客服电话
APP下载
迪恩网络APP
随时随地掌握行业动态
官方微信
扫描二维码
关注迪恩网络微信公众号
开源软件名称:Android_boot_image_editor开源软件地址:https://gitee.com/cfig/Android_boot_image_editor开源软件介绍:Android_boot_image_editor
A tool for reverse engineering Android ROM images. Getting Startedinstall required packagesLinux: Mac: Mac: Make sure you have Windows Subsystem for Linux(WSL): Windows: Make sure you have Parsing and packingPut your boot.img to current directory, then start gradle 'unpack' task: cp <original_boot_image> boot.img./gradlew unpackYour get the flattened kernel and /root filesystem under ./build/unzip_boot: build/unzip_boot/├── boot.json (boot image info)├── boot.avb.json (AVB only)├── kernel├── second (2nd bootloader, if exists)├── dtb (dtb, if exists)├── dtbo (dtbo, if exists)└── root (extracted initramfs)Then you can edit the actual file contents, like rootfs or kernel.Now, pack the boot.img again ./gradlew packYou get the repacked boot.img at $(CURDIR): boot.img.signedWell done you did it! The last step is to star this repo :smile live demo Supported ROM image types
Please note that the boot.img MUST follows AOSP verified boot flow, either Boot image signature in VBoot 1.0 or AVB HASH footer (a.k.a. AVB) in VBoot 2.0. hacking mode*: Open build.gradle.kts, Line #8, change val bHackingMode = falseto val bHackingMode = trueThis will enable c++ modules, which is necessary for working with sparse images. compatible devices
more examplesworking with recovery.imgPlease remember to clean the work directory first. rm *.imgcp <your_recovery_image> recovery.img./gradlew unpack./gradlew packworking with vbmeta.imgrm *.imgcp <your_vbmeta_image> vbmeta.img./gradlew unpack./gradlew packworking with boot.img and vbmeta.imgIf your vbmeta.img contains hash of boot.img, you MUST update vbmeta image together. rm *.imgcp <your_boot_image> boot.imgcp <your_vbmeta_image> vbmeta.img./gradlew unpack./gradlew packYour boot.img.signed and vbmeta.img.signd will be updated together, then you can flash them to your device. working with vendor_boot.img + vbmeta.img (Pixel 5 etc.)Most devices include hash descriptor of vendor_boot.img in vbmeta.img, so if you need to modify vendor_boot.img, you need to update vbmeta.img together.rm *.imgcp <your_vendor_boot_image> vendor_boot.imgcp <your_vbmeta_image> vbmeta.img./gradlew unpack./gradlew pack./gradlew flashPlease note that to use 'gradle flash', your host machine must be connectted to your DUT with adb, and you already 'adb root'. working with system.imgFirst enable hacking mode by setting cp <your_system_image> system.img./gradlew unpackYou get How to disable AVB verificationThe idea is to set flag=2 in main vbmeta. rm *.imgcp <your_vbmeta_image> vbmeta.img./gradlew unpackvim -u NONE -N build/unzip_boot/vbmeta.avb.json -c ":19s/0/2/g" -c ":wq"./gradlew packThen flash vbmeta.img.signed to your device. boot.img layoutRead layout of Android boot.img and vendor_boot.img. References and Acknowledgementmore ...Android version list https://source.android.com/source/build-numbers.html cpio & fs_config This project is developed with products by Jetbrains.   |
请发表评论