Trying to make it work on Exynos 9825, stuck at `INFO: Starting diag`
arkanoid87 opened this issue · 3 comments
steps:
- enabled
DM + ACM + ADB
via*#0808#
- lsusb shows it as
Bus 001 Device 024: ID 04e8:685d Samsung Electronics Co., Ltd GT-I9100 Phone [Galaxy S II] (Download mode)
the name of the device is wrong (it really is Note10+) - added udev rule
SUBSYSTEM=="usb", ATTRS{idVendor}=="04e8", ATTRS{idProduct}=="685d", GROUP="users", MODE="0666"
- cloned scat, created new venv python 3.10.2,
pip install -r requirements.txt
./scat.py -t sec -m {model} -u -v 0x04E8 -p 0x685D -i {interface} --pcap-file test.pcap
tail -f test.pcap
tcpdump -i lo udp
output
CONFIGURATION 1: 500 mA ==================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x2 Configuration
wTotalLength : 0x79 (121 bytes)
bNumInterfaces : 0x4
bConfigurationValue : 0x1
iConfiguration : 0x4 Conf 1
bmAttributes : 0x80 Bus Powered
bMaxPower : 0xfa (500 mA)
INTERFACE 0: CDC Communication =========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x0
bAlternateSetting : 0x0
bNumEndpoints : 0x1
bInterfaceClass : 0x2 CDC Communication
bInterfaceSubClass : 0x2
bInterfaceProtocol : 0x1
iInterface : 0x5 CDC Abstract Control Model (ACM)
ENDPOINT 0x82: Interrupt IN ==========================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x82 IN
bmAttributes : 0x3 Interrupt
wMaxPacketSize : 0xa (10 bytes)
bInterval : 0x9
INTERFACE 1: CDC Data ==================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x1
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xa CDC Data
bInterfaceSubClass : 0x0
bInterfaceProtocol : 0x0
iInterface : 0x6 CDC ACM Data
ENDPOINT 0x81: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x81 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x1: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x1 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 2: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x2
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0x10
bInterfaceProtocol : 0x1
iInterface : 0x0
ENDPOINT 0x83: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x83 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x2: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x2 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 3: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x3
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0x42
bInterfaceProtocol : 0x1
iInterface : 0x9 ADB Interface
ENDPOINT 0x3: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x3 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x84: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x84 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
2023-02-08 03:33:31,699 scat.samsungparser (stop_diag) INFO: Stopping diag
2023-02-08 03:33:31,699 scat.samsungparser (init_diag) INFO: Initialize diag
2023-02-08 03:33:48,716 scat.samsungparser (run_diag) INFO: Starting diag
and nothing follows
I get zero lines in test.pcap, and zero relevant packets via tcpdump
Changing {model}
seems doing nothing
Changing interface works only for values 1 and 2. When using 1 I get occasional extra line in output:
2023-02-08 03:38:22,501 scat.samsungparser (stop_diag) INFO: Stopping diag
2023-02-08 03:38:22,502 scat.samsungparser (init_diag) INFO: Initialize diag
2023-02-08 03:38:22,561 scat.samsungparser (run_diag) INFO: Starting diag
2023-02-08 03:38:22,563 scat.samsungparser (run_diag) WARNING: Cannot find the start of packet
What does this all mean? It seems that the DM port is somehow open, but nothing happens. Do I need a different magic? How can I find one for my device?
just found #27 and it seems indeed a problem of missing magic in first place
if you know how to find it, please share
closing as it seems #27 is the final answer here
As an alternative, you can use SilentLog hidden application to get the SDM files and can decode using SCAT. Check the information on https://github.com/fgsect/scat/wiki/Baseband-Dumps