Need help spoofing MAC address on my Amazon Fire (Cyanogenmod 12.1) - Android Q&A, Help & Troubleshooting

I have an Amazon Kindle Fire 7 inch 5th generation tablet running the unofficial build of Cyanogenmod 12.1 for this device (main thread). I've got root, I'm running without GApps, and my setup is working great. The only thing I have yet to resolve is that I cannot spoof my MAC address. If I try to do so with something like:
Code:
su
busybox ifconfig wlan0 down
busybox ifconfig wlan0 hw ether 00:11:22:33:44:55
busybox ifconfig wlan0 up
it will fail on "busybox ifconfig wlan0 hw ether 00:11:22:33:44:55" with the message:
Code:
ifconfig: SIOCSIFHWADDR: Operation not supported on transport endpoint
I also tried two similar approaches:
Code:
su
busybox ifconfig wlan0 down && macchanger -r wlan0
fails with
Code:
[ERROR] Could not change MAC: interface up or insufficient permissions: Operation not supported on transport endpoint
while
Code:
su
ip link set wlan0 address 00:11:22:33:44:55
fails with:
Code:
RTNETLINK answers: Operation not supported on transport endpoint
From the googling I have done, it seems that this may be due to a limitation of the hardware, kernel or wifi drivers? Hopefully that doesn't mean there is nothing I can do and nothing more to try. Are there perhaps other methods that would bypass this problem?
For a bit of additional info, the application "Dalvik Explorer" shows under device details "Hardware: MT8127", which I hope is a useful piece of information to someone with more technical expertise than me. If it is a driver issue, are there perhaps newer drivers for that I could manually load somehow? If it is a kernel issue, is there anything I can do to modify the kernel (not something I have the slightest bit of experience with, but I'll be damned if I can't try). Any guidance or ideas would be extremely helpful.

Spoofing your MAC ID would require a kernel mod.
Our bootloader is locked so this is not achievable right now.

ggow said:
Spoofing your MAC ID would require a kernel mod.
Our bootloader is locked so this is not achievable right now.
Click to expand...
Click to collapse
Aw.
Well, thanks for letting me know. And thank you for bringing Cyanogenmod to this device, I have been enjoying it greatly!

ggow said:
Spoofing your MAC ID would require a kernel mod.
Our bootloader is locked so this is not achievable right now.
Click to expand...
Click to collapse
cyanogen_aw_yeah said:
Aw.
Well, thanks for letting me know. And thank you for bringing Cyanogenmod to this device, I have been enjoying it greatly!
Click to expand...
Click to collapse
Unless Amazon has deprecated this (e.g. with a kernel update?),
on my 2015 Fire + CM12.1 (per OP's link) I'm able to spoof my MAC address using the idme command.
Code:
su -c idme mac_addr 38aa3c123456
su -c idme print mac_addr # check to see that it set it
Then restart the device. After rebooting, go to CM Wi-Fi settings -> Advanced and see if it worked. It seems certain OUIs (first half) are rejected by the OS.
I found this while poking through the kernel code earlier this year. But per @ggow's comment, maybe they've nixed it since then.

Working On FireHD 10 2017
jrodat said:
Unless Amazon has deprecated this (e.g. with a kernel update?),
on my 2015 Fire + CM12.1 (per OP's link) I'm able to spoof my MAC address using the idme command.
Code:
su -c idme mac_addr 38aa3c123456
su -c idme print mac_addr # check to see that it set it
Then restart the device. After rebooting, go to CM Wi-Fi settings -> Advanced and see if it worked. It seems certain OUIs (first half) are rejected by the OS.
I found this while poking through the kernel code earlier this year. But per @ggow's comment, maybe they've nixed it since then.
Click to expand...
Click to collapse
I can confirm this is working on my fire hd 10 2017!!! You have made my day I wish you the best of luck in life!!!

AustinR66 said:
I can confirm this is working on my fire hd 10 2017!!! You have made my day I wish you the best of luck in life!!!
Click to expand...
Click to collapse
Hi can you tell me how to do this i want to do it on a fire 7 do i need root access? If so what do i need to install and where do i type these idme commands? Sorry bit of a noob to all this.

saupe2005 said:
Hi can you tell me how to do this i want to do it on a fire 7 do i need root access? If so what do i need to install and where do i type these idme commands? Sorry bit of a noob to all this.
Click to expand...
Click to collapse
Hey,
If you have Cyanogenmod, you should be able to do it without installing anything.
These directions are for my Fire 7 2015. Screenshots included at the bottom.
Go to your Settings app and click "About tablet"
Find the line that says "Build number" and tap repeatedly on it. Eventually it will say "Developer settings unlocked" (or something like that).
Now go back to the main Settings page and open "Developer options". On this page you must enable 2 things:
"Root access" - enable this for 'apps'
"Local terminal" - enable this too.
Then reboot the device.
(This is needed for enabling root access.)
The Terminal app may not show directly on your launcher, but you will see it if you list all your apps.
Open the Terminal app, and enter the following commands, on separate lines:
Code:
su
idme mac_addr 4c0b3a000002
idme print mac_addr
(The "su -c" version wasn't working for me with the built-in Terminal app, I had to enter "su" by itself)
- The first line ("su") may show a popup asking you to confirm Root access
- The second line should display to your screen "Writing idme data..."
- The third line prints the mac address to make sure you set it successfully.
After this, you must reboot your device, to activate the new MAC address.
Sometimes the kernel will ignore the new mac, if the first 6 chars (the oui) are unrecognized. The prefixes "4c0b3a" and "38aa3c" both work for me. Or you can use the 6 chars that are built-in for your device. (run the "idme print mac_addr" line to see what they are.)
A mac address is all Hex chars, so only 0-9 and A-F are valid characters.
Check your Wi-Fi settings -> Advanced to make double-sure that it worked.
Hope this helps
Here are the screenshots (Click to zoom)

jrodat said:
Hey,
If you have Cyanogenmod, you should be able to do it without installing anything.
Thanks for your reply.
I dont seem to have the same options as you i have a fire 7, 7th gen i have managed to enable developer options by tapping my serial number but dont see any options about root access any ideas?
Click to expand...
Click to collapse

saupe2005 said:
I dont seem to have the same options as you i have a fire 7, 7th gen i have managed to enable developer options by tapping my serial number but dont see any options about root access any ideas?
Click to expand...
Click to collapse
The instructions were for Cyanogenmod OS 12.1 (thread title), that could be why it looks different.
I should've paid attention when you said "7th gen", my bad. I didn't realize, there's no way to root the 7th gen yet (or install a custom ROM):
https://forum.xda-developers.com/am...th-gen-2017ask-question-t3636919#post73033591
If/when someone cracks it, basically what you would need is a Terminal app from the Play Store, and root. Then the rest of the steps should work.
sorry about that :/

jrodat said:
The instructions were for Cyanogenmod OS 12.1 (thread title), that could be why it looks different.
I should've paid attention when you said "7th gen", my bad. I didn't realize, there's no way to root the 7th gen yet (or install a custom ROM):
https://forum.xda-developers.com/am...th-gen-2017ask-question-t3636919#post73033591
If/when someone cracks it, basically what you would need is a Terminal app from the Play Store, and root. Then the rest of the steps should work.
sorry about that :/
Click to expand...
Click to collapse
You gotta root it but if there is no root available then your out of luck. Sorry mate.

Related

(Q) spoof mac address For mini pro

Hi im trying to change my wifi mac address.
i tryed this one
http://forum.xda-developers.com/showthread.php?t=1385577 but it's not working and many other way and almost any app on the market .
so please if anyone change his mac on Mini pro Please help.
Got root and busybox?
Sent from my WT19i using xda premium
I did and it's not working not on Xperia Mini Pro.
REQUIREMENTS
1) ROOTED PHONE
2) BUSYBOX INSTALLED
3) Terminal App
OPEN UP TERMINAL AND WRITE
:su
:busybox iplink show eth0
(THIS WILL SHOW YOUR CURRENT MAC ADDRESS)
NOW TYPE IN
:busybox ifconfig eth0 hw ether 00:11:22:33:44:55
(INSTEAD OF 00:11:22:33:44:55, YOU CAN WRITE YOUR WANTED ADDRESS)
Click to expand...
Click to collapse
And what happens then?
Explain, what does it show, what error or what message comes up.
Code:
Ifconfig: SIOCSIFHWADDR: Operation not supported
Thank you for your relpay.
@ murders10: are you sure the root worked? what firmware are you running? are you using the right interface, is it eth0 that you wanna change?
Yes im sure root it's working fine Stock Rom .62.interface Wlan0 There is no eth0 on Xperia.
I did the same thing but it replied me:applet not found...
I need some help
I hope someone can help as.
Sent from my SK17i using xda premium
Its wlan0 not eth0..
edit: my phone gets the same error.. solved by re-installing busybox
1.play store>busybox (by stericsson)
2. run busybox app from drawer.. and choose install.
my first time installing the busybox from busybox installer app gives me some error that i dont have time to read through . something about old copies. i close it and start over. everything is just fine.
Sent from my Xperia Mini Pro using xda premium
it won't work with me what ever i did remove reinstall
But after all i fix my god dam router mac address problem. so i don't need to change any mac . thank you for the help.
Need to change MAC Address to try if Heywire works on a custom rom
urra901109 said:
Its wlan0 not eth0..
edit: my phone gets the same error.. solved by re-installing busybox
1.play store>busybox (by stericsson)
2. run busybox app from drawer.. and choose install.
my first time installing the busybox from busybox installer app gives me some error that i dont have time to read through . something about old copies. i close it and start over. everything is just fine.
Sent from my Xperia Mini Pro using xda premium
Click to expand...
Click to collapse
I'm trying this, but get a message error in terminal emulator, when i type :su, theres a message that says :su: not found, or :busybox ..., the same :busybox: not found error displays.
I'm runing Real ICS lite r2, on my Sk17a, with locked bootloader, stock kernel, rooted, with busybox 1.20 installed,
Im trying this because i use heywire a lot, and this rom is the best ive tried, and its awesome, lighting fast, but heywire says this phone has a previous heywire number, and as i investigated, it has something to do with the MAC address, give me some light here please
ipconfig: applet not found - MAC spoofing
Someguyfromhell said:
And what happens then?
Explain, what does it show, what error or what message comes up.
Click to expand...
Click to collapse
Hello, I've been trying to follow this guide at:
http://forum.xda-developers.com/showthread.php?t=1385577
My phone has CM 7.2,busybox installed too.
Entering
Code:
busybox ifconfig
in terminal (not in su) gives me the local loopback address, and when I turn on my wifi, it shows my wifi card details too. (It's named tiwlan0 though)
Anyhow, since ifconfig needs to be run as root, I get ifconfig: applet not found after I enter following commands:
Code:
$su
#busybox ifconfig (and anything starting with this)
So it looks like ifconfig runs fine without su but is not detected at all after I make the switch to su. And since the line of code that changes the MAC cannot be run without su(then I get - SIOCSIFHWADDR: operation not permitted), I am stuck!
I tried other methods such as and similar to the one on
http://forum.xda-developers.com/showthread.php?t=1343695
where, after editing some configuration file, one could change his MAC address. Is there any such known file/method for the LWW?
Thanks!
Simple Tutorial to spoof MAC address
So I finally figured this out and it actually works for the purpose u needed, I will write down step by step guide, and write me if you need some help
1. You need your XMP to be rooted, with SU intalled, busybox installed and with terminal emulator app
2. Open terminal emulator app, and type: su
3.Allow terminal app to have super user access
4.Now type: busybox ifconfig (with your WiFi on)
5.Locate the text on the left side "wlan0" and in that paragraph locate HWaddr, write down this address just in case.
6.Now turn your WiFi off
7.In terminal write down this: busybox ifconfig wlan0 hw ether 0A:1B:2C:3D:4E:5F (remember 0A:1B:2C:3D:4E:5F is only an example, you should follow the pattern: number, letter, number letter an so and on, for this process to work).
8. Turn on your WiFi, And your MAC address should be the one you created (you can check that by typing in terminal: busybox ifconfig)
And ther you go, you spoofed your WLAN MAC address, tested by me in a simple tutorial, hope it helps
---------- Post added at 01:58 AM ---------- Previous post was at 01:52 AM ----------
In your case step 7 should be like this:
7.In terminal write down this: busybox ifconfig tiwlan0 hw ether 0A:1B:2C:3D:4E:5F (remember 0A:1B:2C:3D:4E:5F is only an example, you should follow the pattern: number, letter, number letter an so and on, for this process to work).
I'm running Real ICS r5.1 by the way, and now heywire works just perfect. In step 7 tiwlan0 should be renamed as the name the card shows when you first run only ifconfig, take that as an advice.
7.In terminal write down this: busybox ifconfig tiwlan0 hw ether 0A:1B:2C:3D:4E:5F (remember 0A:1B:2C:3D:4E:5F is only an example, you should follow the pattern: number, letter, number letter an so and on, for this process to work).
I'm running Real ICS r5.1 by the way, and now heywire works just perfect. In step 7 tiwlan0 should be renamed as the name the card shows when you first run only ifconfig, take that as an advice.
Click to expand...
Click to collapse
No, it doesn't work. Like I mentioned previously, everything is seemingly installed(SU,busybox,terminal- iam on CM7.2 anyway) but in su mode,
Code:
busybox ifconfig
says ifconfig: applet not found. Am I the only one with this problem? Also, I'm not sure I should replace my terminal with the one from the market.(read somewhere that it does some replacement stuff; don't want to re-flash again soon)
Code:
su
ip link set wlan0 address aa:bb:cc:dd:ee:ff
Of course change example address to yours. It works until reboot.
blackstallion1234 said:
No, it doesn't work. Like I mentioned previously, everything is seemingly installed(SU,busybox,terminal- iam on CM7.2 anyway) but in su mode,
Code:
busybox ifconfig
says ifconfig: applet not found. Am I the only one with this problem? Also, I'm not sure I should replace my terminal with the one from the market.(read somewhere that it does some replacement stuff; don't want to re-flash again soon)
Click to expand...
Click to collapse
Why dont you try this, reinstall busybox via google play, with the app by Stephen Stericson, then you open the app, and grant BusyBox super user access, later you use terminal app and try my process, if not, then try the process posted by pikpok, see if it works and tell us
Problem with busybox probably...
Uh sorry my internet had been down almost a week! I installed MIUI v2.7.27 meanwhile and this time I could change my MAC address!
pikpok said:
Code:
su
ip link set wlan0 address aa:bb:cc:dd:ee:ff
Of course change example address to yours. It works until reboot.
Click to expand...
Click to collapse
Couldn't try that. But thanks, will keep this in mind in the future.:good:
Xtrifer said:
Why dont you try this, reinstall busybox via google play, with the app by Stephen Stericson, then you open the app, and grant BusyBox super user access, later you use terminal app and try my process, if not, then try the process posted by pikpok, see if it works and tell us
Click to expand...
Click to collapse
Yeah, busybox probably was the problem with CyanogenMod 7 (which has a different version of busybox than the one that came with MIUI 2.7.27). Maybe it hadn't been installed right somehow with CM7..
Anyway, it does work!:victory:Thank you!
nice
blackstallion1234 said:
Uh sorry my internet had been down almost a week! I installed MIUI v2.7.27 meanwhile and this time I could change my MAC address!
Couldn't try that. But thanks, will keep this in mind in the future.:good:
Yeah, busybox probably was the problem with CyanogenMod 7 (which has a different version of busybox than the one that came with MIUI 2.7.27). Maybe it hadn't been installed right somehow with CM7..
Anyway, it does work!:victory:Thank you!
Click to expand...
Click to collapse
Good, I was sure it was busybox, don't forget to hit the thanks button, happy modding lol

[Q] VPN on Tablet S 4.0.3 r5

Hi,
Just done a factory reset and upgraded to r5 , this is a UK tablet, region changed to US and flashed. I then rooted using Root_with_Restore_by_Bin4ry_v13 . After several try I got it working, but I had to use a signed VPNfaker to accomplish this.
So now I want to use a VPN, before I used OpenVPN, this worked perfectly, now it fails to connect. I get the error - Running on Sony Tablet S (nbx03) Sony, Android API 15. Your image does not support the VPNService API, Sorry
I tried to use OpenVPN Connect , getting the error due to a know bug in this version of android it is not possible to gain permission to open a VPN Tunnel.
So last attempt using the built in L2tp/IPSec option, with this I just get a timeout error. No Connection.
So was it the rooting method damaged or changed something with VPN or is it this version US R5 ?
Anyone got VPN working on US R5 ?
OpenVPN is working fine on my tablet S with release 5. I use the apps 'OpenVPN Installer' and 'OpenVPN Settings' from Google Play...
Sent from my Sony Tablet S using xda app-developers app
walsera said:
OpenVPN is working fine on my tablet S with release 5. I use the apps 'OpenVPN Installer' and 'OpenVPN Settings' from Google Play...
Sent from my Sony Tablet S using xda app-developers app
Click to expand...
Click to collapse
That was the second option I tried. I enabled the VPN service, then selected the VPN I want to connect. It initiates the connection then stops after a second with no results in the log file. Did you try any of the other VPN apps that don't require root, OpenVPN Connect (I think US Market only) or OpenVPN for Android, this work really well on my Xperia S .
How did you root your Tablet ?
Did you do the incremental update or full install ?
I flashed the full update and basically used the same method like you. I also had to sign VpnFaker.apk for my Swiss tablet... I don't remember any issuses installing OpenVPN (OpenVPN Installerhttps://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn.installer, OpenVPN Settingshttps://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn). Interestingly, no tun.ko module is required.
I quickly tried the apps you suggested and which don't require root. But they didn't work for me in a quick test.
walsera said:
I flashed the full update and basically used the same method like you. I also had to sign VpnFaker.apk for my Swiss tablet... I don't remember any issuses installing OpenVPN (OpenVPN Installerhttps://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn.installer, OpenVPN Settingshttps://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn). Interestingly, no tun.ko module is required.
I quickly tried the apps you suggested and which don't require root. But they didn't work for me in a quick test.
Click to expand...
Click to collapse
Thanks for trying that. I will retry loading my VPN Profiles again in OpenVPN
defsix said:
Thanks for trying that. I will retry loading my VPN Profiles again in OpenVPN
Click to expand...
Click to collapse
Ok, so tried re-installing busybox, tun.ko, OpenVPN settings and OpenVPN installer however still it's not working. I am thinking the problem is deeper than this though. The built in VPN options L2TP/IPSec and PPTP are both failing to work. I just get a time out error. I have uploaded a section of the catlog if someone could have a look at it.
I am still stuck with this problem. I used AIO tool to setup boot loop protection and then re installed the full R5 on top of the old installation. I didn't do a factory reset though, I don't have the time to re install everything.
And still the problem persists.
I am unable to create any VPN
Anyone any ideas ?
ok. Factory Reset.
Factory Reset, reinstalled R5. Titanium Backup restore and still no VPN. I give up.
Sorry to hear that... for more information about the initiation process of your VPN, you could try to start the openvpn binary in a terminal as root with an increased verbosity level... just to see at which step the process actually fails
walsera said:
Sorry to hear that... for more information about the initiation process of your VPN, you could try to start the openvpn binary in a terminal as root with an increased verbosity level... just to see at which step the process actually fails
Click to expand...
Click to collapse
would that give me more or the same as a logcat ?
Could you give me a quick idea how to do this in terminal ?
Well, I am not an expert, but your logfile was just little use for me...
Steps for running openvpn in terminal:
Open terminal
Type 'su' to get root
Change to the directory with your profiles using 'cd PROFILEDIR'
Type 'openvpn' for getting all command line options
To start a connection type something like 'openvpn --config PROFILE.ovpn --verb 3 '
I couldn't test this with my connection because I haven't figured out how to pass my key for my certificate. But I think this is the way to go.
walsera said:
Well, I am not an expert, but your logfile was just little use for me...
Steps for running openvpn in terminal:
Open terminal
Type 'su' to get root
Change to the directory with your profiles using 'cd PROFILEDIR'
Type 'openvpn' for getting all command line options
To start a connection type something like 'openvpn --config PROFILE.ovpn --verb 3 '
I couldn't test this with my connection because I haven't figured out how to pass my key for my certificate. But I think this is the way to go.
Click to expand...
Click to collapse
ok, will give this a try.

[HACK] Change System Status to 'Official' with only Busybox

Hi guys,
I found a method to change System Status in Odin mode to 'Official/Samsung' that is very simple and only using the busybox application "devmem". Use this command in adb shell or terminal emulator. Just type it in, hit enter, and reboot. Bam.
Code:
devmem 0xF91CF8C 32 0xFF000000
This will change your status to Official and remove the padlock with 'Custom' on it. If you want 'Custom', replace FF with EE.
Immediately upon reboot, Odin mode and the device recognize the device as official.
The explanation is that this is from a small region of memory that stores what's known as DDI data. I don't know what that means yet, but some other information like the CC Mode flag and device name/product number are stored here. I'm still doing further research on what else resides here.
Enjoy.
Seem that "DDI" can be either:
A "MAC-e header parameter" as specified HERE.
Data Description Indicator (DDI):
The DDI field identifies the logical channel, MAC-d flow and size of the MAC-d
PDUs concatenated into the 3GPP associated MAC-es PDU. The mapping between the
DDI values and the logical channel ID, MAC-d flow and PDU size is provided by
higher layers. The length of the DDI field is 6 bits. When, due to the
quantization in the transport block sizes that can be supported, the size of the
data plus header is less than the TB size originally selected by the E-TFC
selection entity minus 6 bits, the DDI value [111111] shall be appended at the
end of the MAC-e header to indicate that there are no more MAC-es PDUs
concatenated into this MAC-e PDU. In any other case it will be understood that
another MAC-es PDU would not fit and it will therefore not be necessary to
reserve room in the transport block for this additional DDI field.
Click to expand...
Click to collapse
QVGA Display Driver IC (DDI) chip that incorporates QUALCOMM's Mobile Display Digital Interface (MDDI).
I'd vote its the second, as it also contain a good chunk of SRAM memory.
Couldn't get this to work. Anyone else have any luck?
coreydkoster said:
Couldn't get this to work. Anyone else have any luck?
Click to expand...
Click to collapse
What didn't work? Do you have busybox installed?
ryanbg said:
What didn't work? Do you have busybox installed?
Click to expand...
Click to collapse
I havent got it to work either. Though im guessing its only good til a reboot before it gets rewritten?
I thought I read in passing that syscope was the app that checked to see if the system was modified or not. I think it said if you get your phone to say official and freeze/uninstall syscope you won't have the padlock show up anymore.
Sent from my SM-N900V using XDA Premium HD app
Triangle away app gets rid of the padlock.
Sent from my SM-N900V using xda premium
Wanam Xposed module also can get rid of the custom status padlock also.
I get to here but not anywhere else. Am I on the right track.. If so what next?
Sent from my SM-N900V using XDA Free mobile app
---------- Post added at 06:52 AM ---------- Previous post was at 06:50 AM ----------
Sent from my SM-N900V using XDA Free mobile app
Hi
I have "blocked by cc mode" on my S7
I have TWRP installed which has a terminal. I can't use USB for anything
I try "busybox devmem..." But it comes back saying can't find /dev/mem. I'm guessing this is what's called. Do you know where I can download "mem" from please.
I need to bring my phone back to life. I can use the SD card to copy across.
Please help
Deansmithok said:
Hi
I have "blocked by cc mode" on my S7
I have TWRP installed which has a terminal. I can't use USB for anything
I try "busybox devmem..." But it comes back saying can't find /dev/mem. I'm guessing this is what's called. Do you know where I can download "mem" from please.
I need to bring my phone back to life. I can use the SD card to copy across.
Please help
Click to expand...
Click to collapse
Busybox is an app. It creates s series of links to commands that are typically available on a Linix (unix) system. Android kernel is linix based.
devmem is a command available in an adb shell or in terminal mode.
No idea if the hack still works or not.
If it does still work I am sure it would require root.
Sent from my SM-N900V using Tapatalk
donc113 said:
Busybox is an app. It creates s series of links to commands that are typically available on a Linix (unix) system. Android kernel is linix based.
devmem is a command available in an adb shell or in terminal mode.
No idea if the hack still works or not.
If it does still work I am sure it would require root.
Sent from my SM-N900V using Tapatalk
Click to expand...
Click to collapse
Hi
I have root.
I have terminal and busybox, but the devmem command fails.
I can install anything on the phone using TWRP
I'll try your hack. I really hope it works. There is almost no other info on cc mode available.
Best regards
Deansmithok said:
Hi
I have root.
I have terminal and busybox, but the devmem command fails.
I can install anything on the phone using TWRP
I'll try your hack. I really hope it works. There is almost no other info on cc mode available.
Best regards
Click to expand...
Click to collapse
This is what I get running devmem
[email protected]:/ $ devmem
BusyBox v1.24.2-Stericson (2016-04-23 13:23
:09 EDT) multi-call binary.
Usage: devmem ADDRESS [WIDTH [VALUE]]
Read/write from physical address
ADDRESS Address to act upon
WIDTH Width (8/16/...)
VALUE Data to be written
1|[email protected]:/ $
To actually use it, you need to su first to get the # root prompt like this:
1|[email protected]:/ $ su
[email protected]:/ #
Then try the command /dev/mem isn't writeable by ordinary users
Sent from my SM-N900V using Tapatalk
Hi
Thanks for the "su" headup.
The problem is that I have so little installed on the phone now.
I need the dev/mem code
I even need the "su" code. At the moment it says "su not found".
So I need to install some zips. Can you suggest some for me please... I guess busybox would be one, do you know where I can get all the code for the "dev" folder please - which Zip is that?
Regards
Dean
Deansmithok said:
Hi
Thanks for the "su" headup.
The problem is that I have so little installed on the phone now.
I need the dev/mem code
I even need the "su" code. At the moment it says "su not found".
So I need to install some zips. Can you suggest some for me please... I guess busybox would be one, do you know where I can get all the code for the "dev" folder please - which Zip is that?
Regards
Dean
Click to expand...
Click to collapse
Both busybox and supersu are available in the playstore. /dev/mem is a file directory not a file, unless you are root, it's not acessible to you.
Sent from my SM-N900V using Tapatalk
donc113 said:
Both busybox and supersu are available in the playstore. /dev/mem is a file directory not a file, unless you are root, it's not acessible to you.
Sent from my SM-N900V using Tapatalk
Click to expand...
Click to collapse
Hi
I have root. Thank God.
I don't have play store, but I can find the Zips and install them through TWRP.
Then I'll su and busybox that devmem command.
I'll let you know how it goes.
Regards
Deansmithok said:
Hi
I have root. Thank God.
I don't have play store, but I can find the Zips and install them through TWRP.
Then I'll su and busybox that devmem command.
I'll let you know how it goes.
Regards
Click to expand...
Click to collapse
How do you not have play store (Google Play)? They are not zips, they are apps.
Sent from my SM-N900V using Tapatalk
donc113 said:
How do you not have play store (Google Play)? They are not zips, they are apps.
Sent from my SM-N900V using Tapatalk
Click to expand...
Click to collapse
Hi
I don't have the play store because I don't have android.
The apps need android, but my phone won't even boot. I have "custom rom blocked by cc mode"
Download is blocked by it too.
All I have left is TWRP in recovery mode.
Regards
I got adb shell to work. I connected to the phone...
[email protected]:/dev # ./su
[email protected]:/dev # ./mem
sh: ./mem: can't execute: Permission denied
126|[email protected]:/dev # busybox devmem
BusyBox v1.22.1 bionic (2016-08-25 18:25 -0400) multi-call binary.
Usage: devmem ADDRESS [WIDTH [VALUE]]
Read/write from physical address
ADDRESS Address to act upon
WIDTH Width (8/16/...)
VALUE Data to be written
1|[email protected]:/dev # busybox devmem 0xF91CF8C
Bus error
135|[email protected]:/dev #
Deansmithok said:
I got adb shell to work. I connected to the phone...
[email protected]:/dev # ./su
[email protected]:/dev # ./mem
sh: ./mem: can't execute: Permission denied
126|[email protected]:/dev # busybox devmem
BusyBox v1.22.1 bionic (2016-08-25 18:25 -0400) multi-call binary.
Usage: devmem ADDRESS [WIDTH [VALUE]]
Read/write from physical address
ADDRESS Address to act upon
WIDTH Width (8/16/...)
VALUE Data to be written
1|[email protected]:/dev # busybox devmem 0xF91CF8C
Bus error
135|[email protected]:/dev #
Click to expand...
Click to collapse
You just need devmem and the address. Not busybox devmem and the address.
The only thing I can suggest is that you use ODIN to flash back to whatever the latest stock ROM you were on and go through the rooting process all over again.
The bootloader won't allow you to boot with a non stock recovery unless you unlock the bootloader.
Sent from my SM-N900V using Tapatalk

Direct TV Error 40 Root Check bypass on Amlogic s905x (TX5Pro, Marshmallow)

I downloaded the DirecTV Now app on New Year's Eve hoping for $35/cable. Instead, I was greeted with the same Error 40 that everyone with a rooted device got. It took me a couple of days of researching and playing and reflashing and..., but I've finally figured out the simple(r) method to bypass this stupid root check for DirectTV Now (AKA Error 40, QP1005)
This applies to the TX5Pro, but it should work on any s905x based AMLogic SoC running Marshmallow 6.0 (A95X, CQ9, TX5, TX3, X96, NEXBOX, +many more.) As I understand it, they all have similar Android builds using the p212 board and firmware. I also have a M8S s812 running Kit-Kat 4.4.2 that I'll work on breaking, next.
First things, first: If possible, find your firmware and do a clean flash. Not a requirement, but if you've been playing with this for a while and you've ended up here, you've probably mucked up your /system files in some way or another. I managed to screw up my su binary location a few times and couldn't get it back without a lot of work. Reflashing was a three-minute, headache-free task.
That said, you'll want to adb over tcp/ip as these devices don't like to play the USB cable game.
Code:
adb connect deviceipaddress:5555
Follow up with
Code:
adb shell
and
Code:
su
to get into a root shell (if you don't get one by default.) Mine came with SuperUser from ClockworkMod preinstalled as a system app. Mount your system folder
Code:
mount -o rw,remount,rw /system
and edit your build.prop file with Vim.
Code:
vi /system/build.prop
If Vim is new to you, search the interwebs for a Vim cheat sheet.
Here's the trick with this... DirecTV Now's shared object file in lib/armeabi/libdrmagent_downloadable_jni.so looks for a few keywords within a few properties. Those properties are:
Code:
ro.build.product
ro.build.tags
ro.build.type
ro.build.display.id
...and the keywords are:
Code:
"release-keys, OnePlus2, OnePlus, Z26CL, STUDIO_C, user" are keywords that it favors, while "cm, cyanogen, cyanogenmod, debug, userdebug, A0001" are disqualifying keywords. Supposedly, "test-keys" is a bad word, too.
In my case, I needed to edit my build.prop to eliminate any sign of the bad words. Example:
Code:
ro.build.display.id=p212-userdebug 6.0.1 MHC19J 20160909 test-keys
to
ro.build.display.id=p212-user 6.0.1 MHC19J 20160909 release-keys
Run through the file and replace anything that says userdebug with user and test-keys with release-keys until you get to "#end build properties" Then save and reboot.
After reboot, install Hide My Root (I used the one from Amphoras) and hide the Su binary. This is where things might be getting tricky for some of you... on the TX5Pro, the SuperUser app is a system installed app, meaning it can't be uninstalled (it can, but it's not exactly a simple task for everyone) so you'll need to go into settings -> apps -> superuser and disable the app from there. Reboot again. Now, with the su binary hidden and the app's manifest not showing up in the system, the error 40 message should go away. This option will allow you to quickly restore su and SuperUser without needing a bunch of additional steps. You'll still need to set the device location service to "battery saving" (or use mock locations) but that's a simple task anyone can figure out.
The app is a choppy on high def feeds for some reason. I can't tell if this is processing/memory issue or a feed (wifi) issue. By default, the app doesn't work on ethernet, meaning you'll have to use wifi until you can fix that issue. But hey, one thing at a time, right? Anyway, I hope this helps anyone with this particular headache.
Thanks for pointing me in the right direction...
Got DirecTV NOW working on my nexus 6 running pure nexus ROM... I just did the edits with super su root and root explorer. Then disabled super su and rebooted.
Now to update the the build.prop files on the lineage os 13.0 nexus 10, and my wife's kltevzw (on ting gsm network) running lineage os 14.1
hi please help i flashed wrong twrp recovery i think now my amlogic smartbox failed to boot in recovery mode and the main problem is my smartbox Encryption Unsuccessful Factory reset, when i click factory reset nothing happend please guide how to solve this
Sent from my SM-N910G using Tapatalk
jameson.donaghy said:
I downloaded the DirecTV Now app on New Year's Eve hoping for $35/cable.
Click to expand...
Click to collapse
Any chance that you tried this out with Data Free TV/"Sponsored Data" with an AT&T wireless account? i.e. running the box through a Cellular Hotspot or tethered to your phone. I've been looking at if one could use one of therse Android TV Boxes to basically get Data Free TV.
my live tv app detect root try with magisk also but no success in my s905x help me guys
Sent from my SM-N910G using Tapatalk
is anyone help me out
Sent from my SM-N910G using Tapatalk
I edited my build.prop files to try and "hide" the root and I still get the error. I also tried root cloak with xposed and still nothing
Thanks so much
This really helped. I used Xposed module to hide those keywords. Worked a charm!

[Kernel][Pixel4a5g(bramble)] Iptables TTL/Tether LineageOS 18.1

This is a recompiled/modified kernel from LineageOS, see that thread for details: https://forum.xda-developers.com/t/rom-official-bramble-lineageos-18-1.4223697/ . This is the kernel they use: https://github.com/LineageOS/android_kernel_google_redbull. Head over to that thread to thank them for all that they do!
The only change I made was I added the required iptables kernel modules for TTL/Tether/unmetering for using your phone as a hotspot. I have Tmobile & with my plan, when I connect any device to the phone it is extremely throttled to around 0.5Mbps. With this kernel, and the settings below, you can get around that limitation. Root is required, so steps to do that are below as well. I am actually very new working with kernels so feel free to weigh in if you have comments or thoughts. For that reason I can't actually indicate what ROMs this will be compatible with, besides what I used, which is: lineage-18.1-20210620-nightly-bramble-signed.zip
I also have these for the Pixel 3a & 4a - if there's interest I'll share those.
All steps to go from stock Pixel -> LineageOS & this Kernel:
Spoiler: Unlock bootloader
Install windows driver: Device Manager->Find Pixel->Update driver->Search Android SDK/extras/google/usb_driver
Device Mgr->View->Show hidden devices->
Should see "Android Composite ADB Interface" when phone connected in ADB mode
Should see "Android Device/Android Bootloader Interface" (when phone connected & in fastboot)
Install Android SDK/ADB tools
May need to use Tmobile Device Unlock app to get a permanent unlock, which allows OEM unlock option in next step
Enable developer options if not already
Turn on USB debugging
Enable OEM unlock. If greyed out: check above step, might need to do a factory reset if above wasnt successful
Connect phone to PC via USB cable
CMD (sdk/platform-tools/)
adb devices (should show device attached-will need to allow on phone)
Fastboot mode: Turn off device-> Hold vol down btn + Hold pwr btn-> Notice fastboot screen
OR: adb reboot bootloader
PC Cmd: (WILL LOSE ALL DATA doing this!!)
fastboot flashing unlock
Should see message/warning on phone
Use vol up/down + pwr btns to select "allow bootloader unlock"
This will FACTORY reset!!
Spoiler: Install LineageOS & Root
Unlock Bootloader if not already done
Backup your files - this will DELETE ALL OF YOUR DATA
Download the latest LineageOS build
Reboot to bootloader
adb reboot bootloader
Flash boot image/recovery:
fastboot flash boot lineage-18.1-[WHATEVER]-recovery-bramble.img
Vol+ btn to select Recovery Mode -> Pwr btn
Should reboot on Recovery screen
Factory reset/wipe data:
Select Factory reset...
Flash ROM:
Apply Update-> Apply from ADB
adb sideload lineage-18.1-[WHATEVER]-signed.zip
Advanced-> Reboot to Recovery-> Apply Update-> Apply from ADB ->
adb sideload MindTheGapps-11.0.0-arm64-[WHATEVER].zip ->YES
Magisk/Root: Apply Update-> Apply from ADB ->
adb sideload Magisk-v23.0.apk
Flash my custom Kernel
Reboot to Bootloader
Download & Unzip boot_KevinTTL.zip -> boot_KevinTTL.img (file is in this post)
fastboot flash boot boot_KevinTTL.img
Reboot System Now
Phone should boot to Android for the first time, go through initial setup
Spoiler: Change TTL
Verify Magisk is installed correctly.
Download Termux app
Termux App:
su (Grant permissions)
iptables -t mangle -A POSTROUTING -j TTL --ttl-set 64 (should be no errors - if you have errors my kernel is not installed)
Test: Turn on phone Hotspot, connect any device, do a speed test comparing speed on phone should be similar to the connected device.
If any limitations/blocks: (Not sure but maybe http vs https is blocked sometimes)
Install VPN Hotspot app (Green key icon): "Wi-Fi hotspot" ON, wlan1 ON, DISABLE "Tethering HW Acceleration" in settings
This probably goes without saying, but disable System & Lineage updates!
Files:
Magisk: https://github.com/topjohnwu/Magisk/releases/tag/v23.0
ROM files & thread: https://forum.xda-developers.com/t/rom-official-bramble-lineageos-18-1.4223697/
...
Can we have this added to the official LineageOS kernel for bramble? Or else you'd have to continuously release an update whenever the kernel gets updated in the official build. Thanks!
SavakSYN said:
Can we have this added to the official LineageOS kernel for bramble? Or else you'd have to continuously release an update whenever the kernel gets updated in the official build. Thanks!
Click to expand...
Click to collapse
Hopefully someone else can chime in - I'm with you though. It would be cool if added officially, but I don't know how to go about that. They may not be doing it for a reason? I've seen similar Magisk modules that do this but I'm not sure if I can do it for this build (have too much time in this already). But if done via Magisk then that would kind of solve the issue at hand...
You can take the module you built while compiling the kernel and make a Magisk module that places it somewhere in system and loads it into the kernel with insmod at boot. I don't think Lineage enforces signatures on modules, so no issue there, and it will generally continue working through all future updates.
The real issue I see is that your not blocking ipv6. Without doing that, this solution is only partially working. The ndc commands to do that are:
Code:
ndc interface ipv6 rndis0 disable
ndc interface ipv6 wlan0 disable
These commands set net.ipv6.conf.[interface].disable_ipv6 to 1. Applying this to wlan0 will disable ipv6 for wifi as well, but it's the best you can do without writing an app or using automation software.
fddm said:
You can take the module you built while compiling the kernel and make a Magisk module that places it somewhere in system and loads it into the kernel with insmod at boot. I don't think Lineage enforces signatures on modules, so no issue there, and it will generally continue working through all future updates.
The real issue I see is that your not blocking ipv6. Without doing that, this solution is only partially working. The ndc commands to do that are:
Code:
ndc interface ipv6 rndis0 disable
ndc interface ipv6 wlan0 disable
These commands set net.ipv6.conf.[interface].disable_ipv6 to 1. Applying this to wlan0 will disable ipv6 for wifi as well, but it's the best you can do without writing an app or using automation software.
Click to expand...
Click to collapse
Anyone know how to do this via a Magisk module? Or any clue? I tried several times but Im obviously not doing it right. These are the changes I'm making to the kernel config before compiling: (They allow the iptables function we need to set the TTL)
CONFIG_NETFILTER_XT_TARGET_HL=y
CONFIG_NETFILTER_XT_TARGET_HMARK=y
I checked the kernel config, and looks like it should work. You might try this template:
example.zip
drive.google.com
I placed the module in /product/etc here, it's easy enough to change that to wherever is convenient.
It took me quite some time to compile AOSP's kernel (I always find it to be pretty buggy). I added in the options:
CONFIG_NETFILTER_XT_TARGET_HL=y
CONFIG_NETFILTER_XT_TARGET_HMARK=y
But I didn't get a xt_hl.ko output file, I only got a xt_hl.o file. Any idea if that will work? Or a way (or easier way) to get this file? I'm thinking they are not universal and specific to a device or something like that.
Try m to build modules, y is for builtin.
fddm said:
Try m to build modules, y is for builtin.
Click to expand...
Click to collapse
Those config options do work. You can tell because without those options you cannot run the iptables ttl cmd. With this options the command succeeds. But for some reason there is no ko file. Will the other format work? I'm not really familiar with "make" but there may be a way to build/compile just the xt_hl file without the rest of the build
CONFIG_NETFILTER_XT_TARGET_HL=m
'y' does not build a .ko because it gets built into the kernel. The 'm' option builds as a module.
fddm said:
CONFIG_NETFILTER_XT_TARGET_HL=m
'y' does not build a .ko because it gets built into the kernel. The 'm' option builds as a module.
Click to expand...
Click to collapse
Very interesting. I'll give this a go when I get time. Thank you!
That worked! (changing y=>m gave me a ko file)
This is the xt_HL.ko file from AOSPKernel: android-msm-redbull-4.19-android12, for bramble, in case anyone wants it. I'll try this with the Magisk method when I get a chance. Again, I have no clue what the compatibility will be on this file.
BTW https://android.googlesource.com/kernel/manifest/+refs indicates the AOSP kernels for bramble (Pixel4a5g) (redbull kernel):
android-msm-redbull-4.19-android11-qpr2
android-msm-redbull-4.19-android11-qpr3
android-msm-redbull-4.19-android12
android-msm-redbull-4.19-android12-qpr1
Attaching xt_HL for Android11/lineage-18.1 in case anyone needs it.
Anyone know why AOSP in general is so buggy to build? Like missing files, config path issues, etc. I have issues everytime, across devices, versions. But when I build LineageSO I typically don't have any issues; it just works!
I tested the module and I believe it works! How do I know? I ran the cmd: "iptables -t mangle -A POSTROUTING -j TTL --ttl-set 64" on a rooted only boot.img and I got an error. THEN I installed the (attached) Magisk module and it was successful.
I say it that way because I had strange testing results. I connected my laptop to my phones hotspot on a 5g connection & got very fast speed (80Mbps+) (it initially had the TTL setting). Then I deleted the rule "iptables -t mangle -D POSTROUTING -j TTL --ttl-set 64", restarted the phone and got the same fast speed test. Then I installed the stock Lineage18.1 boot.img (no ttl setting) & got the same fast speed! Then I rooted that image & installed. Same results. So it's almost like its persistent - but I can't understand how that can be. I tested my wife's phone (Pixel 4a) to my laptop and I get 0.6Mbps, as I'd expect.
So...if anyone wants to test...please report your results. Again, I can't comment on compatibility, BUT I currently have a LineageOS18.1 build from 6/2021, and this module was built against LineageOS18.1 from this week and it works fine. I attached 2 modules just in case: 1 is for AOSP Android12 (since LineageOS19 official isnt available for our phone yet) as well as for LineageOS18.1.
Thanks @fddm for your help!
UPDATE: I deleted the Magisk files from this thread so I don't have duplicates & moved the discussion to this thread: https://forum.xda-developers.com/t/...-12-iptables-ttl-unthrottled-hotspot.4384353/
FYI, it seems since Android 8, kernel modules do not need to be signed anymore. https://source.android.com/devices/architecture/kernel/loadable-kernel-modules
Hello,
The iptables command seem to stick but tether still throttled.
Android 11 build rq1c210205.006 with this kernel boot file. I have also tried android 12 with ttl patched kernel but tether still throttle. Any suggestion of the issue?
guest00x said:
Hello,
The iptables command seem to stick but tether still throttled.
Android 11 build rq1c210205.006 with this kernel boot file. I have also tried android 12 with ttl patched kernel but tether still throttle. Any suggestion of the issue?
Click to expand...
Click to collapse
Tmobile? How are you testing, speedtest.net or similar? What is linked device? If a PC, try setting ttl in PC registry to 65 (Google it) I believe (when it then hits the phone it'll naturally go to expected 64 value) & test
Yes. It is tmobile voice sim. TTL seem to work with ping to google give 64, 65, 66 from mac via usb ethernet or wifi. But speed test is .60 dl (exceeded HS data) and and iphone connected via wifi speed test yield same speed .6. ifconfig show many interfaces but ttl mangle did not specify any so it should apply to all.
I have other MR1100/5100 and ttl Bypass work.

Categories

Resources