This is the OTB 1.1.2’s bootloader 4.6 dumped (through hardware method) by TA_MOBILE from Vietnam:
The same dump has been sent to dev team as well as other teams (and geohot) for analysis. The bootloader bug found in the previous versions of baseband has been fixed in this new version. The best bet so far is the possibility to downgrade the modem.
UPDATE: The whole baseband integrity is checked in bootloader 4.6, so there seems no way to patch it at the moment. A lot of functions in the bootloader have been RCE’d, people are still working hard to find the possible exploits.
UPDATE: An exploit has been found in bootloader 4.6 which makes anySIM on 1.1.2 OTB possible. However, before anySIM can do the unlock, people must find a way to flash the baseband at first, this involves erasing and reflashing on bootloader 4.6. On bootloader 3.9, you may use a current version secpack or a newer version to do ieraser (0xA0000574), but on 4.6, you have to use a newer version (0xA00086A0). This means ieraser will not work on 4.6 until a new baseband update is released. Once the ieraser works on 4.6, the anySIM will once again do the unlock magic.
UPDATE: A hardware unlock method has been found by TA_MOBILE, geohot and pspsully. The method is considered most technical and dangerous as it involves desoldering the chip off the comm board, it also requires special devices to do the IC flashing. So the hardware method is not practical by any means. The Test Point bootloader downgrade is also possible in theory but no progress on this yet.
UPDATE: Here are the two exploits posted on Geohot’s weblog:
Hardware exploit:
The version check reads from 0xA0021000 and 0xA0021004 to get the version of the main firmware. It then compares the values [0xA0021000]==~[0xA0021004]. If that check fails it ignores the version check. It is also the only bootloader access into high flash. So when A16 goes high, pull any data line high or low. That will cause the check to fail, and hence the version check to be skipped. And they shouldn’t be any memory accesses in the bootloader, so it’ll be fine.
Software exploit:
This exploit is in the way the secpack signature is padded. They did a lot to remove the really bad signature checking of the old bootloader that IPSF exploited. Although the secpack still has 0×28 bytes of data at the end that isn’t checked for normal secpack sigs. The secpack sig is (0×30 header/padding, 0×14 main fw sha, 0×14 secpack sha, 0×28 unchecked padding). So by spoofing the first 0×58 of the RSA, you can set any secpack and main fw sha hash you want. It is very easy in exponent 3 RSA cryptosystems to spoof the first 1/3 of the message bytes. I believe with some clever math and brute force, the whole 0×58 can be spoofed.
UPDATE: A16 is a buried via, but it is right at the edge of the chip. Just scrape the epoxy away and hook a wire under
there. I’d do it but a lot of my hardware stuff is at RIT. And I didn’t say the software exploit would be easy, but the paperĀ Cryptanalysis of RSA Signatures with Fixed-Pattern Padding alludes to 2/3 of the message being spoofable. 2/3 is 3 bytes away from how much we need, and 3 bytes can be brute forced easily enough. Of course 1/3 is trivial to exploit with a cube root, I understand that math well enough. – Excerpt from Geohot’s blog.
The communication board without baseband chip:
