Thanks to visit codestin.com
Credit goes to github.com

Skip to content

shomykohai/penumbra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

308 Commits
.github
.github
Β 
Β 
core
core
Β 
Β 
docs
docs
Β 
Β 
scripts
scripts
Β 
Β 
tui
tui
Β 
Β 
.gitignore
.gitignore
Β 
Β 
CONTRIBUTING.md
CONTRIBUTING.md
Β 
Β 
Cargo.lock
Cargo.lock
Β 
Β 
Cargo.toml
Cargo.toml
Β 
Β 
Dockerfile
Dockerfile
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
docker_run.sh
docker_run.sh
Β 
Β 
flake.lock
flake.lock
Β 
Β 
flake.nix
flake.nix
Β 
Β 
rustfmt.toml
rustfmt.toml
Β 
Β 

Repository files navigation

Penumbra banner

Penumbra is a Rust crate and tool for interacting with Mediatek devices.
It provides flashing and readback capabilities, as well as bootloader unlocking and relocking on vulnerable devices.

Requirements

  • On Windows, you'll need to install Mediatek Drivers.

Warning

Penumbra on Windows is currently half broken, and only occasionally works by replacing the MediaTek drivers with LibUSB using Zadig.
Please, do not open a new issue in case of problems with Windows, but rather leave a comment on #27. It is strongly suggested to use Linux instead, where Penumbra has been tested more and confirmed to work.

  • On Linux you'll need to install libudev and add your user to the dialout group. In case Penumbra doesn't recognize the device, run with sudo or allow access to the device with udev rules.

Usage

Penumbra can be used both as a crate for interacting directly with a device with your own code, as well as providing a CLI and (preliminary) TUI.

For using the CLI, read the documentation with all commands here

For using the crate, use the device API:

use std::fs::File;

use anyhow::Result;
use env_logger::Builder;
use penumbra::{Device, DeviceBuilder, find_mtk_port};
use tokio::io::{AsyncWriteExt, BufWriter};

#[tokio::main]
async fn main() -> Result<()> {
    env_logger::init();
    let da_path = std::path::Path::new("../DA_penangf.bin");
    let da_data = std::fs::read(da_path).expect("Failed to read DA file");

    println!("Searching for MTK port...");
    let mtk_port = loop {
        if let Some(port) = find_mtk_port().await {
            break port;
        }
    }

    println!("Found MTK port: {}", mtk_port.get_port_name());
    
    let mut device = DeviceBuilder::default()
        .with_mtk_port(mtk_port)
        .with_da_data(da_data)
        .build()?
    
    // Init the device (Handshake and populate dev info)
    dev.init().await?;
    
    let tgt_cfg = dev.dev_info.target_config().await;
    println!("SBC: {}", (tgt_cfg & 0x1) != 0);
    
    // This will enter DA mode. Seccfg unlock only works if the device can load extensions / is vulnerable
    device.set_seccfg_lock_state(LockFlag::Unlock).await

    // Ignore progress for now
    let mut progress = |_read: usize, _total: usize| {};

    let file = File::create("lk_a.bin").await?;
    let mut writer = BufWriter::new(file);

    let mut lk_a_data = device.read_partition("lk_a", &mut progress, &mut writer).await;
    
    writer.flush().await?;
    
    Ok(())
}

Debug logs

Penumbra is still in early development, thus it can break quite easily. If so, you can open an issue attaching debug logs.
To get debug logs, run antumbra with the -v flag. A file called antumbra.log will be created in the current directory. This will also enable UART debug logging. If possible, attach UART logs too.

Note

Penumbra currently supports both V5 (XFlash) and V6 (XML) devices. Issues reporting incompatibility with other chipset will be ignored until broader support is added.

Contributing

For contributing, you'll first need to setup a development environment.

Read on how to setup a dev environment and how to get started here

Current Roadmap

Core:

  • Add UFS support
  • Dynamically determine SEJ base (for more chipsets support)
  • Build DA extensions from source
  • Limit extensions only commands when exts are not added to avoid timeouts
  • Add a way to restore state
  • Clean up duplicated code
  • Add support for BROM mode (and setup DRAM)
  • Add support for DA SLA and preloader auth
  • Add target config to Device Info (SBC, DAA and SLA)
  • Improve support for preloader/brom only connection (for testing purposes with just preloader commands)
  • Improve DA parsing and add DA patching

TUI:

  • Add partition read and write (Add partition list next to the action list)
  • Make code reusable (add components like a custom FileExplorer, selectable list...)
  • Change logo with an animated waning crescent moon with blinking stars around
  • Add a switch on the welcome screen to enable or disable logging (with selection for log level)

Documentation:

  • Document XFlash protocol
  • Improve Carbonara information

Learning Resources

Penumbra has its own documentation, where you can learn more about Mediatek devices and how the Download protocol works.

Other learning resources I suggest are the following

Credits

License

Penumbra is licensed under the GNU Affero General Public License v3 or later (AGPL-3.0-or-later), see LICENSE for details.

Part of the code in Penumbra is adapted from mtkclient. The code adapted from mtkclient is licensed under the GNU Public License v3 or later (GPL-3.0).

As for term 13 of the GPL-3.0 license, the GPL-3.0 components must comply the networking terms of the AGPL-3.0 license when used together.

Logo by @archaeopteryz, all rights reserved. Use is allowed only for referencing "Penumbra" or "Antumbra", unless explicit permission has been granted.

About

🌘 MTK flash tool written in rust

penumbra.itssho.my/

Topics

mtk mediatek firmware-update mtkclient bootloader-unlock mtkv6

Resources

Readme

License

AGPL-3.0 license

Contributing

Contributing
Activity

Stars

192 stars

Watchers

8 watching

Forks

32 forks
Report repository

Releases 2

Penumbra v1.0.0 Latest
Feb 3, 2026
+ 1 release

Contributors 6

Languages