Bypassing enrollment by modifying local state with some alternatives

[adrenos660]

Is your feature request related to a problem? Please describe.
I noticed spoofing hwid to bypass enrollment has been pached in rollback protection version 4 or 5
so it enrolls regardless of malformed hwid

Describe the solution you'd like
I would like to use a script that runs on oobe that switches out the local state file with a modified one after wifi connects
this skips the enrollment part of oobe because local state dictates the state of
oobe completion

I did not make this but I've used it and it's good and I have some ideas

https://github.com/sledman-puffles/shimboot-skipoobe/blob/main/writeup.md
The WriteUp

Describe alternatives you've considered

Would this work

Any version :
run the following in vt2 (any version)

mount --bind /dev/null /tmp/machine-info
initctl restart ui

136
echo --enterprise-enable-state-determination=never >/tmp/chrome_dev.conf
mount --bind /tmp/chrome_dev.conf /etc/chrome_dev.conf
initctl restart ui

Then setup oobe

Credits to cryptosmite and it's inventor
Credits to sled-sman puffles
Credits to con (Harry jarry 1)

[adrenos660]

@ading2210

[adreno660]

Additional enhancement please add this in the read me.
https://github.com/Cruzy22k/Firmware2/tree/main
Its unkeyrolling with WP off it works only with A (keyrolled) nissa, corsola, or dedede.

For turning WP off without Suzy q and opening your device this is exclusive to TI50 Chromebooks.
To check if your Chromebook has a TI50
open a browser and type chrome://system in the address bar,
then find the tpm_version entry to check for gsc_version: GSC_VERSION_TI50.
Alternatively, run gsctool -a -I in a shell to verify,

the Ti50 gscs are found in 2023+ Chromebooks
To disable WP independently without opening your TI50 Chromebooks
Boot developer mode (enter recovery [esc+refresh+power], ctrl+d, enter, let firmware boot, ctrl+d)
Enter the terminal by pressing ctrl+alt+f2, login as "root". If it asks for a password, try "test0000". If you failed logging in, press Ctrl+c to restart it.
Once you're in the shell, run gsctool -a -o (this opens Closed-Case Debugging [CCD]). It will repeatedly alternate saying to "press PP button" or tell you to wait to press it again. Press the power button when it says to. The process takes ~5 minutes. Eventually it'll go dark when you press it the final time.
Wait for it to reboot, it can take some time so just be patient
Boot demode, enter vt2, and login as root again, then run the following commands
gsctool -a -I AllowUnverifiedRo:always
gsctool -a -w disable
flashrom --wp-disable

[adreno660]

Credits
Cruzy22k :Unkeyrolling script
Mariah carey : guide

[adreno660]

@ading2210

[SkidProxyForker]

If you want this to be added, why not just add the modifications in a personal fork and create a PR?

[abdel3099]

Ohh

If you want this to be added, why not just add the modifications in a personal fork and create a PR?

I'm kinda new to github in general