How To Make Your Own PWN Phone

Flashing the Phone

  1. Download and install the command line tools for your OS: https://developer.android.com/studio/index.html#downloads
  2. Download the AOPP ROM for your device:
    https://wiki.pwnieexpress.com/index.php/Official_devices
  3. Download the Recovery image for your device:
    https://twrp.me/Devices
  4. Connect the device to the host machine via USB cable.
  5. Power off the device and boot into the Bootloader:
    Press and hold the Power & Volume-Down buttons
  6. Confirm the device is recognized by the host machine:
    (a device should be listed when the command returns)
  7. $ fastboot devices
  8. Unlock the device:
    $ fastboot oem unlock
  9. Once unlocked, flash the Recovery image:
  10. $ fastboot flash recovery <name-of-recovery-image>.img
  11. Once the Recovery image has been flashed, boot into Recovery from the Bootloader:
    Use the Volume-Down/Up buttons to cycle through the Bootloader options and then the Power button to select
  12. If prompted, swipe “Swipe to Allow Modifications”.
  13. Once in Recovery, wipe the device:
    Tap Wipe > Advanced Wipe > tap: Dalvik/ART cache, System, Cache, Data > swipe “Swipe to Wipe”
  14. Once wiped, do NOT boot into System (You don’t have one; you just wiped it). Tap the Home button to return to the Recovery home screen.
  15. Confirm again the device is recognized by the host machine:
    (a device should be listed when the command returns)
  16. $ adb devices
  17. From the host machine, push the downloaded AOPP ROM zip to the device sdcard:
  18. $ adb push <name-of-rom-zip>.zip /sdcard/
  19. On device, tap Install and then select the AOPP ROM zip from /sdcard.
  20. Swipe “Swipe to Confirm Flash”
  21. Download SuperSU from Chainfire here:
    https://download.chainfire.eu/969/SuperSU/UPDATE-SuperSU-v2.76-20160630161323.zip
  22. Push the SuperSU zip to /sdcard/:
  23. $ adb push <SuperSU-zip-name>.zip /sdcard/
  24. Once installed, tap “Reboot System”

OK Now Let’s Build the Phone

Downloading the Source

  1. Refer to “Downloading and Building Requirements” before proceeding:
    https://source.android.com/source/requirements.html
  2. Refer to “Downloading the Source” before proceeding:
    https://source.android.com/source/downloading.html
  3. Create a directory for the build system to live in and cd into that directory:
  4. $ mkdir <WORKING_DIR>
  5. $ cd <WORKING_DIR>
  6. Initialize a local repository using this source tree, use the command:
  7. $ repo init -u git@github.com:aopp/android_platform.git -b px-0.1
  8. Sync the repository, use:
  9. $ repo sync

Building

  1. Refer to “Building the System” before proceeding:
    https://source.android.com/source/building.html
  2. To initialize the build environment, use the following command:
  3. $ . build/envsetup.sh
  4. Prepare the build environment (download device-tree and dependencies) for your specific device:
  5. $ breakfast <device-codename>
  6. Connect the device running a working AOPP/AOSP ROM to the host machine via USB.
  7. Make sure it is booted into system and confirm the device is recognized by the host machine:
    (a device should be listed when the command returns)
  8. $ adb devices
  9. Enter the device directory:
  10. $ cd <WORKING_DIR>/device/<vendor>/<device-codename>/
  11. Extract the proprietary binaries from your device:
  12. $ ./extract-files.sh
  13. Return to the root of the build system:
  14. $ croot
  15. Start a build run for your device:
  16. $ brunch <device-name>
  17. Once complete, the ROM zip can be found in the out/ directory:
  18. $ cd /out/target/product/<device-codename>
  19. The flashable ROM zip (product of the build run) will be located in the out/ directory as:
    aopp-0.1-<build-date>-UNOFFICIAL-<device-codename>.zip

Flashing

  1. Download the Recovery image for your device:
    https://twrp.me/Devices
  2. Connect the device to the host machine via USB cable.
  3. Power off the device and boot into the Bootloader:
    Press and hold the Power & Volume-Down buttons
  4. Confirm the device is recognized by the host machine:
    (a device should be listed when the command returns)
  5. $ fastboot devices
  6. Unlock the device:
  7. $ fastboot oem unlock
  8. Once unlocked, flash the Recovery image:
  9. $ fastboot flash recovery <name-of-recovery-image>.img
  10. Once the Recovery image has been flashed, boot into Recovery from the Bootloader:
    Use the Volume-Down/Up buttons to cycle through the Bootloader options and then the Power button to select
  11. If prompted, swipe “Swipe to Allow Modifications”.
  12. Once in Recovery, wipe the device:
    Tap Wipe > Advanced Wipe > tap: Dalvik/ART cache, System, Cache, Data > swipe “Swipe to Wipe”
  13. Once wiped, do NOT boot into System (You don’t have one; you just wiped it). Tap the Home button to return to the Recovery home screen.
  14. Confirm again the device is recognized by the host machine:
    (a device should be listed when the command returns)
  15. $ adb devices
  16. From the host machine, push the downloaded AOPP ROM zip to the device sdcard:
    $ adb push <name-of-rom-zip>.zip /sdcard/
  17. On device, tap Install and then select the AOPP ROM zip from /sdcard.
  18. Swipe “Swipe to Confirm Flash”
  19. Once installed, tap “Reboot System”
  20. Hack the Gibson…and remember…hugs are worth more than handshakes

--

--

I don’t care who gets credit. I just want to win.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Matthew J Carter

Matthew J Carter

I don’t care who gets credit. I just want to win.