1

I am trying to get a rooted android phone set up for reverse engineering purposes. I tried to root two separate phones (SM-G925A and a Google Pixel 2) but they both turned out to have locked (meaning, encrypted by the carrier) bootloaders.

Is there really no way to get around this without finding an exploit? I have tried everything short of taking the phone apart and flashing the ROM in (whatever device you use to flash a ROM chip.) Would that even work? I can't even find a single example of someone doing this for any model of phone on the internet.

Improve this question
8
  • A bootloader does not encrypt or decrypt anything. Hence a bootloader is never encrypted. I assume you are referring to the digital signature that can be checked by the bootloader but again neither the bootloader nor the checked software is encrypted. Commented Jan 16, 2021 at 22:29
  • @Robert indeed bootloader lock state is encrypted, but that's different topic Commented Jan 17, 2021 at 11:14
  • @alecxs Are you really sure you mean encryption and not cryptographically tamper protected? Do you have any reference for the encryption in bootloader? Commented Jan 17, 2021 at 13:43
  • @alecxs If the bootloader is OEM locked, you can't unlock the bootloader without using an exploit. For both the pixel 2 (verizon model) and SM-G925A, there are currently no known exploits. I'm 100% sure about this. Commented Jan 17, 2021 at 13:49
  • @Robert I'm not completely sure how it works honestly, you could be right about that Commented Jan 17, 2021 at 13:58

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.