search

TomKing062 / CVE-2022-38694_unlock_bootloader

This is a one-time signature verification bypass. For persistent signature verification bypass, check https://github.com/TomKing062/CVE-2022-38691_38692
259 stars 38 forks source link

unlock fail (device got removed itself and went back) #118

Open d3formed opened 4 hours ago

d3formed commented 4 hours ago 
          new zip unloaded

_Originally posted by @TomKing062 in https://github.com/TomKing062/CVE-2022-38694_unlock_bootloader/issues/116#issuecomment-2365016378_

PS C:\Users\Huy\Downloads\ums9230_universal_unlock> .\spd_dump.exe exec_addr 0x65015f08 fdl spl-unlock.bin 0x65000800
branch:stable, sha1:ab12243f174ba4a37f28feb5cc729b91331fcc83
current exec_addr is 0x65015f08
Waiting for connection (30s)
CHECK_BAUD bootrom
BSL_REP_VER: "SPRD3\0"
CMD_CONNECT bootrom
SEND spl-unlock.bin to 0x65000800
SEND custom_exec_no_verify_65015f08.bin to 0x65015f08
EXEC FDL1
CHECK_BAUD FAIL
device removed, exiting...
PS C:\Users\Huy\Downloads\ums9230_universal_unlock>

UartComm_COM_6_2024_09_22.log:

[2024-09-22 14:11:51:620] ===============================C:\Users\Huy\Downloads\ums9230_universal_unlock\spd_dump.exe
[2024-09-22 14:11:54:439] Read: Call ClearCommError() fail, [ErrorCode: 0x000003E3].
[2024-09-22 14:11:54:951] Call Clear() fail, [ErrorCode:0x00000016].
d3formed commented 4 hours ago

*also FDL2 responded with "Incompatible partition(s)" when running spd_dump --wait 300 exec_addr 0x65015f08 fdl fdl1-dl.bin 0x65000800 fdl fdl2-dl.bin 0x9efffe00 exec r splloader r uboot e splloader e splloader_bak reset

TomKing062 commented 2 hours ago

spl-unlock.bin is designed to a reboot if it not reboot, that's a problem

TomKing062 commented 2 hours ago

and i re uploaded again to fix batch(change %errorlevel% to !errorlevel!)