shinyquagsire23

# Dump partitions from the Pixel Watch's fastboot using `oem sha1sum`
# and `oem ramdump` memes.
#
# Currently the first 8 bytes aren't bruteforced, but they ~can be.
# Doesn't really matter though because the first 8 bytes is the "ANDROID!" magic
# for boot partitions.
import os
import sys
import subprocess
import hashlib

shinyquagsire23

(bootloader) battery-soc:39%
(bootloader) battery-soc-ok:yes
(bootloader) battery-voltage:3779 mV
(bootloader) enter-reason:reboot bootloader
(bootloader) erase-block-size:0x1000
(bootloader) hw-revision:MP1.1
(bootloader) is-logical:pad1:no
(bootloader) is-logical:vbmeta:no
(bootloader) is-logical:vbmeta_system:no
(bootloader) is-logical:vbmeta_vendor:no

shinyquagsire23

18D1 9400: Google LLC - Stadia Controller rev. A
DESCRIPTOR:
  05  01  09  05  a1  01  85  03  05  01  75  04  95  01  25  07 
  46  3b  01  65  14  09  39  81  42  45  00  65  00  75  01  95 
  04  81  01  05  09  15  00  25  01  75  01  95  0f  09  12  09 
  11  09  14  09  13  09  0d  09  0c  09  0b  09  0f  09  0e  09 
  08  09  07  09  05  09  04  09  02  09  01  81  02  75  01  95 
  01  81  01  05  01  15  01  26  ff  00  09  01  a1  00  09  30 
  09  31  75  08  95  02  81  02  c0  09  01  a1  00  09  32  09 
  35  75  08  95  02  81  02  c0  05  02  75  08  95  02  15  00 

shinyquagsire23

# Requires pyusb
import usb.core
import usb.util
import struct
import time

# Requires doing something like this before running, otherwise Linux kernel has control of the drive
#  echo 1-1:1.0 > /sys/bus/usb/drivers/usb-storage/unbind

# find our device

shinyquagsire23

# run `ulimit -n 94000` or it'll run out of socket fd's
# grab your bee movie script from 
# https://gist.githubusercontent.com/ElliotGluck/64b0b814293c09999f765e265aaa2ba1/raw/79f24f9f87654d7ec7c2f6ba83e927852cdbf9a5/gistfile1.txt
# and save as `beemovie.txt`
import time
import threading
import socket
import struct

connections = 0

shinyquagsire23

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>

typedef struct file_struct
{
    FILE* real_fhand;
    int is_compressed;
    int seek_pos_maybe;

shinyquagsire23

FIFO Message Header:
--------------------
dddddddddddddddddddddddddd f ttttt

Tag (lower 5 bits, mask 0x1F)
Error (bit5, mask 0x20)
Data (Upper 26 bits, mask 0xFFFFFFC0)

FIFO Data Packing (26 bits):
--------------------

shinyquagsire23

#
# OpenOCD configuration for Tegra X1 (T210)
# by shinyquagsire23
# For use on Jetson Nano/TX1 and similar
#
transport select jtag
adapter speed 3000

reset_config trst_and_srst
jtag_ntrst_delay 500

shinyquagsire23

&mdss_mdp {
	/* Samsung 4K OLED ID9 */
	dsi_9: somc,9_panel {
		qcom,dsi-ctrl-num = <0>;
		qcom,dsi-phy-num = <0>;
		qcom,dsi-select-clocks = "mux_byte_clk0", "mux_pixel_clk0";

		qcom,mdss-dsi-panel-name = "9";
		qcom,mdss-dsi-panel-type = "dsi_cmd_mode";
		qcom,mdss-pan-physical-width-dimension = <65>;

shinyquagsire23

import struct
import imageio
import numpy as np
import sys

if len(sys.argv) < 2:
    print ("Usage: image-extract.py [raw_resources_a.image]")
    exit(0)

f = open(sys.argv[1], "rb")