GitXplorerGitXplorer
t

chromecast-tools

public
9 stars
1 forks
0 issues

Commits

List of commits on branch master.
Unverified
de27ed24962dfe9cd296c9db398901094889e5af

Use unsigned char for buffers

ttchebb committed 9 years ago
Unverified
a0406a5dd1c50772ef0beff97995f5a49a56b1f5

Fixup whitespace

ttchebb committed 9 years ago
Unverified
c74028bfecaa478b94e25b8a3abb94e739122e02

Fix grammar inconsistencies in README

ttchebb committed 10 years ago
Unverified
615bb2c41be3fb0faac513f7f92108a15d72d9f9

Fix capitalization in README

ttchebb committed 10 years ago
Unverified
0a0d72375b1812de92daa1ddae8014cab5e2f155

Add cc-strip-bootimg script

ttchebb committed 10 years ago
Unverified
bf202240219bd1b6fb325452f6349b9adf6707d3

Add LICENSE

ttchebb committed 10 years ago

README

The README file for this repository.

This is a set of tools to work with Chromecast boot image files. Most of the tools are just helper scripts that simplify common operations; the one exception is cc-mangle-bootimg, which takes an Android boot image file (generated by mkbootimg, generally) and manipulates its header so that Chromecasts with a vulnerable bootloader will interpret it as a signed image and boot it.

Tools

  • cc-mangle-bootimg: Alters a boot image's header to make it look like a Marvell cryptographic header. If the Chromecast is running a vulnerable bootloader, this is all that is needed to boot the image--no signature check is actually performed. An unfortunate side-effect of the mangling is that any kernel command line specified in the Android header will be overwritten. Thus, any required kernel parameters must be compiled into the kernel image. The key ID embedded in the cryptographic header should be 0x02 for NAND boot and 0x82 for USB boot. cc-make-bootimg wraps this program, so you won't usually need to manually invoke it.
  • cc-make-bootimg: Uses Android's mkbootimg to pack the given kernel and optional initramfs into an Android boot image, then runs cc-mangle-bootimg on the generated image to make it bootable on the Chromecast. Takes a type argument of usb or nand which specifies whether the image will be booted from a USB drive or the Chromecast's internal storage. The image will fail to boot if the wrong type is used. If the type is usb, the generated image can be flashed to a USB drive using cc-flash-bootimg.
  • cc-pack-bootimg: Wraps cc-make-bootimg, packing the contents of the given directory to create the initramfs.
  • cc-strip-bootimg: Removes the Marvell cryptographic header from an official boot image so that it can be recognized and parsed by standard tools such as abootimg.
  • cc-flash-bootimg: Writes a mangled bootimg to a USB drive at the correct offset for the Chromecast to boot from. Does not affect partition table.
  • cc-flash-rootfs: Creates an ext2 filesystem on the given partition and extracts the given tar file to that filesystem. If an overlay directory is given, copies its contents to the filesystem as the last step.