>
New Topic
>
Reply<
Esato Forum Index
>
Sony Ericsson / Sony >
Software, Firmware and Drivers
> DB2010 hacking research
Bookmark topic
Hi,
I want to read the raw FLASH of DB2010 phones.
Because of that I am investigating the DB2010 hacking tools like SETOOL, SEFP, JDFlasher, and trying to understand how they works.
I have K500 phone with CID 29. I see that those tools sends 2 bootloaders that signed:
db2010_CID00_R2F_id and db2010_CID00_R2E_cert.
after that they able to send unsigned bootloader of name: hendrixR2Eldr.
What exactly the weakness here? how its possible to send unsigned code that accepted?
I am reverse-engineering the bootloaders and trying to understand the code behind of it.
Somebody know about it that we can share information?
Thanks,
Ikee.
--
Posted: 2009-08-20 12:41:14
Edit :
Quote
New Topic
Reply
