Category Archives: 보안

G2 Lollipop 순정 루팅

For many foreigners.
First of all, thank you for visiting my blog. However below description is written in Korean. Perhaps, it is hard to understand. Threrfore, I recommand you to read these article

[Working][How To] Lollipop Root from LGG3


http://forum.xda-developers.com/android/development/guide-root-method-lg-devices-t3049772
thanks for translation to Unjustified Dev.

 

아래는 순정 G2(F320S), 30D 의 루팅과정을 안내한다.
아름다운 건축자재가 만들어 질 수 도 있으나 모든 책임은 엔터치는사람이…
LG는 루팅하면 소프트웨어뿐만아니라 하드웨어 게런티 까지 모두 Void 됨을 명심!

필요한 파일 :
http://download.chainfire.eu/supersu에서 UPDATE-SuperSU-v2.45.zip
rooting require 에 들어있는 busybox, g2_root.sh, Push_File.exe, Send_Command.exe
USB드라이버는 필요가 아니라 필수다.

Step1
MTP 모드로 연결하면 LGE Mobile USB Serial Port(v:1004,p:633E)로 잡는다
포트번호를 알아내야한다(생략)

Step2
Send_Command를 실행한다음 “ENTER”를 입력하면 폰이 다운로드 모드로 간다.
(ex: Send_Command.exe \\.\COM5)

Step3
Push_File로 g2_root.sh와 busybox, UPDATE-SuperSU-v2.45.zip 를 적당한 위치(/data)에 집어넣는다.(정상적으로 파일이 들어갔는지 확인해야한다!)
(ex: Push_File.exe \\.\COM5 g2_root.sh /data/g2_root.sh)

Step2
Push_File.exe로 파일전송시 에러율이 높아 adb로 전송해놓고 루팅과정을 시작한다.
adb push g2_root.sh /data/local/tmp/
adb push busybox /data/local/tmp/
adb push UPDATE-SuperSU-v2.45.zip /data/local/tmp/
(thanks for this idea to Unjustified Dev)

Step3
Send_Command를 실행한다음 “ENTER”를 입력하면 폰이 다운로드 모드로 간다.
(ex: Send_Command.exe \\.\COM5)

Step4
Send_Command를 실행시키면 루트쉘이 떠있다.
“sh /data/local/tmp/g2_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.45.zip /data/local/tmp/busybox” 를 입력해준다. (뭔가 주르륵 뜰것이다.)

Setp5
Send_Command창에 LEAVE 를 입력해주면 재부팅 되며 루팅이 되어있을것이다.

ps.
/data에 넣은 파일들은 직접 지워줘야된다(놔둬도 용량얼마안되지만).
커맨드가 잘 안먹힐 가능성이 높다. 반복하다보면 된다.(하지만 업데이트는 없다)
큰 용량은 PushFile로 안들어간다(대충 15mb 까지)
테스트는 winxp, F320s로 해봄.

If it helped you, please support my works

 

qcdlcomm just for a mirror

검열과 개인정보 유출에 대처하는 방법 Ways to deal with censors and leak of personal information

검열과 개인정보 유출에 대처하는 방법
Ways to deal with censors and leak of personal information

검열 –
얼마전 까지만 해도 웹검색을 하다보면 여러 문장을 짜깁기 한것처럼
문법상으론 문제가 없지만 읽다보면 무슨말인지 하는 낚시 블로그를 많이 접할 수 있었다.
“얼마전 법상으로 해도 없지만 하다보면 문제가 한것처럼 웹검색을 하는.. ”
검열 역시 이러한 형태로 계속 쓰레기 트래픽을 만든다면 어느것이 실제로 검열이 필요한것인지 알수 없게된다.
참고 – http://pdos.csail.mit.edu/scigen/
http://www.htmlgoodies.com/JSBook/sentence.html

개인정보 유출-
이미 내 개인정보는 공공재다. 너의 개인정보도 공공재다.
하지만 “김온리 주민번호 900614-1234567” 이라는 허위 정보를 흘려 누군가가 이것을 사용하는것을
허니팟 처럼 캐치(는 국가가 해야겠지) 한다면 어디서 주민번호를 유출하고 사용하는지 트래킹이 가능할것이다.
또는 “김온리 900614-1111111, 김온리 900614-2222222, 김온리 900614-3333333 ….” 이런식으로 허위정보를 만들어서
온라인에 대거 유통한다면 중간에 실제 정확한 정보가 있다 할지라도 이것은 개인을 식별할수 있는 정보라고 하기 힘들어진다.

JE – Jump if Condition Is Met

Code Mnemonic Description
77 cb JA rel8 Jump short if above (CF=0 and ZF=0)
73 cb JAE rel8 Jump short if above or equal (CF=0)
72 cb JB rel8 Jump short if below (CF=1)
76 cb JBE rel8 Jump short if below or equal (CF=1 or ZF=1)
72 cb JC rel8 Jump short if carry (CF=1)
E3 cb JCXZ rel8 Jump short if CX register is 0
E3 cb JECXZ rel8 Jump short if ECX register is 0
74 cb JE rel8 Jump short if equal (ZF=1)
7F cb JG rel8 Jump short if greater (ZF=0 and SF=OF)
7D cb JGE rel8 Jump short if greater or equal (SF=OF)
7C cb JL rel8 Jump short if less (SF<>OF)
7E cb JLE rel8 Jump short if less or equal (ZF=1 or SF<>OF)
76 cb JNA rel8 Jump short if not above (CF=1 or ZF=1)
72 cb JNAE rel8 Jump short if not above or equal (CF=1)
73 cb JNB rel8 Jump short if not below (CF=0)
77 cb JNBE rel8 Jump short if not below or equal (CF=0 and ZF=0)
73 cb JNC rel8 Jump short if not carry (CF=0)
75 cb JNE rel8 Jump short if not equal (ZF=0)
7E cb JNG rel8 Jump short if not greater (ZF=1 or SF<>OF)
7C cb JNGE rel8 Jump short if not greater or equal (SF<>OF)
7D cb JNL rel8 Jump short if not less (SF=OF)
7F cb JNLE rel8 Jump short if not less or equal (ZF=0 and SF=OF)
71 cb JNO rel8 Jump short if not overflow (OF=0)
7B cb JNP rel8 Jump short if not parity (PF=0)
79 cb JNS rel8 Jump short if not sign (SF=0)
75 cb JNZ rel8 Jump short if not zero (ZF=0)
70 cb JO rel8 Jump short if overflow (OF=1)
7A cb JP rel8 Jump short if parity (PF=1)
7A cb JPE rel8 Jump short if parity even (PF=1)
7B cb JPO rel8 Jump short if parity odd (PF=0)
78 cb JS rel8 Jump short if sign (SF=1)
74 cb JZ rel8 Jump short if zero (ZF = 1)
0F 87 cw/cd JA rel16/32 Jump near if above (CF=0 and ZF=0)
0F 83 cw/cd JAE rel16/32 Jump near if above or equal (CF=0)
0F 82 cw/cd JB rel16/32 Jump near if below (CF=1)
0F 86 cw/cd JBE rel16/32 Jump near if below or equal (CF=1 or ZF=1)
0F 82 cw/cd JC rel16/32 Jump near if carry (CF=1)
0F 84 cw/cd JE rel16/32 Jump near if equal (ZF=1)
0F 84 cw/cd JZ rel16/32 Jump near if 0 (ZF=1)
0F 8F cw/cd JG rel16/32 Jump near if greater (ZF=0 and SF=OF)
0F 8D cw/cd JGE rel16/32 Jump near if greater or equal (SF=OF)
0F 8C cw/cd JL rel16/32 Jump near if less (SF<>OF)
0F 8E cw/cd JLE rel16/32 Jump near if less or equal (ZF=1 or SF<>OF)
0F 86 cw/cd JNA rel16/32 Jump near if not above (CF=1 or ZF=1)
0F 82 cw/cd JNAE rel16/32 Jump near if not above or equal (CF=1)
0F 83 cw/cd JNB rel16/32 Jump near if not below (CF=0)
0F 87 cw/cd JNBE rel16/32 Jump near if not below or equal (CF=0 and ZF=0)
0F 83 cw/cd JNC rel16/32 Jump near if not carry (CF=0)
0F 85 cw/cd JNE rel16/32 Jump near if not equal (ZF=0)
0F 8E cw/cd JNG rel16/32 Jump near if not greater (ZF=1 or SF<>OF)
0F 8C cw/cd JNGE rel16/32 Jump near if not greater or equal (SF<>OF)
0F 8D cw/cd JNL rel16/32 Jump near if not less (SF=OF)
0F 8F cw/cd JNLE rel16/32 Jump near if not less or equal (ZF=0 and SF=OF)
0F 81 cw/cd JNO rel16/32 Jump near if not overflow (OF=0)
0F 8B cw/cd JNP rel16/32 Jump near if not parity (PF=0)
0F 89 cw/cd JNS rel16/32 Jump near if not sign (SF=0)
0F 85 cw/cd JNZ rel16/32 Jump near if not zero (ZF=0)
0F 80 cw/cd JO rel16/32 Jump near if overflow (OF=1)
0F 8A cw/cd JP rel16/32 Jump near if parity (PF=1)
0F 8A cw/cd JPE rel16/32 Jump near if parity even (PF=1)
0F 8B cw/cd JPO rel16/32 Jump near if parity odd (PF=0)
0F 88 cw/cd JS rel16/32 Jump near if sign (SF=1)
0F 84 cw/cd JZ rel16/32 Jump near if 0 (ZF=1)

Description
Checks the state of one or more of the status flags in the EFLAGS register (CF, OF, PF, SF, and ZF) and, if the flags are in the specified state (condition), performs a jump to the target instruction specified by the destination operand. A condition code (cc) is associated with each instruction to indicate the condition being tested for. If the condition is not satisfied, the jump is not performed and execution continues with the instruction following the Jcc instruction.

The target instruction is specified with a relative offset (a signed offset relative to the current value of the instruction pointer in the EIP register). A relative offset (rel8, rel16, or rel32) is generally specified as a label in assembly code, but at the machine code level, it is encoded as a signed, 8-bit or 32-bit immediate value, which is added to the instruction pointer. Instruction coding is most efficient for offsets of –128 to +127. If the operand-size attribute is 16, the upper two bytes of the EIP register are cleared to 0s, resulting in a maximum instruction pointer size of 16 bits.

The conditions for each Jcc mnemonic are given in the “Description” column of the table on the preceding page. The terms “less” and “greater” are used for comparisons of signed integers and the terms “above” and “below” are used for unsigned integers.

Because a particular state of the status flags can sometimes be interpreted in two ways, two mnemonics are defined for some opcodes. For example, the JA (jump if above) instruction and the JNBE (jump if not below or equal) instruction are alternate mnemonics for the opcode 77H.

The Jcc instruction does not support far jumps (jumps to other code segments). When the target for the conditional jump is in a different segment, use the opposite condition from the condition being tested for the Jcc instruction, and then access the target with an unconditional far jump (JMP instruction) to the other segment. For example, the following conditional far jump is illegal:
JZ FARLABEL;

To accomplish this far jump, use the following two instructions:
JNZ BEYOND;
JMP FARLABEL;
BEYOND:

The JECXZ and JCXZ instructions differs from the other Jcc instructions because they do not check the status flags. Instead they check the contents of the ECX and CX registers, respectively, for 0. Either the CX or ECX register is chosen according to the address-size attribute. These instructions are useful at the beginning of a conditional loop that terminates with a conditional loop instruction (such as LOOPNE). They prevent entering the loop when the ECX or CX register is equal to 0, which would cause the loop to execute 2 32 or 64K times, respectively, instead of zero times.

All conditional jumps are converted to code fetches of one or two cache lines, regardless of jump address or cacheability.

Operands Bytes Clocks
near8 2 1 PV
near16 3 1 PV

cycles apply to jump and no jump




와우 여기 쩌는듯
자주 헷갈려서 -_- 특히 cmp나 test 없이 점프하는거는 어떻게 해석해야할지 난감해 ..