├── .gitignore
├── .gitmodules
├── Makefile
├── device.c
└── mt6765_config.json5


/.gitignore:
--------------------------------------------------------------------------------
1 | build
2 | 


--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "common"]
2 | 	path = common
3 | 	url = https://github.com/MTK-bypass/exploit_common
4 | 


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | PAYLOAD_CPU = mt6765
2 | include common/common.mk
3 | 


--------------------------------------------------------------------------------
/device.c:
--------------------------------------------------------------------------------
 1 | #include "common/device.h"
 2 | 
 3 | void (*send_usb_response)(int, int, int) = (void*)0x2D2B;
 4 | 
 5 | int (*usbdl_put_dword)() = (void*)0xBCD3;
 6 | int (*usbdl_put_data)() = (void*)0xBDA3;
 7 | int (*usbdl_get_data)() = (void*)0xBD15;
 8 | 
 9 | volatile uint32_t *uart_reg0 = (volatile uint32_t*)0x11002014;
10 | volatile uint32_t *uart_reg1 = (volatile uint32_t*)0x11002000;
11 | 
12 | volatile char *sla_passed = (volatile char *)0x102860;
13 | volatile uint32_t *skip_auth_1 = (volatile uint32_t *)0x102A8C;
14 | volatile uint32_t *skip_auth_2 = (volatile uint32_t *)0x102A94;
15 | 
16 | 


--------------------------------------------------------------------------------
/mt6765_config.json5:
--------------------------------------------------------------------------------
1 | {
2 |     "0x766": { // mt6765
3 |         "var_0": 0x2C,
4 |         "var_1": 0x25,
5 |         "payload": "mt6765_payload.bin"
6 |     }
7 | }
8 | 


--------------------------------------------------------------------------------