337_ has joined #teamhacksung
bytecode has joined #teamhacksung
gladiac1337 has quit [Ping timeout: 256 seconds]
gladiac1337_ has quit [Client Quit]
gladiac1337 has joined #teamhacksung
paulk-desktop has joined #teamhacksung
peterperfect has left #teamhacksung [#teamhacksung]
ricotz has quit [Quit: Ex-Chat]
drupol has quit [Remote host closed the connection]
drupol has joined #teamhacksung
bytecode has quit [Remote host closed the connection]
angelsl has quit [Ping timeout: 255 seconds]
angelsl has joined #teamhacksung
w00tc0d3 has quit [Read error: Connection reset by peer]
w00tc0d3 has joined #teamhacksung
psychoid has quit [Ping timeout: 252 seconds]
psychoid has joined #teamhacksung
drupol has quit [Quit: Leaving.]
thens has quit [Ping timeout: 255 seconds]
ricotz has joined #teamhacksung
<codeworkx> OwariDa: look at replicant. they reversed galaxy nexus and galaxy s2 modem
pawitp has quit [Quit: pawitp]
<paulk-desktop> codeworkx, hi, that tree isn't up to date
<paulk-desktop> the correct one is https://github.com/morphis/libsamsung-ipc
psychoid has quit [Ping timeout: 276 seconds]
humberos has joined #teamhacksung
humberos has quit [Changing host]
humberos has joined #teamhacksung
psychoid has joined #teamhacksung
psychoid has quit [Ping timeout: 256 seconds]
angelsl has quit [Ping timeout: 255 seconds]
psychoid has joined #teamhacksung
elcuco has joined #teamhacksung
angelsl has joined #teamhacksung
lolwat has joined #teamhacksung
angelsl has quit [Remote host closed the connection]
<w00tc0d3> paulk-desktop: any pointers how to add support for i9300 to that repo? :)
<paulk-desktop> w00tc0d3, should be easy, I guess it's xmm6260
<paulk-desktop> however I was hopping to get one at some point
<codeworkx> paulk-desktop: if you continue to maintain CM, i'll send you mine xD
<paulk-desktop> lol
<paulk-desktop> I guess it would be way too much work anyway
<w00tc0d3> paulk-desktop: well... how can I port it? documentation? :)
<paulk-desktop> w00tc0d3, generally strace is enough
<paulk-desktop> (on the rild binary)
<paulk-desktop> you might want to trace the kernel driver, but that's not strictly necessary
faitz_ has quit [Remote host closed the connection]
<paulk-desktop> then look at how the other xmm6260 modems are supported
<Espenfjo> hm, paulk-desktop you havent looked into ltrace?
<paulk-desktop> you'll find something very similar
<paulk-desktop> Espenfjo, same for libs I guess?
<paulk-desktop> tracing rild is fine
<Espenfjo> paulk-desktop: yeah
<Espenfjo> There is no android port of it
<Espenfjo> but it is quite nice as it lets you trace and time stuff like memcpy/memcmp
<paulk-desktop> it traces calls to libc too?
<paulk-desktop> that's quite nice
<Espenfjo> yeah
<Espenfjo> It is a very nice tool
Turilo has joined #teamhacksung
<paulk-desktop> but anyway, it's easy to figure out with strace
<paulk-desktop> though tracing libc sounds like a good idea for other things
<Espenfjo> yup
<paulk-desktop> like for harder stuff
<paulk-desktop> w00tc0d3, are you used to reverse engineering?
<paulk-desktop> w00tc0d3, also I will probably refactor libsamsung-ipc code for xmm6260 when I'll add support for p5100/p3100
<codeworkx> paulk-desktop: i'll rebase tab2 during the weekend. pvr 1.9, new omap4 platform code, new modem interface driver and and and
<codeworkx> finished i9100g today
<paulk-desktop> not for ICS I guess…
<codeworkx> jb
<paulk-desktop> what's new in omap4 code?
<codeworkx> mostly fixes
<codeworkx> and something called gcx
<codeworkx> which is used on 4470 and greater afaik
<paulk-desktop> ok
Forsaken has joined #teamhacksung
<codeworkx> hmm. tab2 doesn't have vibrator intensity interface. why didn't i port it?
<paulk-desktop> that's a good idea indeed -- I guess that vibrator to max setting can help emptying the battery quite fast
<codeworkx> i'll do it after the update.
<codeworkx> paulk-desktop: did you work on os camera yet?
<paulk-desktop> for which device?
<codeworkx> p51xx
<paulk-desktop> I thought it was the free omap4 one in use
<paulk-desktop> like on gnex
<codeworkx> no.
<codeworkx> modified by samsung
<codeworkx> and depends on the ducati image
<paulk-desktop> yes I know that too
<codeworkx> but should be doable
<paulk-desktop> if it's v4l2, I hope so
<codeworkx> but i'm sure it doesn't match the gnex one
<codeworkx> might be older
<paulk-desktop> I'll look at the kernel driver
<codeworkx> there's no
<paulk-desktop> ?
<codeworkx> afaik that's inside ducati
<paulk-desktop> ducati is a firmware, isn't it?
<codeworkx> yep
<codeworkx> paulk-desktop: i9100g is using same cam as i9100, but you wont find a driver in kernel
<codeworkx> look at ducati
<codeworkx> CSI2
<codeworkx> VideoCameraFill_Input
<codeworkx> S5K5BAFX
<codeworkx> MBG043
<codeworkx> SD_UpdateFirmware
<codeworkx> MSP.CAMERA.PWRMGR
<codeworkx> ti.grcm.RcmServer
<paulk-desktop> damn
<paulk-desktop> I'll look at it closer later I guess
<codeworkx> MSP.NEW_SENSOR
<codeworkx> MSP.CAMERAFW
<codeworkx> MSP.NEW_LENS
<codeworkx> MSP.NEW_CSI
<codeworkx> MSP.SENSORDETECT
<codeworkx> MSP.NEW_FLASH
<paulk-desktop> but it looks bad
<paulk-desktop> (reminds me of HTC Dream camera)
<codeworkx> paulk-desktop: but ducati is os afaik
<codeworkx> you just have to modify it xD
<paulk-desktop> on gnex, it's only a firmware + OMX userspace stuff
<codeworkx> domx, camera.omap4, libdomxcameradatapter
<codeworkx> or something like this
<paulk-desktop> right
<codeworkx> gnex domx sources fail hard with p51xx ducati firmware
<codeworkx> same for camera
<paulk-desktop> wtf, it is connected to the modem too
<codeworkx> no idea
<codeworkx> normally not
<paulk-desktop> that's from the block diagram
Forsaken has quit [Read error: Connection reset by peer]
<paulk-desktop> on p3100 it seems to be I2C directly to SoC
<paulk-desktop> ah wait, it's only camera power that is connected to the modem -- odd though
Blaguvest has joined #teamhacksung
<paulk-desktop> anyway I don't really have time to look at it now, I have a maths test to prepare
Forsaken has joined #teamhacksung
Forsaken has quit [Client Quit]
Forsaken has joined #teamhacksung
Kaik541 has quit [Ping timeout: 248 seconds]
Forsaken has quit [Client Quit]
Forsaken has joined #teamhacksung
Kaik541 has joined #teamhacksung
davi has joined #teamhacksung
bytecode has joined #teamhacksung
budmang_ has quit [Read error: Operation timed out]
budmang has joined #teamhacksung
davi has quit [Ping timeout: 260 seconds]
white has quit [Ping timeout: 260 seconds]
white has joined #teamhacksung
datagutt has quit [Quit: kthxbai]
evcz has quit [Quit: evcz]
white has quit [Ping timeout: 245 seconds]
white has joined #teamhacksung
evcz has joined #teamhacksung
ankitkv has joined #teamhacksung
<ankitkv> codeworkx: http://paste.org/61409 while starting i9100g build
<w00tc0d3> paulk-desktop: nope, no RE experience :(
<paulk-desktop> w00tc0d3, it's not really mandatory
<paulk-desktop> w00tc0d3, so you should start by learning about strace and trying it with the rild binary
<paulk-desktop> do you know C at least?
<w00tc0d3> paulk-desktop: I'm quite familiar with C++/java :)
<paulk-desktop> that should do it I guess, but note that we are not big fans of OOP
<paulk-desktop> anyway I guess strace and reading the existing code is the basis, looking at the kernel driver is a good idea too
<paulk-desktop> perhaps we should have written some documentation about how libsamsung-ipc works
<paulk-desktop> and a description of the samsung-ipc protocol
<paulk-desktop> so feel free to ask
<paulk-desktop> I'll be off soon, but you can write to me at paulk [at] replicant.us
<paulk-desktop> w00tc0d3, also your device must be GSM, not CDMA
<w00tc0d3> paulk-desktop: ahah. strace rild? i'll look at the kernel & existing code! :) Thank you, if I've more questions, could I ask them in the future? :)
<paulk-desktop> feel free to ask about anything, and send a mail when i'm not on IRC
<w00tc0d3> paulk-desktop: I'm using GT-I9300 = Int. SGS3 = GSM :)
<paulk-desktop> nice
<w00tc0d3> paulk-desktop: Ah, thank you! :)
<paulk-desktop> thanks for working on it
<paulk-desktop> I think I'll do p5100 tomorrow so I'll be porting from scratch the same modem too, so I'll probably be able to guide you precisely
ankitkv has quit [Quit: Leaving]
<w00tc0d3> paulk-desktop: :)
DemonWav has joined #teamhacksung
peterperfect has joined #teamhacksung
peterperfect has quit [Read error: Connection reset by peer]
DemonWav has left #teamhacksung [#teamhacksung]
<w00tc0d3> paulk-desktop: Out of curiousity; is your RIL fully working on the SGS2?
<paulk-desktop> well I wouldn't say "fully"
<paulk-desktop> w00tc0d3, btw libsamsung-ipc is only low-level
<paulk-desktop> the rest is shared across all samsung devices
<paulk-desktop> so the RIL state is the same for all the replicant samsung devices
<paulk-desktop> and it's not 100% complete already
<paulk-desktop> (for galaxy s2 as well as the other phones)
<paulk-desktop> but we have what's important, yes
<w00tc0d3> paulk-desktop: so, uh, I only have to modify libsamsung-ipc, and libril is handling with frameworks/base and that kind of things?
<paulk-desktop> basically it works like that:
<paulk-desktop> modem -> physical link -> SoC -> kernel -> libsamsung-ipc -> libsamsung-ril -> rild -> libril -> framework -> apps
<paulk-desktop> you only care about libsamsung-ipc and the rest will work
<w00tc0d3> my goal is contributing it to CM, to make codeworkx a bit more happy :p
<paulk-desktop> you want to use Replicant RIL in CyanogenMod ?!?
<w00tc0d3> if you want
<w00tc0d3> ofcourse, because it's your framework
<paulk-desktop> well I'd rather think that CyanogenMod maintainers wouldn't be OK with it
<w00tc0d3> paulk-desktop: in the end, when it's kinda working :)
<paulk-desktop> but obviously, I totally support the idea
<w00tc0d3> paulk-desktop: TBH, why wouldn't they agree?...
<paulk-desktop> because it's not 100% complete
<paulk-desktop> but well of course, if one day it is complete, then why not indeed
<paulk-desktop> it's just a slow process since I'm the only developer on it
<paulk-desktop> and I also do many other things aside
<w00tc0d3> paulk-desktop: :)
<w00tc0d3> anyways
<w00tc0d3> going off
<w00tc0d3> Cya all!
<paulk-desktop> bye :)
w00tc0d3 has quit [Quit: http://quassel-irc.org - Chat comfortabel. Waar dan ook.]
bytecode is now known as afkcode
lolwat has quit [Read error: Connection reset by peer]
chris41g has quit [Ping timeout: 240 seconds]
psychoid has quit [Ping timeout: 256 seconds]
elcuco has quit [Ping timeout: 260 seconds]
chris41g has joined #teamhacksung
chris41g has quit [Quit: ZNC - http://znc.in]
chris41g has joined #teamhacksung
<OwariDa> codeworkx: thanks!
<OwariDa> paulk-desktop: and thanks to you too, for linking to the updated repos. :)
afkcode is now known as bytecode
<paulk-desktop> OwariDa, what are you looking for actually?
d0wngrade has joined #teamhacksung
<OwariDa> paulk-desktop: looking to be able to modify the nv_data.bin file, primarily.
<paulk-desktop> ah :)
<paulk-desktop> I already performed SIM unlock there
<paulk-desktop> libsamsung-ipc won't help with that though
<paulk-desktop> we send the bare file as-is
<OwariDa> ok. :) i know it's a bit of a taboo subject on forums etc due to people using it on stolen phones etc, but i want to figure out how to change the IMEI as well.
<paulk-desktop> OwariDa, mhh why would you want to do that?
<paulk-desktop> it's probably not legal
<paulk-desktop> All I can tell is that if you search hard enough, you'll find how to do it
<chris41g> of course its not legal, but niether is unlocking phones now
<chris41g> in the states anyway
<OwariDa> paulk-desktop: here in sweden there are lots of people selling new phones, that they bought cheap since they get a 2 year subscription plan as well etc. then they stop paying for their subscription, and the phone (which they sold) gets blocked.
psychoid has joined #teamhacksung
<OwariDa> i would at least like to be able to change the IMEI to some other phone i own, that i don't use anymore.
<OwariDa> but yes. probably not legal anyway.
<d0wngrade> Had a quick question regarding Fascinate development... I cloned teamhacksung's git for fascinatemtd and extracted the files from my phone. One: one of the files isn't found on the device, and Two: in "setup-makefiles.sh" the MAKEFILE variable goes one parent too high (it goes to my home directory). Was wondering why when I source and then lunch the option for the fascinate isn't there?
<paulk-desktop> OwariDa, well then, search hard :)
<OwariDa> hehe. thanks. i've found tables used for AES and SHA-256 in the baseband code already, and CRC32. haven't seen any MD5 code so far though.
<paulk-desktop> OwariDa, it's not _that_ hard
<paulk-desktop> no encryption
<OwariDa> haha, ah. i just assumed it was encrypted.
<paulk-desktop> it's just stored "in a weird way", but not really encrypted
<chris41g> if its anything like cdma, its in backwards pairs
<paulk-desktop> we're getting close to something :)
djselbeck has joined #teamhacksung
<OwariDa> if i've understood it correctly, it's stored right after the SSNV string, which is at offset 0x180004.
shezar has joined #teamhacksung
d0wngrade has quit [Quit: Page closed]
<paulk-desktop> OwariDa, wrong offset I think
<OwariDa> oh.
<paulk-desktop> lemme find it back
<OwariDa> chris41g: any reference regarding what you mean by backwards pairs?
<chris41g> well hex is in pairs
<chris41g> 00 DD XX BB
<chris41g> would be stored as
<chris41g> BB XX DD 00
<paulk-desktop> say you were to enter a random offset, perhaps E880
<paulk-desktop> perhaps it would work, or perhaps not
<paulk-desktop> then perhaps you'd recognize your current IMEI in some way, or not
<chris41g> the individual pairs are not backwards, just the order of the pairs
<OwariDa> paulk-desktop: :D
<OwariDa> E880 is just a bunch of FF:s in my nv_data.bin, so i guess i should keep looking for random offsets. ;)
<paulk-desktop> ah my bad
<paulk-desktop> what's your phone again?
<OwariDa> GT-i9300
<paulk-desktop> this was for crespo
<paulk-desktop> one that I don't own
<paulk-desktop> I'll look on galaxy s2 (same modem), wait a sec
<OwariDa> chris41g: if only the order of the pairs are backwards, i think your example is wrong. :) you mean 00 DD XX BB -> XX BB 00 DD? otherwise it's just MSB -> LSB or LSB -> MSB?
<OwariDa> paulk-desktop: thanks!
<chris41g> by pair i mean two digits
<chris41g> not to sets of 2
<chris41g> err two sets of 2
<OwariDa> chris41g: two hexdigits, e.g, AB -> BA?
<chris41g> let me reexplain lol
<chris41g> say meid(cdma) is AB BA FF BC DF
<chris41g> it is stored as DF BC FF BA AB
<OwariDa> ok, in that case it's just reverse byte ordering?
<paulk-desktop> mhh I can't find it on galaxys2 nv_data
<OwariDa> paulk-desktop: oh. :/
<OwariDa> paulk-desktop: here's some reference to it being at offset 0x180004 -> 0x180047: http://forum.xda-developers.com/showthread.php?p=8533800
netw0rx has left #teamhacksung ["Verlassend"]
<paulk-desktop> not there on my device
<OwariDa> ok. what's your baseband?
peterperfect has joined #teamhacksung
<paulk-desktop> no idea
paulk-desktop has quit [Quit: Ex-Chat]
<OwariDa> *#22745927# doesn't seem like a valid USSD code on my phone.
<OwariDa> chris41g: is this what you you're talking about: http://forum.xda-developers.com/showthread.php?p=33029681
<chris41g> i dont think that is relevant to anything i know about
<chris41g> oh nvm, it jumped to the last post lol
<chris41g> i thought thats what you linked
<OwariDa> hehe, ah. :)
<chris41g> well no... thats actually a lot different than CDMA
<chris41g> opposite concept
<chris41g> reverse the pairs instead of their order
<OwariDa> oh. :) so what you're refering to with "reversing pairs" is just to reverse the byte-ordering?
<chris41g> yes
<OwariDa> hehe, ok.
<chris41g> that actually makes the imei look like an esn
<OwariDa> chris41g: ah.
<OwariDa> my IMEI is not stored encoded with neither reverse byte ordering, nor the method used on the LG phone, in my nv_data.bin.
<OwariDa> ah. hmm, am i correct in assuming that it's libsec-ril.so and not the actual baseband that i need to reverse to figure out the nv_data.bin format?
<OwariDa> in that case, much easier. :D
a3Dman has quit [Ping timeout: 272 seconds]
ricotz has quit [Quit: Ex-Chat]
humberos has quit [Ping timeout: 264 seconds]
bytecode has quit [Remote host closed the connection]
djselbeck has quit [Ping timeout: 276 seconds]
shezar has quit [Remote host closed the connection]
<OwariDa> hehe, ah! figured out how the nv_data.bin.md5 is calculated now. :)
<OwariDa> straight MD5 of nv_data.bin, with a final touch. ;)
<OwariDa> and yes, they do actually use encryption.
<OwariDa> now i know where the AES key is stored. ;)
peterperfect has quit [Ping timeout: 252 seconds]
arikb has quit [Remote host closed the connection]
arikb has joined #teamhacksung
jsermer has quit [Remote host closed the connection]
jsermer has joined #teamhacksung
peterperfect has joined #teamhacksung
jsermer has quit [Ping timeout: 252 seconds]
Blaguvest has quit [Quit: Leaving]