Osmocombb: Difference between revisions
From HacDC Wiki
(→Prereqs: fixing link to software build notes) |
(→Load OsmocomBB: trying to figure out the steps to install the "menu" image) |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 9: | Line 9: | ||
==Order== | ==Order== | ||
* get clean firmware image | * get clean firmware image | ||
* load osmocombb firmware | * load osmocombb firmware (see [http://bb.osmocom.org/trac/wiki/flashing_new#actualinstallation this]) | ||
* do evil things | * do evil things | ||
== | ==Get Clean Firmware Image== | ||
* start loader in ram (for c140 or c139) | |||
$ osmocon -p /dev/ttyUSB0 -m c140xor target/firmware/board/compal_e86/loader.compalram.bin | |||
* in a new window dump the firmware | |||
$ osmoload memdump 0x000000 0x7fffff stock_flash.bin | |||
* go get a cup of caffiene | |||
==Load OsmocomBB== | |||
* for reference: http://bb.osmocom.org/trac/wiki/flashing_new | |||
# run the following in a terminal (it should not return): | |||
$ $REPO/src/host/osmocon/osmocon -p /dev/ttyUSB0 -m c140xor target/firmware/board/compal_e86/loader.compalram.bin | |||
# "Briefly press the power-on button of your phone (short push, not like a regular phone boot!)." | |||
# see [http://bb.osmocom.org/trac/wiki/flashing_new#Bootingthephonedownloadingloadertoram this] for details of expected output | |||
# If output is as expected, then continue | |||
=== Load Loader === | |||
Load the "loader" into ram and | |||
# in a new terminal run: | |||
$ $REPO/src/host/osmocon/osmoload memdump 0x000000 0x2000 compal_loader.bin | |||
# if success continue | |||
===Install Loader=== | |||
Install the "loader" to flash. | |||
# run: | |||
host/osmocon/osmoload fprogram 0 0x012000 target/firmware/board/compal_e86/?loader.compalram.bin? | |||
# | |||
==Do Evil Things== | ==Do Evil Things== | ||
Latest revision as of 17:09, 4 December 2014
WIP
notes on using osmocombb to abuse feature phones. this is a work in progress. the above section label will be removed once complete.
Prereqs
Order
- get clean firmware image
- load osmocombb firmware (see this)
- do evil things
Get Clean Firmware Image
- start loader in ram (for c140 or c139)
$ osmocon -p /dev/ttyUSB0 -m c140xor target/firmware/board/compal_e86/loader.compalram.bin
- in a new window dump the firmware
$ osmoload memdump 0x000000 0x7fffff stock_flash.bin
- go get a cup of caffiene
Load OsmocomBB
- for reference: http://bb.osmocom.org/trac/wiki/flashing_new
- run the following in a terminal (it should not return):
$ $REPO/src/host/osmocon/osmocon -p /dev/ttyUSB0 -m c140xor target/firmware/board/compal_e86/loader.compalram.bin
- "Briefly press the power-on button of your phone (short push, not like a regular phone boot!)."
- see this for details of expected output
- If output is as expected, then continue
Load Loader
Load the "loader" into ram and
- in a new terminal run:
$ $REPO/src/host/osmocon/osmoload memdump 0x000000 0x2000 compal_loader.bin
- if success continue
Install Loader
Install the "loader" to flash.
- run:
host/osmocon/osmoload fprogram 0 0x012000 target/firmware/board/compal_e86/?loader.compalram.bin?