[Replicant] backup stock ROM without root

kurtis kurtis at riseup.net
Mon Sep 3 19:32:00 UTC 2018


Fil,

I had a random idea last night after thinking more about what you are
trying to accomplish. I'm not sure if this would work, and I don't know
how hard it would be, but one way in which you could perhaps backup
every partition of a stock ROM image on the internal storage is to boot
the device off of an external SD card, flash the Replicant 4.2 recovery
image which allows you to have adb backup, and then see if you can
backup all of the contents of eMMC with adb backup.

Forkbomb, aka Simon Shields talks about this method here:

"Leaked Samsung service documents describe booting off the SD card in
order to recover the device. All that's required is to disassemble it,
and short a resistor. Disassembly is surprisingly trivial: iFixit has a
selection of pretty good guides for replacing things components - so I
used the motherboard replacement guide."

https://blog.forkwhiletrue.me/posts/u-boot-on-galaxy-s3/

The resistor is shown here:
https://blog.forkwhiletrue.me/images/i9300_resistor.jpg

Perhaps this is a less ideal method than what Denis suggested below, but
it was another option I thought of and wanted to let you know about it.

Cordially,
kurtis

Fil Lupin:
> Thank you Denis,
> I will give a try, I feel the same way about the proprietary software so I will let this to make my tests with libre software.
> Regards,
> 
> - Fil Lupin.
> 
> 
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On August 22, 2018 12:05 PM, Denis 'GNUtoo' Carikli <GNUtoo at no-log.org> wrote:
> 
>> On Wed, 22 Aug 2018 06:02:38 +0000
>> Fil Lupin fillupin at protonmail.com wrote:
>>
>>> If you know how to backup all partition of a stock samsung device,
>>> could you say it?
>>
>> You can do it by
>>
>> 1.  getting root without touching anything else
>> 2.  backuping the recovery
>> 3.  replacing the recovery with a recovery that has adb, and booting
>>     on that to backup the rest of the partitions.
>>
>>     I never tried to get root without touching anything else, so I don't
>>     know how easy it is to do it.
>>
>>     There is also another way which may require some work, and requires a
>>     proprietary software operating system: Samsung has recovery tools that
>>     run on windows, and the recovery tools are able to get stock images and
>>     reinstall them on the smartphone. So it's probably possible for someone
>>     to run such tool and get the URL of the recovery tools. However I've no
>>     idea if the URL are permanent or if it uses some other ways to download
>>     the files.
>>
>>     The approach rooting approach seem way more reliable for users, and the
>>     root exploits are probably already free software.
>>
>>     All you have to do is to either:
>>
>>
>> -   find a root exploit that works for you and that you can trust, which
>>     doesn't do anything else than getting you temporary root access
>>
>> -   or find an existing free software root application and modify it to
>>     only give you root within a shell, by stripping it of all unnecessary
>>     code. This may require you to successfully compile the exploit code,
>>     or to extract the exploit code from it (if's it's a separate
>>     executable this should be easy as apk are zip files).
>>
>>
>>> If you know this is not possible, could you let me know?
>>
>> It's possible but I didn't do it myself, so I don't know the way to get
>> root without touching anything else. Doing probably require some work
>> or testing, and may or may not take a long time to do.
>>
>> Denis.
> 
> 
> _______________________________________________
> Replicant mailing list
> Replicant at osuosl.org
> https://lists.osuosl.org/mailman/listinfo/replicant
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20180903/3dd5d015/attachment.asc>


More information about the Replicant mailing list