Prijava na forum:
Ime:
Lozinka:
Prijavi me trajno:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:

ConQUIZtador
nazadnapred
Korisnici koji su trenutno na forumu 0 članova i 0 gostiju pregledaju ovu temu.
Idi dole
Stranice:
1 ... 21 22 24 25 ... 45
Počni novu temu Nova anketa Odgovor Štampaj Dodaj temu u favorite Pogledajte svoje poruke u temi
Tema: Symbian s60v3, s60v3 FP1, UIQ - protection kacked!  (Pročitano 44719 puta)
Veteran foruma
Jet set burekdzija


Mobilni Manijak

Zodijak Aquarius
Pol Muškarac
Poruke 7252
Zastava Makedonija
OS
Windows XP
Browser
Opera 9.24
mob
Samsung S6 & Lumia 9
ME verzija je u pitanju, na obicnu ne mogu da se vratim dok ne izbace nov firmware za njega Smile

Ajde sada Pocasti svi nas sa Temama Original koje imas na ME a to je da nam iskopiras i postavis Sve teme a to nacices u :

os9.1
Z:\private\10207114\import  -- ovo vazi za tebe

os9.2
Z:\resouce\skin
Z:\private\10207114\import
IP sačuvana
social share
Pogledaj profil WWW GTalk Skype Twitter Facebook
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Prijatelj foruma
Hronicar svakodnevice


Zodijak Pisces
Pol Muškarac
Poruke 939
OS
Windows XP
Browser
Opera 9.25
mob
LG Nexus 4
 Smile

Fajlovi prikačeni uz poruku (kliknite na slike za punu veličinu)

*
ME themes.rar (1114.44 KB)
IP sačuvana
social share
Pogledaj profil
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Veteran foruma
Jet set burekdzija


Mobilni Manijak

Zodijak Aquarius
Pol Muškarac
Poruke 7252
Zastava Makedonija
OS
Windows XP
Browser
Opera 9.24
mob
Samsung S6 & Lumia 9
Smile

Ogromno Hvala do tebe Brate za ove Teme Svaka Cast imas 100% Reputacija od Mene  Smile Smile
IP sačuvana
social share
Pogledaj profil WWW GTalk Skype Twitter Facebook
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Prijatelj foruma
Hronicar svakodnevice


Zodijak Pisces
Pol Muškarac
Poruke 939
OS
Windows XP
Browser
Opera 9.25
mob
LG Nexus 4
Nemoj tako, da nije bilo tebe ne bi ni bilo tema. Smile Mozes li mi jos reci gde se menja font u memoriji telefona? Dosad sam drzao na kartici font, ali zbog toga nisam mogao da koristim mass storage. Hvala unapred.
« Poslednja izmena: 29. Jan 2008, 15:34:25 od qwerty »
IP sačuvana
social share
Pogledaj profil
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Veteran foruma
Jet set burekdzija


Mobilni Manijak

Zodijak Aquarius
Pol Muškarac
Poruke 7252
Zastava Makedonija
OS
Windows XP
Browser
Opera 9.24
mob
Samsung S6 & Lumia 9
Neznam tacno gde se nalazi font procackaj sve foldere ako te ne mrzi ali najbolje je da skines program FontRouter[1].LT.for.v9.Build20071109.unsigned sa njega je mnogo jednostavnije da promenis font samo stavis original od PC direkno na fonu bes prerada ili bilo sta
IP sačuvana
social share
Pogledaj profil WWW GTalk Skype Twitter Facebook
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Ucesnik diskusija


Zodijak
Pol
Poruke 169
OS
Windows XP
Browser
Opera 9.02
mob
Nokia E50
Evo jos jednog tutorijala za probijanje zastite koji sam nasao na mobilnisvet. Kako sam autor Phantom Lord kaze, nema bojazni da pokvarite telefon jer se ne radi sa NSU-om. Ali tvrdi da telefoni sa fp1 imaju problem sa ovom metodom. I jos nesto, ova metoda je privremena jer kad ugasite telefon hack se brise i morate sve ponovo..


First of all: you can get the needed files from

http://fca00000.googlepages.com/hack_perms_s60v3.rar


1) Current state:
In S60v3, Symbian implemented a security mechanism: applications need to be signed in order to access some services.
A developper can self-sign his own applications, but the most critical services need a powerful certificate, which not everyone can afford.
For example, you can not make a file browser able to access c:\sys . This is not very important, but some people feels that they should be able
to do anything they want.

2) The theory:
When a program is signed and you install it, its privileges are stored in a internal folder. When the program is executed and
tries to access a service, the privileges are checked. If they don't match, the service can not be executed, and gives an error.
In the PC emulator for Symbian, it is possible to overrride this, so that missing privileges give a warning, not an error.
This is controlled through a file called EPOC.INI that includes a line like
PlatSecEnforcement OFF
In the phone, this is not modifiable directly.
The routine controlling this is called
DProcess::DoHasCapability(TCapability , char const)

In my Nokia N80, this is at F80478BC and says
....
F8047968 BL log_missing_capabilities (F80458D8)
....

Look at F80458D8:
....
F8045930 LDR R0, =pSuperPage
F8045934 LDR R0, [R0]
F8045938 LDR R0, [R0,#0x148]
F804593C TST R0, #2
F8045940 BEQ loc_F804597C
F8045944 ADR R1, aError
F8045948 MOV R0, R1
....


Basically, this looks at the data at [pSuperPage+0x148] and checks bit 2.
If it is set, any missing capability will give an error.
If not, it will log the problem, but the check will succeed.

So, all you need to do is to change this value.

In my mobile, pSuperPage has value 0x60000000, so the data is stored at 0x60000148

3) the hack:
The programming enviroment Carbide.c++ v1.2 includes a file called s60_3_0_app_trk_2_7.sisx
It also comes with CodeWarrior Pro for Symbian, although it is version S60_App_TRK_2_5.sisx
This file is a On-Device-Debugger, used to run programs inside the phone, and see the flow and data in the PC.
In my experience, CodeWarrior is easier to use for debugging.
It allows to look at the program registers, phone memory, processes, and change the data.
At memory address 0x60000148 the value stored is 0x0000001E , which means that
PlatSecEnforcement is ON
So, change it from 0x0000001E to 0x00000010 and you get all the permissions !

4) The tools:
You need a Nokia phone using Symbian 9 .
You also need some way to connect it to a PC, for example USB or bluetooth. Infrared is not valid.
Next step is the MetroTRK.
If you have CodeWarrior, it is the preferred solution. If not, I made a Python program to emulate it.
If you have IDA-disassembler a a ROM dump, then you can investigate in case it doesn't work.

5) The phone:
I have tested with Nokia-N80. I suppose it works with any phone using S60v3.
The changes I make are only in memory. This means that when the phone is switched-off, the hack dissapears.
You need to run it again after a restart. I know this is a limitation, but a permanent solution will come later.
On he other hand, this is good: there is (almost) no risk on permanently breaking your phone.
Of course, do it under your own risk. I take no responsability

6) The connection:
I use a USB cable labelled CA-42 which is a simple data cable; no fancy stuff.
Connect the phone to the PC.
The phone asks the mode you want to use: 'PC Suite'
My operating system is Windows-XP and my PC detects automatically the driver, installing
something called 'Nokia N80 USB modem'.
If not, drivers are available in many places, for example
http://www.nodevice.es/driver/CA-42/get37496.html
If you have PC-Suite, you probably have the driver already. But remember that you need to disable in the PC: stop the program.
At this point, you probably have a new serial port:
Control Panel->System->Hardware->Device Manager->Ports
should show
'Nokia N80 USB (COM6)'
It might happen that you have both COM6 and COM7 . You will need to try both.

7) The MetroTRK:
This is a debugger that installs in the phone. It has powerfull permissions and a strong certificate, which allows to read/write memory.
Transfer the file s60_3_0_app_trk_2_7.sisx into your mobile, and install it.
You should see a new application called 'TRK'.
Run it.
By default it tries to use BlueTooth, so it might give an error because no available ports.
Options->Settings->Connection=USB
Options->Settings->Port=1
Options->Settings->Baud Rate=115200
Options->Connect should tell:
Welcome to TRK for Symbian OS
Status: Connected
PDD: NONE
LDD: EUSBC
CSY: ECACM
Port Number: 1
Baud rate: 115200

This is the most difficult step.
If you get
'Failed to open port.Error Code: -21'
this means that your PC is not talking to the mobile. This is the case when the driver is not installed.

7.1) You need another program called HelloCarbide . It is a simple example. Install it in c:
You also need to transfer HelloCarbide.exe directly under c:\HelloCarbide.exe using any FileBrowser, ex: SExplorer

Cool The hacker:
If you have CodeWarrior, go to 8.2 . If not, go to 8.1
8.1) I made a program called hack_perms_s60v3.py
It is written in pyhton, so you need Python25 from www.python.org
It uses the serial port, so you also need pyserial (http://sourceforge.net/projects/pyserial)
and probably pywin32 (http://sourceforge.net/projects/pywin32)
Download the binaries and execute them. As simple as that.

My program uses COM6 at line
ser = serial.Serial(5)
If you have another port, change this number. COM6 = port 5

Run my program by typing
hack_perms_s60v3.py

It logs a lot of information. In case of problems, investigate. I _might_ try to help.

If you get
serial.serialutil.SerialException: could not open port: ... The system cannot find the file specified.
this means that the port doesn' exist.

If you get
serial.serialutil.SerialException: could not open port: ... The process cannot access the file because it is being used by another process.
this means that there is another program using the port. Most probably you are trying COM7 instead of COM6.

If it hangs after
sendFrame=00
sendFrame=FF
sendFrame=7E
this means that MetroTRK is not running in the mobile.

If everything goes OK, it takes 40 seconds and the last line are:
Close
End+Exit

Look at the trace: you should see 2 lines like:
Read Memory 60000148=1E 00 00 00
candidate!!!

This is good. It means that it found the correct address and patched it.

8.2) If you have CodeWarrior and know how to use it, it is better.
Load any program you have (HelloWorld.mmp is perfect) and start a mobile debugging session:
The target should be GCCE UDEB .
In its settings->Remote Debugging->Connection = Symbian Metro TRK
Same window->Edit Connection->Connection Type=Serial ; Port = COM6
Same window->Remote dowload path = c:\
settings->Remote Download-> Remove any file here
Remember that, because of security, applications can't be downloaded into c:\sys\bin , so they
need to be installed before. I do this manually.
See:
http://www.mobilenme.com/content/view/41/26/
http://mikie.iki.fi/wordpress/?p=33#comment-6299
http://www.newlc.com/topic-5398
http://discussion.forum.nokia.com/forum/showthread.php?t=72632
http://discussion.forum.nokia.com/forum/showthread.php?t=80807

Now, start debugging the program.
You should see the 'Metro TRK Communication Log' with lots of information.
Break the program.
Select the stack.
Menu->Data->View Memory . Ignore the error
Display 0x60000000
Look at 0x60000148. Probably has value 0x1E
Double-click, and type 0x10. Hit enter.
Run program.
Close Thread window. Resume.

9) Advanced:
If you have IDA-disassembler and a ROM dump, you can see the actual code.
This is a heavy task, but the main file is ekern.exe
You can get a full Dump using this Symbian code:
RFs fileSession;
fileSession.Connect();

RFile file;
file.Replace(fileSession, _L("e:\\F8000000.bin"), EFileWrite);

TBuf8<0x200> buf;

TUint8 *p =(TUint8*)0xF8000000; // (TUint8*)0xF8000000;
TUint8 *pEnd = (TUint8*)0xFA000000; // (TUint8*)0xFA000000;
TUint8 iVal = 0;
for(;p < pEnd;p++)
{
iVal = *p;
buf.Append(iVal);

if(buf.Length() == buf.MaxLength())
{
file.Write(buf);
buf.Zero();
}
}

file.Close();
fileSession.Close();
And then extract files using ROMTools from Syminternals. If you can't get it, I can provide it.
To use IDA, get the Symbian SDK, and process through ROMTools . Name the routines and study the disassembled code.

10) Test:
Start any application which needs pivileges. I tried SExplorer and TrueExplorer, and I was able to
browse c:\sys , although:
10.1) SExplorer can not access Z:\sys
10.2) TrueExplorer can not find files under c:\sys\bin

p.s. ovde su ustvari u pitanju dve metode i dovoljno je samo procitati tekst do tacke 8.2.
« Poslednja izmena: 09. Mar 2008, 19:49:09 od senadomen »
IP sačuvana
social share
Pogledaj profil
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Clan u razvoju


Zodijak Cancer
Pol Muškarac
Poruke 31
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.12
mob
Nokia E61
Nisam ja autor vec cuveni 'FCA00000' koji uskoro najavljuje trajno resenje ili aplikaciju koja ce uklanjati ogranicenja direktno sa telefona.Inace ovo radi provereno na svim symb 9.1 telefonima,a blizu su i da razbiju fp1  Smile
IP sačuvana
social share
I have my fears,but they don't have me...
Pogledaj profil Skype
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Prijatelj foruma
Zvezda u usponu


Samsung Galaxy S6 - Galaxy S4 - Sony Arc S

Zodijak Leo
Pol Žena
Poruke 1265
OS
Windows XP
Browser
Opera 9.26
mob
Samsung Galaxy S6 White
Ma sigurno će već neko da smisli način kako da se preskoči ova zaštita.. Nema šanse da ostane na ovome... Smile
IP sačuvana
social share
Život se ne meri brojem udisaja, već brojem trenutaka koji ODUZIMAJU DAH...
Pogledaj profil WWW Twitter
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Poznata licnost


Ko gubi,ima pravo da se ljuti...

Zodijak
Pol Muškarac
Poruke 3217
Zastava Trieste
OS
Windows XP
Browser
Mozilla Firefox 1.5.0.12;
mob
Apple Iphone 4s
Ma sigurno će već neko da smisli način kako da se preskoči ova zaštita.. Nema šanse da ostane na ovome... Smile
na ovome,da ne moze da se instalira nijedna app ako nemas stari cer file jer onaj site neradi  Smile
IP sačuvana
social share



dno dna-ŠIPNIJA!!!
Pogledaj profil
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Prijatelj foruma
Zvezda u usponu


Samsung Galaxy S6 - Galaxy S4 - Sony Arc S

Zodijak Leo
Pol Žena
Poruke 1265
OS
Windows XP
Browser
Opera 9.26
mob
Samsung Galaxy S6 White
Ma ja verujem da će se rešenje naći na bazi "sređivanja" celokupnog sistema... Smile
IP sačuvana
social share
Život se ne meri brojem udisaja, već brojem trenutaka koji ODUZIMAJU DAH...
Pogledaj profil WWW Twitter
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Idi gore
Stranice:
1 ... 21 22 24 25 ... 45
Počni novu temu Nova anketa Odgovor Štampaj Dodaj temu u favorite Pogledajte svoje poruke u temi
nazadnapred
Prebaci se na:  

Poslednji odgovor u temi napisan je pre više od 6 meseci.  

Temu ne bi trebalo "iskopavati" osim u slučaju da imate nešto važno da dodate. Ako ipak želite napisati komentar, kliknite na dugme "Odgovori" u meniju iznad ove poruke. Postoje teme kod kojih su odgovori dobrodošli bez obzira na to koliko je vremena od prošlog prošlo. Npr. teme o određenom piscu, knjizi, muzičaru, glumcu i sl. Nemojte da vas ovaj spisak ograničava, ali nemojte ni pisati na teme koje su završena priča.

web design

Forum Info: Banneri Foruma :: Burek Toolbar :: Burek Prodavnica :: Burek Quiz :: Najcesca pitanja :: Tim Foruma :: Prijava zloupotrebe

Izvori vesti: Blic :: Wikipedia :: Mondo :: Press :: Naša mreža :: Sportska Centrala :: Glas Javnosti :: Kurir :: Mikro :: B92 Sport :: RTS :: Danas

Prijatelji foruma: Triviador :: Nova godina Beograd :: nova godina restorani :: FTW.rs :: MojaPijaca :: Pojacalo :: 011info :: Burgos :: Sudski tumač Novi Beograd

Pravne Informacije: Pravilnik Foruma :: Politika privatnosti :: Uslovi koriscenja :: O nama :: Marketing :: Kontakt :: Sitemap

All content on this website is property of "Burek.com" and, as such, they may not be used on other websites without written permission.

Copyright © 2002- "Burek.com", all rights reserved. Performance: 0.123 sec za 12 q. Powered by: SMF. © 2005, Simple Machines LLC.