Android Hardware Reverse Engineering

Forensic Analysis of Exynos S-Boot: Detecting Tampering & Unauthorized Modifications

By Antigravity Research Published May 29, 2026 ⏱️ 7 Min Read
Google AdSense Native Placement - Horizontal Top-Post banner

Introduction to Exynos S-Boot and Secure Boot

The Samsung Exynos System Bootloader (S-Boot) is a critical component in the secure boot chain of Exynos-powered Android devices. It’s the first piece of software executed by the Application Processor (AP) after the Boot Read-Only Memory (iROM) and plays a pivotal role in establishing the device’s Root of Trust. S-Boot initializes essential hardware, sets up the memory map, and is responsible for verifying the integrity and authenticity of subsequent boot stages, including the TrustZone OS (TZOS) and the Android bootloader (ABL).

Understanding S-Boot’s inner workings is paramount for forensic investigators, security researchers, and hardware reverse engineers. Any unauthorized modification or tampering at this foundational level can compromise the entire system’s security, allowing for persistent malware, bypass of security features, or unauthorized device unlocks/rooting that evade traditional detection methods.

Setting Up Your Forensic Environment

Analyzing Exynos S-Boot requires a combination of hardware and software tools. A typical setup involves:

  • Target Device: An Exynos-based Samsung device.
  • JTAG/SWD Debugger: Tools like OpenOCD, Segger J-Link, or a custom JTAG probe for direct hardware access and debugging.
  • Logic Analyzer/Oscilloscope: For monitoring communication on bus lines (e.g., eMMC, SPI, I2C) if direct firmware extraction is not possible.
  • eMMC Reader/Programmer: For physically dumping the eMMC flash memory, which contains S-Boot and other firmware images.
  • Disassembler/Decompiler: IDA Pro or Ghidra are indispensable for static analysis of ARM executables.
  • Hex Editor: For low-level binary inspection (e.g., HxD, 010 Editor).
  • Linux Workstation: For host-side analysis tools, scripting, and firmware unpacking.

Obtaining the S-Boot Firmware

There are generally two primary methods to obtain the S-Boot firmware for analysis:

  1. eMMC Physical Dump: This is the most reliable method. It involves desoldering the eMMC chip from the device’s PCB and reading its contents using an eMMC reader. This provides a raw, bit-for-bit copy of the entire flash memory.
  2. Firmware Package Extraction: Samsung releases official firmware packages (often in .tar.md5 format). Tools like `sammobile_extractor` or custom scripts can unpack these to reveal individual boot components, including S-Boot. Note that these may be encrypted or obfuscated, and may not contain the exact build running on a specific device if it’s been updated.
# Example: Unpacking a Samsung firmware package (hypothetical, tools vary)ls -F SM-G998B_1_20240101123456_R0.tar.md5tar -xvf SM-G998B_1_20240101123456_R0.tar.md5# Look for files like 'SBOOT_xxxx.bin', 'AP_xxxx.tar.md5', 'BL_xxxx.tar.md5'# S-Boot is often within the 'BL' (BootLoader) component.tar -xvf BL_SM-G998B.tar.md5# This might reveal `sboot.bin` or similarly named files.

Identifying S-Boot and Entry Points

Once you have the raw eMMC dump or extracted S-Boot binary, load it into your disassembler. S-Boot for Exynos SoCs typically starts executing in ARMv7-A or ARMv8-A architecture. Key indicators for identifying S-Boot sections include:

  • Entry Point: The reset vector or the initial instruction sequence typically found at the beginning of the S-Boot image. This often involves setting up the stack, initializing CPU registers, and transitioning to a higher execution privilege level (e.g., EL3 for ARMv8).
  • Magic Numbers/Headers: Many bootloader images contain specific magic numbers or headers that indicate their type and version. These are often at fixed offsets.
  • Known Functions: Look for calls to common hardware initialization routines, cryptographic functions (SHA256, RSA), or TrustZone-specific System Calls (SMC instructions).

Forensic Examination for Tampering

1. Integrity Check Mechanisms

S-Boot heavily relies on cryptographic signatures to verify the integrity of subsequent boot stages. Tampering often involves bypassing or modifying these checks.

  • Digital Signature Verification: S-Boot verifies the digital signature of the next bootloader (e.g., TZOS or ABL) using public keys stored within S-Boot or iROM. A tampered S-Boot might skip this verification or use a different, compromised public key.
  • Hash Verification: Before signature verification, a hash (e.g., SHA256) of the next stage is computed and compared against a stored hash or a hash signed by the manufacturer. Look for:

    // Pseudocode for a typical verification flowuint8_t* next_stage_image = get_next_boot_image();uint8_t expected_hash[32];uint8_t computed_hash[32];RSA_signature_t signature_from_image = get_signature_from_image();PublicKey_t sboot_pubkey = get_sboot_public_key();if (!RSA_verify_signature(signature_from_image, sboot_pubkey, next_stage_image)) {    // Signature verification failed - potential tampering!    panic();}SHA256(next_stage_image, computed_hash);get_expected_hash(expected_hash); // From a trusted source or signatureif (memcmp(computed_hash, expected_hash, 32) != 0) {    // Hash mismatch - image data has been altered!    panic();}
  • Anti-Rollback Counters: Modern S-Boot implementations include anti-rollback mechanisms, often using fuses or dedicated secure storage. If an attacker tries to flash an older, vulnerable S-Boot, this counter prevents it from booting. Examine the S-Boot code for reads/writes to secure fuses or registers related to version numbers. A modified S-Boot might attempt to spoof or disable these checks.

2. Code Modification Analysis

Attackers often inject malicious code or alter existing routines. Focus on areas where critical decisions are made or security checks performed.

  • Jump Hooks: Look for unconditional jumps (B, BL in ARM) or altered function pointers that redirect execution to injected code. Compare the control flow graph of the suspect S-Boot with a known-good binary.
  • Patched Instructions: Direct modification of instructions to skip checks (e.g., changing a BNE to a BEQ, or replacing a CMP instruction result). Binary diffing tools can highlight these discrepancies.
  • Debug Feature Re-enablement: S-Boot typically disables JTAG/SWD access, puts the device into a restricted mode, or clears debug registers. A tampered S-Boot might re-enable these features, allowing an attacker persistent hardware debug access. Look for writes to debug control registers.
  • Memory Protection Changes: S-Boot sets up Memory Management Unit (MMU) and TrustZone Address Space Controller (TZASC) configurations. Malicious modifications could relax memory protections, allowing insecure access to secure memory regions. Analyze calls to MMU/TZASC configuration functions.

3. TrustZone and Secure World Context

Exynos S-Boot is integral to initializing the TrustZone environment. Tampering here can have profound consequences.

  • Monitor Mode Entry: S-Boot transitions the CPU into Monitor Mode (EL3 in ARMv8) to establish the Secure World. Modifications here could alter how the Secure Monitor Call (SMC) handler functions or redirect SMCs to attacker-controlled code.
  • TZOS Loading & Verification: S-Boot loads and verifies the TrustZone OS (TZOS or Secure OS). If the TZOS is tampered with, or S-Boot is modified to load an unverified TZOS, the entire secure environment is compromised.
  • Secure Storage Access: S-Boot handles initialization of secure storage (e.g., eFuses, Hardware Security Module). Investigate any unusual accesses or modifications to these areas.

Tools and Techniques for Deeper Dive

  1. Binary Diffing: Use tools like IDA Pro’s bindiff plugin or Ghidra’s built-in diffing capabilities to compare the suspect S-Boot binary against a known-good, unmodified S-Boot. This can quickly highlight patched bytes and altered code paths.
  2. Emulation: QEMU with ARM support can sometimes be used to emulate parts of S-Boot for dynamic analysis, though full hardware emulation is challenging due to peripheral dependencies.
  3. Symbol Extraction: If debugging symbols are inadvertently left in the firmware, they can provide invaluable clues about function names and data structures.
  4. Entropy Analysis: High entropy regions might indicate compressed, encrypted, or obfuscated code, which attackers sometimes use to hide malicious payloads.

Conclusion

Forensic analysis of Exynos S-Boot is a complex but crucial task for maintaining the security and integrity of Android devices. By meticulously examining cryptographic verification routines, control flow, memory configurations, and comparing suspect binaries against known-good images, investigators can uncover sophisticated tampering attempts. The ability to detect these low-level modifications is essential in an era where advanced persistent threats increasingly target the boot chain, aiming for an undetectable foothold on the device.

Android Mobile Specs & Compare Directory

Are you researching mobile hardware properties, processor SoCs, GPU chipsets, or RAM configurations? Access our complete specs catalog to compare up to 5 devices side-by-side!

Compare Devices Specs →
Google AdSense Inline Placement - Content Footer banner
Tags: #Android Security #Exynos #Forensics #Hardware Reverse Engineering #S-Boot

Related Technical Guides

Reverse Engineering Android PMICs: Uncovering Registers for Targeted Fault Injection Attacks

May 29, 2026

Deep Dive into Exynos S-Boot Security: Analyzing Secure Boot Chains & TrustZone Handshake

May 29, 2026

Bypass MediaTek BROM Authentication: Custom Tooling & Scripting for Advanced Access

May 29, 2026