a2c3d7159fd2eeef14bbf33674efcab8
Many thanks to the original androidroot team that got me halfway there with their work from years ago. Source for the attack for those interested (requires a patched bootloader to enable the SBK key in the HW AES engine, the patch is in the GitHub repo): warmboot-tf101-pwn.S
Many thanks to the original androidroot team that got me halfway there with their work from years ago. Source for the attack for those interested (requires a patched bootloader to enable the SBK key in the HW AES engine, the patch is in the GitHub repo): warmboot-tf101-pwn.S