=============================Lokiby Dan Rosenberg (@djrbliss)=============================Loki is a set of tools for creating and flashing custom kernels and recoverieson the AT&T and Verizon branded Samsung Galaxy S4, the Samsung Galaxy Stellar,and various locked LG devices. For an explanation of how the exploit works,please see the technical blog post at:http://blog.azimuthsecurity.com/2013/05/exploiting-samsung-galaxy-s4-secure-boot.htmlDevices must be rooted in order to flash custom kernels and recoveries.loki_tool:[patch] option is primarily intended for developers to create customkernels and recoveries. It's designed to take a specific aboot image and anunmodified boot or recovery image, and it generates an output image in a newfile format, ".lok". The resulting .lok image is specifically tailored for thedevice build it was created with, and can be flashed directly to the recoveryor boot partition on the target device.[flash] option can be used to flash a .lok image to an actual device.It will verify that the provided .lok image is safe to flash for a given targetand then perform the flashing if validation is successful. It is also possibleto simply use "dd" to flash a .lok image directly to the boot or recovery partition,but using [flash] option is recommended in order to validate that the .lok matchesthe target device.=============Sample usage=============First, a developer must pull the aboot image from a target device:dan@pc:~$ adb shellshell@android:/ $ sushell@android:/ # dd if=/dev/block/platform/msm_sdcc.1/by-name/aboot of=/data/local/tmp/aboot.imgshell@android:/ # chmod 644 /data/local/tmp/aboot.imgshell@android:/ # exitshell@android:/ $ exitdan@pc:~$ adb pull /data/local/tmp/aboot.img3293 KB/s (2097152 bytes in 0.621s)Next, a .lok image can be prepared using loki_tool [patch]:dan@pc:~$ loki_tool patchUsage: ./loki_tool [patch] [boot|recovery] [aboot.img] [in.img] [out.lok]dan@pc:~$ loki_tool patch recovery aboot.img cwm.img cwm.lok[+] Detected target AT&T build JDQ39.I337UCUAMDB or JDQ39.I337UCUAMDL[+] Output file written to cwm.lokFinally, the .lok image can be flashed using loki_tool [flash]:dan@pc:~$ adb push cwm.lok /data/local/tmpdan@pc:~$ adb push loki_tool /data/local/tmpdan@pc:~$ adb shellshell@android:/ $ sushell@android:/ # chmod 755 /data/local/tmp/loki_toolshell@android:/ # /data/local/tmp/loki_toolUsage: /data/local/tmp/loki_tool [flash] [boot|recovery] [in.lok]shell@android:/ # /data/local/tmp/loki_tool flash recovery /data/local/tmp/cwm.lok[+] Loki validation passed, flashing image.2253+1 records in2253+1 records out9230848 bytes transferred in 0.656 secs (14071414 bytes/sec)[+] Loki flashing complete!