Hi All,
I have Dell streak with EVT1 hardware. I flash all possible recovery images, but it isn't work. Black screen every time when I launch recovery mode. May be somebody know how to update this hardware?
Phone is working on 1.6 (performance is very poor)
P.S. Sorry for bad English.
Please help!!!
What is the currently installed rom exactly?
NikolayTLM said:
Hi All,
I have Dell streak with EVT1 hardware. I flash all possible recovery images, but it isn't work. Black screen every time when I launch recovery mode. May be somebody know how to update this hardware?
Phone is working on 1.6 (performance is very poor)
P.S. Sorry for bad English.
Click to expand...
Click to collapse
If you have a black screen at recovery with no Dell logo, you probably are going to need to restore your device using the QDLTool3rd.
Typically, this happens when flashing an "update" file mismatched with your recovery. I did this myself recently, and the only way I was able to get back was to use the QDL tool then re-flash my stock ROM.
It literally saved my phone.
EVT=evaluation/testing?
Without knowing the differences in hardware and possibly software you can't assume that solutions that work on production Streaks will work on his phone.
marvin02 said:
EVT=evaluation/testing?
Without knowing the differences in hardware and possibly software you can't assume that solutions that work on production Streaks will work on his phone.
Click to expand...
Click to collapse
EVT=evaluation/testing - Yes
i think that difference between EVT3 (product hardware) and EVT1 - smallest RAM size (145Mb is available)
in on board EVT1:
- QSD8X50 Processor (as per "Android System Info") with 998.4Mhz max frequency.
- Total RAM: 145Mb
I tried flash device via QDLTool3rd - unsuccessful. Maybe i used newest recovery images instead old? Black screen every time when i try to boot it in recovery mode. What additional info about EVT1 is needed and which application can provide this information?
BR. Nikolay.
TheManii said:
What is the currently installed rom exactly?
Click to expand...
Click to collapse
Sorry, but i don't know the currently installed rom.
Info in 'About device' menu:
- Firmware version: 1.6
- Baseband version: GAUSB1A1008151
- Kernel version: 2.6.29-perf
- OEM version: RerforceVerify_1012
- Build number: 1012
You definitely have an enginnering beta streak, from what've seen from attempting to get people to dump their roms off it, trying to update it will prob brick it.
It's only valuable if you can get the rom off it, but otherwise you likely wont be able to use it as a normal streak
TheManii said:
You definitely have an enginnering beta streak, from what've seen from attempting to get people to dump their roms off it, trying to update it will prob brick it.
It's only valuable if you can get the rom off it, but otherwise you likely wont be able to use it as a normal streak
Click to expand...
Click to collapse
Thanks, i think about that. I am use it as normal cell phone right now. But it is not easy, because it will reboot at any time as they wish. I like this phone and it isn't trouble to update RAM (on this device to appropriate size). I just want to know - device is 'upgradeable' to 2.2 or not?
I'l talking with people, which know about this device. And they said me - that this device can be ungraded, but build should be compiled in appropriate kitchen! Maybe somebody have appropriate build rom for this HW type/ or maybe somebody upgrade EVT1 HW?
how much did that specific streak cost you exactly?
You're much better off getting a normal retail streak unless you dont mind the hassle of making everything work on that submodel.
Clearly stock kernels and roms have trouble with that submodel, are you willing to investigate why? and are you willing to be forced to resort to making custom versions of roms just for your specific streak?
I am interested in getting the rom off that, but besides that unless you got it for free/next to nothing it's prob not worth the hassle compared to a retail streak, there's far too few owners of working prototype streaks left for premade roms to work on them
TheManii said:
how much did that specific streak cost you exactly?
You're much better off getting a normal retail streak unless you dont mind the hassle of making everything work on that submodel.
Clearly stock kernels and roms have trouble with that submodel, are you willing to investigate why? and are you willing to be forced to resort to making custom versions of roms just for your specific streak?
I am interested in getting the rom off that, but besides that unless you got it for free/next to nothing it's prob not worth the hassle compared to a retail streak, there's far too few owners of working prototype streaks left for premade roms to work on them
Click to expand...
Click to collapse
Yes, I got them for free. But this is a not major point for me. I would like to understand 'How it works'.... And I request help on this forum. I'm from Russia, Dell Streak mini 5 isn't selling in my country, So I would like to do 'candy' from it (not for sale, for me only). I thinking about purchasing Dell streak mini 5 with broken LCD, to change mainboard between my and broken device. But I'm not sure about compatibility this hardware (and I not have money to buy it........)
P.S. Sorry for bad English again.
I would assume the lcds would be compatable, but this is just an educated guess,
It sounds like a good idea to switch the motherboards if you want a real working streak
as you're not going to be using the original motherboard, could i ask you to make a dump of the system and boot partitions?
we should continue on #dellstreak on irc.freenode if you dont mind, prototype roms and devices are extremely rare and working ones with pre-release roms are even rarer. There's only a handful still in existance now
TheManii said:
I would assume the lcds would be compatable, but this is just an educated guess,
It sounds like a good idea to switch the motherboards if you want a real working streak
as you're not going to be using the original motherboard, could i ask you to make a dump of the system and boot partitions?
we should continue on #dellstreak on irc.freenode if you dont mind, prototype roms and devices are extremely rare and working ones with pre-release roms are even rarer. There's only a handful still in existance now
Click to expand...
Click to collapse
Please write instructions / 'how to' make a dump of the system and boot partitions
Do you know how to use ADB?
you will need to root your phone also before beginning
TheManii said:
Do you know how to use ADB?
you will need to root your phone also before beginning
Click to expand...
Click to collapse
My dell is rooted. I used ADB shell in my practice but a long time ago. So it would be perfect if you provide ADB commands...
Do you still have the original recovery installed?
first do a
Code:
cat /proc/mtd
and figure out which is boot / recovery / system
then do a
Code:
dd if=/dev/mtd/mtdx of=/sdcard/recovery.img bs=4096
dd if=/dev/mtd/mtdy of=/sdcard/boot.img bs=4096
where X and Y are the matching values from the first command
finally do a
Code:
cat /system /sdcard/system
then you'll have boot.img recovery.img (if you still have it) and a folder named system
send those 3 to me
TheManii said:
Do you still have the original recovery installed?
first do a
Code:
cat /proc/mtd
and figure out which is boot / recovery / system
then do a
Code:
dd if=/dev/mtd/mtdx of=/sdcard/recovery.img bs=4096
dd if=/dev/mtd/mtdy of=/sdcard/boot.img bs=4096
where X and Y are the matching values from the first command
finally do a
Code:
cat /system /sdcard/system
then you'll have boot.img recovery.img (if you still have it) and a folder named system
send those 3 to me
Click to expand...
Click to collapse
I used these commands in dell terminal app:
Code:
su
cat /proc/mtd
dd if=/dev/mtd/mtd1 of=/sdcard/recovery.img bs=4096
dd if=/dev/mtd/mtd2 of=/sdcard/recovery_bak.img bs=4096
dd if=/dev/mtd/mtd0 of=/sdcard/boot.img bs=4096
dd if=/dev/mtd/mtd3 of=/sdcard/system.img bs=4096
After that operations 4 files added to sdcard (recovery.img, recovery_bak.img, boot.img, system.img)
Incorrect length message was displayed after cat /system /sdcard/system command.
All files were added to archive (WinRAR used) and uploaded to fileserver
You have to use
cat /system /sdcard/system
as DD will not work on the system partition
TheManii said:
You have to use
cat /system /sdcard/system
as DD will not work on the system partition
Click to expand...
Click to collapse
following text message is displayed when i try cat /system /sdcard/system command.
Code:
/system: invalid length
/sdcard/system: invalid length
my *nix is really weak,
try
Code:
cp -r /system/* /sdcard/temp
but you might need to manually make /sdcard/temp first or it might get confused
it will complain about symlinks but that's ok
Related
Introduction:
These are stock rom images of the various venue roms. Unlike the streak, the majority of roms on the venue have never been released as update.pkgs. Without update.pkgs it is not possible to fully restore a venue after bricking it.
The only exception is for korean users, so far 319 (which is a korean rom) is the only update available. Update.pkgs update everything: baseband and all the various firmwares.
These zips only contain the /system folder, the kernel, and the recovery image. It does not update any of the firmwares. If your baseband and your rom version do not match, you will get the 'blinking leds' issue. Which means the soft button leds will blink semi-constantly. The only way to fix this is by using a matching rom.
What this ultimately means is that anyone that updated to 319 cannot migrate away from it until another rom update is released, whenever that is.
These images/zips will allow you to unbrick your device if it was caused by modifying /system. If it was caused by someone not related it will not fix them.
Click to expand...
Click to collapse
WARNING:
Do not use if your device already works
Only install the one matching your baseband:
Look at Dell Venue - XDA wiki to find your matching version
Back up your data before attempting if possible
If you do not know how to use the command line, find a tutorial on google
Click to expand...
Click to collapse
Install Instructions:
(This assumes you already know how to use the command prompt on your PC)
Download Fastboot+ADB.zip and install it
Download the version matching your baseband:
101:
Dump not available
302:
stock-V302.zip [Cleaned dump]
303:
Dump not available
304:
stock-V304.zip [Cleaned dump]
307:
stock-V307.zip [Good dump]
319:
Not required - pkg is available
321:
stock-V321.zip [Good dump]
323:
Not required - pkg is available
324:
Dump not available
325:
Not required - pkg is available
Flash them with fastboot
fastboot flash boot <path to boot.img>
fastboot flash recovery <path to recovery.img>
fastboot flash system <path to system.img>
Factory reset your device
Click to expand...
Click to collapse
IF YOU BRICK AN ALREADY WORKING VENUE BECAUSE YOU WERE CURIOUS, IT IS YOUR OWN FAULT. DO NOT USE ON A WORKING DEVICE UNLESS YOU ALREADY KNOW HOW TO UNBRICK IT
Notes:
I am still missing dumps for:
101
303
324
Verified clean dumps of:
302
304
Do not link to the untested images, they will be repackaged as they are tested and the links will become invalid
stock zips are tested images, they are safe to link to
stock zips are packaged as nandroid updates. They will work fine with fastboot or nandroid (ignoring the fact a custom recovery is not yet available)
Click to expand...
Click to collapse
2char
I volunteered
bump, still looking for more testers
I'll give it a shot.
Would love to help, but I am a newb. And I have no programming type skills. I wish you guys luck. Would love to do some overclocking, and custom roms.... I miss my nexus s.
Just got my venue from Dell service center. I erased my system partition while I was experimenting with it.... and Dell guys fixed it by re-flashing it..... Plz upload your Rom, ill try it if something goes wrong ill go the service center.....
Sent from my Dell Venue using XDA App
This worked for me just now. I had bricked my venue by accidentally factory resetting, with the dell stage apk removed. I spent hours just trying to get the right person @ dell, long story. When it rebooted after a factory reset, I could unlock the phone, but the ui would not load. By trying to fix it throughout the day, I made it worse where it would only loop on the dell logo. I just figured out how to follow the instructions, posted above, and it booted back up with the stage ui MANY THANKS..
What baseband version do you have?
Under Baseband version it states:
GTOUB1A130730-US
Check Development Page, I Have Uploaded The Stock Dell Venue ROM Dumps.
Sent from my Dell Venue using XDA App
Added 304 now,
only missing 101/302/303/325 now
May be a stupid question, but can these stock images not be augmented to create a custom rom?
They can, but the lack of a custom recovery is a major obsticle to making custom roms. Though actually porting a custom recovery seems to be trivial in comparison to kernel mods.
To make a custom rom on the venue you just have to unpack, modify, and repack it. You cant do 'patches' as you need a custom recovery for update zips. Every mod would require downloading the entire rom or manually pushing the pieces with adb
I am guessing that you would need a good understanding of programming to modify these images? What is needed to unpack? Would like to look around and see if its something I can figure out.
If you're on windows just look for unyaffs.exe, I assume there's a similar util for *nix/osx.
To repack them I dont have a pc util to do it. I just flash it on my streak then make a nandroid. As I dont do this that often really I havnt bothered looking up for a tool to do this. I do believe there's a bundled tool to do this in linux (build a filesystem into an image).
Please step by step, how to repair Dell venue stop at Logo
TheManii said:
To make a custom rom on the venue you just have to unpack, modify, and repack it. You cant do 'patches' as you need a custom recovery for update zips. Every mod would require downloading the entire rom or manually pushing the pieces with adb
Click to expand...
Click to collapse
I have a new unlocked build number 13505 device that is defying all my efforts to root it. Can this method be used to force root access?
edit
Actually it finally rooted using SuperOneClickv1.5.4-ShortFuse, 4 hours yesterday and failure, first try today after posting and it worked.
TheManii said:
WARNING:
Do not use this if your venue already works. The images will overwrite what's already installed. As these are untested (but work on my streak) I have absolutely no idea if they work.
Even if they do work, they will ONLY work on devices that would boot otherwise because of /system being damaged.
If you broke it somewhere unrelated to /system this wont fix it.
Install Instructions:
(This assumes you already know how to use the command prompt on your PC)
Download Fastboot+ADB.zip and install it
Download the version matching your baseband:
304:
boot.img
recovery.img
system.img
307:
boot.img
recovery.img
system.img
321:
boot.img
recovery.img
system.img
flash them with fastboot
fastboot flash boot <path to boot.img>
fastboot flash recovery <path to recovery.img>
fastboot flash system <path to system.img>
factory reset your device
Please look at Dell Venue - XDA wiki to see what rom you have/should have
IF YOU BRICK AN ALREADY WORKING VENUE BECAUSE YOU WERE CURIOUS, IT IS YOUR OWN FAULT. DO NOT USE ON A WORKING DEVICE UNLESS YOU ALREADY KNOW HOW TO UNBRICK IT
Notes: I do not have images for 101/302/303/325. If you have any of these builds and are willing to help attempt to dump them please contact me on #dellstreak on freenode. 307 and 321 have been safely dumped from venues without harming them in any way.
Note2: The download links will change if these are confirmed to work, please do not link to them directly for the time being, please link to this thread/OP
Click to expand...
Click to collapse
Dell Venue Hongkong
Basebannd vesion: GTOUB1A130211-AWS
Kernel vesion: 2.6.32.9-pert
OEM Version: GTOUB1A130211
Build number: 12837
boot.img + recovery.img + recovery_bak.img
system.img
Thanks!
Do you recall if you've modified the rom before uploading it? I'm assuming there was a large streach of time from when you got it to when you made a dump
Edit: after going though it, there are a couple of changes, but I believe i was able to revert it to near original
Cleaned and repacked 302 now. As 307 was reported to be working, I packaged it up as a nandroid zip and moved to it's normal location on the server.
I have a Nabi 2 tablet that I've rooted, installed TWRP, and flash the gapps and a few other tweaks to. It's about to go in for an RMA since the USB and charging ports are both broken. The problem in the USB port is that one of the pins got bent - I don't know how, it looks like the conductor somehow got peeled back off of the plastic. The point is, I have no USB access to the device.
In order to pass the inspection for the RMA, I need to have it stock I can flash the stock ROM by putting it on the SDCard in my laptop then transferring that to the device and flashing it through TWRP. The question I have, though, is whether I can flash the stock recovery with ADB access to it. Every thread I've been able to uncover so far about flashing a recovery requires ADB access to issue the "adb fastboot flash" command. Is there another way to do this?
If the ROM your going to return it with (stock) has the flash image binary then you can use a terminal emulator but I doubt this will work as most often stock ROMs don't. But maybe worth a shot
Otherwise depending on how the tablet and recovery are set up possibly flash the stock recovery through twrp
Would need to know a lot more about your tablet to say for sure how to do it
Sent from my Nexus 4 using Tapatalk 2
Yes. Sometimes I have seen recovery-from-boot.p and install-recovery.sh restore it on first boot after you have restored stock ROM.
If not...
Copy a stock recovery.img to your external SDcard
After restoring your Nabi ROM.
Use TWRP "mount" tab and make sure external_sdcard is checked
Use TWRP "Terminal Command"
dd if=/external_sdcard/recovery.img of=/dev/block/platform/sdhci-tegra.3/by-name/SOS
I forget when TWRP add terminal command, if you have an older version you'll have to update it first.(same idea as flashing stock, just get the 2.6.0.0 TWRP image and put on external SD) There are some other methods but I think this is easiest without a functioning USB
aicjofs, thanks!
It could just be my current sleep-deprived state, but this line confused me:
aicjofs said:
Yes. Sometimes I have seen recovery-from-boot.p and install-recovery.sh restore it on first boot after you have restored stock ROM.
Click to expand...
Click to collapse
The way my brain interpreted it says that once the stock ROM is restored, it will automatically restore the recovery on first boot.
I have some part of my brain screaming "NO!" though, so I'm not sure what you were trying to say there. Care to enlighten me?
oh, and I've got TWRP 2.2.2.1, and it does have a terminal emulator, but it's clunky at best.
Dan in SA said:
aicjofs, thanks!
It could just be my current sleep-deprived state, but this line confused me:
The way my brain interpreted it says that once the stock ROM is restored, it will automatically restore the recovery on first boot.
I have some part of my brain screaming "NO!" though, so I'm not sure what you were trying to say there. Care to enlighten me?
Click to expand...
Click to collapse
Yes some have claimed it returned them to stock recovery. That file is only like 300kb though so it can't be the full image as the kernel alone is 4MB+. Maybe it's just the ramdisk, but its too large for that. I can't imagine it works but that's what people have claimed, probably shouldn't have said I have seen because I haven't personally seen it, just heard. I would do the method I talked about and dd the image from TWRP.
All can be recovered without USB port as long as you can boot either Android or TWRP just don't lose both at same time
Ok, thanks I'll try and get it charged tonight, and flash the stock ROM tomorrow and see what happens.
One more quick question - I don't have a recovery.img file. I have recovery.emmc.win and mmcblk0p1.img - they're both 8,192kb. I'm assuming I would either rename the first to recovery.img, or use the second and dd it into /dev/block/platform/sdhci-tegra.3/mmcblk0p1
Am I on the right track?
Dan in SA said:
Ok, thanks I'll try and get it charged tonight, and flash the stock ROM tomorrow and see what happens.
One more quick question - I don't have a recovery.img file. I have recovery.emmc.win and mmcblk0p1.img - they're both 8,192kb. I'm assuming I would either rename the first to recovery.img, or use the second and dd it into /dev/block/platform/sdhci-tegra.3/mmcblk0p1
Am I on the right track?
Click to expand...
Click to collapse
Yes on the first but No on second. The way you have it won't work but you are close. for dd the "if" = input file, and the "of" = output file. Both are your input file. recovery.emmc.win = mmcblk0p1.img and an image of recovery partition basically a different name for the same thing.(the same as boot.emmc.win = mmcblk0p2.img an image of boot partition) In this case the input is either of those 2 files, and the output is the recovery partition.
So you could use any of the following it's just changing the name of the input
dd if=/external_sdcard/recovery.img of=/dev/block/platform/sdhci-tegra.3/by-name/SOS (if you renamed one of the two files to recovery.img)
dd if=/external_sdcard/recovery.emmc.win of=/dev/block/platform/sdhci-tegra.3/by-name/SOS
dd if=/external_sdcard/mmcblk0p1.img of=/dev/block/platform/sdhci-tegra.3/by-name/SOS
Just use the above...but to confuse you more you could be using mmcblk naming convention in the output file as you stated. Tegra renames the mmcblk block format, think of it as a symlink so you can call a single location 2 different names.
so /dev/block/platform/sdhci-tegra.3/by-name/SOS is the same as /dev/block/mmcblk0p1 and is the recovery partition itself
another example /dev/block/platform/sdhci-tegra.3/by-name/LNX is the same as /dev/block/mmcblk0p2 and is the boot partition
knowing that you could take the first example from above
dd if=/external_sdcard/recovery.img of=/dev/block/platform/sdhci-tegra.3/by-name/SOS
and write it as
dd if=/external_sdcard/recovery.img of=/dev/block/mmcblk0p1
and accomplish the same thing, so you were close just no "/platform/sdhci-tegra.3" Hopefully I didn't come across as offensive as I imagine you already know some of the above
I knew that (DUH! :cyclops: ) I told ya I was sleep deprived.
I'm going to flash it this afternoon and see what falls out.
Thanks bunches!
Ok, first step finally done.
Got the JmzNabi2Stock_OLD.zip loaded. Got the dreaded "turning wifi on" error, but skipped that step to move on. Currently waiting for "Please wait while your nabi device is being initialized. This might take a few minutes."
It has been at least 5 minutes, but to be honest this is going faster than the FC17 to FC19 upgrade I have going on on the system next to it. It's had a blank screen with the disk spinning since I started this about 30 minutes ago.
WooHoo! as I was typing that last para, the setup screen showed up. I'll go through som rudimentary things just to check and make sure this image isn't rooted, then I'll try to reload the stock recovery.
edit: crap, this wasn't the "stock" image. Now I need to head off and try to find that......
Whelp, that didn't work. One of the ROM flashes broke the recovery and lost root. Without ADB, I can't do anything more
Dan in SA said:
Whelp, that didn't work. One of the ROM flashes broke the recovery and lost root. Without ADB, I can't do anything more
Click to expand...
Click to collapse
If the recovery doesn't boot I doubt they will even look deeper then that and think you messed it up.
If you still want to attempt it you have to use an exploit to gain root again(Android still boots right?) Unfortunately most exploits are using ADB as a means to that end. ADB restore bug, elevating ADB shell to root via local.prop edit, for example. I would think the Android master key exploit would work on this device but the only good tool I have seen for it is Cydia Impactor. GUI that's compiled so its not easy to short cut and do locally without following the write up and manually doing everything(In short no one click that will work without USB). I think memdroid or something like that only worked up until 4.0.2 or something so I think Nabi is patched against it. It can be done I just don't know if you want to go to the effort. Should have used the Nabilab full stock ROM and stock recovery to restore as they are matched set.
aicjofs said:
Should have used the Nabilab full stock ROM and stock recovery to restore as they are matched set.
Click to expand...
Click to collapse
I did, but when I booted that up after I loaded the ROM, SuperSU was installed implying that the image was rooted already.
Too late now, it's in the box going back to Nabi tomorrow.
Hello
I'm creating a ClockworkMod recovery for my phone (K-Touch W68) and before I go any further, I wanted to check how dangerous this is?
How likely am I to brick the phone?
And, if I flash the wrong thing, how easy is it to recover?
I extracted the recovery using this (following a similar thread)
Code:
cat /dev/block/platform/sdhci.1/by-name/recovery > /mnt/sdcard/recovery.img
I've built a new recovery.img using builder.clockworkmod.com and was going to apply it using the following and then restart
Code:
cat recovery.img > /dev/block/platform/sdhci.1/by-name/recovery
Sound ok?
If you don't have a way to reload the stock OS either from the manufacturer or with a tool like MTK Droid (I'm assuming it has a MediaTek chip as most of those kinds of phones have them), then it will be risky. Sometimes it just doesn't do anything. Sometimes it messes up the recovery partition, but you can still boot. And sometimes it'll bootloop you. Not much way to tell without testing.
es0tericcha0s said:
If you don't have a way to reload the stock OS either from the manufacturer or with a tool like MTK Droid (I'm assuming it has a MediaTek chip as most of those kinds of phones have them), then it will be risky. Sometimes it just doesn't do anything. Sometimes it messes up the recovery partition, but you can still boot. And sometimes it'll bootloop you. Not much way to tell without testing.
Click to expand...
Click to collapse
Thanks for the reply.
The CPU is actually a Broadcom BCM21663 which seems pretty rare (other similar phones: Symphony W68, Karbonn A8). There are K-Touch W68 ROMs on needrom.com and some Broadcom flashing tools for the Karbonn A8 (can't post links yet).
Good deal. Sounds like it might be worth a try then. Good luck!
Requirements:
[ROOT REQUIRED]
[OEM Unlocking must be allowed under the developer options before flashing this file AND stay activated
as long as you want the device to stay unlocked (OnePlus implemented security features which locks the device on reboot with the switch off)]
* I am not responsible for bricked devices, thermonuclear war, or you getting fired because the alarm app failed.
* Please do some research if you have any concerns about this method before using it!
* YOU are choosing to make these modifications.
* And if you point the finger at me for messing up your device, I will laugh at you.
Click to expand...
Click to collapse
WARNING: THESE FILES ARE BASED ON THE OXYGEN OS 2.1.1 FIRMWARE, PLEASE ANALYZE YOUR DEVINFO IF THE VERSION IS DIFFERENT TO MAKE SURE NOT BRICKING SOMETHING!
I have not upgraded my device to 2.1.2 yet because there have been some issues with the newest firmware.
Tested and confirmed working on:
OxygenOS 2.2.0 - thanks to @pryggi
OxygenOS 2.1.1
Hydrogen OS 1.2.0 - thanks to @fareed_xtreme
I looked at this thread, thanks to Naman Bhalla for this great work.
and found out that the file attached to this post is the answer to my problem, described in another thread.
After the whole day of work analyzing and dumping and saving via adb from my device to the pc and the other way around i finally did it.
On the frist screenshot is my situation before flashing the new devinfo, on the second after flashing the devinfo from the thread mentioned above.
By changing the bits with a Hex Editor of your choice, or by flashing the files below via dd:
Code:
dd bs=4096 of=/dev/block/bootdevice/by-name/devinfo if=/sdcard/oneplus2-devinfo-factory.img
The output should look like the following:
Code:
0+1 records in
0+1 records out
1024 bytes transferred in 0.005 secs (204800 bytes/sec)
You can restore your OnePlus 2 to a factory state while still having root or unlock your phone again without having to wipe it! :highfive:
Credits:
Naman Bhalla
Also to segv11 who already managed this in the OnePlus One and Nexus devices
wow nice job m8
sent from rooted phone
Modified the same location using a HEX Editor (root) whilst on the Hydrogen OS 1.2.0 and I must say it works.
Screenshot Attached. Good Find @thedropdead
Thank you and thanks for testing it out on Hydrogen OS @fareed_xtreme
It is not a Revolution like CM13 on the 1+2, but its helpful for people like me who use their developer devices as daily drivers and still want to lock and unlock the device because of security reasons without wiping the whole device.
fareed_xtreme said:
Modified the same location using a HEX Editor (root) whilst on the Hydrogen OS 1.2.0 and I must say it works.
Screenshot Attached. Good Find @thedropdead
Click to expand...
Click to collapse
thedropdead said:
Thank you and thanks for testing it out on Hydrogen OS @fareed_xtreme
It is not a Revolution like CM13 on the 1+2, but its helpful for people like me who use their developer devices as daily drivers and still want to lock and unlock the device because of security reasons without wiping the whole device.
Click to expand...
Click to collapse
I needed it for resetting the tamper flag. I have certain issues with my phone and might have to return it in the near future and hence this was important. So thanks again.
fareed_xtreme said:
I needed it for resetting the tamper flag. I have certain issues with my phone and might have to return it in the near future and hence this was important. So thanks again.
Click to expand...
Click to collapse
Thats another good thing to do with it
It was a pleasure to help you out mate
Thanks, I was waiting for this for securing my OPT. Has anyone tested, if it works also on OOS 2.2.0?
Just to clarify, the dd command should be executed in TWRP console?
Would be cool if someone could make an app for this like the Nexus devices have:
https://play.google.com/store/apps/details?id=net.segv11.bootunlocker
pryggi said:
Thanks, I was waiting for this for securing my OPT. Has anyone tested, if it works also on OOS 2.2.0?
Just to clarify, the dd command should be executed in TWRP console?
Would be cool if someone could make an app for this like the Nexus devices have:
https://play.google.com/store/apps/details?id=net.segv11.bootunlocker
Click to expand...
Click to collapse
Hello pryggi,
It should also work on OOS 2.2.0, you could check that by dumping the partition (by reversing the dd command) like this:
Code:
dd bs=4096 if=/dev/block/bootdevice/by-name/devinfo of=/sdcard/oneplus2-devinfo-oos220.img
And looking at the file in the hex editor for differences or by posting it here and i can check it for you.
I have executed the dd command from ADB Shell with the Phone connected via wireless ADB.
You can also execute dd in the Android Terminal Emulator App.
Thanks for your reply. My device is already unlocked. As I don't have a computer with ADB/drivers at hand right now, I managed to run the dd command in Terminal Emulator app after elevating with su. Result is attached. Viewing it in hex seems to confirm, that at least the locking bit seems to be in the same position.
pryggi said:
Thanks for your reply. My device is already unlocked. As I don't have a computer with ADB/drivers at hand right now, I managed to run the dd command in Terminal Emulator app after elevating with su. Result is attached. Viewing it in hex seems to confirm, that at least the locking bit seems to be in the same position.
Click to expand...
Click to collapse
Thank you for the Dump, i can confirm that the bit is at the same position and the unlock bit is the same.
I compared the file attached at my first post with yours and they are identical ( see attachment, sorry its german, meaning is they are identical).
So by flashing the factory.img from my first post or unchecking OEM Unlock allowed in the developer Settings your device should be locked again and can be unlocked by flashing the unlock.img via dd in ADB or the Android Terminal Emulator within the Phone.
Thanks for the further explanation. I was just wondering about this OEM Unlocking switch in dev options. What would happen, if one would use dd and the factory image file to lock the bootloader and leave the OEM Unlocking switch still unlocked...
I also am interested if this type of locking-unlocking can be done in TWRP... If it can be done there, then it does not offer any benefits in security, if my logic is correct. Although, I might be drifting off topic here.
pryggi said:
Thanks for the further explanation. I was just wondering about this OEM Unlocking switch in dev options. What would happen, if one would use dd and the factory image file to lock the bootloader and leave the OEM Unlocking switch still unlocked...
I also am interested if this type of locking-unlocking can be done in TWRP... If it can be done there, then it does not offer any benefits in security, if my logic is correct. Although, I might be drifting off topic here.
Click to expand...
Click to collapse
As i can remember i tried that too, by flashing the factory image partition via dd and leaving the switch on, the switch gets toggled off when rebooting, because the switch is just the representation of the unlocking bit in the partition. So when it is turned off, the software will set the bit to zero, means the device will get locked on reboot. Turning the switch on will not override the bit and the device can boot unlocked and the switch will stay on.
It is hard to explain
Your Idea about doing the same thing in TWRP since the ADB is available there is interesting.
I think the problem here is, that once you onlock and flash a custom recovery via fastboot, and relock the device, you already tampered with it, and twrp does provide much more options than the stock recovery image (ADB commands, ...).
So the problem here lies in flashing twrp.
I solved this problem by keeping the stock recovery and locking the device via the image file.
Once i want to use twrp, i unlock the phone by using the unlock.img and use "fastboot boot twrp.img" to boot twrp to backup my device or some other action.
I know that this means if my device gets bricked in this locked state with stock recovery i will have to unlock it normally, but before making any important changes to my software i always unlock my device first in case something goes wrong and with the stock recovery i could not even flash anything so making huge software changes requires me to unlock my device and boot twrp
Hope that this post helps somehow
FYI: The HEX hack must work on almost all OPT OS Releases.Kinda universal
fareed_xtreme said:
FYI: The HEX hack must work on almost all OPT OS Releases.Kinda universal
Click to expand...
Click to collapse
That is right, i just included the notice in the first post so nobody can tell me i have not told them
It is also possible that OnePlus changes the layout of that partition in one of the upcoming updates/releases and that is why it is still mentioned in the first post, thank you anyway.
@thedropdead I've a question: I should use the "modified" devinfo.img AFTER I go back to stock, if I want to unlock my phone without wiping data, right ? So I go back to stock, flash in fastboot or in terminal emulator the .img, and that's good ? I'me unlocked without data wiped ?
casual_kikoo said:
@thedropdead I've a question: I should use the "modified" devinfo.img AFTER I go back to stock, if I want to unlock my phone without wiping data, right ? So I go back to stock, flash in fastboot or in terminal emulator the .img, and that's good ? I'me unlocked without data wiped ?
Click to expand...
Click to collapse
That should be the plan if i have understood everything right.
So you are on the custom ROM, want to go back to the stock ROM?
If that is the case i do not see why you should want to flash any image.
You can use TWRP to wipe and then flash the stock ROM, your phone should still be unlocked right?
Please someone correct me if i am wrong.
It would be great if you could tell me what you are trying to achieve.
The unlock image had the purpose to help someone unlock their device if they have a rooted device but have locked it after flashing everything for security reasons.
thedropdead said:
That should be the plan if i have understood everything right.
So you are on the custom ROM, want to go back to the stock ROM?
If that is the case i do not see why you should want to flash any image.
You can use TWRP to wipe and then flash the stock ROM, your phone should still be unlocked right?
Please someone correct me if i am wrong.
It would be great if you could tell me what you are trying to achieve.
The unlock image had the purpose to help someone unlock their device if they have a rooted device but have locked it after flashing everything for security reasons.
Click to expand...
Click to collapse
Well, for now I'm under CM13, and, yeah, I know I could wipe and flash stock in TWRP, I just want to know in case .
casual_kikoo said:
Well, for now I'm under CM13, and, yeah, I know I could wipe and flash stock in TWRP, I just want to know in case .
Click to expand...
Click to collapse
Okay thanks for the clarification.
In the Case of using some unbrick Tool and thus resetting everything including recovery to stock your phone should lock on the first stock boot.
Once it is locked and you do not have root, which would be the case, you have no possibility to flash the img via fastboot or the emulator.
so in conclusion you are better off with wiping and flashing via twrp so you can still flash something if anything goes wrong
It works on OxygenOS 3.0.2 too. I edit the same location using a HEX Editor. And everything is fine.
Hey guys, sounds like this is exactly what I've been looking for. Thanks for figuring this out.
But, I'm a bit of a noob, so can you break it down into like a hundred very clear steps?
Hello there,
I recently did a software update - not having done anything mod-ish things or anything to my phone, I didn't expect anything to happen.
My phone worked like usual after the update. After a restart of the phone, I end up in the Recovery Mode now and can't get out of it.
The error I'm getting is "Can't load Android System". The reason described at the bottom of the phone is "Reboot Recovery Cause is init:1" and "Reason is fs_mgr_mount_all:"
I'm able to get the phone into regular recovery mode and download mode - but nothing else.
Spoiler: EDIT with infos that are likely not relevant
I read some logs and it claims that the kernel on my phone is not made for production use, and that the user reads this message and is not debugging, then the vendor should be contacted. Not really applicable here but I wanted to mention it.
I was thinking about manually reinstalling the latest update, but I don't know if that's a good idea; how to do it properly without data loss (if even possible); and I don't know my CSC code. The download mode method & going via Samsung Support did not work. I only got the overall region, which is EUB - but I don't know the exact code.
How should I proceed from here on? Is manually installing the update a good idea, and does anyone have a good guide for me?
Or is there any reputable software that can fix this system error or can export some of my data for a reinstall.
Samsung Support was not a big help, as they only fix devices with data loss and they claimed that the symptoms I'm getting point to a voided warranty.
EDIT 2: Also, what can go wrong when installing an update with the wrong CSC?
EDIT 3: Also spoke to realbbb in this thread about this: https://forum.xda-developers.com/t/patched-odin-3-13-1.3762572/post-87516547
Best regards,
Gab
GabHM said:
EDIT 2: Also, what can go wrong when installing an update with the wrong CSC?
Click to expand...
Click to collapse
Usually it's just enough to flash any CSC from your country since they tend to have everything you need there.
And no, you won't have any negative impact if you flash the wrong CSC
There should be plenty of tutorials on YouTube on how to flash stock with Odin.
ShaDisNX255 said:
Usually it's just enough to flash any CSC from your country since they tend to have everything you need there.
And no, you won't have any negative impact if you flash the wrong CSC
There should be plenty of tutorials on YouTube on how to flash stock with Odin.
Click to expand...
Click to collapse
Do you know, by any chance, of a reputable source for a tutorial?
Bump, flashed my phone using Odin and the latest firmware and I still can't boot. I still need help here.
Also, the phone showed the android figure and "Erasing..." right after flashing even though I flashed with HOME_CSC. Is my data gone now or is this normal?
EDIT: I read something regarding slot changing or similar, how would I achieve this/is this something I could or should do in my case? Or am I already boned because I wiped my data
EDIT 2: Regular recovery mode gives me "Error updating for slotselect"
EDIT 3: The error that shows up is English now instead of German (what it was before), did I make it worse?
EDIT 4: Thinking about downgrading, is this a good idea?
EDIT 5: Tried downgrading to Security Patch levels 3 & 6 months ago and also tried going down to Android 11. Won't work. Still need help.
GabHM said:
EDIT 5: Tried downgrading to Security Patch levels 3 & 6 months ago and also tried going down to Android 11. Won't work. Still need help.
Click to expand...
Click to collapse
Bump
Also view my post above
GabHM said:
Bump
Also view my post above
Click to expand...
Click to collapse
bump I guess
There's a possibility that your motherboard may be damaged if flashing stock doesn't work.
Last resort is just flash full CSC to completely wipe data.
ShaDisNX255 said:
There's a possibility that your motherboard may be damaged if flashing stock doesn't work.
Last resort is just flash full CSC to completely wipe data.
Click to expand...
Click to collapse
I'm just so confused because my data was intact and everything was fine. After a reboot everything was broken. Is there any way I can get that phone repaired or anything similar without getting it wiped? I'm out of options with Samsung themselves because they're always wiping even with screen repairs (what they told me).
I wouldn't rule out board damage as I've been facing WiFi and Flashlight issues previously. I would pay for the repair even if it's still in warranty but I just want that data.
I know it's my fault for not backupping but I'd love to get that data back for paying.
Wish I could give you an answer but I've never really tried retrieving data. I always just format data and move it.
ShaDisNX255 said:
Wish I could give you an answer but I've never really tried retrieving data. I always just format data and move it.
Click to expand...
Click to collapse
Yeap. Redundantly and regularly backup critical data.
Rule#1- if a OS is fast, stable and fulfilling its mission... let it be!!!
Firmware upgrades and updates can and do break devices.
A data recovery specialist may be able to retrieve the data.
blackhawk said:
Yeap. Redundantly and regularly backup critical data.
Rule#1- if a OS is fast, stable and fulfilling its mission... let it be!!!
Firmware upgrades and updates can and do break devices.
A data recovery specialist may be able to retrieve the data.
Click to expand...
Click to collapse
Thank you for responding. Rule #1 is what I went by for like half a year but I ended up updating because of the explained WiFi & flashlight issues D:
Does it sound like to you that a data recovery specialist could realistically get back files or is this something you don't know about?
GabHM said:
Thank you for responding. Rule #1 is what I went by for like half a year but I ended up updating because of the explained WiFi & flashlight issues D:
Click to expand...
Click to collapse
Been running Pie for over 3 years. You find work arounds or fixes as you will have to do that with any firmware anyway.
GabHM said:
Does it sound like to you that a data recovery specialist could realistically get back files or is this something you don't know about?
Click to expand...
Click to collapse
No idea. That's your best shot though. It's worked for at least some. I personally would have written it off but I have most of my critical data backed up so it's more of an inconvenience rather than a disaster.
I'm sorry to read this and I often do.
Your problem has been going on for months.
Every manufacturer has its peculiarities and Samsung is peculiar.
With encrypted data your best help is to get the system running again.
Actually, your best help is to have nothing irreplaceable on a portable device.
Unfortunately, that's no consolation.
If you have a working recovery maybe at this point you should just do a check whether the /data partition has been wiped.
You won't be able to read it (probably?) but you can see if it's all cleared.
I'm with @blackhawk. If a truck ran over one my devices I wouldn't be that upset.
Unless said device was in my pocket at the time.
Renate said:
I'm sorry to read this and I often do.
Your problem has been going on for months.
Every manufacturer has its peculiarities and Samsung is peculiar.
With encrypted data your best help is to get the system running again.
Actually, your best help is to have nothing irreplaceable on a portable device.
Unfortunately, that's no consolation.
If you have a working recovery maybe at this point you should just do a check whether the /data partition has been wiped.
You won't be able to read it (probably?) but you can see if it's all cleared.
I'm with @blackhawk. If a truck ran over one my devices I wouldn't be that upset.
Unless said device was in my pocket at the time.
Click to expand...
Click to collapse
Thank you for your response, I expected to hear this but I didn't want to leave contacting y'all untried.
How would I check if the /data partition has been wiped? I've been careful to not wipe it with Odin and so far I only have wiped the cache and well, tried to change android versions.
If your recovery has ADB and it's rooted you can try my zerostat
Code:
C:\>adb push zerostat /somewhere/
C:\>adb shell
# chmod 755 /somewhere/zerostat
# /somewhere/zerostat
# Name Size Filled Zeroed Used Type
-- ----------- ------------ --------- --------- ------ -----
1 xbl 3670016 2461 1123 68.7% elf64
2 xblbak 3670016 2461 1123 68.7% elf64
3 tz 4194304 1294 2802 31.6% elf64
...
Use /cache or wherever you can.
It will attempt to read all the partitions and tell you what percentage zeroes it has.
You can specify partition number if some lower numbers makes it crash.
Code:
# zerostat 23
Renate said:
If your recovery has ADB and it's rooted you can try my zerostat
Code:
C:\>adb push zerostat /somewhere/
C:\>adb shell
# chmod 755 /somewhere/zerostat
# /somewhere/zerostat
# Name Size Filled Zeroed Used Type
-- ----------- ------------ --------- --------- ------ -----
1 xbl 3670016 2461 1123 68.7% elf64
2 xblbak 3670016 2461 1123 68.7% elf64
3 tz 4194304 1294 2802 31.6% elf64
...
Use /cache or wherever you can.
It will attempt to read all the partitions and tell you what percentage zeroes it has.
You can specify partition number if some lower numbers makes it crash.
Code:
# zerostat 23
Click to expand...
Click to collapse
Thank you for the recommendation, not rooted unfortunately.
GabHM said:
Thank you for the recommendation, not rooted unfortunately.
Click to expand...
Click to collapse
It's a good thing to have a rooted, permissive ADB in recovery before failure hits.
You could still install one now if you can find one.
GabHM said:
(...)
I'm able to get the phone into regular recovery mode and download mode - but nothing else.
(...)
Click to expand...
Click to collapse
There may be a solution, but you didn't even provide information about the name of the firmware you can read in recovery mode, or the link to the firmware you downloaded for odin, or the odin version you used.
ze7zez said:
There may be a solution, but you didn't even provide information about the name of the firmware you can read in recovery mode, or the link to the firmware you downloaded for odin, or the odin version you used.
Click to expand...
Click to collapse
Fair, I used Odin v3.14.1_3B_PatcheD and the following firmware:
Samfw: SM-A528B_DBT_A528BXXS1BVC2_fac
Samfw: SM-A528B_DBT_A528BXXS1CVD1_fac
Bifrost: SM-A528B_2_20220901174940_wfjk9aepw6_fac_A528BXXU1CVH6_A528BOXM1CVH6_A528BXXU1CVG8_A528BXXU1CVH6_DBT
I haven't turned on the phone since so I couldn't tell you the firmware I can see in recovery mode, but the current firmware should be the Bifrost one.
Renate said:
It's a good thing to have a rooted, permissive ADB in recovery before failure hits.
You could still install one now if you can find one.
Click to expand...
Click to collapse
That is still possible? I thought you needed to enable OEM unlocking in a functional OS before being able to root