-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tab10CPro Strings #66
Comments
You have (presumably) the Base64 decoded string. Post libota_jni.so and I'll check without Java. |
Yes, they do look like hexadecimal numbers. libota_ini.so is here: |
I get the same results as you. The strings we've been using have been 44 characters which can be evenly base64 converted to 33 bytes or 264 bits. This new libota_jni.so has a third JNI function, Java_com_onyx_android_onyxotaservice_RsaUtil_nativeDecryptFile |
@junrenshi Could you please upload your |
The file is now moved to /sys/priv-app/OnyxOtaService/. Here is the file: |
Would you have a link for that update.upx? |
Works nicely for me. :)
|
Great! You did that. Can I do that as well? |
That was my proof of concept, extracting without Python or Java. You can mod the stock DeBooxUpd to only work for the Tab10CPro. Just insert these two lines in DeBooxUpd, line 287, right after self.path: str =
|
Great! It also works for me. Thanks a lot! |
Hey guys, Recently got my Note air 3C, after looking at both Previously there was a function which returns the AES secret key ( Now for my new device with Now there are two functions exported from the libota_jni.so dynamic library that return the direct AES secret key and AES IV. This means that the fancy DES decryption is no longer needed but rather the parameters can be feed straight into AES to perform the decryption. Here is a modified version of the script to extract the new private key/IV
Below I have attached the corresponding binaries and screenshots of the new apk and library functions. |
For now we can just backtrack to the strings:
|
This comment was marked as off-topic.
This comment was marked as off-topic.
Thank @RenateUSB and @hexomethyl ! I'm thinking that we could store these strings in |
@Hagb I think that there are a number of ways to do this:
I think that (1) is the best solution. It's less text. It's the way forward. |
@RenateUSB Thank you! The solution (1) and the code looks good to me. |
Close this issue by d48b8cb |
I install GetBooxUpxKeys in a Boox Tab 10C Pro, and get outputs:
Using the strings to decrypt update.upx results in error:
It seems GetBooxUpxKeys cannot get correct strings for this new device.
The text was updated successfully, but these errors were encountered: