Difference between revisions of "Revue Root Notes"

From Exploitee.rs
Jump to navigationJump to search
(Created page with " === 2011 January 21: CONFIG_MODULE_SIG on the Revue === I have finally identified why my attempts at loading my own modules onto the Revue have all failed (outside of recovery)....")
 
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
=== 2011 January 21: CONFIG_MODULE_SIG on the Revue ===
=== 2011 January 21: CONFIG_MODULE_SIG on the Revue ===
I have finally identified why my attempts at loading my own modules onto the Revue have all failed (outside of recovery).  As shown in /proc/config.gz, the Revue kernel was built with CONFIG_MODULE_SIG=y which means that any module will require a signature that can be verified with the public signatures compiled into the kernel.  Anybody out there up for patching /dev/mem to remove the signature checking or perhaps add a new signature? If so, please contact us!
I have finally identified why my attempts at loading my own modules onto the Revue have all failed (outside of recovery).  As shown in /proc/config.gz, the Revue kernel was built with CONFIG_MODULE_SIG=y which means that any module will require a signature that can be verified with the public signatures compiled into the kernel.  Anybody out there up for patching /dev/mem to remove the signature checking or perhaps add a new signature? If so, please contact us!
--[http://gtvhacker.com/index.php/Craigdroid Craig]
--[http://Exploitee.rs/index.php/Craigdroid Craig]


=== 2011 January 16: FAT file systems and DOS line endings ===
=== 2011 January 16: FAT file systems and DOS line endings ===
I have received a few emails now from people having problems with the manual update script due to line endings and FAT file systems.  If you do not understand what this means it is best to stick with using an extended (ext2) file system on your USB drive and extract everything under Linux rather than Windows.
I have received a few emails now from people having problems with the manual update script due to line endings and FAT file systems.  If you do not understand what this means it is best to stick with using an extended (ext2) file system on your USB drive and extract everything under Linux rather than Windows.
--[http://gtvhacker.com/index.php/Craigdroid Craig]
--[http://Exploitee.rs/index.php/Craigdroid Craig]


=== 2011 January 15: Breaking OTA Updates ===
=== 2011 January 15: Breaking OTA Updates ===
Logitech recently began deploying a [http://forums.logitech.com/t5/Revue-Product-Updates-Release/Revue-amp-Google-TV-Update-January-11-2011/td-p/557792 security update] which will incidentally remove root access if it is allowed to install on a rooted device.  (This was not the purpose of the update but it is an adverse effect for our community.) The GTVHacker dev team's initial attempts to break OTA updates by moving the otacerts.zip was not fully successful.  In order to remove the auto-updating feature, [http://gtvhacker.com/index.php/Craigdroid Craig] of the GTVHacker team has tested removal of /system/app/SystemUpdater.* with preliminary success.  If this method works for others in the community, GTVHacker will consider the release of an updated manual update script with this and possibly other changes.
Logitech recently began deploying a [http://forums.logitech.com/t5/Revue-Product-Updates-Release/Revue-amp-Google-TV-Update-January-11-2011/td-p/557792 security update] which will incidentally remove root access if it is allowed to install on a rooted device.  (This was not the purpose of the update but it is an adverse effect for our community.) The Exploitee.rs dev team's initial attempts to break OTA updates by moving the otacerts.zip was not fully successful.  In order to remove the auto-updating feature, [http://Exploitee.rs/index.php/Craigdroid Craig] of the Exploitee.rs team has tested removal of /system/app/SystemUpdater.* with preliminary success.  If this method works for others in the community, Exploitee.rs will consider the release of an updated manual update script with this and possibly other changes.


On a side note for non-rooted users, holding off on applying the update may expose your system to a vulnerability which could eventually be actively exploited to provide root access without a soldering iron.  (This vulnerability could potentially be used maliciously so please consider this in deciding whether to apply the update.)  Any (unrooted) box that is connected to the Internet over night will presumably be updated without user interaction.
On a side note for non-rooted users, holding off on applying the update may expose your system to a vulnerability which could eventually be actively exploited to provide root access without a soldering iron.  (This vulnerability could potentially be used maliciously so please consider this in deciding whether to apply the update.)  Any (unrooted) box that is connected to the Internet over night will presumably be updated without user interaction.
Line 23: Line 22:


'''Any previous device updates will disable the UART1 pins necessary for this hack!'''
'''Any previous device updates will disable the UART1 pins necessary for this hack!'''
[[Category:Logitech Revue]]

Latest revision as of 10:26, 31 December 2014

2011 January 21: CONFIG_MODULE_SIG on the Revue

I have finally identified why my attempts at loading my own modules onto the Revue have all failed (outside of recovery). As shown in /proc/config.gz, the Revue kernel was built with CONFIG_MODULE_SIG=y which means that any module will require a signature that can be verified with the public signatures compiled into the kernel. Anybody out there up for patching /dev/mem to remove the signature checking or perhaps add a new signature? If so, please contact us! --Craig

2011 January 16: FAT file systems and DOS line endings

I have received a few emails now from people having problems with the manual update script due to line endings and FAT file systems. If you do not understand what this means it is best to stick with using an extended (ext2) file system on your USB drive and extract everything under Linux rather than Windows. --Craig

2011 January 15: Breaking OTA Updates

Logitech recently began deploying a security update which will incidentally remove root access if it is allowed to install on a rooted device. (This was not the purpose of the update but it is an adverse effect for our community.) The Exploitee.rs dev team's initial attempts to break OTA updates by moving the otacerts.zip was not fully successful. In order to remove the auto-updating feature, Craig of the Exploitee.rs team has tested removal of /system/app/SystemUpdater.* with preliminary success. If this method works for others in the community, Exploitee.rs will consider the release of an updated manual update script with this and possibly other changes.

On a side note for non-rooted users, holding off on applying the update may expose your system to a vulnerability which could eventually be actively exploited to provide root access without a soldering iron. (This vulnerability could potentially be used maliciously so please consider this in deciding whether to apply the update.) Any (unrooted) box that is connected to the Internet over night will presumably be updated without user interaction.

2011 January 14: Avoiding an unexpected reboot

NOTICE: If you have not properly completed step 6 (including pressing ALT+L) in the hardware portion before proceeding to the software section, you are risking bricking the Revue. This step is mandatory because it gets you into the recovery menu and prevents the system from automatically rebooting in the middle of an update. The video output should show the recovery menu before proceeding to the software portion. (Thanks @stericson for the picture.)

2011 January 12: Logitech's Statement on Rooting

Logitech Issues a "Statement" regarding rooting the Revue

2011 January 5: Do I really need a virgin?

You ABSOLUTELY need a "virgin" Logitech Revue with NO updates in order to do this hack!!

Any previous device updates will disable the UART1 pins necessary for this hack!