Results 1 to 22 of 22
- 04-30-2012, 02:59 AM
Thread Author #1
[DISCUSSION] about playbook's boot
How does playbook boot? I think it boots the same way android boots. Enea Android Blog: The Android boot process from power on
Of course, there last 3 stages on playbook are different from android's.
So, if its right, bootloader is stored in writable memory and, potentially, we can modify it.
I'd like to read thinkings by people more skilled than me.
PS Can anyone share archive with full filesystem of BB tablet OS? - 04-30-2012, 06:43 AM #2
1. Bootrom (read-only, impossible to write to)
2. Bootrom boots signed (ONLY RIM SIGNATURE) bootloader.
3. Bootloader runs hashed (INSTALL HASH) firmware scripts (/scripts/startup.sh) from signed (ONLY RIM SIGNATURE) firmware.
4. Scripts initialise background services, as root.
5. Scripts initialise navigator and launcher, as root.
6. User-space apps run above this (they have no root privileges)Last edited by xsacha; 04-30-2012 at 06:46 AM.
- 04-30-2012, 07:58 AM #4 Only the web server and a handful of background services (which are rock solid). Yeah. Before 7111, it was more like Android with a few root apps.
Originally Posted by joannesbenedek 
so there no app at all that runs as a root???
Is that why u cant root pb os 7111 and above? - 04-30-2012, 08:35 AMThread Author #5
Originally Posted by xsacha
What does contain bootrom? How does it check sign?
Do you have full OS image? - 04-30-2012, 09:14 AM #6
Bootrom contains boot code.
It checks sign by comparing to public (same as every other sign).
The code is actually the same as on the Blackberry handsets.
The salt is "Retreating is advancing backwards" or something like that if you want to see the area of 'interest'.
Heaps of people have full OS image. The / is 512MB. You want?Last edited by xsacha; 04-30-2012 at 09:20 AM.
- 04-30-2012, 10:24 AMThread Author #7
I do, thanks Originally Posted by xsacha
- 04-30-2012, 10:48 AM #8 Playbook elite seems to have all the images.. Originally Posted by lsTwinkle
Welcome To Playbook Elite - 04-30-2012, 10:51 AM #9 Do you know a site I can upload it to? It's quite large. Originally Posted by lsTwinkle
- 04-30-2012, 11:11 AMThread Author #10
i saw it, and downloaded it, but i cant open qcfm.image.com.qnx.coreos.qcfm.os.factory_sfi.358. 186652.signed in qcfm.image.com.qnx.coreos.qcfm.os.factory_sfi.358. 186652.signed.bar. Originally Posted by GreyGhostRos
try dropbox (2gb limit) or gmail(and send me by email) or use torrents Originally Posted by xsacha - 04-30-2012, 01:24 PM #12 Only if the web server is exploitable in some way, and I am assuming it is not or they would have done it. Or at the very least, not easily exploitable. Originally Posted by joannesbenedek UberCurrency - Free currency conversion app for PlayBook.
- 04-30-2012, 06:48 PM #13 Oh you just want a dump of the files? I thought you meant a live FS. Originally Posted by lsTwinkle
Just use 'dumpifs' on it to get a dump of the files.
It sort of has a reputation as being the most secure web server. Not only that, but the only access to it is via 6 commands. Originally Posted by SifJar
http://www.acme.com/software/micro_httpd/ - 05-01-2012, 12:26 AMThread Author #14
No no no. I meant a live FS, actually. I was searching the ways for looking deeper in neutrino on playbook. Originally Posted by xsacha
But thanks for that method.
Also i looked at emulator FS. But it is pretty different from playbook's system.
PS Under livefs I mean all the files installed a real system.
- 05-01-2012, 01:32 AM #15 Just log in to your Playbook as devuser and do `ls -al /`. Originally Posted by lsTwinkle No no no. I meant a live FS, actually. I was searching the ways for looking deeper in neutrino on playbook.
But thanks for that method.
Also i looked at emulator FS. But it is pretty different from playbook's system.
PS Under livefs I mean all the files installed a real system.
And you can get a dump of all the files as suggested before. - 05-02-2012, 01:38 PMThread Author #16
How can i dump it? Originally Posted by xsacha
- 05-02-2012, 02:06 PM #17
You can't without root I don't think
UberCurrency - Free currency conversion app for PlayBook. - 05-02-2012, 07:02 PM #18 Yes, as I've explained two times on this thread already, just use `dumpifs` on the coreOS. Originally Posted by SifJar
If you are too lazy to do this or something, you can just read the raw files in a hex dump. - 05-02-2012, 10:14 PM #19
I had a quick question that might be a bit farfetched but ill ask anyways. I am being bugged to update to 2.0.1.358 and it made me wonder if we could intercept the update and somehow push an old os.
I'm new to the playbook scene so I've been trying to catchup on all the crazy blocks rim likes to put up.
Cheers
Dfube - 05-02-2012, 11:57 PM #20
The update just loads the OS on there. You are free to load 7111 or older OS on there too.
They just won't boot.
So yeah, you can intercept and load an old OS. But you can directly load an old OS too. No difference. - 05-04-2012, 02:41 AM #21 How do you do this? USB, and what command prompt? Originally Posted by xsacha
Excuse me, but just getting into the PB and checking it out.__________________________________________________ __________________________
There are 10 types of people in this world: those who understand binary and those who don't.
Main Desktop http://www.overclock.net/lists/display/view/id/3960066
4 GHz Overclock Club http://www.overclock.net/t/525748/4-...#post_16219738
__________________________________________________ __________________________ - 05-04-2012, 03:50 AM #22
Nothing fancy. Just open the core os file that RIM hosts on their website.
Reply
