Jump to content

Thor (protocol)

From Wikipedia, the free encyclopedia

Thor [1] is a communication protocol which is mainly used to communicate with the Bootloader of Samsung devices to make it write files into various partitions of the device. It is also possible to list the partitions or to reboot the phone through this protocol.

Beside being implemented in the bootloader of various smartphones and tablets made by Samsung, an implementation is also available in Das U-Boot, a Free software bootloader.

To use the protocol, users typically need to put the phone needs to be in Download mode.

To do this, the device first need to be powered off, and then some key combination need to be pressed during boot, such as Power + Volume Down + Home, Power + Volume Up + Home,[2] or Power + Volume Down + Bixby for later models.[3]

It is also possible to reboot the phone in download mode either through the commandline (for instance with ADB and root access to the phone) or through a menu if the Android distribution has it.

Then users need a computer, software like Odin or Heimdall and an USB cable to interact with the bootloader (and either list partitions, overwrite them or reboot the phone).

Security

[edit]

On Samsung devices that are allow users to unlock the bootloader (to install alternative Android distributions or operating systems) that use the Thor protocol, users typically need to go through some procedure to unlock the bootloader.

Then since the Thor implementation in the bootloader of Samsung devices typically doesn't allow users to download the partition content, they have to overwrite some partitions to install these alternative distributions or operating systems.

But some bootloaders like Samsung's S-Boot 4.0 used on the Galaxy SIII (GT-I9300) have known exploitable bugs in their Thor implementation that let users execute code inside the bootloader. This has for instance been used to repair devices with broken internal storage.[4]

See also

[edit]

References

[edit]
  1. ^ According to u-boot's md/Kconfig the communication protocol is named Thor.
  2. ^ "Info about i9100 | LineageOS Wiki".
  3. ^ Dumitru, Bogdan. "Boot any Samsung Devices into Download Mode". Odin. Retrieved 2021-09-11.
  4. ^ "EMMC hacking, or: How I fixed long-dead Galaxy S3 phones". 10 January 2018.