Ok so i have searched online many times.. tried many tools i found.
I take it they are ext4 images ?
I mean the separate images in the stock firmware packages.
i especially would like to get at the fsg.mbn files..
if i look on the root fsg folder i think i see what is in the .mbn
i opened some with WinRar (packed .gz's) and i find more packed images (signed)
i believe those are the carrier config settings.
since i have had issues with my carrier connection being setup properly i have been investigating..
I am stuck using GSM when my phone should be using cdma.
and if i force the phone to use cdma it won't connect.
but if i restore the stock firmware on 5.0.2 then i have cdma back normal.
my carrier did not put out 5.1
so i have installed the US Retail.
tried many variations of modems.. no matter what i do only thing working is GSM
so i want to make my digging easier for getting at stock files.
having to install them onto my phone to get at them is dumb.
i'd rather just unpack my various firmware packages and compare etc..
any idea people ?
has any of you unpacked an .img (on WIndows)
Try this...
http://forum.xda-developers.com/showthread.php?t=2073775
Related
Just wondering if anyone has extracted a radio img from a sbf?
I'm trying to get all the radios i can find and make CWM installers for them. so far i can only get them from OTA updates. Is this the only way?
Ive tried moto-depacker but cannot figure out how to combine the mbn headers into an image....
I would like to get away from using the computer for flashing anything
Search for a thread called "fruit cakes" in android development. It has flashable CWM files for radios.
Sent from my MB860 using XDA App
If you are in linux you need to get sbf_flash from mdm, than get the sbf files you want to extract the radios from and do "sbf_flash -x yourfile.sbf" all the images will be extracted as *. img than just get the img number where radio is stored and thats it. Taking them from fruitcakes as already suggested would be quicker though.
neer2005 said:
Search for a thread called "fruit cakes" in android development. It has flashable CWM files for radios.
Sent from my MB860 using XDA App
Click to expand...
Click to collapse
Sigh..... So where is the 1.97R fruitcake??? I only see 2 radios in that thread.
I want to extract all radios I can find and make CWM installers so I can test out different radios in different areas without having to use a computer to flash.
Sent from my MB860 using XDA Premium App
SolidHelix said:
Just wondering if anyone has extracted a radio img from a sbf?
[...]
I would like to get away from using the computer for flashing anything
Click to expand...
Click to collapse
Ditto on dumping the PC... though you will need to use this on a PC to extract the radio.img files:
http://www.e2mod.com/content/view/93/27/
http://www.motorolafans.com/forums/e6-firmware/22882-how-to-create-your-own-monsterpack.html
Props to NFHimself for mentioning this method in his Telstra radio thread here (post #4):
http://forum.xda-developers.com/showthread.php?t=1049434
There are a few posts here of .zip format radio images... not sure if they include only CG5 or also RDL1 and RDL3. Don't know how inspect a radio.img to determine this. Any ideas?
More info here on CG5, RDL1 and RDL3:
http://forum.xda-developers.com/showthread.php?t=1059643
http://forum.xda-developers.com/showthread.php?t=1059643
NFHimself said:
Single Binary Format
[...]
Desbf, I don't know the history behind this or what it has been used for in the past, it was on a list of google hits for the obscure motorola sbf format. You run it, select a sbf file, and it automatically creates a folder with all the files contained in the sbf extracted. You can delete files and then save an sbf that can be flashed. It has a parse CG button, don't know what it's for. It has been used to flash the Telstra radio onto Att and Bell. I have yet to use it to flash something using RDL3, just the radio using RDL1.
[...]
Speaking of files, here is what I understand about them:
The utilities spit out SMG files, it's a motorola format, not sure of the acronym.
RDL1:
RDL3:
Ram downloader 1 is used for the radio, it is flashed after everything else, changing mode to do so, everything else is flashed using Ram downloader 3. I don't know what happened to RDL2.
[...]
CG5 is the radio, plus other things apparently. In [De]Packer it's a virtual collection of mbn files, partition.mbn, amas_sec.mbn (the radio), osb1_sec.mbn, cefs.mbn, db1_sec.mbn. I have no idea what they are about. I know they are from CG5 because an sbf with just RDL1, RDL3, and CG5 spits out RDL1, RDL3, and the above without a CG5.
Click to expand...
Click to collapse
Well now I feel stupid...
Upon much closer inspection it seems that desbf.exe can't actually be used to create .img files. It appears that I mis-read NFHimself's thread...
I too have banged my head against this for a couple of nights and come to the same conclusion. The few radio.img/bp.img files out there apparently came from either AT&T or Orange FR OTA updates.
So we know Motorola knows how to do this... but HOW???
http://forum.xda-developers.com/showthread.php?t=1049434&page=14
acer73 said:
it's possible to have a CW file of this radio?
Click to expand...
Click to collapse
NFHimself said:
Only if it is available as an OTA file, the sbf radio format contents would have to be translated into a different format for a CWM zip.
Cheers!
Click to expand...
Click to collapse
Another possible line of attack:
http://and-developers.com/partitions:cdt
Extracting partitions
Method, which use right ecc correction
You need kernel module and mtd-utils. Here you can download precompiled mtd-utils and kernel module, with sources. mtd-utils.tar.bz2
Code:
insmod mtd_dumpall.ko
echo "0 64" > /proc/mtd_dumpall
cat /proc/mtd_dumpall > /tmp/mtd0.bin
The result is in ASCII format where ^d[^:]+ denotes data lines and ^o[^:]+ denotes OOB data. Each data line have 0x20 ASCII hex.
To transform them to binary:
Code:
grep ^d | xxd -r -c 0x20 > out.bin
or just try use nanddump directly
janneg_'s kernel module
After booting into Linux, some of these partitions are available through MTD devices (/dev/mtd*). But other partitions are not available because the Linux kernel provided by Motorola does not map them into MTD devices. janneg_ has created a kernel module that maps them all, thus enabling us to extract anything from the Milestone's Flash. You can try a precompiled binary here if you don't want to compile it yourself.
Click to expand...
Click to collapse
Some of the download links on this page are stale, notably the precompiled binary for janneg_'s kernel module...
NFHimself provides a partial Code Group to partition name map here:
http://forum.xda-developers.com/showpost.php?p=13386993&postcount=1
zambezy does the same here:
http://forum.xda-developers.com/showpost.php?p=12687720&postcount=502
But what is the partition name for CG5?
*bump*..anyone still working on creating the CWM zip for 1.97 radio? If someone can tell the process I am willing to create it.
Any Update on that? I would like to get the baseband from the German 2.3.4 sbf.
goo.im/devs/h0tw1r3/GT-N7005/GT-N7005-IMM76D-DXLJ2-Baseband
This is probably the closest I've found, but as far as I know, flashable modem zipz are supposed to have 2 more files, mainly:
1. META-INF/com/google/android/update-binary
2. META-INF/com/google/android/update-script
I know next to nothing about these files and their uses. I've also taken a look at the update-script file, my guess is that it's whatever's shown in recovery display when you flash it.
Where can I find a flashable DXLJ2 modem for the Note N7005/SGH-i717?
I've tried other modems such as UCMD3, UCLF6, etc., they drop connections often in where I live, the only one which worked out okay for me was DXLJ1, so I decided to try and get the DXLJ2 modem to test it out, but can't find it.
I'm planning on using this in the Padawan JB rom as the default modem that came with that custom ROM did not work for me.
I've also noticed that there are some ROMs which make use of the DXLJ2 modem, but I know nothing about development or how modems are incorporated into ROMs.
tl;dr - I'd like a flashable DXLJ2 modem zip if possible, thanks!
Did you try Google? Probably not because I found a few links to other sites in seconds.
440bro said:
Did you try Google? Probably not because I found a few links to other sites in seconds.
Click to expand...
Click to collapse
I have, I'm guessing I must be using wrong keywords since I tried "DXLJ2 Modem Baseband download xda android" numerous times on Google and have only managed to find ROMs which use that baseband, but not as a flashable ZIP by itself.
I always Google before asking questions, and only ask when I have trouble finding something.
Probably seems dumb since some people can find it easier than me, but like I said, I've tried and failed, which is why I'm asking here.
why not just download the stock n7005 .tar and extract the modem.bin and flash with odin. sometimes less is more(keywords). n7005 dxlj2 and extract modem.bin. you will find what you need on first page of each of these searches.
s89281b said:
why not just download the stock n7005 .tar and extract the modem.bin and flash with odin. sometimes less is more(keywords). n7005 dxlj2 and extract modem.bin. you will find what you need on first page of each of these searches.
Click to expand...
Click to collapse
Hey thanks for the reply, much appreciated!
Just to confirm though, is modem.bin supposed to be in the root directory of the tar? I don't see such a file, only:
-amss.bin
-mdm.bin
(These 2 files also appeared in the link in the first post.)
along with the boot image (boot.img), recovery image (recovery.img) and 2 EXT4 filesystem partitions/files (cache.img.ext4 & system.img.ext4)
here is link to a flashable zip of ucmd3 modem. http://storagecow.eu/index.php?dir=Xda/AT&T+Note+1/Stock+Jelly+Bean/ replace the files in tmp folder with both files you got from tar and you should have a recovery flashable dxlj2 zip.
s89281b said:
here is link to a flashable zip of ucmd3 modem. storagecow.eu/index.php?dir=Xda%2FAT%26T+Note+1%2FStock+Jelly+Bean%2F replace the files in tmp folder with both files you got from tar and you should have a recovery flashable dxlj2 zip.
Click to expand...
Click to collapse
Thanks, I'll do that when I can! (My phone isn't with me right now)
I'd just like to know if the same META-INF folder can be used for other other modems as well, for the same device (N7005/I717) and for totally different devices as well (N7000, GS3, etc.)
What does the update-binary (in META-INF) actually do?
Also why is there no modem.bin, just mdm.bin?
I apologise for the questions, I'd just like to learn more if possible. I can probably get it to work already but I'd like to know a bit more and save myself some trouble in the future.
DEVICE: LG REVOLUTION (VS910V6)
MY RECOVERY PARTITION IS GONE, BUT I DID FIND A ROM DUMP OF THE SHIPPING ROM FOR MY DEVICE. ITS A ZIP FILE. IS THERE SOME WAY THAT I CAN SOMEHOW CREATE A FLASHABLE ZIP FROM THE DUMP FILE TO BE ABLE TO FIX MY PHONE? MY PHONE IS PRETTY OLD. I HAVE TRACKED DOWN A HANDFUL OF DIFFERENT FILES FOR MY PHONE AND I WOULD HAVE FLASHED ANY OF THE OTHER POSSIBILITIES OF COMPATIBLE ROMS, FACTORY FIRMWARE, ETC. THE PROBLEM WITH THAT IS FOR EVERY FILE I FOUND THE DOWNLOAD LINK FOR, IT'S OUTDATED AND DOENS'T WORK ANYMORE. SO I'M HOPING THERE MIGHT BE A POSSIBILITY GOING THIS ROUTE.....? ANY SUGGESTIONS WOULD SURELY BE APPRECIATED!! :fingers-crossed:
While trying to create my first ever Android firmware I had solve several problems, especially if you consider that I prefer under Windows instead of Linux.
I won't go into too many details as I have to assume everyone attempting this did at least some reading on the general how to of firmware installations and modifications.
Things you need:
Original firmware for your device as a IMG file
Amlogic's Customisation tool
A Rom Kitchen of your choice (I use Carliv)
System_Extractor-WIN-master
Some time...
Step1: Load the firmware into the AML tool and tick all boxes except the last one.
In the tmp folder you will find the unpacked files.
Under Level one are the files we want.
You will see a bunch of "PARTITION" files, we copy the following ones into a seperate folder for further use to create the ZIP.
I suggest to name the folder "Install" so we are all on the same page here.
boot.partition
bootloader.partition
logo.partition
recovery.partition
If you checked a flashable ZIP update before you will notice some files are missing, let's try to fix that.
Rename all partition files you copied to img, so instead of boot.partition you get boot.img.
Unpack the boot.img with your kitchen.
You will find a file "boot.img-second" - copy that into your install folder and rename it to dtb.img.
Inside the unpacked ramdisk (In your kitchen) of the boot.img you will fing the "file_contexts" file - copy that into your install folder as well.
Most AML firmware I had so far used a system.new.dat and a system.transfer.list to create the system partition.
We can create them from the system.partition file after renaming to system.img in System_Extractor-WIN-master .
To do this the system.img needs to be unpacked and we need again a copy of the file_contexts.
After the image is unpacked we can pack it again as system.new.dat and system.transfer.list.
The last missing bits can be tricky though as now we need a META-INF folder that works for our device in question.
There are two way to fix that.
Method one:
Search the usually chinese websites using Google to find original firmware for your device.
Chance are that you will find something like an OTA update - in there you will find what you need.
Method two (I never tested that):
Take the META-INF folder from an OTA update of a box with identical hardware specs.
Most important part here is the memory configuration so for a 2/16GB box you need a 2/16GB OTA update.
Next of same importance is the WiFi/Bluetooth config.
If you only have Wifi than an update for a box With daul wifi and BT4.0 won't help you.
If the actual Wifi chip is a different one but CPU, GPU, Memory and connections are the same it should still work.
Once you have the META-INF folder included into your Install folder the firmware is ready to be zipped - in theory!
The X96 for example uses a hash check for the update and created system partition.
To be able to flash your image you need to know what the original recovery would expect - has check or not.
The updater script within the META-INF folder needs to be updated to match your build.prop details as well hash check/no hash check.
Again, with an original OTA update you will find these infos.
Only if you don't have the OTA and no clue what your updater script and recovery needs you are a bit lost.
I know I has not all the steps in detail and if you are without and OTA update you need to search but otherwise feel free to ask and I will try to assist to make it complete if I can.
Downunder35m said:
While trying to create my first ever Android firmware I had solve several problems, especially if you consider that I prefer under Windows instead of Linux.
I won't go into too many details as I have to assume everyone attempting this did at least some reading on the general how to of firmware installations and modifications.
Things you need:
Original firmware for your device as a IMG file
Amlogic's Customisation tool
A Rom Kitchen of your choice (I use Carliv)
System_Extractor-WIN-master
Some time...
Step1: Load the firmware into the AML tool and tick all boxes except the last one.
In the tmp folder you will find the unpacked files.
Under Level one are the files we want.
You will see a bunch of "PARTITION" files, we copy the following ones into a seperate folder for further use to create the ZIP.
I suggest to name the folder "Install" so we are all on the same page here.
boot.partition
bootloader.partition
logo.partition
recovery.partition
If you checked a flashable ZIP update before you will notice some files are missing, let's try to fix that.
Rename all partition files you copied to img, so instead of boot.partition you get boot.img.
Unpack the boot.img with your kitchen.
You will find a file "boot.img-second" - copy that into your install folder and rename it to dtb.img.
Inside the unpacked ramdisk (In your kitchen) of the boot.img you will fing the "file_contexts" file - copy that into your install folder as well.
Most AML firmware I had so far used a system.new.dat and a system.transfer.list to create the system partition.
We can create them from the system.partition file after renaming to system.img in System_Extractor-WIN-master .
To do this the system.img needs to be unpacked and we need again a copy of the file_contexts.
After the image is unpacked we can pack it again as system.new.dat and system.transfer.list.
The last missing bits can be tricky though as now we need a META-INF folder that works for our device in question.
There are two way to fix that.
Method one:
Search the usually chinese websites using Google to find original firmware for your device.
Chance are that you will find something like an OTA update - in there you will find what you need.
Method two (I never tested that):
Take the META-INF folder from an OTA update of a box with identical hardware specs.
Most important part here is the memory configuration so for a 2/16GB box you need a 2/16GB OTA update.
Next of same importance is the WiFi/Bluetooth config.
If you only have Wifi than an update for a box With daul wifi and BT4.0 won't help you.
If the actual Wifi chip is a different one but CPU, GPU, Memory and connections are the same it should still work.
Once you have the META-INF folder included into your Install folder the firmware is ready to be zipped - in theory!
The X96 for example uses a hash check for the update and created system partition.
To be able to flash your image you need to know what the original recovery would expect - has check or not.
The updater script within the META-INF folder needs to be updated to match your build.prop details as well hash check/no hash check.
Again, with an original OTA update you will find these infos.
Only if you don't have the OTA and no clue what your updater script and recovery needs you are a bit lost.
I know I has not all the steps in detail and if you are without and OTA update you need to search but otherwise feel free to ask and I will try to assist to make it complete if I can.
Click to expand...
Click to collapse
Thank you for this explanation, but the explanation of the video to better understand everyone
Will see if I can at least add some pics while working on Nougat.
Hello,
Thanks for you tutorial.
I have a h96 Pro+ and the last firmware was a .img file... (Link of the firmware : https://mega.nz/#F!d1tHVZgA!Qc0mAom7FBHT9HDv3rGtGQ )
Is there a good guy who can convert this .img to a .zip file please ?
A lot of users are asking for this, me too and if you can help me to do this it will be really cool and appreciate
Thank you,
Carmin.
Thanks for your explanation im trting to port 7.1.1 to my tv box and i have found one funcional the only troble is the wi fi drivers not working ill give it a try latter today
Sent from my SM-N9300 using Tapatalk
I downloaded my stock ROM (G386WVLS1AQA1_G386WOYA1AQA1_VMC) in hopes of finding the keymaster files so that it would fix the security (system) settings crash issue that I'm having for a custom ROM flash on my sm-G386W. The ROM is actually for an sm-G386T, and the problem has supposedly been fixed, so my best guess is that the issue is with my Canadian variant. I figured that getting the keymaster files from my specific stock ROM would fix the issue. Except... I can't find them.
On Windows, I downloaded the stock rom, extracted G386WVLS1AQA1_G386WOYA1AQA1_G386WVLS1AQA1_HOME.tar.md5, extracted system.img.ext4, unpacked system.img.ext4, and then viewed system.ext4. I looked in /vendor/firmware/keymaster and \etc\firmware, and didn't see them. extracted the entire system structure so that I could search it on Windows, and didn't find the keymaster files at all.
Any ideas?
This is basically my only hope for getting anything above Android 4.4.4 for my Samsung Galaxy Core LTE (which is pretty much the same as the Galaxy Avant).