wiki:Android/HTC/HackingTools

Hacking Tools

For the complete list of my articles on Android devices and software, including analysis of devices and system firmware, lists of external resources and tools, and How-To instructions, check the front page of this wiki under the Android heading.

A list of links to, and where appropriate, description and examples of using, various tools created by enthusiasts and hackers.

Custom Tools

To aid in the analysis I'm writing some custom tools. Where appropriate I'll add them to my public git repository which can be found at:

git://tjworld.net/

Here's a list of tools and how to get the source-code.

Binary Match

git clone git://tjworld.net/binmatch.git

binmatch performs a binary-matching search for the file <needle> in the file <haystack>,
reporting the offset of <needle> in <haystack> for each occurrence.

Offsets are reported in hexadecimal unless the "-d" decimal option is used.

Program information messages are written to stderr to avoid confusing the matching address
reports that are written to stdout. This allows the program to be used with pipes and further filters.

The program uses memory-mapped files to make the search as efficient as possible.

Usage: ./binmatch:  [-d] -n <needle> -h <haystack>
    -d    print matching addresses in decimal not hexadecimal
    -n    path to the file containing the needle
    -h    path to the file containing the haystack

    Information messages are written to stderr and only matches are written to stdout.
    This allows the output to be piped through other filters.

Example of searching for suspected AES-256 keys:

# for IMG in $(ls *.img); do ../../binmatch -n hash.dat -h $IMG; done
Base:	hexadecimal
Needle:		          16	hash.dat
HayStack:	     8961536	mmcblk0p12.img
Searching...
Done.
Base:	hexadecimal
Needle:		          16	hash.dat
HayStack:	     3145728	mmcblk0p13.img
Searching...
0x00000000 matches
0x002FFE00 matches
Done.


Flash Update Images

 nbimg - HTC splash screen tool

A command line tool which allows to convert HTC Splash Screen images from NB to BMP and create NB splash screens from BMP format. Any splash screen size is supported (yes, it works for Diamond or Athena at 640×480 resolution too).

 CDMA Workshop - CDMA device unlock/flash/editor for Windows.

CDMA Workshop is a professional universal service software, developed to work with any CDMA 450/800/1900/EVDO(1xEVDO)/etc phones, fixed terminals, data cards/modems based on any Qualcomm chipsets.