User Tools

Site Tools


doc:appunti:hardware:gretel_a7

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Last revisionBoth sides next revision
doc:appunti:hardware:gretel_a7 [2019/10/15 12:34] – [Latest Software] niccolodoc:appunti:hardware:gretel_a7 [2019/10/15 12:58] – [Latest System Software] niccolo
Line 21: Line 21:
   * **SuperSU v2.82** build number 20170528234214 - Needed to gain root privileges and replace the launcher.   * **SuperSU v2.82** build number 20170528234214 - Needed to gain root privileges and replace the launcher.
   * **Rootless Pixel Launcher 3.9.1** - Downloaded from F-Droid repository, replaces the trojanized default launcher.   * **Rootless Pixel Launcher 3.9.1** - Downloaded from F-Droid repository, replaces the trojanized default launcher.
 +
 +^ Model number                  | A7  |
 +^ Android version               | 6.0  |
 +^ Android security patch level  | August 5, 2016  |
 +^ Baseband version              | MOLY.WR8.W1449.MD.WG.MP.V59.P4, 2016/09/05 16:45  |
 +^ Kernel version                | 3.18.19\\ xsh@joyatel07 #2\\ Fri Sep 8 12:20:34 CST 2017  |
 +^ Build number                  | Y8303.YX.A7.Gretel.B1B8.6.0.V01.07.20170908  |
  
 ===== Factory Installed Malware: com.ibingo.launcher3 and Wireless Update  ===== ===== Factory Installed Malware: com.ibingo.launcher3 and Wireless Update  =====
Line 111: Line 118:
     - **Riavviare** il telefono     - **Riavviare** il telefono
     - Verificare il file **/data/system/packages.xml**: i riferimenti alle app rimosse dovrebbero scomparire automaticamente dopo il reboot.     - Verificare il file **/data/system/packages.xml**: i riferimenti alle app rimosse dovrebbero scomparire automaticamente dopo il reboot.
 +
 ===== Modalità Sviluppatore e Debug USB ===== ===== Modalità Sviluppatore e Debug USB =====
  
Line 116: Line 124:
  
 Nel menu //Impostazioni// compare anche //Opzioni sviluppatore//, tra le quali è possibile attivare **//Debug USB//**. Nel menu //Impostazioni// compare anche //Opzioni sviluppatore//, tra le quali è possibile attivare **//Debug USB//**.
- 
-^ Numero modello       | A7  | 
-^ Versione di Android  | 6.0  | 
-^ Livello patch di sicurezza Android  | 5 agosto 2016  | 
-^ Versione banda base  | MOLY.WR8.W1449.MD.WG.MP.V59.P4, 2016/09/05  | 
-^ Versione kernel      | 3.8.19\\ xsh@ubuntu-S2600JF #2\\ Fri May 26 15:39:25 CST 2017  | 
-^ Numero build         | Y8303.YX.A7.Gretel.B1B8.6.0.V01.07.20170526  | 
  
 ===== OEM unlocking ===== ===== OEM unlocking =====
Line 363: Line 364:
     * **Swipe to confirm Flash**.     * **Swipe to confirm Flash**.
  
-===== Infected Stock ROM 20170908 =====+===== Installing Stock ROM 20170908 (with trojan launcher) =====
  
 On the internet we found the file **Y8303.YX.A7.Gretel.B1B8.6.0.V01.07.20170908.rar** (md5sum decb53fef12c13c30a8759fc55f5dfa4). It seems an offical Gretel ROM, but it has some **malware inside the launcher**. We flashed that ROM using **SP Flash Tool 5.1916** downloading all the partitions to the phone; after some hours **unwanted icons popped-up on the home screen** (icon labels were //Tarot// and //Funny//). On the internet we found the file **Y8303.YX.A7.Gretel.B1B8.6.0.V01.07.20170908.rar** (md5sum decb53fef12c13c30a8759fc55f5dfa4). It seems an offical Gretel ROM, but it has some **malware inside the launcher**. We flashed that ROM using **SP Flash Tool 5.1916** downloading all the partitions to the phone; after some hours **unwanted icons popped-up on the home screen** (icon labels were //Tarot// and //Funny//).
 +
 +
 +  - Power-off the phone. Using SP Flash Tool from a PC, **flash the partitions**: //preloader//, //lk//, //boot//, //recovery//, //logo//, //secro//, //system//, //cache// and //userdata// from stock ROM archive. This will erase all user data and settings on the phone.
 +  - Reboot into normal system and enable **USB debugging**:
 +    * //Settings// => //About phone//, tap 7 times on //Build number//.
 +    * //Settings// => //Developer options//, enable //OEM unlocking// and //USB debugging//.
 +  - Upload **SuperSU** and **Rootless Pixel Launcher** from the PC to /sdcard/ directory, using **adb push**.
 +  - Power-off the phone and **flash TWRP** recovery image with SP Flash Tool. Boot in //Select Boot Mode Menu// with **Volume UP+Power**, then choose Recovery.
 +  - From TWRP Recovery, install **SuperSU**.
 +  - Reboot into system, install **Rootless Pixel Launcher** from the file manager; from //Settings// => //Home//, make it the default.
 +  - From the PC, run **adb shell** and remove the trojanized launcher using root privileges. See below.
  
 We checked the **apk** file found into the **/system/priv-app/Launcher3_G_Develop_yisheng_A47_201709071813/** directory against some on-line checking services (notably [[https://www.drweb.com/|Dr. Web]]), and it was marked as **infected with Android.Ibingo.1.origin**. We checked the **apk** file found into the **/system/priv-app/Launcher3_G_Develop_yisheng_A47_201709071813/** directory against some on-line checking services (notably [[https://www.drweb.com/|Dr. Web]]), and it was marked as **infected with Android.Ibingo.1.origin**.
doc/appunti/hardware/gretel_a7.txt · Last modified: 2021/08/27 23:23 by niccolo