You'll have to implement this in the bootloader, which in most cases is
closed source, so roughly you'll have to:

- find the binary blob of the bootloader, probably in a factory image or
dump it from the device
- find the base address of the bootloader blob and disassemble it
properly (use IDA pro)
- find a place -big enough- where you can inject your own code for the
password prompt
- find a place in the early stages of device boot where you can place a
jump instruction and branch to your code, this should be right after the
bootloader code detects if the fastboot or odin button combinations are
pressed.

I'll suggest to write your code in C unless you are an arm assembly
guru, and try to make it the smallest possible... if the password is
correct, then it should jump back to the place right after where the
execution was interrupted with your initial jump and continue with the
normal bootloader process.

Also, I wouldn't do the tests by flashing your patched bootloader
directly into the phone (replacing the phone's stock bootloader), as a
small mistake in your patches can totally brick the device. To properly
test your patches, you'll need to find a way to place the bootloader in
RAM (from Android) and jump into it, and to do this you'll need to
disable interrupts, invalidate CPU caches, reset MMU, and continue
execution from physical address space where you've copied the bootloader
in RAM, this will simulate a reboot from bootloader but using your
patched one in RAM instead of the stock one in NAND, not an easy task I
guess... but if you have some progress, let us know :D

Cheers,

pof

On 08/23/2012 09:59 PM, Muddy Water wrote:
This may be a redundant topic but I was wondering if anyone could point
me in the direction to begin to be able to implement an on screen
password before getting into recovery and odin. I've gotten my boot logs
off to see where to begin. Just wondering if anyone can assist.

**Points I have already heard: it is pointless because it is recovery
etc...**

--
You received this message because you are subscribed to the Google
Groups "Android Security Discussions" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/android-security-discuss/-/ZC8Aiz1odiwJ.
To post to this group, send email to
android-security-discuss@googlegroups.com.
To unsubscribe from this group, send email to
android-security-discuss+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/android-security-discuss?hl=en.
--
You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
To post to this group, send email to android-security-discuss@googlegroups.com.
To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 2 of 3 | next ›
Discussion Overview
groupandroid-security-discuss @
categoriesandroid
postedAug 23, '12 at 8:00p
activeAug 24, '12 at 5:21p
posts3
users3
websiteandroid.com

People

Translate

site design / logo © 2019 Grokbase