Audi A6 4G MIB Head Unit HIGH - Страница 4
Добро пожаловать на Turbo Quattro.
Страница 4 из 4 ПерваяПервая ... 234
Показано с 61 по 68 из 68
  1. #61
    Пользователь
    Регистрация
    11.03.2016
    Сообщений
    68

    По умолчанию

    You made it work w/o patch of mibroot or mmi3gapp....?
    I’ve tested on metainfo and fec and both don’t work with stock firmware.

  2. #62
    Новичок
    Регистрация
    28.01.2017
    Сообщений
    10

    По умолчанию

    Цитата Сообщение от congo Посмотреть сообщение
    You made it work w/o patch of mibroot or mmi3gapp....?
    I’ve tested on metainfo and fec and both don’t work with stock firmware.
    No yet.
    Have you recallculated the MetainfoChecksum correctly before sign it?
    Have you replaced all 4 Metainfo keys in MIB?
    What error message do you receive when try to update the unit?

    At the moment I have only mmi3g bnav, hnav, hnav+ on my desk. So I can test only FSC now...

    Next step can be to reverse the structure of FecContainer.fec file. I think FEC codes are stored there.

    If you send me your new PubKeys and Metainfo than I can help you to doble check them. Two heads are better than one...

    What do you mean "mibroot"?
    Последний раз редактировалось leader; 14.01.2018 в 11:21.

  3. #63
    Новичок
    Регистрация
    20.10.2015
    Адрес
    пекин
    Сообщений
    4

    По умолчанию

    fec.jpg

    This is the secret key file?

  4. #64
    Новичок
    Регистрация
    28.01.2017
    Сообщений
    10

    По умолчанию

    Цитата Сообщение от алексей 3012 Посмотреть сообщение
    fec.jpg

    This is the secret key file?
    I think it must be an important file. If you check the filename it's "maybe" the container file for FeC codes (like in RMC where FSC are stored in Container too).
    If you reverse the fec binary in IDA you can found some FeC related functions to handle FeC requests....

    Currently I have only 2 fec container files from 2 different devices. One is empty (contains only 4 bytes header) and other has some data inside.
    Next days. I will try to get more container files to check them....
    I don't know (but I hope) if I'm on the right way....

  5. #65
    Новичок
    Регистрация
    05.01.2018
    Сообщений
    2

    По умолчанию

    I have one FecContainer.fec from VW's discover pro (MIB2HIGH). I did some basic check... The file size should be 4 + (195 x FeC counts). The first 4 bytes means how much FeCs inside the container.
    For each FeCs, Start with 0x000000AB and end with 0x000000FF (little endian)
    For each offset of individual FeCs
    byte00 ~ byte03: 0x000000AB
    byte04~ byte05: 0x0211
    byte06 ~ byte09 : FeCs in big endian (i.e. FeC 0931002f would be 09 31 00 2f)
    byte11 ~ byte15 : VCRN code
    byte16 ~ byte33 : VIN + \0 (18bytes)
    byte34 ~ byte37 : Date time of the FeCs (Epoch time in big endian)
    byte38 ~ byte46 : All 0x00
    byte47 ~ byte174 : variant data, signature? (128 bytes)
    byte175 ~ byte 178: 0x00000001
    byte179 ~ byte182: FeCs in little endian (i.e. FeC 0931002f would be 0x0931002f)
    byte183 ~ byte186: 0x00000001
    byte187 ~ byte190: 0x00000003
    byte191 ~ byte194: 0x000000FF
    Последний раз редактировалось jvkk; 27.01.2018 в 16:00.

  6. #66
    Новичок
    Регистрация
    28.01.2017
    Сообщений
    10

    По умолчанию

    Цитата Сообщение от jvkk Посмотреть сообщение
    I have one FecContainer.fec from VW's discover pro (MIB2HIGH). I did some basic check... The file size should be 4 + (195 x FeC counts). The first 4 bytes means how much FeCs inside the container.
    For each FeCs, Start with 0x000000AB and end with 0x000000FF (little endian)
    For each offset of individual FeCs
    byte00 ~ byte03: 0x000000AB
    byte04~ byte05: 0x0211
    byte06 ~ byte09 : FeCs in big endian (i.e. FeC 0931002f would be 09 31 00 2f)
    byte11 ~ byte15 : VCRN code
    byte16 ~ byte33 : VIN + \0 (18bytes)
    byte34 ~ byte37 : Date time of the FeCs (Epoch time in big endian)
    byte38 ~ byte46 : All 0x00
    byte47 ~ byte174 : variant data, signature? (128 bytes)
    byte175 ~ byte 178: 0x00000001
    byte179 ~ byte182: FeCs in little endian (i.e. FeC 0931002f would be 0x0931002f)
    byte183 ~ byte186: 0x00000001
    byte187 ~ byte190: 0x00000003
    byte191 ~ byte194: 0x000000FF
    Hi jvkk,

    It's very usefull infromation.
    Thank you for sharing...

    I think the 128 bytes must be the signature, because the keys are 1024bits (128 bytes) too.

    regards,
    leader

  7. #67
    Новичок
    Регистрация
    05.01.2018
    Сообщений
    2

    По умолчанию

    I also found something interesting when I use 'file' to identify content of dumped data...
    Is this useful or just no use because it's a public key?
    dump/> file HBpersistence/Keys/*/*
    HBpersistence/Keys/DataKey/AU_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/BY_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/PO_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/SE_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/SK_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/VW_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/FECKey/AU_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/BY_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/PO_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/SE_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/SK_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/VW_MIB-High_FEC_public_signed.bin: PGP\011Secret Sub-key -
    HBpersistence/Keys/MetainfoKey/AU_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/BY_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/PO_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/SE_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/SK_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/VW_MIB-High_MI_public_signed.bin: data

  8. #68
    Новичок
    Регистрация
    28.01.2017
    Сообщений
    10

    По умолчанию

    Цитата Сообщение от jvkk Посмотреть сообщение
    I also found something interesting when I use 'file' to identify content of dumped data...
    Is this useful or just no use because it's a public key?
    dump/> file HBpersistence/Keys/*/*
    HBpersistence/Keys/DataKey/AU_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/BY_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/PO_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/SE_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/SK_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/DataKey/VW_MIB-High_DK_public_signed.bin: data
    HBpersistence/Keys/FECKey/AU_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/BY_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/PO_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/SE_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/SK_MIB-High_FEC_public_signed.bin: data
    HBpersistence/Keys/FECKey/VW_MIB-High_FEC_public_signed.bin: PGP\011Secret Sub-key -
    HBpersistence/Keys/MetainfoKey/AU_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/BY_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/PO_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/SE_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/SK_MIB-High_MI_public_signed.bin: data
    HBpersistence/Keys/MetainfoKey/VW_MIB-High_MI_public_signed.bin: data
    These files contains the public keys to check signature in FEC, Metainfo and data files....

 

 

Ваши права

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Back to top