Sunday, February 28, 2016

Irulu U2 malware removal


Use usb debugging to 'backup' the malware
adb pull /system/app/

Download original firmware

wget http://img.irulu.com/driver/U2_Q500H_V101En20141223.rar
unrar e U2_Q500H_V101En20141223.rar
$ file system.img
system.img: Android sparse image, version: 1.0, Total of 256000 4096-byte output blocks in 1684 input chunks.

Now to check if the original firmware is clean

Get simg2img tool
git clone https://github.com/anestisb/android-simg2img.git
make

Mount the system image

simg2img system.img system.raw.img
$ file system.raw.img
system.raw.img: Linux rev 1.0 ext4 filesystem data, UUID=57f8f4bc-abf4-655f-bf67-946fc0f9f25b (needs journal recovery) (extents) (large files)
sudo mount -o loop system.raw.img /mnt/loop/

Compare with that found on the Ali Express phone reveals

diff sys_app_mal.ls sys_app_irulu.ls  
1d0
< abc.apk
24d22
< cd89920009
29d26
< com.andr0id.lauchinmg.apk
31,43d27
< com.as.youtube.downloader.a5.apk
< com.chaidongqiang.beautyvideo.apk
< com.example.homeof01111beauty.apk
< com.example.homeof01192beauty.apk
< com.free.all.mp3.music.a6.apk
< com.free.all.mptree.music.b.apk
< com.haodu.sexyhotvideo.apk
< com.json.lutu.apk
< com.sailer.coolbrowser.apk
< com.sms.server.socialgraphop.db
< com.swiping.whale.apk
< com.system.cap.hm.hupdater.apk
< com.system.update.apk
45,46d28
< CustomICON.apk
< CustomICON.odex
75c57
< frozenkeyboard.apk
---
> Frozen_Keyboard.apk
82d63
< GloablBCServiceInfo.apk
89d69
< hll_videoplayer_pop.apk
92a73
> HTMLViewer.odex
125d105
< obs.apk
130d109
< OPBKEY_4c16012fb8540b4619b866cb3dde30aecf5f
141c120
< playApp.apk
---
> playApp_0830.apk
165d143
< system.bin.apk
178d155
< v5_function_video.mp4
180a158
> videoplayer.apk

So, the original firmware looks OK - now, to install it

I was unable to unlock the fastboot, so I used this procedure instead -


Download SP Flash Tool for Linux from - 
(or elsewhere. Note that the Windows version I grabbed, included Malware)

Uninstall ModemManager

sudo yum remove ModemManager
sudo udevadm control --reload

Power off the phone
Start the tool
sudo SP_Flash_Tool_v5.1548_Linux/flash_tool.sh

On the Download tab, select the scatter file from the extracted Irulu file (MT6582_Android_scatter.txt)

Click download

Now, power on the phone

Download should progress and show OK

Disconnect and power cycle the phone, and all should be good!

Posted by at 9 comments:

Friday, February 5, 2016

DisplayLink on Fedora

Here's a surprising story of a piece of unusual hardware working with less effort on Linux, than on Windows.

I bought one of these of ebay -

DELTACO USB 2.0 till DVI/HDMI/VGA-adapter

Planning to use it on a custom x86 board I have, that doesn't have a graphics adapter. First trying it on Windows 7 - where it worked fine, after downloading and installing the drivers.

I then booted Linux, expecting to again download drivers, and likely need to compile them, with the usual dependency nightmares...

However, on boot, the display came up by itself :)


[   16.823553] udl 5-2:1.0: fb1: udldrmfb frame buffer device
[   16.823559] [drm] Supports vblank timestamp caching Rev 2 (21.10.2013).
[   16.823561] [drm] No driver support for vblank timestamp query.
[   16.823563] [drm] Initialized udl on minor 1
[   16.823599] usbcore: registered new interface driver udl

Bus 005 Device 002: ID 17e9:0198 DisplayLink 

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)