![]() ![]() ![]() ![]() |
![]() |
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source | Mark Forums Read |
GSM Programming & Reverse Engineering Here you can post all Kind of GSM Programming and Reverse Engineering tools and Secrets. |
![]() |
| LinkBack | Thread Tools | Display Modes |
![]() | #16 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | Code: Certificate: Data: Version: 3 (0x2) Serial Number: 1639205566 (0x61b44abe) Signature Algorithm: sha256WithRSAEncryption Issuer: C = KR, L = Suwon city, OU = Samsung Mobile, CN = Samsung corporation Validity Not Before: Dec 11 06:52:46 2021 GMT Not After : Dec 6 06:52:46 2041 GMT Subject: C = VN, L = SEVT, O = Samsung Electronics Co. Ltd, OU = Mobile Communications Division, CN = EngineeringModeServerQ5hIIhaIP7w:Q5hIIhaIP7w, UID = PHN-P:20190309:520:EngineeringModeServerQ5hIIhaIP7w:Q5hIIhaIP7w Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1e:4e:bc:a6:bf:88:6e:34:82:fe:ae:ad:98: e8:db:06:c5:6c:6d:7c:f3:d8:41:45:e3:8b:d1:8a: 68:33:16:c0:1c:34:e4:42:ab:ca:5e:c1:01:97:87: c5:bd:fd:d6:93:40:7f:e7:fe:6b:c6:6a:ae:2e:87: e7:2b:4d:c0:c2:c4:33:70:25:6b:02:73:8e:61:a0: 37:2a:4a:a6:6f:4f:a2:aa:07:13:cc:5b:3b:81:4c: d3:7e:29:60:99:9e:44:4f:96:9f:b4:95:5b:09:ad: bb:e0:32:a7:4b:16:98:93:72:17:bf:ca:b6:11:c1: 7e:fa:5b:26:1b:05:ee:6d:27:e5:70:83:23:30:ec: fd:25:92:a2:c0:69:16:74:2b:5c:4e:d2:19:8f:5a: d8:54:65:60:8c:05:7b:a3:6a:b2:1b:66:4e:66:5b: 32:14:42:2b:50:d0:35:f4:74:1c:82:b8:57:54:ab: ff:cd:6f:3f:17:eb:ec:a9:35:b4:70:8c:b8:7e:c5: f0:5a:33:c6:72:3e:42:83:b7:6f:d7:94:f5:60:48: 30:0b:a0:36:ce:d8:9f:55:84:97:7c:12:8c:a4:0c: e7:f0:87:a6:09:fe:c1:03:3f:c5:60:e2:16:dd:42: 05:3f:e7:95:6a:c4:9a:0f:fc:e9:14:79:b7:27:a9: 19:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE, pathlen:0 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Subject Key Identifier: 4D:C9:5C:5D:A3:15:C9:79:A5:34:A5:E9:80:13:23:10:CF:3D:8C:1E X509v3 Authority Key Identifier: keyid:1A:38:49:59:2E:32:21:82:0C:77:26:0D:CA:11:AD:DD:9C:CA:43:7D Authority Information Access: OCSP - URI:http://ocsp.samsung.com/security/ X509v3 CRL Distribution Points: Full Name: URI:http://crl.samsung.com/security/rdevices.crl Signature Algorithm: sha256WithRSAEncryption 68:15:dc:38:ff:7a:8c:ba:9f:c4:de:69:dc:ee:ed:30:74:70: b8:8e:e4:0a:7d:fe:9d:29:ea:d7:11:69:65:2a:d3:a3:93:0f: e9:cb:42:8e:d8:74:e4:a0:a2:35:45:7a:51:cc:ce:d5:ab:65: 11:86:31:47:dc:7d:26:e3:2f:20:3e:d1:30:98:dd:da:ab:a0: cc:4b:5d:3b:cd:37:ca:d5:49:90:70:cb:25:e8:9f:c4:6a:92: 5e:4d:65:a2:87:fc:eb:07:b2:50:a2:a6:44:9f:da:65:ed:c8: 87:cc:a1:8c:ff:24:72:5e:22:b4:19:c8:0d:44:2f:f3:51:a0: 6e:d4:b0:94:c5:50:66:ea:64:cc:33:68:c1:92:ba:60:8d:ab: 33:89:e8:9f:7b:af:8d:51:8a:b5:4e:75:d5:24:16:c3:66:08: e8:dc:f8:98:17:74:24:4e:04:be:70:b2:7f:bb:2e:65:ad:ad: 82:51:63:25:06:b9:dc:56:aa:4c:52:fb:e4:0a:d3:dd:36:ea: 1a:8e:1b:ed:21:5a:b8:c5:1c:1f:59:1b:e3:01:f0:52:c1:5a: 83:50:66:59:28:08:5a:cc:b5:ec:fd:7f:94:fb:40:4b:a9:a9: 9f:75:65:1c:f9:c1:ea:05:80:d9:96:d2:ec:58:5e:17:a3:25: 0a:ff:83:b8 ![]() Best Regards |
![]() |
![]() | #17 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | Memo to me... Hmmm.... If i do Square Root... Result is this: Code: EFDF31C5EF7CE7A0B3C0CEB55DF0707158ABF84F47C4E80A0771B0AEB164FBCB4EC268EE140A9228A003764B2F967812FD947B8602B0E692EFA6394387D1326A1A730DCE7A2288B56169743280B58FBE375E11DFAF2D8D5E7759C4261BA57200311BF6EEDEF0C9C3F1CCC1F2898B9232BB4A87B9E5EF7E1E6C6F462B777A56E3 If i look at my older post... Maybe p and q are very close together... Maybe Primes are inside this area... between: Code: E0C2000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Code: EF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Hmmmmm... Still dreaming... Only as info. Best Regards |
![]() |
![]() | #18 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | This is result of few RSA 2048 attempts with 64 bit Version of openssl... Found in old Tizen crap SDK... Maybe 2017 Version... Before I used only 32 bit openssl under Windows... 64 bit Version is much faster... Funny is... Prime 1 starts ever with F... And Prime 2 ever with E... Only as Info... Best regards |
![]() |
![]() | #19 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | Interesting feature of SM-A505FN I have only Bootloader Version 9... so out of luck with Combination Firmware... Similar to my luck with SM-G965F bit 17... ![]() Anyway. This is very cool IMHO on my SM-A505FN... never seen before... Not every Fake DRK Cert bypass EngineeringMode CN check... ![]() Code: [1: 91. 31] pit_flash_binary: erase skip! (9) [1: 91. 32] bl_install_token: rpmb is provisioned [1: 91. 32] em_create_cmd_req : num_of_items 5 [1: 91. 32] em_cmd_print_command : [CMD] : [EM_CMD_INSTALL_TOKEN] [1: 91. 32] em_token_do_init_em_core : sizeof(em_parsed_token) 173268 [1: 91. 32] em_token_do_init_em_core : sizeof(cmd_req) 144952 [1: 91. 32] em_token_do_init_em_core : init core mode does not exist [1: 91. 32] em_cmd_check_pre_condition : init state is [COMPLETED] [1: 91. 32] em_cmd_check_pre_condition : Success to get a key [1: 91. 32] em_esi_check_rpmb : Do not support rpmb in bootloader [1: 91. 32] em_esi_get_counter : Success counter verify [1: 91. 32] em_token_install : sizeof(em_parsed_token) 173268 [1: 91. 32] em_token_install : sizeof(cmd_req) 144952 [1: 91. 32] em_token_install : sizeof(cmd_rsp) 82696 [1: 91. 32] verify_token_data : Matched Device DID and Token DID [1: 91. 33] There is no CN in subject [1: 91. 33] [EMC]Cert isn't EM cert [1: 91. 33] verify_token_data : Failed to verify rsa_signature(ffffffff) [1: 91. 33] em_token_install : Failed to verify token(0xf000000b) [1: 91. 33] bl_install_token: no need to write Core data(0x0000000000000000) [1: 91. 33] bl_install_token: no need to write ESI data(0x0000000000000000) [1: 91. 33] bl_install_token: ret = 0xf000000b Failed to verify token : (0xf000000b) bl_install_token error Here I have taken signed with Samsung EM Cert... for check why I am out of luck... Code: [1: 65.571] pit_flash_binary: erase skip! (9) [1: 65.571] bl_install_token: rpmb is provisioned [1: 65.571] em_create_cmd_req : num_of_items 5 [1: 65.571] em_cmd_print_command : [CMD] : [EM_CMD_INSTALL_TOKEN] [1: 65.572] em_token_do_init_em_core : sizeof(em_parsed_token) 173268 [1: 65.572] em_token_do_init_em_core : sizeof(cmd_req) 144952 [1: 65.572] em_token_do_init_em_core : Mismatch did(123/456300000000000000000) [1: 65.572] em_cmd_check_pre_condition : init state is [COMPLETED] [1: 65.572] em_cmd_check_pre_condition : Success to get a key [1: 65.572] em_esi_check_rpmb : Do not support rpmb in bootloader [1: 65.572] em_esi_get_counter : Success counter verify [1: 65.572] em_token_install : sizeof(em_parsed_token) 173268 [1: 65.572] em_token_install : sizeof(cmd_req) 144952 [1: 65.572] em_token_install : sizeof(cmd_rsp) 82696 [1: 65.572] verify_token_data : TokenDID 123, DID:456 [1: 65.572] verify_token_data : Not match TokenDID and DeviceDID [1: 65.572] em_token_install : Failed to verify token(0xf0000020) [1: 65.572] bl_install_token: no need to write Core data(0x0000000000000000) [1: 65.572] bl_install_token: no need to write ESI data(0x0000000000000000) [1: 65.572] bl_install_token: ret = 0xf0000020 DID isn't matched : (0xf0000020) bl_install_token error If I set Debug to: HIGH In menu: Code: *#9900# I can jump direct from DL Mode to Upload Mode... All other old crap I have... require booting of Kernel... before Upload Mode could work by holding: Volume - and Power The second cool thing of SM-A505FN is the DEVeloper EM Cert... with SHA1... But... unsolved yet... if only work with ENG Binaries... Only as Info. Best Regards |
![]() |
The Following 3 Users Say Thank You to adfree For This Useful Post: |
![]() | #20 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | Modulus Code: C7BEEBC4712B4F7A211420CA8DC764E4... SVR-D like Developer --------------------------------- Can be found here also with Cert... So IMHO more deviceS... Code: ...\..._tee\exynos9610\00000000-0000-0000-0000-656e676d6f64 ...\..._tee\exynos9820\00000000-0000-0000-0000-656e676d6f64 ................................ In older SM-A5050FN Firmwares found... with Cert... newer without Cert... but still Modulus inside... With Cert for instance: Code: A505FDDU1ASC8_fac\system.img A505FDDU1ASC8_fac\system\system\tee\00000000-0000-0000-0000-656e676d6f64 I have no idea if only working with special ENG Firmware... ![]() Only as info... Best Regards |
![]() |
![]() | #21 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | Any idea what we can do with Knox text ? MODE_KNOX_TEST (Allow Knox test mode) ![]() Meanwhile I can confirm. v3 eToken can be flashed without USB cable to Galaxy Watch 4 (IMHO 5 sure and maybe 6 too). With netOdin. ![]() Example for Modes from Bootloader... here from my SM-A202F sboot.bin... I can see in sboot.bin this: Code: ENG MODE : ENG ALLOWED ENG MODE : CUSTOM ALLOWED ENG MODE : KNOX TEST ALLOWED ENG MODE : CP DEBUG ALLOWED ENG MODE : FACTORY BIN ALLOWED ENG MODE : DEBUG VBMETA ALLOWED ENG MODE : ATCMD ALLOWED I can now see 5 of 7... in Download Mode Only as info... ![]() Best Regards |
![]() |
The Following User Says Thank You to adfree For This Useful Post: |
![]() | #22 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | ![]() How to read _sub1 (and _leaf) from: sec_efs? Somebody played with US devices with SSU(D) ![]() Code: /system/bin/ssud I can see for instance in SM-A102U Firmware... Still I have no Private Exponent for v3... ![]() So I am hang in year 2021... ![]() ![]() ![]() Still focus on Modulus E0C2... ![]() Only as info... Best Regards |
![]() |
The Following User Says Thank You to adfree For This Useful Post: |
![]() | #23 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | New Year... new Attempt. Code: openssl rsa -inform der -in lotto693_DER.key -outform pem -noout -text Private-Key: (2048 bit) modulus: 00:e0:c2:69:c2:9b:e1:6c:2e:3e:95:cc:10:b8:e9: 3d:6b:58:b2:c1:c1:3e:af:db:43:50:00:1b:e6:e9: 7e:98:53:15:5b:44:8e:7a:d0:b3:c0:97:94:af:e0: d5:28:5c:23:10:77:54:6e:95:f8:e9:7f:b4:8f:ce: e4:e1:f0:00:c3:21:a5:29:c6:0f:49:8e:ff:e1:a3: 83:40:03:fe:d9:fa:7d:19:dd:c7:31:78:d8:48:1b: 9f:1e:5b:06:2a:8a:a2:f5:fb:86:ff:9b:fe:ac:ae: 9e:42:ee:26:15:54:ee:71:9d:46:8f:b2:ac:87:d4: 87:72:72:18:13:56:c3:32:cd:9b:36:a8:bf:49:fb: a6:24:82:51:d2:7a:5d:04:07:2a:f3:68:ae:d9:96: 85:5d:27:4f:1b:12:b9:ea:47:c0:a4:92:6c:ee:1a: dd:c7:72:05:60:d5:cc:52:cd:05:7f:f9:a3:3c:50: 13:fb:7c:a1:8f:72:93:59:4c:22:ff:a6:ee:73:ee: dc:55:86:6b:2b:77:1e:fc:14:2d:3f:36:76:25:17: 7a:38:06:03:5a:00:e4:73:04:da:c1:52:a8:0f:fe: 04:60:29:03:09:f4:f4:5f:d1:57:03:c4:f1:1c:4b: a9:d5:94:d7:c4:13:c2:4e:51:57:81:35:ae:64:44: 34:c1 publicExponent: 65537 (0x10001) privateExponent: 11:48:01:77:bc:22:8d:fd:d4:44:12:47:aa:e0:0c: 1f:e7:d6:fe:bc:cc:04:1b:78:c6:7a:eb:aa:4a:83: b8:54:93:0c:cc:6d:a4:15:cd:ec:5d:fb:49:b6:a0: cd:14:a0:81:90:9b:46:51:73:ad:08:6b:aa:ae:fe: bc:3c:86:e2:7a:00:c8:00:79:86:6f:5f:4f:4b:12: 39:66:d5:3e:8f:5a:f5:15:2f:4e:a7:7b:01:b8:55: f8:b0:88:fd:d6:61:07:46:ca:af:76:a0:13:48:ed: d4:39:99:66:04:7c:bc:f1:99:ce:4c:af:a5:55:fb: 00:1a:b3:ad:30:fb:9b:39:3c:f1:84:15:4e:8f:a1: 88:49:4d:3f:80:84:13:c7:0e:2f:a0:4c:40:9d:0c: e8:84:49:21:a9:f2:41:05:1b:46:1f:25:7d:fa:c7: bb:7a:3a:8d:45:e8:30:09:8b:42:3d:33:e0:4c:91: b5:44:1d:49:57:ff:a2:32:30:14:6e:6c:4a:05:e3: 61:ad:e9:61:36:3b:64:60:06:1e:dd:e2:a2:df:6d: 9e:b7:ec:fa:b1:df:f2:b9:b6:97:8b:cd:5a:9f:21: 2a:60:db:fe:b0:21:95:2e:ad:62:09:98:70:0e:50: 34:e9:7a:c7:c3:bc:6c:75:e8:59:e8:86:c7:3e:59: d1 prime1: 00:f7:3f:cf:77:51:21:a8:74:8c:b5:bf:55:13:cb: 93:62:fc:0e:cb:07:ab:12:c4:bf:f5:76:3e:cd:4d: 18:71:fe:a5:08:46:a4:c8:93:10:cb:2d:ab:f8:ce: 4e:9a:6b:c1:f3:a4:db:9e:a3:ed:ab:e1:10:16:4e: a3:ce:f1:43:60:07:f0:49:06:0a:b7:d5:59:f5:16: 65:ae:95:e7:85:39:8a:10:49:d0:b0:b5:78:56:84: 88:ec:c5:b3:32:6f:c1:46:ee:05:ea:3e:13:02:b4: fa:35:45:8f:1d:e0:e6:c4:7e:7c:d9:0e:3b:60:a3: 02:08:a0:20:97:5a:a0:9c:a5 prime2: 00:e8:b6:d5:ae:de:21:c5:9a:ae:5b:0e:54:cf:12: cc:ca:85:c7:bb:d7:8b:25:e7:57:c5:73:b2:58:e0: e3:4a:37:75:6a:15:70:00:42:a8:59:e0:3a:77:69: c8:e1:aa:78:b5:75:98:d5:5e:94:10:13:6b:3a:53: 91:e8:ee:34:5f:b5:e7:a4:74:0c:07:eb:17:16:5b: 93:71:27:33:20:3b:0e:95:28:32:cc:49:3f:1c:40: cd:a8:1d:56:27:9e:e4:4d:31:d1:7c:b3:15:7e:fc: c6:08:75:0d:d1:85:bb:8d:be:3d:c1:fc:ca:b4:ac: 28:18:e2:5b:d3:1f:ef:70:ed exponent1: 50:0e:55:3a:a9:06:60:e8:fb:f6:8d:31:1a:eb:bb: 99:3d:4b:fc:e9:4a:b7:15:05:a2:90:da:dc:d6:ad: a7:9b:70:0c:31:f3:81:0e:3d:4d:cc:47:f6:93:b6: 57:c1:b4:57:13:76:18:f3:b3:2d:07:fe:91:7a:7d: 07:b0:8e:c4:35:4d:d4:17:24:b9:49:57:8b:47:e9: 3c:92:45:18:99:fc:de:31:48:65:2f:1c:fb:c6:86: 1f:44:14:35:ac:81:c4:59:a5:88:a6:f8:b8:d3:a8: 80:3f:39:8b:cf:1a:69:5d:1b:47:9c:98:15:3e:32: 96:60:62:ad:1f:27:0a:11 exponent2: 00:e4:67:46:f5:19:9a:25:fb:3a:73:ae:6e:38:cb: 67:ea:c2:41:16:31:68:a6:2c:18:6e:78:ae:ac:23: 15:92:2b:3a:77:83:50:e9:40:83:41:ab:1d:57:44: a1:60:33:d3:c3:ae:06:f2:2c:a0:bf:e2:7f:54:c0: df:2d:b2:55:ff:36:67:83:76:4e:b4:9a:dd:8f:19: 14:6e:73:9d:ef:5d:67:63:a8:0f:ab:87:9c:84:9b: 69:fe:3d:c4:e8:a0:3f:cd:30:3f:3e:d7:fa:1a:27: f8:2a:26:d1:08:3a:ec:a9:22:f6:34:66:6b:81:c6: 92:98:51:da:f4:2d:9c:f1:c5 coefficient: 63:a0:66:53:ff:a1:13:4b:9d:0e:59:6a:43:b4:57: b5:e9:99:ea:e4:37:e3:45:01:3f:9d:14:12:31:e0: 2c:3a:c6:da:9a:5b:fc:b6:ae:b7:a7:9e:15:ea:29: 62:e9:47:38:4d:a3:fc:6d:e4:e8:6a:7c:a8:09:d4: ae:11:e1:e7:ca:18:61:a1:f1:3d:b9:8b:31:82:13: 7c:15:07:4e:b9:53:66:6e:98:5e:99:ad:5a:e3:71: 19:8f:1f:6b:99:27:3d:10:9c:51:d7:49:35:73:a5: 98:93:ef:e7:65:65:85:6b:f4:f7:c2:18:30:97:0a: b3:17:33:90:43:e1:0d:f0 openssl rsa -inform pem -in key.pem -outform der -noout -text Private-Key: (2048 bit) modulus: 00:e0:1c:98:4d:04:f6:db:0d:e2:01:43:be:44:bb: 88:7b:b0:15:16:2d:ed:7c:a6:2a:02:c0:09:12:7f: 08:ce:9a:27:3e:ca:5d:a0:27:97:c2:25:49:bc:10: 65:db:c9:6e:8b:3a:44:1a:15:4c:7b:c7:00:f3:5d: d0:b2:99:1e:fa:d0:96:de:7e:53:8e:67:90:57:84: 00:53:cf:74:f1:97:a2:d0:01:a2:f8:27:0a:03:c1: e0:12:44:84:64:5b:bc:df:3a:c0:6c:f2:bc:2a:6a: 14:e2:ee:aa:c1:86:26:24:38:d9:4b:a9:83:9d:d3: d9:83:7c:31:23:56:97:4f:c0:f8:90:e0:66:a5:8a: ec:3b:19:3e:25:d7:fd:e0:7b:7e:62:fa:28:16:df: 49:de:5c:77:d5:46:22:63:9d:0f:db:5e:f6:10:30: 7b:8e:ae:b1:b8:8c:5c:62:b1:d9:5c:75:23:f0:ac: f3:17:ea:d3:41:eb:87:dc:90:0d:06:5b:9b:54:76: 36:c2:31:61:a5:db:54:35:2c:01:1f:04:37:78:c3: ae:44:b7:fe:4c:00:45:d5:8f:e8:bc:7d:39:a7:ab: e4:fa:cd:1e:a9:e4:53:42:ad:b3:5d:91:7e:7e:06: ee:d9:cc:4d:41:ef:16:60:02:0c:b8:2e:8d:81:c0: 2f:39 publicExponent: 65537 (0x10001) privateExponent: 23:56:9e:f5:56:19:0e:c5:8b:a3:a3:68:f7:31:92: fd:dd:f0:15:45:3c:b3:71:08:22:d2:e1:1b:57:88: ad:fb:44:c0:f3:eb:fb:7b:02:c5:0c:58:2a:1d:73: d2:4a:5a:f1:fd:48:0b:cc:db:f8:90:92:a7:cd:5d: 41:2c:3f:e4:50:cb:d9:5d:96:13:58:65:3c:47:86: 3d:b0:f2:c1:bd:a5:60:a3:41:6d:5b:ca:8a:79:21: b9:ff:af:d8:9b:56:96:e4:8e:bf:1f:2f:68:88:bd: ae:62:ef:ee:00:17:37:92:f7:40:a5:04:29:f8:e3: cd:85:e1:c1:ae:bf:c1:45:62:d4:93:a4:5a:14:2e: cc:1d:8d:3b:4e:da:22:22:fa:cf:80:d5:16:74:78: cc:1b:4c:e3:2f:c2:18:96:27:20:24:3b:54:43:cb: 68:13:ae:07:02:e7:d0:d3:99:e9:65:2c:dd:c6:cb: b9:e7:d5:ca:ae:2a:0e:90:ca:33:81:51:29:38:31: 0c:64:6a:c1:29:13:cd:87:b8:a4:a2:ae:0b:4b:0e: c3:d5:65:83:41:03:c9:71:86:a2:bf:66:3c:52:5f: e2:a8:d9:f4:03:0c:08:1f:b1:f4:7c:7d:de:03:f9: 07:e6:62:f4:37:90:4b:c9:04:d6:b6:e4:19:25:48: 01 prime1: 00:f8:cf:0c:46:cd:60:6d:dd:be:ba:71:44:e3:81: b3:c7:4f:27:30:1d:bd:53:fc:8d:82:2d:cc:2b:fb: b7:ed:91:d8:03:ad:35:25:0b:0a:c6:c7:67:2b:9d: ea:89:7a:aa:ec:01:8e:11:18:1f:4f:95:c0:c8:05: 16:9b:96:e1:02:e2:15:df:19:9a:28:7b:99:60:cd: 00:68:19:bb:5b:f2:b5:61:71:b6:9e:08:48:50:88: 5e:6a:ca:ff:0b:30:7d:e4:39:13:a3:e1:05:66:73: 77:0e:3b:b7:36:38:b3:d8:82:9d:13:bf:c7:5e:65: 1b:a5:cf:e1:cf:5d:e9:ea:b9 prime2: 00:e6:96:cf:ca:7c:25:b7:2f:83:ff:fe:32:5a:e7: 33:34:6a:30:b1:89:9e:0a:47:c5:20:00:d7:06:b2: 9a:60:9b:97:03:38:3e:f9:ab:72:9e:21:3b:04:fa: 33:e5:95:37:36:20:79:dc:2f:5e:85:bd:9b:a5:05: 08:f4:df:1d:bb:36:d6:cc:5f:60:4c:7f:87:70:58: 47:30:ab:6d:28:45:13:27:71:f1:3d:91:18:58:ec: f1:ad:01:25:f7:7a:2f:d4:bc:28:3f:5b:cc:0c:17: cd:ce:33:61:6e:cd:ec:b3:73:96:9a:b3:7d:45:3f: e2:46:36:d5:e9:c9:d4:28:81 exponent1: 00:82:f7:71:8d:df:53:6f:e1:76:20:eb:b8:88:4c: e0:95:fc:1b:33:9f:a3:e6:0e:9d:6a:35:b3:30:3f: ba:cc:49:a5:bc:21:b3:44:c1:70:35:bc:06:99:95: f1:3b:d6:9f:1b:c5:a1:c3:6b:c0:27:83:3b:4b:ce: 29:dd:52:69:34:bc:4f:28:f5:70:08:f9:2e:7e:1e: ca:a5:01:4e:77:12:e5:d8:da:23:77:42:02:d6:a9: 41:91:d3:32:b6:f0:1a:84:44:6b:0b:2b:4a:4d:68: 5f:f5:d5:07:16:7a:78:68:72:30:3e:92:07:5e:af: b8:02:ea:cf:00:f9:7d:44:b9 exponent2: 16:1f:c2:30:1b:59:43:0a:3c:10:03:c3:b1:15:1d: c4:99:ab:b2:5d:11:dc:ca:a6:0f:3c:05:65:8f:1d: 60:c7:8c:e5:b2:2f:d8:a4:aa:8a:a1:85:98:24:a9: 76:0d:ab:0e:76:6f:3a:c1:10:c0:a4:40:9a:c4:b0: e7:4d:c0:fc:85:76:76:85:70:27:e6:d4:87:e2:f0: 71:ab:00:fe:2c:22:7a:56:64:5f:13:dc:d2:2b:69: c4:bf:a7:74:e7:34:4f:a4:fd:f7:96:47:2d:a1:db: 0d:3d:c0:cb:70:d6:95:21:32:02:05:d6:af:1e:42: 07:9a:9b:4b:a3:21:c8:01 coefficient: 1f:0d:61:d8:80:f6:f9:d7:e8:b2:d9:8c:eb:03:d7: 70:df:86:30:51:d8:f4:7e:bd:5e:3b:7d:9f:ec:eb: ef:e2:a6:16:8e:f0:f1:21:1f:81:83:09:6a:6b:b8: 49:ba:ac:ee:9a:3b:06:7d:5c:0f:fe:16:af:47:05: 6e:53:2e:c3:a2:fe:dc:34:b1:a9:dc:8b:53:0b:5a: 82:74:ee:4b:39:45:ad:29:e7:af:7c:c1:6f:36:69: b1:a9:99:db:3a:7a:16:d7:70:d3:a4:ca:1c:06:4c: 2a:b6:bf:f4:bb:64:0a:3e:26:0f:d5:5d:0a:02:f8: 2e:bc:ac:f4:35:ef:0c:2f openssl rsa -inform der -in lotto741.key -outform pem -noout -text Private-Key: (2048 bit) modulus: 00:e0:c2:99:3f:f1:a7:d4:40:92:21:26:34:6e:19: 0c:30:d0:bf:46:97:76:e0:9f:51:8d:59:c4:39:82: 2f:c1:b9:49:0e:e0:4d:04:4c:3b:70:65:7a:00:d2: 57:81:e9:b4:3a:3a:d7:60:4c:06:a0:49:1e:5a:5d: d5:e0:29:ac:3f:b5:0b:ab:d4:9a:fb:12:2e:2b:c2: 69:eb:61:7a:0c:b9:3e:3f:52:66:9f:98:e3:09:3a: fa:68:09:ee:f8:6d:59:be:8d:3d:f7:56:bd:37:74: 61:32:76:09:0e:16:6a:ce:1f:14:95:d2:69:38:e8: 92:24:cb:05:86:f1:00:94:cb:04:ad:05:b4:b5:6d: 9f:be:af:e8:d1:24:e9:62:72:f6:8e:57:ed:54:07: fb:48:c5:7d:b2:0c:92:40:d7:01:35:97:26:07:36: 8f:8a:1b:db:9d:29:43:01:a6:b5:ea:34:4c:af:46: c3:b5:9d:d7:9e:eb:f0:bc:6d:60:e4:5c:2a:f2:14: d4:5e:f2:51:f4:3b:ee:1a:85:fc:42:bc:05:ff:59: fb:d1:dd:c8:23:56:7e:98:b8:a6:7f:56:a8:c0:bd: e9:22:ed:7d:29:23:df:13:33:07:f7:d9:7d:95:ec: fa:2c:e2:82:82:88:a3:c7:0a:73:8c:c5:53:89:d7: fa:e7 publicExponent: 65537 (0x10001) privateExponent: 00:86:34:2c:05:7e:69:d3:d6:ea:6a:58:c1:9d:ab: df:17:96:cd:5f:7d:39:42:4e:5f:07:a3:be:03:08: b5:33:5b:4b:40:52:b6:2a:06:ca:c7:06:10:9f:44: f9:73:5c:f4:7c:80:7d:f1:c5:f3:7e:e9:a9:f2:13: 6d:8d:77:d4:9e:05:a0:7e:6d:68:4c:da:42:2f:66: da:8f:ed:98:4e:d8:9d:4e:7a:09:44:ea:a9:45:ed: ad:6f:49:df:22:ff:48:42:fb:5b:30:c0:de:22:aa: 9f:0e:de:63:f1:c1:78:ec:b2:aa:3b:fb:73:50:c3: ad:df:c2:49:fe:95:10:df:c6:6a:fa:42:78:bb:62: 49:b0:58:d9:e1:53:b9:4a:8a:55:d6:6c:69:33:04: 82:09:6d:05:66:76:e3:63:8e:f6:4f:3f:cd:7c:02: 0b:3a:44:db:a7:c3:3a:bc:a8:4b:6a:83:87:55:23: 1c:92:49:24:04:30:57:23:ab:f8:48:76:f2:9c:8b: d4:10:b0:52:30:b1:f5:cd:3f:ac:67:84:d7:7d:37: 68:0f:88:bb:85:2b:9d:01:62:50:a0:89:f9:09:8f: 0d:2d:c6:85:49:e9:d9:06:67:16:a6:9a:9b:24:5d: 91:fc:a5:74:48:49:fa:10:da:79:5f:57:02:b7:1f: 1b:a1 prime1: 00:f3:97:ef:04:f3:be:d6:85:f9:90:30:20:d0:d8: 1c:ee:6f:f2:a5:93:4c:85:72:8f:8e:f7:9a:30:2f: 9d:b4:2b:3b:bf:4b:26:90:2c:5d:25:28:f3:25:aa: 9f:79:8a:c6:10:8b:22:62:b7:c8:3b:cc:2c:ad:5c: 3c:d1:49:f3:ee:fa:e1:94:26:fd:cd:dc:34:fc:4f: 3a:1b:46:32:76:14:f2:55:99:69:09:18:3d:09:e0: 12:df:f6:4c:d1:2e:c5:cc:ff:ca:2b:2c:8a:72:53: 6d:11:38:39:2f:27:46:13:66:65:80:16:10:a0:e8: 9b:d1:a9:55:10:ce:8b:45:23 prime2: 00:ec:35:1b:cb:be:78:74:5e:3f:1c:67:0b:32:46: 54:0a:5d:3c:6f:4b:d4:50:17:0f:8d:4f:0d:56:3f: e4:52:5d:3e:31:75:48:14:88:af:93:3a:5c:90:a2: de:77:42:1a:75:a7:5b:9b:a6:94:62:23:fe:f5:c9: ba:fd:37:a7:9e:69:90:5a:1f:11:26:a4:4f:db:a2: 98:83:7e:7a:8c:5e:98:ea:3c:d8:d8:2d:9e:d8:6a: 0b:37:10:84:bd:fb:29:cf:97:45:d7:7e:01:44:07: c2:a2:37:20:62:f4:5d:6e:d5:68:5b:62:0a:09:dd: 03:fb:de:26:6d:80:8a:79:6d exponent1: 4b:9b:df:2e:d4:51:69:d8:cf:eb:b7:64:98:2e:5c: 5c:8e:16:ec:d9:d9:a8:9a:34:81:15:cd:a0:23:47: 7a:02:e9:5a:a9:02:e1:41:43:f0:22:d3:c5:df:3d: fc:c5:dc:50:8a:3f:34:11:03:6f:bc:22:29:f5:35: 53:68:f6:f4:38:9f:08:13:4a:38:39:9f:a0:a9:1e: ca:14:71:d9:41:0b:2f:12:9d:0d:9b:9e:66:90:4c: 8b:83:b1:b8:44:22:55:4d:17:fd:6a:a7:d6:70:9a: ab:fb:9d:94:4b:46:6f:03:1b:82:34:57:18:fa:da: 52:ab:92:a1:d2:da:5b:ad exponent2: 3c:42:24:30:2b:0c:31:ab:a5:70:0a:7d:99:ba:c5: 4f:cb:8f:52:59:46:f5:93:9c:7d:11:30:b6:d3:1f: dd:3f:3a:51:85:b8:f8:bc:12:06:7e:3a:05:0f:f7: ae:f6:e7:27:22:a5:c5:24:8e:f0:26:7c:b1:99:60: 21:9f:24:1c:ce:93:6b:da:47:16:d3:8e:27:da:e8: 0b:8b:a5:99:cf:bc:34:ed:86:e8:47:63:21:94:93: fd:dd:31:f0:01:76:1e:26:5a:43:ea:3a:4a:6f:ac: 60:93:ad:a8:70:ec:b1:0c:b2:4d:b5:ca:17:d0:11: 67:1c:ba:32:ef:3a:e4:55 coefficient: 52:fa:49:ca:31:de:86:f3:a7:1f:54:ad:7c:ed:de: 0e:c1:37:40:52:b7:1c:68:2a:42:d8:c1:70:f9:45: 4e:95:53:eb:b3:0c:b7:f0:68:b4:e0:0c:f1:f5:16: 3e:78:ce:cd:8e:09:02:b3:d4:10:02:3a:ac:b6:61: 18:e9:61:26:01:dd:9d:67:00:38:0d:cd:a3:58:47: 89:c7:22:12:a8:a0:2a:89:1f:01:0a:59:6e:76:2f: db:dd:32:fd:8c:a8:c8:ea:17:05:40:82:24:c2:f5: 2d:4d:e6:54:49:fd:cd:69:87:1b:9e:6f:34:cf:1f: 42:ee:71:d8:fd:da:f7:cd 1 key from L... The others from my Lotto attempts... with openssl... If I look with my blind eyes on Primes... Interesting "random"... Only as Info... Best Regards |
![]() |
The Following 2 Users Say Thank You to adfree For This Useful Post: |
![]() | #24 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | Code: 'DKMSKEY_PHN-P'+'_'+'Creation date (8)'+'_'+'creation server (2)'+'_'+ 'corporation number (2)'+ '_' +' Serial Number(8)' +'.bin' Ex) DKMSKEY_PHN-P_20141117_00_00_00300000.bin Code: DKMSKEY_PHN-P_20130710_00_00_00002107.bin Maybe somebody have such files... Since 2013... Best Regards |
![]() |
![]() | #25 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | With installed valid EM Token... my SM-A202F with v1 steady.bin answer like this: [04:14:31] AT+ENGMODES=1,1,0 [04:14:33] AT+ENGMODES=1,1,0 +ENGMODES:1,OK,TOK,3_4_5_10_21_28 Code: AT+ENGMODES=2,1,3_4_5_10_21_28 but for instance "expire date"... is written to steady partition... via AT CMD... ------------------------------- This can be found in services.jar... For my SM-A202F I need to deodex this crap... Then I can see this: Code: AT+ENGMODES=0,0,3,0 removeToken AT+ENGMODES=0,0,DATA makeDelTokenForESS AT+ENGMODES=0,1,DATA makeTokenReqForESS AT+ENGMODES=0,2,DATA installTokenForESS AT+ENGMODES=0,3,DATA makeITLReqForESS AT+ENGMODES=0,4,DATA recoveryITLForESS AT+ENGMODES=1,0,0 isTokenInstalled AT+ENGMODES=1,1,0 getStringModes AT+ENGMODES=1,1,1 getLastTokenStatus AT+ENGMODES=1,3,0 ??? AT+ENGMODES=8,0,0 ??? AT+ENGMODES=8,0,1 ??? AT+ENGMODES=8,0,2 ??? AT+ENGMODES=8,0,3 ??? AT+ENGMODES=1,2,0 getPriorityTime AT+ENGMODES=2,2,Data setPriorityTime AT+ENGMODES=7,0,0 ??? AT+ENGMODES=7,1,0 ??? AT+ENGMODES=7,1,1 ??? AT+ENGMODES=7,2,0 ??? AT+ENGMODES=7,2,1 ??? Also DEVROOTK hints inside services.jar... I talk about older Android 9 or 10... Newer not checked... ------------------ Code: AT+ENGMODES=9,0 define LM_MAGIC_ESS_PREFIX_HEADER_GET_INFO Only as info... Best Regards |
![]() |
![]() | #26 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | Tiny """progress""" I am ready for AT Commands... but still AES decrypt AND encrypt unsolved... Anyway... Because tiny problems with my SM-A202F for eng Build... i was to forced to leave old Android 9 and 10 Firmware... So Android 11 is flashed... far away from March 2021... But now I modified 1 so file: Code: \vendor\lib64\libengmode15.so So my old Cert is accepted... Best Regards Edit 1. with eng I mean I modified build.type in build.prop... from user to eng... worked so far with: SM-G965F SM-A202F SM-R875F Last edited by adfree; 01-30-2024 at 08:44. |
![]() |
The Following 2 Users Say Thank You to adfree For This Useful Post: |
![]() | #27 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | Over 1 000 000 RSA2048 Key pairs created over the last few monthS on different PCs... https://www.file-upload.net/download...uar_v1.7z.html This is how I create 20K RSA 2048 Key pairs via Batch *.bat https://www.file-upload.net/download...SL_v7.zip.html Still no luck with Private Exponent... ![]() But maybe usefull for study... Look at Primes... Best Regards |
![]() |
![]() | #28 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | 21 Hits SamsungDeviceRootCAKey_RSA2048_aka_rootca.crt.cer First 16 Bytes instead whole 256 Byte for Modulus: E0C2818755AFD2D1E08DA3728023B9F6 Search String to find match in *.bin 3082010A0282010100E0C2 Code: ...\August_64bitOpenSSL\August6\vA9\pubkeyHEX_109.bin ...\December_DER__64bitOpenSSL\December3\v2\pubkeyHEX_171.bin ...\Januar14\5000rsaKeys_computer1\v5\pubkeyHEX_208.bin ...\December_DER__64bitOpenSSL\December4\v9\pubkeyHEX_298.bin ...\December_DER__64bitOpenSSL\friendlyUser\20+20K more RSA2048 KeyPairs_no2\20+20K more RSA2048 KeyPairs\vA6\pubkeyHEX_326.bin ...\2024\Januar\Januar_DER__64bitOpenSSL_v1\v8\pubkeyHEX_328.bin ...\August_64bitOpenSSL\AugustA\vB\pubkeyHEX_385.bin ...\December_DER__64bitOpenSSL\December3\v6\pubkeyHEX_403.bin ...\August_64bitOpenSSL\AugustA\v4\pubkeyHEX_406.bin ...\August_64bitOpenSSL\August5\v7\pubkeyHEX_456.bin ...\Januar14\5000rsaKeys_computer5\v4\pubkeyHEX_578.bin ...\August_64bitOpenSSL\August7\vA9\pubkeyHEX_631.bin ...\July_anderesOPENSSL\July\8\v4\pubkeyHEX_676.bin ...\August_64bitOpenSSL\August7\vA9\pubkeyHEX_693.bin ...\December_DER__64bitOpenSSL\friendlyUser\Another 20K RSA KeyPairs_no3\Another 20K RSA KeyPairs\v2\pubkeyHEX_741.bin ...\December_DER__64bitOpenSSL\friendlyUser\20+20K more RSA2048 KeyPairs_no2\20+20K more RSA2048 KeyPairs\vA8\pubkeyHEX_750.bin ...\December_DER__64bitOpenSSL\friendlyUser\Another 20K RSA KeyPairs_no3\Another 20K RSA KeyPairs\vA8\pubkeyHEX_830.bin ...\December_DER__64bitOpenSSL\friendlyUser\20K_RSA2048_KeyPairs_no1\20K_RSA2048_KeyPairs\v2\pubkeyHEX_892.bin ...\2024\Februar\Februar_DER__64bitOpenSSL_v5\vA2\pubkeyHEX_937.bin ...\November_DER__64bitOpenSSL\November1\vA8\pubkeyHEX_956.bin ...\August_64bitOpenSSL\August6\vA9\pubkeyHEX_976.bin No idea why... My attemptS never find match more then first 2 Bytes... Tried few more CertS/Modulus... Only as info... Will soon add the 21 "hits"... so "we" can look at Primes... 128 Byte... Best Regards |
![]() |
![]() | #30 (permalink) |
No Life Poster ![]() ![]() ![]() ![]() ![]() Join Date: Dec 2006 Location: yes
Posts: 812
Member: 420658 Status: Offline Thanks Meter: 248 | 22 key pairs... Mixed Commands because in beginning I made base64 encoded ... later found "humanreadable"... Code: openssl rsa -in lotto109.key -noout -text openssl rsa -inform der -in lotto171.key -noout -text openssl rsa -in lotto208.key -noout -text openssl rsa -inform der -in lotto213.key -noout -text openssl rsa -inform der -in lotto298.key -noout -text openssl rsa -inform der -in lotto326.key -noout -text openssl rsa -inform der -in lotto328.key -noout -text openssl rsa -in lotto385.key -noout -text openssl rsa -inform der -in lotto403.key -noout -text openssl rsa -in lotto406.key -noout -text openssl rsa -in lotto456.key -noout -text openssl rsa -in lotto578.key -noout -text openssl rsa -in lotto631.key -noout -text openssl rsa -in lotto676.key -noout -text openssl rsa -in lotto693.key -noout -text openssl rsa -inform der -in lotto741.key -noout -text openssl rsa -inform der -in lotto750.key -noout -text openssl rsa -inform der -in lotto830.key -noout -text openssl rsa -inform der -in lotto892.key -noout -text openssl rsa -inform der -in lotto937.key -noout -text openssl rsa -inform der -in lotto956.key -noout -text openssl rsa -in lotto976.key -noout -text Look at Primes... Best Regards |
![]() |
![]() |
Bookmarks |
Thread Tools | |
Display Modes | |
| |
|