Related
Hi,
I wish I could post this in the relevant thread in the developer section but I don't have the necessary credentials. Anyway... it is 10:31 pm pst and I have been trying to download the zip for bamf gingerRemix 2.1 but each time I d/l i get a MD5 sum that does not match the one listed in the OP.
Now I am pretty familiar with flashing roms and I am checking the file using Hash Droid on my phone. I have never had this problem before, except for once when I had a corrupt download.
Has anyone else noticed this? Is there something wrong on the server? I Just dont want to brick my phone (obv) so I am going to hold off until I get an answer.
Thank you!
restinbeast said:
Hi,
I wish I could post this in the relevant thread in the developer section but I don't have the necessary credentials. Anyway... it is 10:31 pm pst and I have been trying to download the zip for bamf gingerRemix 2.1 but each time I d/l i get a MD5 sum that does not match the one listed in the OP.
Now I am pretty familiar with flashing roms and I am checking the file using Hash Droid on my phone. I have never had this problem before, except for once when I had a corrupt download.
Has anyone else noticed this? Is there something wrong on the server? I Just dont want to brick my phone (obv) so I am going to hold off until I get an answer.
Thank you!
Click to expand...
Click to collapse
He was having server issues last night and it took me downloading 6 times before my md5s matched.
Sent from my ADR6400L using XDA Premium App
I just posted your issue in the remix 2.1 thread so hopefully the op will see it and figure out what's going on. Good luck...
Sent from my ADR6400L using XDA Premium App
restinbeast said:
Hi,
I wish I could post this in the relevant thread in the developer section but I don't have the necessary credentials. Anyway... it is 10:31 pm pst and I have been trying to download the zip for bamf gingerRemix 2.1 but each time I d/l i get a MD5 sum that does not match the one listed in the OP.
Now I am pretty familiar with flashing roms and I am checking the file using Hash Droid on my phone. I have never had this problem before, except for once when I had a corrupt download.
Has anyone else noticed this? Is there something wrong on the server? I Just dont want to brick my phone (obv) so I am going to hold off until I get an answer.
Thank you!
Click to expand...
Click to collapse
I think this is the correct section to post this question. You get a faster response here plus dev section is used more for releases and dev discussion at most.
How many times have you tried? And have you tried checking the md5 on your computer? And are you changing ANYTHING? Even the name... e.g. file(1).zip instead of file.zip since you've redownloaded it.
Thank you!
The weird thing is though, I am downloading the file on my mac, and in the download progress window it is showing the file size as 287mb which is what the developer says is the right size. When the download finishes, however, the file shows in OS X as being approx 301 mb and the md5 sum doesn't match. Has anyone ever run into this problem?
gqgk said:
I think this is the correct section to post this question. You get a faster response here plus dev section is used more for releases and dev discussion at most.
How many times have you tried? And have you tried checking the md5 on your computer? And are you changing ANYTHING? Even the name... e.g. file(1).zip instead of file.zip since you've redownloaded it.
Click to expand...
Click to collapse
Yes, I never would dream of starting a thread in the Dev section I know that much at least heh, glad I came here.
I have not renamed it and each time I redownload I have been deleting the previous file so the OS doesn't rename with (1). I think I have downloaded it approx 5 times.
Each time I download it, it shows as XXX/287 mb while downloading, but once on my HD it reads as 301 mb under get info and doesn't match MD 5
I have not checked the md5 on my computer, I will try that now.
Okay, I resolved this problem.
I checked the file in terminal on OS X and saw that the MD5 matches correctly.
I then copied it to my SD card and used hash droid again and realized that I AM A TOTAL IDIOT and was checking the md5 of the wrong file. I was checking the "_BAMF-GingerREMIX-v2.1.zip" listed at the top of the SD card rather than the actual file listed further down.
I am so sorry for wasting your time guys, thanks for the help!
[I would've posted this in the Development section. But I'm not 'qualified' to post there due to my low post number -- I'm still a noob on this site]
I've been the proud owner of a TB for almost 2 months now. Been holding off on rooting, mostly out of fear of bricking the thing. I 'rooted' an old WinMO6.5 device about a year and a half ago. But the process for rooting TB is significantly more involved than my last one. However, I'm also frothing at the mouth after seeing all of the various ROMs out there, not to mention being able to be rid of all the crapware.. So...3 quick questions.
1) I've installed SDK on my home PC (Windows XP). But, when I extracted the .zip file, I extracted it to: C:\Program Files\Android\android-sdk. Only after the fact did I see in the instructions that I should have extracted to: C:\AndroidSDK
Does this difference really matter? As long as I drive to the correct directory on my PC when I start to run ADB, will its current location work ok? Or do I need to uninstall/reinstall?
2) There are a couple of places in the root process where you need to stop and verify an output alphanumeric matches what it should be. If the alphanumeric DOES NOT match, can I simply unplug the phone at that point and stop the root process? Or is it a situation where once I've started, I'm committed?
3) Finally, once I'm rooted, does it matter if choose a 2.2 (Froyo) or 2.3 (GB) ROM? My stock phone is running 2.2.
Thanks in advance for any feedback.
[I would've posted this in the Development section. But I'm not 'qualified' to post there due to my low post number -- I'm still a noob on this site]
I've been the proud owner of a TB for almost 2 months now. Been holding off on rooting, mostly out of fear of bricking the thing. I 'rooted' an old WinMO6.5 device about a year and a half ago. But the process for rooting TB is significantly more involved than my last one. However, I'm also frothing at the mouth after seeing all of the various ROMs out there, not to mention being able to be rid of all the crapware.. So...3 quick questions.
1) I've installed SDK on my home PC (Windows XP). But, when I extracted the .zip file, I extracted it to: C:\Program Files\Android\android-sdk. Only after the fact did I see in the instructions that I should have extracted to: C:\AndroidSDK
Does this difference really matter? As long as I drive to the correct directory on my PC when I start to run ADB, will its current location work ok? Or do I need to uninstall/reinstall?
2) There are a couple of places in the root process where you need to stop and verify an output alphanumeric matches what it should be. If the alphanumeric DOES NOT match, can I simply unplug the phone at that point and stop the root process? Or is it a situation where once I've started, I'm committed?
3) Finally, once I'm rooted, does it matter if choose a 2.2 (Froyo) or 2.3 (GB) ROM? My stock phone is running 2.2.
Thanks in advance for any feedback.
Click to expand...
Click to collapse
1. Yes, just run the commands from the dir you installed them.
2. If the md5's don't match then just redownload the file. Personally I have never had an md5 not match, however I do check them. Everytime.
3. Nope, run what you think you will like. The GB roms require the GB radios. You can find everything you need in the roms and kernel list. Its a sticky in the dev section.
I'm running BAMF sense 3.0 rc4. It uses the mr2 radio. Good luck with it and welcome aboard.
sent from my BAMF'n thunderbolt.
idahonld said:
[I would've posted this in the Development section. But I'm not 'qualified' to post there due to my low post number -- I'm still a noob on this site]
I've been the proud owner of a TB for almost 2 months now. Been holding off on rooting, mostly out of fear of bricking the thing. I 'rooted' an old WinMO6.5 device about a year and a half ago. But the process for rooting TB is significantly more involved than my last one. However, I'm also frothing at the mouth after seeing all of the various ROMs out there, not to mention being able to be rid of all the crapware.. So...3 quick questions.
1) I've installed SDK on my home PC (Windows XP). But, when I extracted the .zip file, I extracted it to: C:\Program Files\Android\android-sdk. Only after the fact did I see in the instructions that I should have extracted to: C:\AndroidSDK
Does this difference really matter? As long as I drive to the correct directory on my PC when I start to run ADB, will its current location work ok? Or do I need to uninstall/reinstall?
2) There are a couple of places in the root process where you need to stop and verify an output alphanumeric matches what it should be. If the alphanumeric DOES NOT match, can I simply unplug the phone at that point and stop the root process? Or is it a situation where once I've started, I'm committed?
3) Finally, once I'm rooted, does it matter if choose a 2.2 (Froyo) or 2.3 (GB) ROM? My stock phone is running 2.2.
Thanks in advance for any feedback.
Click to expand...
Click to collapse
In relation to your second question, the alphanumeric matches you're asking about are called an MD5 check sum. It checks a files integrity, like a finger print. As long as the characters match the file is intact and you know it is safe to flash. If the characters don't match then you will download it again and replace the original file you downloaded. Then run the MD 5 check sum again to make sure its all there (characters match). I have never had a MD5 not match, so its uncommon. If you were to flash an incomplete file it most likely would brick your phone.
I would recommend a 2.3 ROM. Part of what makes rooting and nand unlocking (S off) so valuable is the ability to run the latest operating system. I would suggest you try Cyanogen once you're comfortable flashing ROMS.
Thanks for the prompt replies. This helps a lot.
I've got the 3 files downloaded to my PC for the root, and they all are good w.r.t. MD5 checksum. So I think I'm good to go/root.
One more noob question. And I could probably find the answer to this by searching around, but as long as I have your attention...you say that the GB roms require the GB radios. Do most/all of the GB roms already have the GB radios built into them? Or is this something totally separate?
idahonld said:
Thanks for the prompt replies. This helps a lot.
I've got the 3 files downloaded to my PC for the root, and they all are good w.r.t. MD5 checksum. So I think I'm good to go/root.
One more noob question. And I could probably find the answer to this by searching around, but as long as I have your attention...you say that the GB roms require the GB radios. Do most/all of the GB roms already have the GB radios built into them? Or is this something totally separate?
Click to expand...
Click to collapse
radios are separate. For GB, you need MR2 or MR2.5 radios. They are in the dev section as well. Flash the radio before you flash the GB ROM or you will not have any cell signal.
Also be aware that when you start the rooting process, you need to use the USB connections at the back of your computer. ADB only recognizes the main USB ports. Good luck with your rooting!
Sent from my ADR6400L BAMF 3.0 RC4 using XDA App
I had a look at
SPDREM_U_01.6.5.1-73_SPU-11-PASS-10_SIGNEuropeAustraliaEMEA_USASPDRRTGB_HWp2b_Service1FF_fastboot.xml
and being a Android noob I have a couple of question.
1.) Why is there a Windows executable, MotoCast-installer (~72MB) included, in the cdrom_signed file?
2.) Would it not be possible to add mods and root-kit into this firmware, e.g. system_signed, webtop_signed or any of the other xxxx_signed files, create a new MD5 checksum for the changed file to be added to SPDREM_U_01.6.5.1-73_SPU-11-PASS-10_SIGNEuropeAustraliaEMEA_USASPDRRTGB_HWp2b_Service1FF_fastboot.xml?
I have seen that those xxxxx_signed files have a signature and assume that the bootloader will check these.
As I said I am a Android noob, but have a little bit of experience with previous Motorola's phones, especially the Linux based Motomagx OS used on a few models. They worked roughly this way.
I am trying to get my head around how Android phones and OS are working.
Rasputin007 said:
2.) Would it not be possible to add mods and root-kit into this firmware, e.g. system_signed, webtop_signed or any of the other xxxx_signed files, create a new MD5 checksum for the changed file to be added to SPDREM_U_01.6.5.1-73_SPU-11-PASS-10_SIGNEuropeAustraliaEMEA_USASPDRRTGB_HWp2b_Service1FF_fastboot.xml?
Click to expand...
Click to collapse
As far as I know, those checksums are just to verify the integrity of the downloaded files, so that a bad connection or storage device can't brick your phone. I think the signatures themselves are stored in the individual partition images and verified the the bootloader at flashing-time.
The bootloader of the Motomagx phones had a RSA protection, which meant that signed codegroups could not be modified. Bizarre really as Linux based Motomagx was OpenSource and Motorola pointed the finger at the providers for that.
So I assume that a locked bootloader behaves the same way.
Once the RSA protection was cracked, we were able to modify the codegroups/firmware, even though we could leave out the signature, we still had to keep to the same byte size of most codegroups and had to keep one "security code", e.g. "00 01".
I guess this still applies now.
Sent from a mobile phone using Tapatalk
Is there an unlock for the SGS3 yet?
Does the Galaxy_S or the sgs2 unlock code finer work anyone know?
Well.. carriers haven't gotten the device yet so not sure. All the SGS3's that peeps have now come unlocked from Europe.
sent from my Galaxy S III
Coreym said:
Well.. carriers haven't gotten the device yet so not sure. All the SGS3's that peeps have now come unlocked from Europe.
sent from my Galaxy S III
Click to expand...
Click to collapse
+1
Mine was carrier unlocked when I received it (UK on contract with Three via Carphone Warehouse) doesn't even have a CPW CSC.
hmm...yeh...*#7465625# shows all locks off, although I was told when I bought it that it was locked...didn't have another microsim to check. Looks like my handset is like the others mentioned. Happy days...
Hi guys, well my sgs3 is locked and galaxy s unlock and sgs2 unlock respectively from helroz and chainfire dont work.
Im thinking about buying a code... unless someone have some kind of solution ?
Odia was able to unlock my SGS3 succesfully last week. He is still researching stuff using a friends phone this time so he will be releasing a guide on how to do it.
For the moment it has been reported from several users that flashing a custom kernel removes the lock.
Well I don't understand how can this be possible but you are free to try installing omega rom from the dev forum and see if that helps.
m33ts4k0z said:
Odia was able to unlock my SGS3 succesfully last week. He is still researching stuff using a friends phone this time so he will be releasing a guide on how to do it.
For the moment it has been reported from several users that flashing a custom kernel removes the lock.
Well I don't understand how can this be possible but you are free to try installing omega rom from the dev forum and see if that helps.
Click to expand...
Click to collapse
Thanks for the tip but, i've already installed the omega rom and network lock is still ON, and i think Odia did it by editing nv_data.bin.
The thing is, and i think that is why galaxy unlock of helroz doesnt work, is that the offset in the file that determine the network status are not in the same place.
And this is a problem since the app does the unlock by editing that file too.
That is just what i think , and i also dont see why flashing a kernel should remove the lock.
Coreym said:
Well.. carriers haven't gotten the device yet so not sure. All the SGS3's that peeps have now come unlocked from Europe.
sent from my Galaxy S III
Click to expand...
Click to collapse
woo.. galaxy s3 spreading fast.. and i am still with my S2.. hope Xda wont forgot to pull out S2 update..
dw4 said:
Im thinking about buying a code... unless someone have some kind of solution ?
Click to expand...
Click to collapse
For what is worth, I seem to have managed to unlock the phone, but it was not a matter of click & run an application (encrypted hashes)
http://forum.xda-developers.com/showpost.php?p=26917982&postcount=37
I haven't checked with another SIM, just checked network lock [ON] -> [OFF]. At some point while I was playing aroung and trying things I was asked to enter a code, but I didn't know about 0000000, which seems to have worked for some.
the method involved rooting the phone, installing an unbranded firmware and editing /efs/nv_data.bin. In my case, the (encrypted) hashes were stored exactly at the same offset, I don't understand why some people say they are not :?.
* backed up efs
* copied /efs/nv_data.bin to sdcard
* hex edited /efs/nv_data.bin - changed flag 0x01 for network lock to 0x00, copied the 32 byte long encrypted hash from the "off" locks (which were all the same) to the network lock hash, just in case.
* I also reset the MCC/MNC to FFFFFF
* Copied back the /sdcard/nv_data.bin to /efs
* removed the md5 hash (for some reason, the existing md5 did not match the existing file either), but it seems in my case was ok to remove it has been regenerated. Removed the old files
* chmodded /efs/nv_data.bin
* chown radio.radio the file
* rebooted-
It is much better documented elsewhere though - Proceed at your own risk!
---------- Post added at 09:48 AM ---------- Previous post was at 09:41 AM ----------
dw4 said:
And this is a problem since the app does the unlock by editing that file too.
Click to expand...
Click to collapse
As stated above, I managed to, but I did everything manually. At some point I got an unexpected "enter code" dialog that I dismissed (a issue that I solved by installing an unbranded firmware first).
- I found the encrypted hashes at the same location (NET 0x18146e).
- I did *NOT* find PERSO, but I also resetted the MCC/MNC
i also dont see why flashing a kernel should remove the lock.
Click to expand...
Click to collapse
agreed, I fail to see the relationship, but there are so many things I don't know...
Thanks iphdrunk, i'll try this.
Dont know if its a good idea tho since i've got no knowledge whatsoever of hex editing...
Thanks iphdrunk for the explanation! Do you by any chance have the time and mood to write a detailed guide on how to do this progress?
It would be ideal to start a new thread about unlocking and post the guide there. Then Odia may jump in too and help with anything.
Its 100% safe to mess with nv_data.bin because even if you screw up you can always restore a back up of that file and it will start working again.
m33ts4k0z said:
Thanks iphdrunk for the explanation! Do you by any chance have the time and mood to write a detailed guide on how to do this progress?
Click to expand...
Click to collapse
I appreciate the offer and consideration, but I would feel uncomfortable writing such a guide for several reasons: first, it would not be based on my research and findings (I just applied a quite well known method), it is heavily documented elsewhere and, finally, I may not be able to provide the deserved level of support
In any case, the skeleton of the method is here. Read those posts to get a clear overview of the process and then any other comment or disclaimer. Credits given to their respective authors
http://forum.xda-developers.com/showthread.php?t=1064978
http://forum.xda-developers.com/showthread.php?t=761045
What one needs to know is:
- you need a rooted device. Root can be otained either with the unsecure kernel method (cfr. intratech posts) or using recovery. The second one seems to be the most straighforward.
- It is nice to have busybox installed. It allows you to use cp, tar and other unix commands.
- it is mandatory to have a backup of the the /efs folder, which is the mount point of the /dev/block/mmcblk0p3, in ext4. In some guides it is advised to backup the partition at block level, using dd if=/dev/block/mmcblk0p3 of=/sdcard/mmcblk0p3.raw or something. Personally, I found that I could work with regular files. You can use adb shell or a "terminal application" typing su
- You need a backup, specially since this process can mess your IMEI and the nv_data.bin file (!). You may want to read about "Recovering IMEI" which is also related to the /efs folder.
- in that directory there is the famous nv_data.bin file, it is binary, and contains the hashes that are checked to validate unlock codes. There is a bin.md5 file (as a checksum to validate the file integrity) which, for proactical purposes, it will be recreated if missing and, finally, two (hidden) old backup copies. Unlocking is then reduced to either reverse engineering the hashes to find the code (a method which was doable when they where sha1 hashes of a 8 digit password salted with zeros) or, ignoring the hashes simply flip a bit that represents locked to unlocked.
- In recent samsung devices as well as in SGS3, the plain 20-byte long sha1 hashes are now padded and encrypted (I am not sure with which block cypher, aes?), giving you a raw 32 - byte stream that is also stored in the same place. Being able to locate the key to decrypt the encrypted hashes seems to involve patching modem.bin and / or ARM debugging, as per Odia posts.
- This means that, unlike in previous tutorials, reverse engineering the 20-byte hash using CUDA and similar approaches (ighash etc.) will not work: the program will iterate all 8-digit passwords and find that no hash matches the stored one.
- It has also been reported that a branded firmware may interfere with the unlocking process. In my case it did have some effect, although I solved it by installing an unbranded firmware.
- I concluded that, without accessing the key, the way to proceed was to reset the bit that signals that the phone is locked,
- This requires editing the file with an hex editor, looking for the pattern "Ox01, 0x00 etc" as explained above.
- I also copied the encrypted hashes of the "OFF" codes as the encrypted hash of the network lock hash. The reason for this is that the 3 were equal and could be the result of encrypting a very simple password (e.g. 0000000) with the same key.
- At offset 00180069-0018006e, there is a 5-byte stream and a "#" sign, with the carriers MCC / MNC For example 208 01 Orange France. Replace those with 0xFFFFFFFFFF
I am sorry I did not write a full guide, let me restate that the whole process is well documented and you should be able to apply the method if you understand it.
HTH
Well i made some progress, but still it seems that i cant push the edited nv_data file in place.
dw4 said:
Well i made some progress, but still it seems that i cant push the edited nv_data file in place.
Click to expand...
Click to collapse
You dont need to push it. Just copy it to place using root explorer or file explorer.
Sent from my GT-I9300 using XDA
iphdrunk said:
I appreciate the offer and consideration, but I would feel uncomfortable writing such a guide for several reasons: first, it would not be based on my research and findings (I just applied a quite well known method), it is heavily documented elsewhere and, finally, I may not be able to provide the deserved level of support
In any case, the skeleton of the method is here. Read those posts to get a clear overview of the process and then any other comment or disclaimer. Credits given to their respective authors
http://forum.xda-developers.com/showthread.php?t=1064978
http://forum.xda-developers.com/showthread.php?t=761045
What one needs to know is:
- you need a rooted device. Root can be otained either with the unsecure kernel method (cfr. intratech posts) or using recovery. The second one seems to be the most straighforward.
- It is nice to have busybox installed. It allows you to use cp, tar and other unix commands.
- it is mandatory to have a backup of the the /efs folder, which is the mount point of the /dev/block/mmcblk0p3, in ext4. In some guides it is advised to backup the partition at block level, using dd if=/dev/block/mmcblk0p3 of=/sdcard/mmcblk0p3.raw or something. Personally, I found that I could work with regular files. You can use adb shell or a "terminal application" typing su
- You need a backup, specially since this process can mess your IMEI and the nv_data.bin file (!). You may want to read about "Recovering IMEI" which is also related to the /efs folder.
- in that directory there is the famous nv_data.bin file, it is binary, and contains the hashes that are checked to validate unlock codes. There is a bin.md5 file (as a checksum to validate the file integrity) which, for proactical purposes, it will be recreated if missing and, finally, two (hidden) old backup copies. Unlocking is then reduced to either reverse engineering the hashes to find the code (a method which was doable when they where sha1 hashes of a 8 digit password salted with zeros) or, ignoring the hashes simply flip a bit that represents locked to unlocked.
- In recent samsung devices as well as in SGS3, the plain 20-byte long sha1 hashes are now padded and encrypted (I am not sure with which block cypher, aes?), giving you a raw 32 - byte stream that is also stored in the same place. Being able to locate the key to decrypt the encrypted hashes seems to involve patching modem.bin and / or ARM debugging, as per Odia posts.
- This means that, unlike in previous tutorials, reverse engineering the 20-byte hash using CUDA and similar approaches (ighash etc.) will not work: the program will iterate all 8-digit passwords and find that no hash matches the stored one.
- It has also been reported that a branded firmware may interfere with the unlocking process. In my case it did have some effect, although I solved it by installing an unbranded firmware.
- I concluded that, without accessing the key, the way to proceed was to reset the bit that signals that the phone is locked,
- This requires editing the file with an hex editor, looking for the pattern "Ox01, 0x00 etc" as explained above.
- I also copied the encrypted hashes of the "OFF" codes as the encrypted hash of the network lock hash. The reason for this is that the 3 were equal and could be the result of encrypting a very simple password (e.g. 0000000) with the same key.
- At offset 00180069-0018006e, there is a 5-byte stream and a "#" sign, with the carriers MCC / MNC For example 208 01 Orange France. Replace those with 0xFFFFFFFFFF
I am sorry I did not write a full guide, let me restate that the whole process is well documented and you should be able to apply the method if you understand it.
HTH
Click to expand...
Click to collapse
Thanks for the long post anyway . That explains how Odia was so fast
Sent from my GT-I9300 using XDA
I tried the above method, but it seems that the phone alters the nv_data.bin upon reboot.
When i push my edited nv_data.bin to the phone (having removed all backups and the md5 file), reboot the phone, and then pull it back to my computer, here is what I notice:
The network lock byte is back to 0x01, and the MCC/MNC code gets restored somehow. The file also gets altered in a bunch of places (7471 changes if I'm not mistaken).
Code:
cmp -l nv_data.PUSHED nv_data.PULLED | wc -l
7471
Is anyone willing to speculate on what's going on here ?
PS: I haven't flashed a new firmware, but it looks like it's unbranded: (XXLE8/ IMM76D.I9300XXALE8)
Guillaume2x said:
I tried the above method, but it seems that the phone alters the nv_data.bin upon reboot.
Click to expand...
Click to collapse
Just for completeness, set the permissions on the file and chown to radio.radio
Guillaume2x said:
I tried the above method, but it seems that the phone alters the nv_data.bin upon reboot.
When i push my edited nv_data.bin to the phone (having removed all backups and the md5 file), reboot the phone, and then pull it back to my computer, here is what I notice:
The network lock byte is back to 0x01, and the MCC/MNC code gets restored somehow. The file also gets altered in a bunch of places (7471 changes if I'm not mistaken).
Code:
cmp -l nv_data.PUSHED nv_data.PULLED | wc -l
7471
Is anyone willing to speculate on what's going on here ?
PS: I haven't flashed a new firmware, but it looks like it's unbranded: (XXLE8/ IMM76D.I9300XXALE8)
Click to expand...
Click to collapse
I have exactly same problem ... I have omege V4 ROM....
iphdrunk said:
Just for completeness, set the permissions on the file and chown to radio.radio
Click to expand...
Click to collapse
Thanks for your reply. I did, I chowned and chmoded the files right after uploading them, before rebooting the phone. I'm just going to try to flash my phone with another unbranded ROM, just in case my original ROM seems unbranded but actually isn't.
Guillaume2x said:
Thanks for your reply. I did, I chowned and chmoded the files right after uploading them, before rebooting the phone. I'm just going to try to flash my phone with another unbranded ROM, just in case my original ROM seems unbranded but actually isn't.
Click to expand...
Click to collapse
After several checks and discussions, it seems that most users have a problem in the sense that:
- If the md5 file is missing, the nv_data (locked) is restored, deleting the patched one.
- If old backups are deleted, same thing (plus the risk that one may end with the nv_data.bin file with a wrong imei)
- MD5 does not seem to be a simple md5 hash (e.g as in Linux) since the existing md5 bytes one and the result of running the md5 command do not match
- No one has tried the chattr +i nv_data.bin, just to check that the restoration fails.
In my case, I managed to unlock the phone, but I did several things that I cannot easily reproduce. In short, it seems that in my case, the md5 file was somehow regenerated after copying the patched file. In previous posts, I also mentioned that, during one of the tests (without touching the sim card) I was prompted to type the unlock code (and I clicked dismiss). This was also after installing an unbranded phone.
A user via PM suggested checking the nv.log. This is interesting
Code:
Sun Jan 1 00:01:03 2012: MD5 is turned on.
Sun Jan 1 00:01:03 2012: nv_data.bin does not exist.
Sun Jan 1 00:01:03 2012: default NV restored.
Sun Jan 1 00:01:11 2012: Network lock unlock input.
Sun Jan 1 00:01:11 2012: NV data back-up begin.
Sun Jan 1 00:01:11 2012: secondary NV built
Code:
Sun Jan 1 00:05:59 2012: MD5 is turned off on 0
Sun Jan 1 00:00:39 2012: MD5 is turned off on 2
Sun Jan 1 00:09:40 2012: enabling MD5 automatically because it was off temporarily.
Sun Jan 1 00:09:40 2012: NV data back-up begin.
Sun Jan 1 00:09:40 2012: secondary NV built
As suggested there seems to be a way by which md5 check is on or off.
A curious thing is that there seems to be a "date" backward
Code:
Thu May 24 04:12:38 2012: NV data back-uped.
Sun Jan 1 00:00:06 2012: NV data back-up begin.
May to January? -- clock reset?
And finally followed by
Code:
Sun Jan 1 00:02:57 2012: NV data back-uped.
Sun Jun 3 11:46:05 2012: MD5 is turned on
June 3... For some reason, in my case the check was off?
- Can we turn on and off md5 checking?
- If md5 check is off, the nv_data is backed up and the md5 is recreated?
- if md5 check is on, the nv_data md5 is checked and if fail, restored?
Any pointers welcome.... Check your /efs/nv.log file ?
As in another thread, I just complete bricked my TS but with help from cheahcl and Lokifish Marz I come back a alive! With more and more people receiving their TS, I feel the need to summarize what I experienced so others wont need to go through all those sh*t. I didn't create any of the tools/step here... All things belongs to the great DEVs of XDA. I just summarize as my personal experiences for your convenience~
<A little background: I am on the 4th list of 1/8/2100>
First of all: Do a backup immediately after you got your TS!
===========================================================
MTK based system is actually very difficult to become brick (almost impossible) as long as YOU HAVE THE F/W SPECIFIC to your TS! The problem is that it seems OMate made changes between each delivery. For Example, the 4th list of 1/8/2100 is different in of the 3rd or earlier 1/8/2100. At least from F/W's point of view. Thus, any F/W that are posted on XDA is NOT guaranteed to compatible with YOUR TS, unless you are lucky!
Since there is NO official/complete deposit of "stock F/W". Once you modified what in your watch, there is no guarantee you will get same version of F/W and it's very possible that your watch will never return to stock!
Part I --- back up the F/W
============================================================
First of all, please get all necessary tools directly from this post "All Tools" http://forum.xda-developers.com/showthread.php?t=2734687 (Do NOT download or install any other things there!)
*if above link doesn't work, I have a mirror in end of this post.
Follow those steps: (modified from link above)
1. Download "All Tools"
2. Install Universal ADB Drivers (included in All Tools) <--If you already have ADB up and running, it's not necessarily, then.
3. Enable USB Debugging on watch
4. Launch MTKDroid Tools
5. Connect watch to PC
6. Please follow the instruction from here: http://www.chinaphonearena.com/foru...up-MTK6592-MTK6589-MTK6577-and-all-MTK-Phones
a. Skip everything above and just starts from "B) Open ADB prompt to begin communication with the phone" .
b. Don't worry about the recovery thing... TS comes with a recovery which is not locked and you can do everything this article said with only stock recovery. (also no busy box is needed, nor su since TS run everything in root!)
c. You could also refer to the video guide below for details
7. After Step D), you will have a backup of your F/W which 100% compatible with your TS!
Part II --- back up the IMEI and NVRAM
============================================================
Please follow this guide here: http://forum.xda-developers.com/showthread.php?t=2631953 under "IMEI Backup Procedure" before proceed anything dangerous!
Tools:
============================================================
Currently I mirror "All tools" here https://www.dropbox.com/sh/tsa2jottw...uIEpOyyDiYWFva until it's shutdown by Dropbox for too much traffic. (Any one can provide me a better place?)
I also add a FW backup for "4h list 1/8/2100", which ONLY work with this version of TS. It ONLY works if your original build version is "20140513.103530". If NOT, DON'T TRY IT. It will just waist your time! You had been warned!
After you played with your TS, maybe you will come to an end that your TS is no longer turn on! Fear NOT! It's just the fan part of playing with your TS!
Return to Stock Steps (F/W and IMEI, NVRAM)
======================================
1. If your TS still can start in system, then just simply follow the excellent guild prepared by MasterZen88 at http://forum.xda-developers.com/showthread.php?t=2641261
2. The only difference is you must use the F/W you backup yourself DO NOT DOWNLOAD THE F/W list in that page!
3. If your TS no longer powers on, or cannot enter the system, please do:
a. Disconnect your TS from PC
b. Still follow the steps on above link to prepare your PC to install the MTK USB driver, read in the "Scatter file" from your backup
c. The only difference is Step 11. Since your TS won't power on, you need to pull the battery, than re-install the battery than connect to the PC.
d. After you did this, You should see the MTK SP Flash Tool start flashing your TS!
4. After restore system, please follow http://forum.xda-developers.com/showthread.php?t=2631953 "Restoring Your IMEI After A Full Firmware Flash" to restore your IMEI and NVRAM or you will not able to make phone call!
Trouble Shooting (common error message from SP Flash Tool)
=======================================================
1. "S_FT_ENABLE_DRAM_FAIL (4032)"
The F/W you try to flash is NOT compatible with your TS. If the F/W is not backup by yourself, downloaded from XDA or anywhere, there is a 99% chance it won't work on your TS!
Sometimes it also indicate you have a bad connection between TS and PC, maybe a bad cable or cradle...
2. "S_FT_READBACK_FAIL(4009)"
I don't really know what caused this... I experienced twice but I just pull the battery again and it's go like normal
3. "S_COM_PORT_OPEN FAIL(1013)"
a. The MTK USB VCOM driver is not properly installed, or
b. Your connection between PC and TS is not good (bad cable?)
c. Due to previous error, you NEED to pull the battery out of TS and put in the battery than link to PC again! The TS will go offline once any failure during flashing process.
I hope this small guide will save someone from the panic time I had....
How to install Play store and (super)SU?
Installation Play Store
====================================================================
It's really easy... just forget code like *#*#2013.... Doesn't work on newer batch! (I only confirmed this on 4th list of 1/8/2100 developer version)
1. Download Google play here: http://www.xda-developers.com/andro...densities-and-the-rest-of-this-weeks-updates/
2. Make sure on TS you enabled the "Setting/Device/Security/Unknown Sources"
2. transfer the file into the internal SD of TS
3. Use the TS' built in file explorer to locate the apk, than just click the apk to start installation.
4. Profit!
Install (super)SU
====================================================================
Just follow the steps below (I only confirmed this on 4th list of 1/8/2100 developer version) , I saw this somewhere in XDA but forget where... credit to the original poster!
1. Launch MTKDroid Tools (please configure it as the steps in OP)
2. Connect TS to PC
3. Click on "root, backup, recovery" tab
4. Push the SuperSU button then choose which version of SU you want (I use SuperSU)
5. After success installation, go to your TS (TS must have access to internet) and launch SuperSU. SuperSU will prompt to update SU binary
6. Profit!
Great Guide. Following your guide I've backed up all the necessary files to go back to stock for AW-420
:good::good::good::highfive::highfive::highfive:
I have a problem making backups - both the nvram and full system backups fail. I suspect it is not finding an md5 application since files.md5 is zero bytes but the filesystem seems to have been copied OK. (with a fairly clean Win8.1 64 install, just android dev tools installed, this is my gaming machine...)
Code:
--->>> Connect to device <<<---
--- NVRAM Bin Region is write to the file: : C:\omate\tools\All Tools (14-2-8)\1 MtkDroidTools v252\BackupNVRAM\TrueSmart_86xxxxxxxx59988_nvram_140522-194022.bin
--- ERROR during copying file between phone and PC : C:\omate\tools\All Tools (14-2-8)\1 MtkDroidTools v252\BackupNVRAM\TrueSmart_86xxxxxxxx59988_nvram_140522-194022.tar
tshoulihane said:
I have a problem making backups - both the nvram and full system backups fail. I suspect it is not finding an md5 application since files.md5 is zero bytes but the filesystem seems to have been copied OK. (with a fairly clean Win8.1 64 install, just android dev tools installed, this is my gaming machine...)
Code:
--->>> Connect to device <<<---
--- NVRAM Bin Region is write to the file: : C:\omate\tools\All Tools (14-2-8)\1 MtkDroidTools v252\BackupNVRAM\TrueSmart_86xxxxxxxx59988_nvram_140522-194022.bin
--- ERROR during copying file between phone and PC : C:\omate\tools\All Tools (14-2-8)\1 MtkDroidTools v252\BackupNVRAM\TrueSmart_86xxxxxxxx59988_nvram_140522-194022.tar
Click to expand...
Click to collapse
Actually I been to this before... However I don't remember what exactly I did to resolve this....
Basically this tool relie on ADB to get access to this watch. It seems your watch is not communicate correctly via ADB. Maybe reinstall the ADB driver from the All in one tool I linked in OP (even your ADB works)
Sent from my HTC_One_max using XDA Premium HD app
New link to "All Tools"?
Since Loki removed his files, is there another link to "All Tools"? Can't download it at link above.
Thanks!
Sorry about that. Bad part is older firmware and root/patch methods are causing serious issues due to Omate changing the hardware yet again.
Lokifish Marz said:
Sorry about that. Bad part is older firmware and root/patch methods are causing serious issues due to Omate changing the hardware yet again.
Click to expand...
Click to collapse
However, the "All Tools" is still working and a valuable piece for everyone here! Could you please at least keep that?
Without the "All tools" I worry when people run into trouble, there would be even harder for them to go back.... (not only need to get correct FW but also need to get correct tools). There are so many version on the internet which is at best too old as not working, at worst infested by something...
Currently I put this "All tools" here https://www.dropbox.com/sh/tsa2jottw6f1f72/AAAgDEcvmo7uIEpOyyDiYWFva until it's shutdown by Dropbox for big traffic.
I also add a FW backup for "4h list 1/8/2100", which ONLY work with this verion of TS. if anyone need it...
(Dear Lokifish, please PM me if you have concern of my hosting of "All tool".)
FYI:
Just as Lokifish Marz said, looks like omate changed hardware for the 4th EU patch of deliveries.
The latest EU batch from the 4th list has the following firmware:
Baseband: MOLY.WR8.W1315.MD.WG.MP.V4, 2013/08/14 18:16
Kernel: 3.4.5
OUI: 2.1
Build: Omate_TrueSmart_20140513.103530_V2.0
My TS was from the 3rd EU batch which has the following firmware:
Baseband: MOLY.WR8.W1315.MD.WG.MP.V4, 2013/08/14 18:16
Kernel: 3.4.5
OUI: 2.1
Build: Omate_TrueSmart_20140328.182336_V2.0
Out of curiosity, I was already in Unified Rom, I tried to flash "Build: Omate_TrueSmart_20140513.103530_V2.0" for my TS.
I bricked my device! lucky I had made all the relevant backups, and got my TS back to factory ROM that came from the 3rd list batch.
Then Unified it again.
tshoulihane said:
I have a problem making backups - both the nvram and full system backups fail. I suspect it is not finding an md5 application since files.md5 is zero bytes but the filesystem seems to have been copied OK. (with a fairly clean Win8.1 64 install, just android dev tools installed, this is my gaming machine...)
Code:
--->>> Connect to device <<<---
--- NVRAM Bin Region is write to the file: : C:\omate\tools\All Tools (14-2-8)\1 MtkDroidTools v252\BackupNVRAM\TrueSmart_86xxxxxxxx59988_nvram_140522-194022.bin
--- ERROR during copying file between phone and PC : C:\omate\tools\All Tools (14-2-8)\1 MtkDroidTools v252\BackupNVRAM\TrueSmart_86xxxxxxxx59988_nvram_140522-194022.tar
Click to expand...
Click to collapse
Did you run the tool as administrator to make the backups?
Stu| said:
Did you run the tool as administrator to make the backups?
Click to expand...
Click to collapse
Yes, tried that. I'm quite happy with my adb access, managed to root my HTC M8, and get shell access on the TS fine (it now has SU working).
I've installed cygwin (overnight!) in the hope that will provide the missing exe that the tool was seeming to want.
lssong99 said:
(Dear Lokifish, please PM me if you have concern of my hosting of "All tool".)
Click to expand...
Click to collapse
It's all good. I'm fine with it. Seeing that folks are now looking at almost 10 different HW versions to deal with, AllTools is going to become really popular.
lssong99 said:
However, the "All Tools" is still working and a valuable piece for everyone here! Could you please at least keep that?
Click to expand...
Click to collapse
I have also uploaded the zip to gdrive as another mirror. https://drive.google.com/file/d/0B099RU3-XRVgVW5HeEpqUXZPMGs/edit?usp=sharing
Fixed my issue. As per the MTKDroidtools log file:
Code:
23/05/14 11:40:34 --- NVRAM Bin Region is write to the file: : C:\omate\tools\All Tools (14-2-8)\1 MtkDroidTools v252\BackupNVRAM\TrueSmart_86xxxx
xxxx59988_nvram_140523-114031.bin
23/05/14 11:40:34 /system/bin/sh: tar: not found
23/05/14 11:40:34 --- ERROR during copying file between phone and PC : C:\omate\tools\All Tools (14-2-8)\1 MtkDroidTools v252\BackupNVRAM\TrueSmar
t_86xxxxxxxx59988_nvram_140523-114031.tar
the issue was with missing functions running _on_the_watch_ Installed busybox, and good to go. Now, this does leave a problem for anyone wishing to do a backup before making mods.My original backup extracted the system partition (as a dos copy of the filesystem, which must be incomplete for permissions etc) but when done with tar on the device I get proper img files.
I suspect it is possible to manually 'mount -remount,rw /system' then adb push busybox, as it happens I've already installed su so just installed from playstore.
lssong99 said:
1. Download "All Tools"
Click to expand...
Click to collapse
Where is the all tools?
sorry i have find it in GDrive!
xs4all said:
FYI:
Just as Lokifish Marz said, looks like omate changed hardware for the 4th EU patch of deliveries.
The latest EU batch from the 4th list has the following firmware:
Baseband: MOLY.WR8.W1315.MD.WG.MP.V4, 2013/08/14 18:16
Kernel: 3.4.5
OUI: 2.1
Build: Omate_TrueSmart_20140513.103530_V2.0
My TS was from the 3rd EU batch which has the following firmware:
Baseband: MOLY.WR8.W1315.MD.WG.MP.V4, 2013/08/14 18:16
Kernel: 3.4.5
OUI: 2.1
Build: Omate_TrueSmart_20140328.182336_V2.0
Out of curiosity, I was already in Unified Rom, I tried to flash "Build: Omate_TrueSmart_20140513.103530_V2.0" for my TS.
I bricked my device! lucky I had made all the relevant backups, and got my TS back to factory ROM that came from the 3rd list batch.
Then Unified it again.
Click to expand...
Click to collapse
My TS was from the 2nd EU batch and it have the same firmware as yours.
There are two backup folders for TrueSmart in the location of "backups"
I just tried to backup my TrueSmart and everything went quite smoothly until I was meant to prepare blocks for Flash Tool. I could find 2 separate backups for TrueSmart with different time stamps on them. I downloaded the AllTools.zip that was hosted in this thread in Google Drive. Is that someone elses backup or what? I have to just choose the later backup, correct?
EDIT: Went with the latest because the earlier already had !FilesForFlashTool folder in it.
How can I actually use SuperSU? When a root request pops up, there aren't any buttons visible except for ask again. I cannot scroll. How do you do this?
soulcrusher said:
How can I actually use SuperSU? When a root request pops up, there aren't any buttons visible except for ask again. I cannot scroll. How do you do this?
Click to expand...
Click to collapse
That happened to me as well. It turned out that if you change the font size in Settings - Display - Font size to Small it will work just fine and show the buttons. Your welcome.