Implemented the new flashing hack

This new flashing hack exploits a bug in flash app where it will not properly check the integrity of catalog files used in FFU files
2026-06-14 03:16:40 +10:00 · 2020-01-12 15:43:56 +01:00
parent a3f323259a
commit 774ff9956f
14 changed files with 1170 additions and 300 deletions
@@ -527,6 +527,8 @@ namespace WPinternals
                        FlashParts.Add(Part);
                    }

+                    bool ClearFlashingStatus = true;
+
                    // We should only clear NV if there was no backup NV to be restored and the current NV contains the SB unlock.
                    if ((NvBackupPartition == null) && !Info.UefiSecureBootEnabled)
                    {
@@ -536,13 +538,15 @@ namespace WPinternals
                        Part.StartSector = (UInt32)Target.FirstSector;
                        Part.Stream = new MemoryStream(new byte[0x40000]);
                        FlashParts.Add(Part);
+
+                        ClearFlashingStatus = false;
                    }

                    if (FlashParts.Count > 0)
                    {
                        ActivateSubContext(new BusyViewModel("Restoring bootloader..."));
                        WPinternalsStatus LastStatus = WPinternalsStatus.Undefined;
-                        LumiaV2UnlockBootViewModel.LumiaV2CustomFlash(PhoneNotifier, FFUPath, false, false, FlashParts, true, ClearFlashingStatusAtEnd: false,
+                        LumiaV2UnlockBootViewModel.LumiaV2CustomFlash(PhoneNotifier, FFUPath, false, false, FlashParts, true, ClearFlashingStatusAtEnd: ClearFlashingStatus,
                            SetWorkingStatus: (m, s, v, a, st) =>
                            {
                                if ((st == WPinternalsStatus.Scanning) || (st == WPinternalsStatus.WaitingForManualReset))
@@ -583,7 +587,7 @@ namespace WPinternals
                    BusyViewModel Busy = new BusyViewModel("Flashing original FFU...", MaxProgressValue: FFU.TotalChunkCount, UIContext: UIContext);
                    ActivateSubContext(Busy);
                    byte Options = 0;
-                    if (!Info.SecureFfuEnabled || Info.Authenticated || Info.RdcPresent)
+                    if (!Info.IsBootloaderSecure)
                        Options = (byte)((FlashOptions)Options | FlashOptions.SkipSignatureCheck);
                    Phone.FlashFFU(FFU, Busy.ProgressUpdater, true, Options);
                }