Re: I found an exploit in boot1.5 4.4.0.8!
Posté: 20 Jan 2018, 16:33
I've checked your test.img fields tree.
Unfortunately, it cannot be flashed correctly with BtMg because your 0x8000 HHackers field doesn't specify its size correctly (according to the TI-Certificate format).
Here is test.img structure :
Any way to improve the special 0x8000 field ?
And I'm not sure to understand why the Boot2 image is present in this field, and why the executed code is after it.
Unfortunately, it cannot be flashed correctly with BtMg because your 0x8000 HHackers field doesn't specify its size correctly (according to the TI-Certificate format).
Here is test.img structure :
- Code: Tout sélectionner
8000: BOOT1.5
-8070: BOOT1.5 code
8000:HHackers! (wrong size)
-8070
--8000: BOOT2
---8070: BOOT2 code
--0290
--0340
--0290
--FFF0
--3 null bytes
--code
Any way to improve the special 0x8000 field ?
And I'm not sure to understand why the Boot2 image is present in this field, and why the executed code is after it.