Skip to main content

Posts

Showing posts from May, 2015

How a $30 Phone Caused Me a Headache & Write Protection Woes.

How a $30 Phone Caused Me a Headache & Write Protection Woes.

A few months ago while I was playing cards in my Physics class, my friend Quincy Jones comes up to me and said
“Hey, I have a crappy old ZTE phone my grandma gave me, and I know that you like messing around with this kind of stuff. You want it?”

Heck Yeah! Should be fun. Quick/Easy to root, then work on getting TWRP ported, etc. Right? No.

To begin, this phone runs ZTE’s (in my opinion horridly ugly) Jelly Bean 4.1.2. It is labeled Z796C, which, after a quick google search, is called the ZTE Majesty on Straight Talk Wireless (The carrier would later cause me multiple headaches, but we’ll get to that. Upon googling “ZTE Majesty Root” I was greeted by a SINGLE thread about the phone. No big surprise, it’s not a well sold device. The thread was about 8 pages of people complaining about how it hadn’t been rooted. They all said they had tried “every method”, which, at the time, I didn’t believe.

This phone runs 4.1.2, which means…

Breaking Samsung's Security

Problem: The Verizon Galaxy S4 is bootloader locked.

Well, what exactly is a Locked Bootloader? A locked bootloader checks for a digital signature on certain images/partitions on the device. This prompted me to begin to research ways to work around this.

The Verizon Galaxy S4 (hereon referred to as VZW S4) checks the integrity of signatures on all of the following partitions;
-Boot (boot.img)
-TrustZone (TZ.img)
-Aboot(aboot.mbn)
-RPM (RPM.mbn)
-SBL1 (sbl1.mbn)
-SBl2 (sbl2.mbn)
-SBl3 (sbl3.mbn)
-The Partition Map (JFLTE_USA_VZW.pit)
-Recovery (recovery.img)

-Modem
-NON-HLOS
Partitions not checked:

-System (/system, only checked during OTA Update)
-Persdata (/Data)
-Cache (/cache)