Related
Have anyone tried to install the CMW or root the Transformer Prime by using Blob Tools?
Here are the steps that may be used:
1/ Download the latest build from Asus like WW_epaduser9_4_2_21_updatelauncher.zip
2/ Extract zip file to get the blob then using the tools from this thread http://forum.xda-developers.com/showthread.php?t=1068548 to unpack it.
3/ Replace the blob.SOS (recovery.img) with the ClockWorkMod recovery v5.8.1.8.img or ClockWorkMod recovery v5.8.2.0.img
4/ Repack the blob then flash SKU and Update version of SOP manually.
Please share your experience if you have tried this way.
If possible I think we are able to put su into the Blob.APP (System.img) to root the .21.
I am no expert in this, but must the update not be right signed with locked bootloader?
If it isnt the Prime refuses to update.
Cause some people have tried to flash kernel this way and the Prime refused to update.
Dont get me wrong.
I dont say that it isnt possibel somehow, but as I said befor. " I am no expert in this. "
Deathmo said:
I am no expert in this, but must the update not be right signed with locked bootloader?
If it isnt the Prime refuses to update.
Cause some people have tried to flash kernel this way and the Prime refused to update.
Dont get me wrong.
I dont say that it isnt possibel somehow, but as I said befor. " I am no expert in this. "
Click to expand...
Click to collapse
I agree, this would most likely fail the validation check done by the tablet and not allow it to update. The only way this would be possible would be for somebody to leak the key that is used to encrypt the updates by ASUS and we would then be able to sign anything we wanted (including other ROMS) and have it update successfully without unlocking the device.
If this was possible, it would have been easy enough to just modify a value in one of the files and use the same root method that I created for the first ICS release.
Ty 4 explanation
Thanks guys. I am still working to find away for rooting .21.
However I may give it a try to see what happen :-D.
Sent from my HTC Desire HD using xda premium
sparkym3 said:
I agree, this would most likely fail the validation check done by the tablet and not allow it to update. The only way this would be possible would be for somebody to leak the key that is used to encrypt the updates by ASUS and we would then be able to sign anything we wanted (including other ROMS) and have it update successfully without unlocking the device.
If this was possible, it would have been easy enough to just modify a value in one of the files and use the same root method that I created for the first ICS release.
Click to expand...
Click to collapse
would Gary Key have this key? maybe some one should ask him since he works for asus.
Hi,
Is it possible to root without an exploit? I am trying to use fastboot but fastboot devices shows empty. Even the command oem unlock shows "Waiting for device". Heimdahl is not supported for my device i.e. GT-S6312. All the custom ROM installation in the forum shows using a exploit to root the device. Any information on this is much appreciated.
Thanks.
Re
mindentropy said:
Hi,
Is it possible to root without an exploit? I am trying to use fastboot but fastboot devices shows empty. Even the command oem unlock shows "Waiting for device". Heimdahl is not supported for my device i.e. GT-S6312. All the custom ROM installation in the forum shows using a exploit to root the device. Any information on this is much appreciated.
Thanks.
Click to expand...
Click to collapse
Hello, my friend. Wolcome to the forums. You got the things wrong you are mixing up some informations. Basically you involved 2 concepts here rooting and unlocking the bootloader (oem unlock). I have an Lg phone and i am not familiar with Samsung devices.
Rooting means by finding a security hole (like an exploit or a way to mess with permission) to let you get root and system files access (super user). This is like being on an Administrator account on Windows.
Unlocking the bootloader (the command you said oem unlock from what i know is used on Lg devices but i might be wrong; this command works just for some devices, not all) means to modify the bootloader so it will alow modified operating systems or modified code to be runned. A locked bootloader (most of the devices have this, some can be unlocked some not) means that you cannot load anything that is not signed by your phone company.
To flash a custom rom you need to be rooted, have an unlocked bootloader (so you can flash a custom recovery like TWRP, CWM etc.) and then to flash a custom rom (like Cyanogen Mod, Miui etc) and in some cases a custom kernel (boot.img).
I searched around and found how to root your device and install CWM and found some custom roms. Please next time use the Search function.
Root+CWM: http://forum.xda-developers.com/showthread.php?t=2330644
1 Custom ROM i found (use Search button maybe you can find more): http://forum.xda-developers.com/showthread.php?p=51520354
ALWAYS flash only roms for your device and closely follow the instructions on those pages!
Hope i helped you. If so hit the THANKS button!
Have a nice day
christi9503 said:
I searched around and found how to root your device and install CWM and found some custom roms. Please next time use the Search function.
Root+CWM: http://forum.xda-developers.com/showthread.php?t=2330644
1 Custom ROM i found (use Search button maybe you can find more): http://forum.xda-developers.com/showthread.php?p=51520354
ALWAYS flash only roms for your device and closely follow the instructions on those pages!
Hope i helped you. If so hit the THANKS button!
Have a nice day
Click to expand...
Click to collapse
I do not want to use Framaroot.apk as I don't have the source for it and don't know if there are exploits for rooting the device. Is there any other method for this?
mindentropy said:
I do not want to use Framaroot.apk as I don't have the source for it and don't know if there are exploits for rooting the device. Is there any other method for this?
Click to expand...
Click to collapse
Rooting includes exploits that is how root is obtained man. With normal things you can't get root. You exploit a security hole to get the super user acces. This can be made by flashing a root file, by an insecure kernel and some kind of exploit in CPU i think (not sure but this is what Framaroot uses i think). Framaroot is not a defenitive root you can unroot it. Every method for root needs an exploit (depends what kind). Framaroot is safe go with that. A lot of people using that. Good luck.
I have an Alcatel Tetra running Android 8.1, June 2018 update, and I would like to root it. It was only released in September 2018, though, so there seems to be no common solution.
Some specs are:
480x854 resolution on 5" screen @ 70hz
1.1ghz MediaTek MT6739WM CPU
2gb ram
4G LTE GSM on AT&T
WIFI A/B/G/N 2.4ghz
Bluetooth 4.2 LE
Android 8.1, June 2018 update
16gb internal storage with support for 128gb sd card
GE8100 GPU
5MP front camera & 2MP back
USB 2.0 port, 3.5mm jack
Root
clcombs262 said:
I have an Alcatel Tetra running Android 8.1, June 2018 update, and I would like to root it. It was only released in September 2018, though, so there seems to be no common solution.
Some specs are:
480x854 resolution on 5" screen @ 70hz
1.1ghz MediaTek MT6739WM CPU
2gb ram
4G LTE GSM
WIFI A/B/G/N 2.4ghz
Android 8.1, June 2018 update
16gb internal storage with support for 128gb sd card
GE8100 GPU
5MP front camera & 2MP back
Click to expand...
Click to collapse
I have one also id like to root
I also have this phone. Almost cobbled together a twrp but just need the correct recovery-kernel & offset file to repack it. As it stands right now the twrp build will boot loop, but I know all the other pieces are solid ( correct resolution set, correct prop.default, fstab files, .rc files and so on) unfortunately so flash tools is useless until we can get a custom DA file that works with the Tetra. This whole process has been quite a pain lol but I'm close. If I can get it figured out I'll make a thread here upload all relevant files
Update: I'm currently using a few different RATs to pull any and all files possible while also trying to see what exploits (if any) I may be able to leverage with them. currently still lacking the recovery.fstab, but all other files needed for the ramdisk folder section of the recovery.img is set (put together the prop.default from scratch as I can't pull it from the phone). Still need all files outside of the ramdisk folder though (mostly just a proper recovery-kernel and offset, think I may be able to substitute the other files from a similar Alcatel MT6739 phone, the 3x/5058, which I have a stock firmware for). I also have the source code for the 4.4.95+ kernel that's on the Tetra, digging through it to see if I can use anything from it. If anyone has any thoughts about what could be done with all this stuff I have please feel free to share, as I could use some fresh eyes on this.
MICHAEL(SMHOS.ORG) said:
Just use magisk to root ,or ONE click root for PC is easy bro??
Click to expand...
Click to collapse
#1. There is no publicly available fw for this device as of this moment to patch with Magisk.
#2. Sp flash tool cannot currently readback or download to this phone, as the necessary DA file is unavailable. That means no way to get the boot.img or recovery.img to make magisk root/port TWRP
#3. NO ROOTING APPS WHETHER THEY BE APK OR PC BASED, WORK WHATSOEVER ON THIS PHONE, AND 80% OF THEM ARE BORDERLINE MALICIOUS (HERE'S LOOKING AT YOU KINGROOT)
#4 please kindly ****post elsewhere.
Root Alcatel Tetra
MICHAEL(SMHOS.ORG) said:
Just use magisk to root ,or ONE click root for PC is easy bro
Click to expand...
Click to collapse
I know for a fact One Click Root has no support, and Magisk is unreliable in my experience. I think I may have a way to apply a root patch, but obviously I need the patch first. I believe I can exploit the "apply update from sd card" function but haven't really tested it.
MICHAEL(SMHOS.ORG) said:
OK try it and check if any patch or so,because I use Flashing tools like Gsm alladin cracked or android adb multi tool since it support adb function for root
Click to expand...
Click to collapse
There is currently no adb exploit to gain root that works on this device. Trust me, I've tried. There is not an easy fix for this phone. The only options I see, is for someone who has access to the most recent NCK box, or Miracle thunder MT2 ( which added support for the mt6739 chip set) to dump the firmware and share It with the public, or for the Download Assistant file for this phone to be released, at which point SP flashtools can be used to dump the firmware, at which point a custom TWRP can be ported, root can be gained, and bob's your uncle. I've spent the last month going over every possible way to crack this phone open, and aside from finding/developing an as of yet unknown exploit, the only options available require a firmware dump (which currently can only be made with the 2 aforementioned box tools). I've been using every method I can think of to get a functioning TWRP without the stock recovery, with no luck yet. Ive taken every possible amount of info and files accessable from the phone using adb shells, mtk based tools, and RATs. I've got ahold of pretty much all publicly available firmwares and TWRPs for other Mt6739 phones that are already cracked, to see if I could take the files/Info and modify them to fill in the gaps and get a functional TWRP. Hasn't worked yet and while I've narrowed the reasons why down, those reasons seem to be hard blocks that could only be overcome through root access/access to the Tetras specific firmware. Which as you see is a catch 22 where you would need root to get root. I've even tried to get ahold of an ota update directly from AT&Ts cdn to try and exploit. I have the dl address but am not sure how to use it, as trying to connect to it from phone browser or PC just returns as forbidden. I'm honestly a little burnt out with it at the moment and am gonna go mess with some other phones I have and come back to this later when/if hopefully some new resources become available.
Tlr ; the easy and common solutions aren't gonna cut it, so save your breath
cthulu_rises said:
There is currently no adb exploit to gain root that works on this device. Trust me, I've tried. There is not an easy fix for this phone. The only options I see, is for someone who has access to the most recent NCK box, or Miracle thunder MT2 ( which added support for the mt6739 chip set) to dump the firmware and share It with the public, or for the Download Assistant file for this phone to be released, at which point SP flashtools can be used to dump the firmware, at which point a custom TWRP can be ported, root can be gained, and bob's your uncle. I've spent the last month going over every possible way to crack this phone open, and aside from finding/developing an as of yet unknown exploit, the only options available require a firmware dump (which currently can only be made with the 2 aforementioned box tools). I've been using every method I can think of to get a functioning TWRP without the stock recovery, with no luck yet. Ive taken every possible amount of info and files accessable from the phone using adb shells, mtk based tools, and RATs. I've got ahold of pretty much all publicly available firmwares and TWRPs for other Mt6739 phones that are already cracked, to see if I could take the files/Info and modify them to fill in the gaps and get a functional TWRP. Hasn't worked yet and while I've narrowed the reasons why down, those reasons seem to be hard blocks that could only be overcome through root access/access to the Tetras specific firmware. Which as you see is a catch 22 where you would need root to get root. I've even tried to get ahold of an ota update directly from AT&Ts cdn to try and exploit. I have the dl address but am not sure how to use it, as trying to connect to it from phone browser or PC just returns as forbidden. I'm honestly a little burnt out with it at the moment and am gonna go mess with some other phones I have and come back to this later when/if hopefully some new resources become available.
Tlr ; the easy and common solutions aren't gonna cut it, so save your breath
Click to expand...
Click to collapse
/
+1 on the no easy solutions. In theory, there is a utility built in to flash an update from an sd card from fastboot menu, or if you have an activity launcher.... exploitable, maybe?
Also, you must remember that those people are just people like you and me, with more experience. Since this phone was released September of this year, it may be awhile. So we may be on our own since the Tetra is a lower end device. I got a system dump, which I know can be used ro make firmware, but am not sure how to do so
clcombs262 said:
/
+1 on the no easy solutions. In theory, there is a utility built in to flash an update from an sd card from fastboot menu.
I got a system dump
Click to expand...
Click to collapse
Only way to use stock sideload would require you to sign the zip with the manufacturer private keys. I did pull some keys & certs from the phone but never got a chance to see if they were the proper ones.
And pls upload your system dump
Dont use this, see next post
Last post was the wrong file.
Here you'll find:
*DA file
*Auth file
*Preloader
*.mbn
*.sca
All specific for the 5041c, direct from Alcatel
https://drive.google.com/file/d/1FS0MFuoFSRlSncuUUtsZM808fqypUmue/view?usp=drivesdk
Yo OP what's up with that system dump?
cthulu_rises said:
Yo OP what's up with that system dump?
Click to expand...
Click to collapse
It ll be awhile. My ssd took a dump and died last night and I don't get paid for 2 weeks, so can't afford a new one.
That zip wasn't backed up unfortunately. So right now I have no pc
clcombs262 said:
It ll be awhile. My ssd took a dump and died last night and I don't get paid for 2 weeks, so can't afford a new one.
That zip wasn't backed up unfortunately. So right now I have no pc
Click to expand...
Click to collapse
Dang sorry to hear that brotha. Do you remember what method you used to get the system dump? I can try my hand at it
cthulu_rises said:
Dang sorry to hear that brotha. Do you remember what method you used to get the system dump? I can try my hand at it
Click to expand...
Click to collapse
See next post
cthulu_rises said:
Dang sorry to hear that brotha. Do you remember what method you used to get the system dump? I can try my hand at it
Click to expand...
Click to collapse
The primary code I used was
Code:
adb pull /system
adb pull /data
I may have used other code; I don't remember. It's been awhile.
Also, so my friends will stop asking, will you post how to root/flash recovery with what you provided? It'll be easier to link to the post then explain it 500 times, since I end up their IT guy a lot. Thanks in advance
Take the Da file, auth file, and scatter file provided and load them in the latest version of SP Flash Tool, use the readback function to dump the recovery img. If memory serves me correctly, mmcblk0p18 is the location for it. (use the scatter file to locate the begining address and the length for it). Once you have the stock recovery img, manually port twrp to it using carliv image kitchen. Then fastboot to flash twrp. If you did it right then you can boot into twrp and flash supersu or magisk for root. Make sure to boot directly into recovery after flashing, because the recovery gets replaced by stock after a normal boot
---------- Post added at 09:12 PM ---------- Previous post was at 09:11 PM ----------
I would have posted more already but have no access to PC for a while. I haven't even had a chance to do this for myself yet
cthulu_rises said:
Take the Da file, auth file, and scatter file provided and load them in the latest version of SP Flash Tool, use the readback function to dump the recovery img. If memory serves me correctly, mmcblk0p18 is the location for it. (use the scatter file to locate the begining address and the length for it). Once you have the stock recovery img, manually port twrp to it using carliv image kitchen. Then fastboot to flash twrp. If you did it right then you can boot into twrp and flash supersu or magisk for root. Make sure to boot directly into recovery after flashing, because the recovery gets replaced by stock after a normal boot
---------- Post added at 09:12 PM ---------- Previous post was at 09:11 PM ----------
I would have posted more already but have no access to PC for a while. I haven't even had a chance to do this for myself yet
Click to expand...
Click to collapse
I have access to a library pc, but youre not allowed to install anything. No adb or sp flash tool. Though i do have a theory about using stock recovery...
Probably wont work, but hey. YOLO. Still waiting for my ssd to be in stock
Well here's the stock ROM. Cut SP flash Tool and all its hassles out and use this. Just extract the recovery.img and port twrp, or extract boot.img and patch with magisk. Am gonna do this when I get home, I have a beater laptop I can use but no internet there, so I'll post my work the next time I can come to town and get cell service.
https://mega.nz/#!dpFmBIgI!4FXN0VYjTYSyMp608BCCDOtEVABHqOwoJPBx_OkaKrE
This zip contains the magisk patched boot.img, happy rooting!
Important notice! : iLLNiSS made me aware of a serious risk!
If you play with the firmwares manually and not with the flash all bat then DO NOT flash the blobs!
These are the actual bootloader files and stuffing up here will cause a hard brick!
I have to stress this out as it is serious thanks to not having working APX drivers a flshing programs for the Shield!
For starters, I uploaded a copy of the 7.2 developer firmware here:
7.2 developer ZIP on Dropbox
It is the full 1.1Gb update and not the 422mb block based one.
I have done some extensive tests since the first block based update wrecked my rooted Shield.
Some of it will end up in this post as info for everyone.
But lets start with what seems to be the problem for a lot of users right now who run a rooted Shield : Fixing the problem
A downgrade is officially not supported by Nvidia but my tests showed it works just fine if you only go back to the 7.1.
So far my tests showed differen sources for a Shield no longer working after the OTA.
1. The device had an unlocked bootloader and you got the 422mb block update.
This would have stuffed your bootloader and the Shield won't go past 1/4 on the progress bar for the update.
You are in luck as just flashing the 7.1 bootloader will fix it.
After that just dismiss the update and change the settings to manual updates.https://forum.xda-developers.com/editpost.php?do=editpost&p=78466377
2. Your device was already fully rooted and you got the full update that resulted in your Shield doing all sorts of thing but nothing properly anymore.
As long as your apps are still there and the Shield is still somhow usable you are lucky again.
A downgrade to 7.1 will fix it, I will explain the steps required further down.
3. You made bid mods, used Magisk or other rooting tools and now your Shield complains that your system is corrupt.
Bad luck if your bootloader is locked as you loose it all.
Lucky if the bootloader is unlocked as you might be able to keep most if not all during the downgrade.
General words of warning:
Even if your bootloader was unlocked from day one I can not garantee that the downgrade will keep all settings, apps, databases and so on.
For me it works fine as I kept all vital databases on external storage.
The procedures are all based on the developer firmware, on the stock firmware some things can still be done but then again you should not have more than software problems.
On the stock firmware the bootloader is locked by default and you can use some things required to owngrade due to the restrictions of a stock system.
General downgrade procedure for the developer firmware to get back to 7.1 :
If the update did get stuck on the progess bar early on and a reboot won't fix it so you can dismiss the update you just follow the steps.
If you can reboot into the 7.1 then just dismiss the update.
Trust issues or curruption warnings at boot but an otherwise working shield on 7.1 require to flash the 7.1 bootloader again.
In some cases it is possible to skip the corruption warning with a connected controller.
A reboot once you got to the homescreen will determine how bad it is.
Reboot goes fine: You are good.
Reboot keeps nagging with warnings other than the unlocked bootloader: Downgrade.
The downgrade is only required if you have problems or the Shield already runs on the 7.2!
In almost all other cases just flashing the 7.1 bootloader is sufficient.
Fixing a stuffed Shield by sideloading the 7.1 firmware while keping all apps and things:
Enable USB debugging and allow the connections for the computer if you still have access to the settings.
Otherwise you need to flash the 7.1 fresh and might loose vital things that need to install again.
Reboot into the stock recovery, if you use TWRP flashed on the Shield already then please flash the recovery from the 7.1 firmware first.
Hook up the controller and pressing A or B should get you into the normal recover screen past the dead droid.
ADB sideload XXX - where the xxx stands for the filename you have for the developer ZIP.
After the rebbot you should be back on your 7.1 homescreen and can dismiss the 7.2 update.
Also change the update settings while at it
Fixing a fully stuffed Shield and then downgrading to the 7.1 firmware:
If all went down south then you tried a few things and realised there is no way to get your data back and even less to prevent the 7.2 update.
Installing the 7.1 from scratch forces the setup wizard and before you can get anywhere you need to update to 7.2
So much easier to use the linked 7.2 update from above until Nvidia provides it on their download servers.
A vital thing to do is to keep the bootloader locked!!
Same for NOT having TWRP installed on the Shield!
If in doubt flash the 7.1 boot and recovery partitions first then go back into the stock recovery and wipe the cache.
Coming from a stock developer firmware with just an unlocked bootloader you are good to go.
Sideload the 7.2 update.
Unplug when the reboot starts and go into fastboot to lock the bootloader: Fastboot oem lock.
This is a vital step as the new kernel otherwise could ruin the completion of the install.
Ignore the double hassles and go through the wizard so you can enter the settings again to enable the developer mode and USB debugging.
Unlock the bootloader so you can do it all again Last time I promise!
Once you have both the bootloader unlocked AND the Shield in a usable condition past the setup wizard:
Reboot into the recovery to sideload the 7.1 firmware.
After the next reboot you are back on the 7.1 homescreen drirectly and can dismiss the update.
Possible tricks that can help you to prevent the installation of the 7.2 update if you come from a fresh 7.1 install instead:
Don't allow the reboot and instead use ADB to reboot into the recovery.
Wipe the cache - this will remove the scripts required to start the update after the reboot.
The next reboot should bring you back to the homescreen where you can stop the new download of the update and change the update settings.
TWRP, full root and new security measures in 7.2:
The 4.9 kernel used also makes use of a Fstab configuration that no longer includes the system partition.
This and other restrictions currently make the normal use of Magisk impossible.
With no system partition available to Magisk the changes in the boot process come to a stop and the Shield gets stuck during boot.
The added restrictions also make it very, very hard to manually add SU and busybox.
At least without getting the currupt system popup on every boot and finding out that a lot of things still don't work properly.
A final 7.2 firmware is said to be available on the download servers today.
If this final is no different from the current OTA then it will not be of any use for users requiring a fully rooted devices.
With the stock recovery still using the old kernel all attempts to use recovery functions to alter the system for rooting fail as well.
Can't blame the company as all this is part of Google revamp og security and closing backdoors and loopholes for possible attackers.
Personally I think it is Googles way of keeping control over devices they don't actually own.
Anyways I did make some little progress:
Plans for the near future:
Security is good but I like to know what my Android devices are doing and especially what Google likes to collect if I can not find ways to stop it.
So I will not try to use any backdoors or secrurity vulnerablilites in the new kernel to allow a full root on my Shield.
I will go the route I know best: Manual labour
The bootloader is already fixed to allow what we are used to from previous developer firmwares.
As SU and busybox can not be manually entered at this stage I will try to include them directly in the stock 7.1 firmware while renaming the OTA updater to have it a bit easier.
Assuming that works as expected I will do the same on the 7.2 firmware and compare the corresponding scripts and so on.
If the standard SU still works on an "unlocked" 7.2 I should be able to adjust the Magisk ZIP accordingly to implement it into the bootloader.
Only need to figure out if Magisk then has enough rights to work and the system is still happy to accept the changes.
I noly have the 16Gb 2017 model to work with but since the bootloader seems to be same for all Shield models I think if it works then it should do so for all models.
In the meantime I hope the infos here will help some pople to get their shield back without the need to sent it in.
Update 25/12/18: I got TWRP working on 7.2
This is only true for the 2017 model though as I have only this for testing.
Currently creating a backup to the internal storage.
If the restore works then I will upload the new TWRP - for the said model only!
Give me a day or two to fix it for the other models too.
There is progress on the rooting front as well.
Created new scripts for my kitchen to be able to handle the new file_context thing.
A fully pre-rooted and totally unsecure (in terms of ABD, DM-verity and such) is already cooked, just did not dare yet to try it out as I have a real life job too.
As for the pre-rooted firmware:
Things have changed quite a bit with the new kernel in terms of "just adding SU or Magisk".
Magisk might see an update for this problem soon, SU however seems to tally fail on two levels.
So far I was unable to do a full install of the modded firmware.
Flashed all at once and the boot just hangs.
Bootloader, reboot, then the rest seems to work.
At least for the basic install of the system.
If I add SU and busybox the system still ends up with a corrup notice during boot and then it fails.
Tune in over the next few days for progress updates at the end of the thread.
Major developments will be added right here.
Just a matter of finding the last restrictions.
Once that is done Magisk should be possible as well.
Ok, TWRP boot fine, does a backup but fails to restore the system to a bootable state.
Will now check if at least installing a zip works.
Well, it did not, so TWRP has to wait a few more days
I edited post 3 with instructions on how to "unbrick" and go back to 7.1.
Update 27/12/18: A friend of mine found some intersting stuff.
A 7.2 firmware offering a pure Android without any TV stuff but also a full root possible.
I hope he will share his finding here soon or allow me post it all in his name.
For now lets just say: It really works if done the rght way!
Full write rights, installing Magisk modules and all.
All thanks to an undocumented flaw in the device security structures, so even without any hidden backdoors or such LOL
Update: Whiteak was so kind to provide a working root solution in post 36, please check it.
I can confirm it is working as promised.
So the credits for this one go to Whiteak and the credits for the idea and use of the DTB file to Zulu99 - great idea!
To prevent any problems I advise to perform a factory wipe after the install and before the first boot.
Switch to the stock recovery to do this then boot as normal an enjoy.
A complete firmware with the required mods is sitting on my PC just waiting for idiot behing the keyboard to figure out how to pack it properly for flashing.
Once that problem is sorted and also TWRP working again things will get a lot easier.
Annoying update:
I was not able to confirm my web findings on the 7.2 firmwares bootloader but it seems other devices running the same type of kernel and bootloader and a bit lost now.
AVB is fully implemented on the latest level.
(Again I am working on confirming or denying these findings!)
This means any alteration to vital parts of the system will fail with a corruption warning or worse.
Custom recovery access is limited if not fully restricted.
But even if it works you still need a firmware to flash that either is able to disable all this crap, hoping the bootloader alone will allow it, or
to hope Nvidia will provide a future bootloader update with these restrictions removed.
We can not downgrade the bootloader and even if there is some old one out there that would actually be flashable the risk is high to end with a brick anyway.
The DTB, at least in my tests gives us the required system wide write access but I have no information about the AVM verfified boot other than that Zulu99's firmware works.
But if it was compiled with the NVidia developer suite then it will be signed accordingly so the bootloader accepts it.
Could not find any info on how his firmware was actually created.
It gives me the hope though that once I have a fully working TWRP again that my modded 7.2 will work as expected and with no restrictions anymore.
Thanks for the info.
Edit: Will use this post to list options to recover the Shield is all seems lost.
As a result of far too much rom cooking and mods I needed a 100% working way to recover the Shield in case things turn very ugly.
So lets sum up what I define as very ugly when playing with firmwares:
1. Firmware installed but the Shield just hangs on the logo.
2. Firmware installed and now the system is corrupt and even it is boots it takes forever to get around the nag screens.
3. Firmware downgrade attempted but now the Shield won't even boot anymore.
4. Anything that would qualify for a soft brick.
My worst case when I only got a flashing white screen after trying to restore a TWRP backup under 7.2.
There any many way that work for a variety of boot problems but it takes too long to list all cases I encountered with a list of fixes that work or a comment that only the below way works.
So just to be clear here: This is not for any recovery purpose other than fixing what can't be fixed through a factory reset or fresh flashing of the firmware!
1. Get the Shield into Fastboot mode: Connect wired controller and male to male USB cable.
2. Power the Shield up while holding A and B on the controller.
Keep holding until you see the fastboot menu on the screen.
3. Install the 7.1 recovery firmware for your Shield type after unpacking it.
With Fastboot connection working type: flash-all.bat and hit enter.
4. Keep an eye on the progess!
5. Once the Shield is finnished and reboots, hold the A and B buttons on the controller again to enter fastboot mode!
Do not let the Shield boot up other than into the fastboot mode!
6. Lock the bootloader! Fastboot oem lock
Confirm with the controller, then go down and select the recovery kernel.
7. Once the dead droid is on the screen press B on the controller to enter the real recovery.
If B does not work try A
8. Select the factory reset option to wipe all!
9. Once the wipe is done you can boot into 7.1 as normal again.
10. With a bit of chance you might even get directly to the homescreen if the previous setup was completed.
If you need the full seup wizard again and are forced to update to 7.2 then at least the update will work fine this time around.
In case you desire to go back to the 7.1:
If you just finnished the above only to end with the 7.2 then set it up and flash the 7.1 - you won't get the setup wizard again and can skip the update.
If you are on a working 7.2 that was update the OTA way but want to go back:
1. Install the 7.1 firmware.
2. Lock the bootloader.
3. Boot and then skip the update to 7.2.
Any idea what to do if the Shield sticks at the NVidia logo when you select Recovery from Fastboot? I reflashed boot and got the same result.
psycho_asylum said:
Any idea what to do if the Shield sticks at the NVidia logo when you select Recovery from Fastboot? I reflashed boot and got the same result.
Click to expand...
Click to collapse
It won't work from fastboot.
Fastboot operates on a different level and calling the recovery from there lets it end up in nowhere with no access to the system.
You need to boot into recovery through ADB as (for the new model) without a power button and usable hardware buttons we can't get into it otherwise.
Having said that, the fastboot way should still work with an unmodified bootloader.
When the dead droid is on the screen the recovery should be available after pressing the A button on the wired up controller.
But during my tests on 7.2 it did not always work, so you might have to try a few times and also try the B button.
Downunder35m said:
It won't work from fastboot.
Fastboot operates on a different level and calling the recovery from there lets it end up in nowhere with no access to the system.
You need to boot into recovery through ADB as (for the new model) without a power button and usable hardware buttons we can't get into it otherwise.
Having said that, the fastboot way should still work with an unmodified bootloader.
When the dead droid is on the screen the recovery should be available after pressing the A button on the wired up controller.
But during my tests on 7.2 it did not always work, so you might have to try a few times and also try the B button.
Click to expand...
Click to collapse
I have not been able to get to the dead droid screen.
Downunder35m said:
For starters, I uploaded a copy of the 7.2 developer firmware here:
7.2 developer ZIP on Dropbox
It is the full 1.1Gb update and not the 422mb block based one.
(snip)
Click to expand...
Click to collapse
Thanks for posting this, but please note that this firmware is only for the 2017 16GB model and cannot be used with a 2015 or Pro model.
I just got a 7.2.1 update that forced me to update. Wouldn't give me an option to skip it... As soon as I turned on my Shield, it said something about the 7.2.1 update and then rebooted and installed.
I was holding off on updating too so I didn't lose root. Now I'm unrooted and am unable to get Magisk working again until I can get my hands on a 7.2.1 bootloader... Bleh.
Weird, I am not getting the 7.2.1 at all here.
And since yesterday the OTA only tries the block based but not the full image.
AthieN said:
I just got a 7.2.1 update that forced me to update. Wouldn't give me an option to skip it... As soon as I turned on my Shield, it said something about the 7.2.1 update and then rebooted and installed.
I was holding off on updating too so I didn't lose root. Now I'm unrooted and am unable to get Magisk working again until I can get my hands on a 7.2.1 bootloader... Bleh.
Click to expand...
Click to collapse
I was able to downgrade using the 7.2 image after setting up the device on 7.2.1 OTA just make sure you disable automatic updates
Thanks downunder this kind of in-depth info is always appriciated man........i like to learn these kind of things, having bits here and bits there gives a better picture of the whole, while also giving us upto date current info.
Thanks for taking the time to write this :good:
---------- Post added at 07:35 AM ---------- Previous post was at 07:27 AM ----------
Edit
Hi downunder, could you confirm i have this correctly
With no access to fastboot thus no twrp or root, are you implying, assuming your able to inject root into stock firmware, that, i'd be able to flash this stock+root rom in STOCK recovery, which i do have access to?
Edit: im under the impression that stock firmware zips are checked by stock recoveries, so modifying a stock firmware zip tends to fail this check and thus wont install/flash.......which makes me think im misunderstanding here......or just hoping im not
If so, im interested
Edit
i just read your second post which near enought answers my curiousity, so that'll teach me to read beyond the first post before asking answered questions ........even if the post excites me............ahhh, who am i kidding, ill probabably do it again........the equivelancy of a mental post boner........not controllable
Sorry for the disgusting analogy
SyberHexen said:
I was able to downgrade using the 7.2 image after setting up the device on 7.2.1 OTA just make sure you disable automatic updates
Click to expand...
Click to collapse
Did I understand it correctly? You successfully downgraded from 7.2.1 to 7.2?
ErAzOr2k said:
Did I understand it correctly? You successfully downgraded from 7.2.1 to 7.2?
Click to expand...
Click to collapse
Yes,
Just ran flash all from the bootloader. For the newly released 7.2 developer_rooted factory image.
As long as we don't jump to Android 9 we should always be able to downgrade through a full factory firmware.
Once Android 9 comes this might not work anymore due to the massive changes involved for the boot and system checks.
@banderos101: Unless you really did something bad you should always be able to enter the fastboot mode to flash a full firmware.
If I have some time after xmas I will have another look on the options of signing the zip properly or simply to fake it.
Biggest problem will be to generate the corret SHA checksums ince all is installed so I can use the same checksums in the check files.
The bootloader needs them to identify the system and vendor as genuine.
The system needs them to confirm all is actually unmodified as otherwise all fails to boot at some stage.
Modding a proper userdebug firmware is not really that hard, but converting a release version that also is a true and secure user release...
Lets just say that it won't be an easy task.
As it looks like the kernel is a keeper I might have to figure something out unless TopJohnWu won't enjoy a break after his exams and works on a way to get Magisk working with out kernel.
At least I figured out why the recovery trick isn't working for me.
The system partition is not mounted for the sideload mode.
To apply an update the stuff is written directly onto the partition, so no file level access left to play with and break things
In comparison you could say the shield is now like a modern car with keyless operation only.
You know you can start it with ease, if you only could the remote that you left in the drivers seat when you locked the door
SyberHexen said:
Yes,
Just ran flash all from the bootloader. For the newly released 7.2 developer_rooted factory image.
Click to expand...
Click to collapse
Just wondering what is achieved by going back to 7.2?
What do you mean "going back"?
Right now the 7.2 is the official and latest firmware.
I was unable to get my hands in the 7.2.1 but guess it might have been a testversion for certain models only.
I wasted a few hours trying to fix the system image.
First stage was only to get the basic "features" back, like full ADB support, enabling the support to use SU and busybox....
Just what is required to actually allow these nice apps we like to gain root to work.
This backfired badly as right after the start the bootloader complained about the system being corrup and no override to get past this worked.
So of course I then removed the known restrictions from the bootloader...
As you guessed it the damn thing then did not even boot at all, just jumped right into the (locked) recovery mode.
A half decent comparision with my last manual root on a tv box that was a success showed I still did the right things...
If anyone wondered why we needed a new bootloader for the support of smart helpers an some codes stuff:
We didn't as all this could have been done with the 7.1 bootloader as well.
Since my root attempts so far all ended either in disaster or in a root access that failed shortly after/corrupted the system, I took a look of the general kernel changes that were published for other devices.
Before I could find anything meaningful I realised the 4.9 kernel is actually a requirement for Android Pie!
With that info sorted I started digging inti the new "security" features Pie can offer.
I will try to keep it simple and to the stuff that actually concerns us for rooting purposes:
The new boot process with Pie is aimed at being secure from the hardware level up and all the way into the system partion once the boot is completed.
So the hardware checks if the bootloader is actually usable - we had that for a long time, nothing new.
Once the bootloader starts and reaches the point of actually getting somewhere, all partitions required will be checks by either a hash check or a trusted certificate gererated at boot time that is compared to the previous certificate.
Only if that is fine the bootloader will call upon the system and vendor partitions.
The handover of control from bootloader to the system is made far more secure as well.
SELinux is called early on to ensure that only trusted apps and tasks can work but also to all a new control level.
System related apps no longer run as root or with special permissions.
Instead every single app and service runs as its own user!
And under SELinux conditions this means nothing can access anything that it is not entitled to unless included as a user for the other app.
And with that sorted the vendor stuff is called to ensure all hardware and vendor related stuff is still genuine - this include the required certs but also the recovery and bootloader hash codes and certs.
So if something is fishy either SELinux will stop us or the vendor stuff will just overwrite it all.
Once we finally reach the system stage the recovery is checked if called from within the system, if fully implemented it could mean that using an official update on a modded firmware will delete all data as the encryption from the old system is declared invalid.
Sadly it does not stop there because even with full rigths (faked or otherwise) to access the system partition with write access we still can not just change things.
If something belongs to a user (a secure app) than a change will corrupt the system.
To overcome all this without using vulnerabilities that so far no one has found, a compatible userdebug release has to be created from the official user firmware.
DM-Verity needs to be disabled as well as all partition encryption stuff.
The bootloader needs to be adjusted to reflect these changes and the required turst certificates generated and included in both system and boot images.
The only problem here is that the kernel won't allow these changes unless it itself is a userdebug kernel.
After that it is only the little efford to go through about 60 different scripts to remove or redirect the calls for all boot and system security related things.
If then by some chance all this actually boots up and goes all the way into a usable homescreen the entire stuff needs to be secured again.
This time so that the final system has a correct cert and checksum that matches those we need to include in the bootloader.
Anyone knows how to gain full access to the trusted keystore on the 4.9 kernel? LOL
For the moment I don't really care about all the stuff above.
I would be happy to figue out what to make out of these new fstab configurations without the vital partitions listed.
The real aprtitions used have not changed but it is impossible include them in the fastab, doing so causes the bootloader to fail.
Presumably because the kernel realised we try to get around the verification process.
This and some other minor things are also the reason TWRP fails so badly, same for the stock recovery by the way.
Since TWRP is toy a lot us like:
TWRP and 7.2....
Without a system partion in the bootloader fastab TWRP can not mount it.
Same for all other things TWRP needs to mount as it simply does not have the right to access these areas.
To make things worse, we need system access to even start TWRP through fastboot.
So, now matter if we flash or start it through fastboot: The bootloader and system will realise our recovery does not match the checksum.
What does al this now mean in terms a lot more people are able to understand?
Let me try...
Imagine the 7.2 in a running version would be just some encrypted file with a lot of folders in it.
And like PGP or other encryptions software we know there is a private and a public key.
With the public key you can see a lot and use most the encrypted file - but only to a level that is required, nothing above your low level clearance.
For every attempt to write into this file or to make changes we need the private key.
If you follow so far then lets just say the recovery (stock) and Fastboot can be, to some extent, used for this access.
But since every folder in the encrypted file also uses private and public keys it is like tracing a tree.
Although it is getting too long, let me give you the example of just adding SU to the sytem partition:
Adding SU into the system image is no big deal.
Singing this image to get a usable key and including this key into the keystore is.
Assume we would just be able to do it....
SU needs to be called quite early in the boot process.
It then elevates the access level for certain things and also intercepts all root related requests from apps and services.
Except of course those that already had these rights by default.
Problem here is that adding the scripts we need plus changing some others means violating the tree of trust on the device and we get locked out.
Finding a spot to add the required rights for SU might be still possible.
On the other hand it will be impossible to give SU any rights or access to "trusted user" owned parts, files, folders, partitions....
The entire concept of SU just fails.
I will have to check how much of the new features are active in the 7.2 kernel that hinder us.
If I find enough it might be possible it enough to call for a Magisk update.
But I guess it is of little use for just one set of devices, so maybe once more devices on the 4.9 kernel fail to work with Magisk it will be easier to spot a usable pattern.
In case someone else if already working ona mdified system: Please let me know how you made it boot after the changes
Shield Tv 16 2017 - OTA update 7.2.1 Ready for updating
Im on 7.1. I have been waiting for 7.2 developer image, which is now out and just noticed 7.2.1 is available OTA. I'm really confused what to do. I want to keep root without bricking my Shield. Should I Stay with what I have as it is running well.
I am not even sure if it is safe trying to update to dev 7.2 image (or if I would want to) by hooking to computer and using ADB Fastboot tools.
Is there any good reason to update to 7.2 or 7.21? and if so how would I go about doing it? Which program is good for flashing developer images or OTA updates. I used to use flash-fire, which seems to be obsolete now and have heard TWRP is incompatible rooting with SU with OREO updates????
Should I play it safe and stay with what I have rather than experiment and end up with a brick? (wouldn't be the first time)
Anyone know if 7.21 is some-kind of bug fix?
Alot of questions but hope someone has some answers.
Thanks for any info.
"You know you can start it with ease, if you only could the remote that you left in the drivers seat when you locked the door "
My fastboot issue
Yeah, i think i busted the microusb somehow with a faulty usb hub, whenever i plug the usb to my raspberrypi/windows box(for adb/fastboot) now, it turns off all usb ports on the pi aswell as the windows box, even when the shield is unplugged, some sort of earth problem maybe
......all i have is adb over network, adb reboot bootloader simply reboots back to system, adb reboot recovery works though.
ive read that fastboot over tcp(ethernet) had been introduced a couple of android versions ago, but i dont think its been implemented in our shields
infact heres a link
https://www.androidpolice.com/2016/...-capabilities-wireless-flashing-isnt-far-off/
Looks like it needs to be specifically added onto a build
As far as you making a stock root build, if you can, that would awesome, more then awesome, but if it becomes more work then you thought dont worry about it, its not like their making it easy
Also, sounds like 4.9/future android is gonna be a nightmare for root......... having the ability to root so that the option is there to see whats going on in the background of these devices, these devices posessing cameras/microphones/old+latest sensors/personal files/personal info, which reside on our personal beings or in our homes........is just one reason why i dont want to see root go away
So what is the purpose of the developer image of 7.2?
Rather, I know the stated purpose of the developer image, but if it is locked in the way described it sounds like the benefit is negated for typical developers.
(e.g. sometimes I debug an application without permissions in order to benchmark or debug a problem).
For casual users of the shield, using ad blockers and whatnot, is there any benefit to derive from installing the developer rom over stock? Does "adb root" still work?
What is left as the difference. It doesn't sound like they produced a userdebug build of the OS.
Thanks
The 2 new updates are horrible. I have gone back to 7.1. They have crippled my shield. I'll wait for a new update.
After many searches for the best help on my new Asus ZenFone V V520KL, I have no way to unlock the bootloader. Asus doesn't provide any support for this 2017 model, nor does Verizon, the company the phone was made for.
It comes stock with Nougat 7.0 OS, 32 GB ROM & 4 GB RAM. It's got a decent size screen and runs not too too bad.
I'm wondering if one of the tech people here would be so kind as to help me with not only unlocking the bootloader so I can then install a custom recovery image, preferrably TWRP, since I have used this type of program before on my other ZenFone 3 Zoom.
I already have ADB tools on my Windows 7 notebook (32-bit). I used it to install the last root on my other aforementioned phone so it will work.
What I'm wondering about is the bootloader unlock tool, custom recovery image (TWRP), and a way to root the bastard. Hopefully we can relock the bootloader after the job's done because it's annoying on my other phone to always have to bypass the "Can't check for corruption." screen before the phone actually boots. Again this is for the Asus ZenFone V V520KL model. There is really no information anywhere right now I know of that gets this job done.
Having a custom Pie 9.0 ROM upgrade would be the best if possible once we root the device.
My name is Andrew, S.D. from Canada.
Thanks and blessings.
Root
Did you find a way to root it?
No, I still need help with the original post. I can root the ZenFone 3 Zoom ZE553KL but they already tell us how to do that in another forum.
the Bootloader for v520kl is already unlock by ENG Firmware
Just serch it in forums
You're talking to a noob. Give me the location of ENG firmware.
Hi friend, in the other post de link for downloading de ENG Firmware is broken
[email protected] said:
Hi friend, in the other post de link for downloading de ENG Firmware is broken
Click to expand...
Click to collapse
This is the link
http://www.mediafire.com/file/lc17b75qbvy018z/Asus_Zenfone_V_V520KL_All_WW_ENG_T3.3.15.zip
I tried to flash it did not work for me..
---------- Post added at 10:55 PM ---------- Previous post was at 10:43 PM ----------
Doctor Andrew said:
You're talking to a noob. Give me the location of ENG firmware.
Click to expand...
Click to collapse
Here is the link:
https://forum.xda-developers.com/showpost.php?p=78833735&postcount=52
Hi friend,
It's de the same rom for this page
https:
www
hardreset.info/devices/asus/asus-v520kl/faq/firmware/ because, the size of this rom is 813MB
and the size of the rom of the link that you provide is 775.53 MB and the files is the same name.
or this rom has been updated.
someone know what version of android have this rom
Okay so we now have a link to just the ROM it looks like. Do we have a way to unlock the bootloader yet and install TWRP first? What about the TWRP image file, do we have one of those as well?
Doctor Andrew said:
Okay so we now have a link to just the ROM it looks like. Do we have a way to unlock the bootloader yet and install TWRP first? What about the TWRP image file, do we have one of those as well?
Click to expand...
Click to collapse
To flash the ENG rom, you do not need to unlock the bootloader. Just the Asus flash tool.
Once you flash it, you can reboot to fastboot mode(adb reboot bootloader) and use fastboot oem unlock to unlock bootloader. Be warned though the ENG firmware is very basic. No web browser, no google play, you can't pull down the notification bar etc. (Great battery life though with about 7-10 days since I am not using it at all).
As of right now, there is no TWRP for it that i know of. In fact, I can't even boot into recovery atm. I also am unable to get boot.img file form the .raw file so the various methods to root it seem to be out of reach for the moment.
I've absolutely no interest in the ENG firmware. Still looking for a solution to the original post that people can understand and use easily.
Doctor Andrew said:
I've absolutely no interest in the ENG firmware. Still looking for a solution to the original post that people can understand and use easily.
Click to expand...
Click to collapse
Well, ENG is the only way i could figure it out but I finally manged to get root on the phone with magisk. Still have some work to do to get play store and everything else running properly, but for now, hardest part is done.
oh my god - rooooot
faericia said:
Well, ENG is the only way i could figure it out but I finally manged to get root on the phone with magisk. Still have some work to do to get play store and everything else running properly, but for now, hardest part is done.
Click to expand...
Click to collapse
Good time of day, Faericia, this is just great news. You can share the experience of getting root with magisk?
Regarding Google Play and all that, where you need Google, using a bunch of microG and Aurora store.
MicroG is the core of Google services, which allows you to pass authorization through Google, synchronize and do it all without any garbage code, according to my observations, the expense is not much spent.
Aurora shop, as an analogue of Google Play, the application, the ability to save apk.
Due to the lack of binding to your Google account.
I think this connection may be relevant and rooted.
The initial partition should appear as root, it intends to resolve all the problems that I have in my phone. for asus applications, after I have done my best, several attempts have already been made.
It was possible to look in read mode using root explorer.
Perhaps you can somehow remove the protection of verizon on the bootloader.
PS the most hardcore variation of raw firmware, a hex editor, search in that between code, boot, recovery, system, etc. Very large empty spaces. previously there were 100 miles earlier.
I think this is part of verizon jokes.
This article should be cut and placed in img.
Thanks so much in advance.
hello when you finish you could share through a tutorial what you did I have my asus v with verizon rom and only data but if I can make it functional with the rom eng then better
Okay, Here are the steps. Before anything else though, I should warn you that I have not been able to get safetynet to pass. So if you have apps that require safetynet to pass, this may not be the way to go.
First you will need the ENG firmware:
https://mega.nz/#!l7wBlQ4B!uB63yH5Rir24GaSfDMWKowqdz-N_sc6SJ-q1WuuGiqM/
Also Asus Flash tools v 1.0.0.72:
https://drive.google.com/file/d/11rcjOgdpJhpK97GzbhYK6cYEIWOtzKE9/view
I am assuming you know adb and such. If not, search the forums and get the adb tools.
Using adb, Reboot to bootloader. ( adb reboot bootloader )
Load the .raw file in the asus flash tool, select v520KL and flash.
Once flash is done, unlock bootloader by going into bootloader (adb reboot bootloader) then type (fastboot oem unlock.)
Here is the patched_boot.img I used if you want to just try to flash that and see if it will work. This is for the eng firmware.
https://drive.google.com/file/d/1fUxGc27lrodR3ro9MIspde73G8Xg9VlW/view?usp=sharing
Go into bootloader and flash. (fastboot flash boot patched_boot.img)
Install magisk manager and test it out.
If you wish to patch the img yourself, the steps are below (still working on it):
So now we have the phone unlocked, and the software is very basic. We also need the boot.img file to patch since we do not have TWRP. Since I couldn't get it from the raw file (the extracted file is invalid with a size of 0 bytes) I decided to extract it from the phone. But to extract from the phone we need root. So for this next step, temporary root will have to do.
You can get temp root by using KingoRoot. Use the PC version and you will get root. This is just so we can extract the files from the phone itself.
I need to find the steps for the next steps again, but the basics is, extract boot.img from the phone. Patch it using magisk manager and then flash the patched_boot.img in bootloader mode. I had google play working(chinese version) but once i removed kingoroot it kept crashing. I currently have magisk and it gives me the root permissions but safetynet fails. I will retry this tomorrow and see if I can fix the safetynet issue and update this post with the steps.
Also I seem to have borken recovery mode on my phone. That may be because I tried flashing bunch of other stuff before I managed to root it so I do not know if it will be the same situation to you or not. I believe after I flashed ENG firmware, i had access to recovery mode at one point, but I may have just messed it up. Either way, Expect updates in the near future.
asus recovery
A huge over many thanks.
I also tried to get a temporary root, via the kingoroot pc version, it did not work, I suspect it because I installed eng, but did not oem unloock, when I did unlock, I somehow managed to get the boot out of the firmware, the user from 4pda was patched, but said that this boot is from 8 android, I thought that I had schizophrenia because later on trying to get boot I also got 0mb, this was due to the unexpected end of the archive.
In general, by flashing this boot, I also found a recovery mode and even a recovery mode, but going into recovery a message from Verizon was displayed, standard, when you roll the eng firmware for 5 seconds, hold something, etc. Well, you understand. And the whole laugh is that it was in a circle.
I suspect that asus had any plans for this device or for this amount of components. In other words, it was some kind of blank that was abandoned, maybe asus thought that this exclusive for verizon will make a trap, and then they say on the basis of v520kl we will make a non-exclusive open device, but alas, a huge member between two rolls.
Therefore, fortunately or unfortunately, recovery was not broken by you, most likely it was not working initially, but this is only a guess.
Daniel.Sim said:
A huge over many thanks.
I also tried to get a temporary root, via the kingoroot pc version, it did not work, I suspect it because I installed eng, but did not oem unloock, when I did unlock, I somehow managed to get the boot out of the firmware, the user from 4pda was patched, but said that this boot is from 8 android, I thought that I had schizophrenia because later on trying to get boot I also got 0mb, this was due to the unexpected end of the archive.
In general, by flashing this boot, I also found a recovery mode and even a recovery mode, but going into recovery a message from Verizon was displayed, standard, when you roll the eng firmware for 5 seconds, hold something, etc. Well, you understand. And the whole laugh is that it was in a circle.
I suspect that asus had any plans for this device or for this amount of components. In other words, it was some kind of blank that was abandoned, maybe asus thought that this exclusive for verizon will make a trap, and then they say on the basis of v520kl we will make a non-exclusive open device, but alas, a huge member between two rolls.
Therefore, fortunately or unfortunately, recovery was not broken by you, most likely it was not working initially, but this is only a guess.
Click to expand...
Click to collapse
I know recovery mode was working with VZW firmware. I know this because I tried installing using adb sideload several times. I might be mistaken on getting there once i flashed eng firmware but again, it has been a month or two since I tried it and all I know is, it won't go into the recovery screen now. Oh well, not my main phone so irrelevant.
I have installed patched boot img with fastboot. Now have root. But there a lot of apps not working. No Google apps at all. And no way to install them.
---------- Post added at 06:23 PM ---------- Previous post was at 06:15 PM ----------
Have installed patched boot img by faericia. Now I got root. But eng version doesn't have Google apps, so no play store, no Google pay, no accounts, no Gmail. And I don't know how to install it.
game #1 said:
I have installed patched boot img with fastboot. Now have root. But there a lot of apps not working. No Google apps at all. And no way to install them.
---------- Post added at 06:23 PM ---------- Previous post was at 06:15 PM ----------
Have installed patched boot img by faericia. Now I got root. But eng version doesn't have Google apps, so no play store, no Google pay, no accounts, no Gmail. And I don't know how to install it.
Click to expand...
Click to collapse
The only time I had Google apps was when I had kingoroot root still int he system. I then downloaded the Chinese google apps installer and used that to get it. Once i removed kingoroot google framwork kept crashing making it unusable.. If you don't need to pass safetynet, that might be the way. Othewise, I am still trying to work on it.
faericia said:
The only time I had Google apps was when I had kingoroot root still int he system. I then downloaded the Chinese google apps installer and used that to get it. Once i removed kingoroot google framwork kept crashing making it unusable.. If you don't need to pass safetynet, that might be the way. Othewise, I am still trying to work on it.
Click to expand...
Click to collapse
I found out how to stop frameworks from crashing. Just make it a system app. I use link2sd for this.
Now all gapps work nice.