search

TomKing062 / CVE-2022-38694_unlock_bootloader

This is a one-time signature verification bypass. For persistent signature verification bypass, check https://github.com/TomKing062/CVE-2022-38691_38692
258 stars 37 forks source link

TWRP recovery sign for zte blade v2020 smart (unisoc sc9863a) #107

Closed no-name27 closed 1 month ago

no-name27 commented 1 month ago

Hello, can you tell me if I can sign recovery.img twrp , as I signed boot.img so that the phone doesn't go into bootloop?

I signed boot.img for magisk using this command

python2 avbtool add_hash_footer --image AIK/image-new.img --partition_name boot --partition_size 36700160 --key rsa4096_boot.pem --algorithm SHA256_RSA4096 --prop com.android.build.boot.os_version:10 --rollback_index 1 --salt 5F55215FD2302D021F850B55912ED48D176784678692DC012E054B1ECD0BE025

I signed --prop com. android.build.boot.os_version:10 --rollback_index 1 so that the phone does not go to bootloop, because the original file also has this signature

Is there an alternative rsa4096_boot.pem for recovery?

TomKing062 commented 1 month ago

recovery is still protected after BL unlocking recovery (signed as boot) can flash to boot partition(for temporary use)