but i dont have any serial port on the board. like it allows me as of now serial port access.
u-boot doesnt have many drivers which blackberry needs to be fully functional. I did recompile the source for x-loader and u-boot.
i am not sure what it does but thats qnx which is why i need to discard it but i need to read the values and its workings. the bootloader is called bsp or bsp file. The files are very dense and i am trying to read the content one at a time (encrypted ones only). eventually via permutation and combination i will get the rightfile and then i will run bruteforce. which means this is an extremely time consuming job. i wm trying to handpick the encrypted ones and trying to read the data content. 100's and 1000's and one or more got encryption. There are loads of files in the firmware. now when i run binwalk i can get to see the firmware image and loads and loads of valueable om this i can say one thing imy reverse engineering process may or may not work in one shot.
I downloaded the firmware images for playbook version 2.1 and bb 10. so i am trying to rub stones and see for a moment what i can.
blackberry have darkened the environment too. i am walking comletely in the dark and i cant see jack. Like i cannot figure out the memory locations and where the loader kicks off and inits the second stage boot loader. This device is a complex and complicated device there is only one use output device so this means i cannot do much without opening. This is going to be a long post so try to be a little patient while reading. I have built the first stage loader which is a basic loader. i think i am getting close thats one of the good news. There is news a few good news and a few bad news. Now lawmanguy and others this is a very crucial information for folks here kindly read with patience too much technical information is listed here. you may delete the filed i uploaded they are useless as of now. and then we go to next step.įirst off lawguyman, you need to use the bricked device for a little longer this i guess is the first bad news. You need to tell me whats the usb id in on or off condition. IdProduct 0x0020 Integrated Rate Matching Hub
Integrated Rate Matching HubĬouldn't open device, some information will be missingīDeviceProtocol 0 Full speed (or root) hubīInterfaceProtocol 0 Full speed (or root) hub Integrated Rate Matching Hubīus 002 Device 002: ID 8087:0020 Intel Corp. in linux we type lsusb and the output is shown like this, not sure how you do it in lsusbīus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hubīus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hubīus 001 Device 002: ID 8087:0020 Intel Corp. i am also not sure how you find the usb id. you need to insert the device (i am not sure if in on condition or off condition) and see the usb id. Posted via CB10this is going to be a tedious one. Can you please list the command line entries that I will use with OmapFlash?