hi,
i am trying to install CWM recovery on my phone (eventually want to install custon rom)
The phone is a huawei inspira, there no development for this phone. No info anywhere..
Withins the phones readme, it says its a U8666E, so going by the little development for that phone i am trying to install CWM.
I was able to root the phone, and i think i unlocked hte boot loader too (using the unlockbootloader.zip).
I have tried really hard, but am not able to install CWM as the phone is not coming in bootloader mode.
if i press hte power + vol down button phone is stuck in huawei logo (as it should) but PC does not detect it.
If i reboot bootloader (from adb) it just does a normal reboot.
i have tried a whole lot of things (new pc / usb port / cables / drivers etc etc). I every tried putting recovery on sdcard and flashing from terminal emulator of phone with no luck..
i am at a point where i am ready to flash the rom directly.. (risky i know).. but looks like everythong i want to do required me to go to bootloader mode.
I am not begening to think the carrier of my phone (tracphone) has locked the phone so i cant get into bootloader mode.
an any of you experts help me with my problem?
1) how to verify if the bootloader is unlocked?
2) can i flash CWM OR even a custom ROM with out getting into bootloader mode?
3) i have done a nandroid backup of the phone and kept a copy on external SD as well as PC< how do i restore the backup (if required) without CWM?
Hello,
Just to put in case, currently I have a Xiaomi Mi8 Lite, Global ROM, Globad version (or at least that was described in Amazon) for a few weeks only. Last Saturday I received a notification on the new OTA MIUI update to version 10.3.1.0. I installed it in a normal way, it rebooted and then the Mi Recovery 3.0 menu popped up, with only 3 options: Reboot system (which takes takes you back to the same menu), Wipe Data and connect to Mi Assistant (which doesnt' work when connecting to PC). Appart from this, I have access to Fastboot by Vol- + Power button.
I have guarantee and I will return it back, so that doesn't worry me, the biggest problem is all the data I have there. I didn't have any back-up of my information/photos... nor uploaded in the cloud, and I really need to get them back.
I have tried to access through adb and get them via pull, but unfortunately I had not activated USB debug mode. Moreover, I can't install TWRP as the bootloader is locked, and if I want to open it, it will wipe all data.
To sum up, I have no USB debug enable, bootloader is locked and I want to save the data, anyone knows if there's a way to do it? Would it be possible to activate USB debugging via adb/fastboot somehow while on recovery?
Sorry if anything's unclear, and thanks in advance for any help!
Aviceeps said:
Hello,
Just to put in case, currently I have a Xiaomi Mi8 Lite, Global ROM, Globad version (or at least that was described in Amazon) for a few weeks only. Last Saturday I received a notification on the new OTA MIUI update to version 10.3.1.0. I installed it in a normal way, it rebooted and then the Mi Recovery 3.0 menu popped up, with only 3 options: Reboot system (which takes takes you back to the same menu), Wipe Data and connect to Mi Assistant (which doesnt' work when connecting to PC). Appart from this, I have access to Fastboot by Vol- + Power button.
I have guarantee and I will return it back, so that doesn't worry me, the biggest problem is all the data I have there. I didn't have any back-up of my information/photos... nor uploaded in the cloud, and I really need to get them back.
I have tried to access through adb and get them via pull, but unfortunately I had not activated USB debug mode. Moreover, I can't install TWRP as the bootloader is locked, and if I want to open it, it will wipe all data.
To sum up, I have no USB debug enable, bootloader is locked and I want to save the data, anyone knows if there's a way to do it? Would it be possible to activate USB debugging via adb/fastboot somehow while on recovery?
Sorry if anything's unclear, and thanks in advance for any help!
Click to expand...
Click to collapse
up!
1. Hi , us I know that is not posible when USB debugging is not active !
2. If you are thinking about unlocking bootloader that will wipe all your data!
3. For problem that your device is stuck on recovery maybe bacause you updated your device with low that 40% and it is suck some way.
I should try in your place just to flash boot.img from 10.3.1.0 with fastboot and see if your device is boot up , so just to boot normaly to backup your data and after that do factory reset but remove all accounts !!! After that put your phone on charger and make sure your battery is fully charged, and then flash full stock firmware and again wipe data and do factory reset.
Download stock firmware from here:
https://bigota.d.miui.com/V10.3.1.0.PDTMIXM/miui_MI8LiteGlobal_V10.3.1.0.PDTMIXM_8f2efd3fd2_9.0.zip
Extract just boot.img and logo.img from (firmware upgrade folder) .
Do at your own risk ! ( I'm not responsible if you somehow lost your data!)
I face the same problem, the phone started to stuck in a bootloop overnight
Even if I try to enter to Fastboot it will reload in 2 sec
Any idea what to try? (it's stock, bootloader not opened, USB debugging is switched off)
I am trying to unlock an Android phone that has stopped taking the correct password after a auto-restart. I know the PIN, I have not changed it in a long while. The phone stopped accepting the PIN after the sudden auto-restart so I am just clueless what may work. Hard reset is not an option for this device without backing up the data so willing to try anything that may help.
Additional information:
1. The phone does not have USB debugging enabled.
2. It is recognized by ADB only in sideload mode.
3. When I try to get into Recovery mode pressing volume up and power button, it goes directly to the black screen that shows image of a phone and USB cable.
4. I have not been able to get to the stock recovery screen where different options like mounting can be chosen.
Any suggestion or guidance would be hugely appreciated. Thanks a ton for your time.
Thank you.
This is just brainstorming not a tutorial!
i don't know if it works like this, but you can try..
requirements
- stock ROM (in case you brick device)
- magisk manager (in case twrp does not work)
- AIK from osm0sis
- Qualcomm HS-USB QDLoader 9008 Driver
- fastboot_edl.7z
- twrp-3.3.1-0-mido.img (or ZCX TWRP from cofface)
- Appender-v4-rec.zip
- QSaharaServer.exe
- fh_loader.exe
- prog_emmc_firehose_8953_ddr.mbn
- splash.img from xaacnz
steps
- prepare twrp.img (you must patch twrp manually)
- prepare splash.img
- prepare hack_splash.xml (tricky/dangerous)
- prepare twrp.xml (tricky/dangerous)
- install qualcomm drivers
- boot in EDL mode from fastboot
- check com port
- initialize firehose connection with QSaharaServer.exe
- flash splash.img with fh_loader.exe
- flash twrp.img with fh_loader.exe
- reboot into recovery
- check if twrp is able to decrypt userdata
if decryption unsuccessful, you can't backup data. but you could still enable usb-debugging even with root permissions by patching default.prop
- patch boot.img with magisk manager (set advanced - keep force encryption)
- unpack boot.img with AIK
- enable usb-debugging in default.prop
- repack, rename to boot.emmc.win
- restore boot.emmc.win from twrp
- install Appender-v4.zip
- reboot
- adb root
- adb pull /dev/block/dm-0
you might find this confusing, it is! do not try anything above without knowing what you do! i don't own this device. nothing is tested. i can't write tutorial with exact steps, this is your task. You are the one who will figure out solution and write tutorial. we can just assist and answer questions (you can ask any question for each single step, one after one)
after all, there is no guarantee it works for your device. also please note @xaacnz is not available and won't help on this.
there might be easier methods i don't know, please do your own research how to temporary by-pass or unlock bootloader without permission from xiaomi, there are plenty much tutorials for QFIL / EDL mode for other devices, maybe one of this methods works
if you decide to continue, be aware this is last option only and there might no way back to recover your data..
please read
Exploiting Qualcomm EDL Programmers (1): Gaining Access & PBL Internals
Bypass bootloader lock of Redmi 5A(riva) without permission from xiaomi
the tricky/dangerous part is to find the right offsets and sizes for partitions. you might get some info from fastboot getvar all
Thank you for your reply! These steps are indeed a overwhelming for me but I can try one step at a time.
I was thinking of a basic solution like using Aroma File Manager to delete lock-information-storing files from the device.
However, when I reboot into recover mode it takes me directly to a screen that looks like this: https://i.ytimg.com/vi/AJICnDxnXEo/maxresdefault.jpg
I cant find a recovery page like this one which may allow me to install Aroma from SD card: https://i.ytimg.com/vi/0zntvnVEIYQ/hqdefault.jpg
I was wondering is flashing an OTA image from adb may solve this. The device is recognized by adb only in sideload mode.
If flashing a new OTA image can take me to recovery menu that allows installing Aroma from SD card perhaps that will work?
Sorry if these questions are too basic for you. I have no real technical knowledge on these stuff. Just trying to learn from scratch to save data on the device.
Thank you so much for your time.
aIecxs said:
This is just brainstorming not a tutorial!
i don't know if it works like this, but you can try..
requirements
- stock ROM (in case you brick device)
- magisk manager (in case twrp does not work)
- AIK from osm0sis
- Qualcomm HS-USB QDLoader 9008 Driver
- fastboot_edl.7z
- twrp-3.3.1-0-mido.img
- Appender-v4-rec.zip
- QSaharaServer.exe
- fh_loader.exe
- prog_emmc_firehose for your device
- splash.img from xaacnz
steps
- prepare twrp.img (you must patch twrp manually)
- prepare hack_splash.xml (tricky/dangerous)
- prepare twrp.xml (tricky/dangerous)
- install qualcomm drivers
- boot in EDL mode from fastboot
- check com port
- initialize firehose connection with QSaharaServer.exe
- flash splash.img with fh_loader.exe
- flash twrp.img with fh_loader.exe
- reboot into recovery
- check if twrp is able to decrypt userdata
if decryption unsuccessful, you can't backup data. but you could still enable usb-debugging even with root permissions by patching default.prop
- patch boot.img with magisk manager (set advanced - keep force encryption)
- unpack boot.img with AIK
- enable usb-debugging in default.prop
- repack, rename to boot.emmc.win
- restore boot.emmc.win from twrp
- install Appender-v4.zip
- reboot
- adb root
- adb pull /dev/block/dm-0
you might find this confusing, it is! do not try anything above without knowing what you do! i don't own this device. nothing is tested. i can't write tutorial with exact steps, this is your task. You are the one who will figure out solution and write tutorial. we can just assist and answer questions (you can ask any question for each single step, one after one)
after all, there is no guarantee it works for your device. also please note @xaacnz is not available and won't help on this.
there might be easier methods i don't know, please do your own research how to temporary by-pass or unlock bootloader without permission from xiaomi, there are plenty much turorials for QFIL / EDL mode for other devices, maybe one of this methods works
if you decide to continue, be aware this is last option only and there might no way back to recover your data..
please read
https://github.com/alephsecurity/firehorse
https://forum.xda-developers.com/xiaomi-redmi-5a/how-to/bypass-bootloader-lock-redmi-5ariva-t3772381
the tricky/dangerous part is to find the right offsets and sizes for partitions. you might get some info from fastboot getvar all
Click to expand...
Click to collapse
there is no usual recovery for xiaomi. even if, you can't install aromafm from stock recovery because only oem signed files accepted. you can try via sideload you will see it fails.
i don't think OTA will fix anything, but of course you can try. i will meanwhile prepare xml files for you, but give me time.. i am a newbie to this, too.. maybe on weekend i have time
i am not sure if this method does wipe data (i can not see the "erasing userdata" message on this fastboot screenshot)
@BushraXiaomi
Is your RN4 with Qcom SoC or MTK (mido or nikel)?
Did you enable device encryption (did you have to enter password before the lock screen would appear)?
@Alecxs Thanks a lot again! Let me try out the codes you provided screenshot of. I will give you an update on what I see.
And I tried editing out the original block quotation. The changes are not being saved after repeated attempts. Sorry about that.
@Alecxs Thanks a lot again! Let me try out the codes you provided screenshot of. I will give you an update on what I see.
And I tried editing out the original block quotation. The changes are not being saved after repeated attempts. Sorry about that.
Mine is on QCom. And I did have an old lock screen password. I didn't change it but the phone suddenly stopped taking the correct PIN after an auto-restart.
mirfatif said:
@BushraXiaomi
Is your RN4 with Qcom SoC or MTK (mido or nikel)?
Did you enable device encryption (did you have to enter password before the lock screen would appear)?
Click to expand...
Click to collapse
@Alecxs so based on the discussion here I am guessing unlocking bootloader will result in the data getting erased
link: https://forum.xda-developers.com/moto-x/moto-x-qa/unlocking-bootloader-wipe-data-t2739564
BushraXiaomi said:
Mine is on QCom. And I did have an old lock screen password. I didn't change it but the phone suddenly stopped taking the correct PIN after an auto-restart.
Click to expand...
Click to collapse
Encryption is different than lock screen. I'm asking this because if your device is encrypted and the password is changed/corrupted/not working, it's almost certain that your data is not recoverable, even if you manage somehow to flash TWRP and/or unlock bootloader without wiping data.
---------- Post added at 06:25 PM ---------- Previous post was at 06:17 PM ----------
BushraXiaomi said:
@Alecxs so based on the discussion here I am guessing unlocking bootloader will result in the data getting erased
link: https://forum.xda-developers.com/moto-x/moto-x-qa/unlocking-bootloader-wipe-data-t2739564
Click to expand...
Click to collapse
Data wipe on unlocking bootloader is the expected behavior and Google strongly recommends this behavior to OEMs. However bootloader is not a part of Android (AOSP), so not all OEMs fulfill all requirements. And therefore there are very rare chances that unlocking may not erase data.
Secondly, as mentioned earlier, many Qualcomm devices (including a long list from Xiaomi) have an exploit in Emergency Download mode. EDL is a bootloader mode which operates even below the usually called bootloader (ABOOT; the one which provides "fastboot" protocol). It can be hacked to get a dump of whole storage chip or flash a partition e.g. recovery (TWRP) without going through proper channel of bootloader unlocking. Note that a locked botloader won't boot a custom "boot" or "recovery" partition which is not signed by OEM's private key (like TWRP is). It's part of Chain of Trust on Android devices.
However (somehow achieved) access to "userdata" partition will be of no use if the partition is encrypted as I explained. TWRP won't be able to decrypt it without correct PIN/password (if it was set). However if it wasn't encrypted or "default_password" was used for encryption (and not the one you set), data recovery is very probable.
I hope it clarifies the basic scenario for you.
There are few things that must be known:
1. Which soc? qcom or mtk, if mtk go to service centre and don't waste time here.
2. Do you have permission to unlock bootloader? If you have permission to unlock then you can easily just unlock, note that unlocking itself doesn't wipe data, it is wiped after it. There are some tricks you can do so that data is not wiped after unlock and you must search them on your own.
3. Is your device encrypted? If it is then which encryption FBE or FDE? If it is encrypted then most likely data can't be recovered.
If you have qcom soc, don't have permission to unlock bootloader then you can do this...
From what you said it looks like recovery is corrupted, you could try flashing stock recovery from *edl but stock recoveries are useless but you can still backup your important data maybe, I am not sure because I have not been into recoveries for past 4 years.
The following method is not tested for your device but might work since the bootloader bug might be present in your device too. Improving alecxs answer you can do this:
1. Grab twrp for your device
2. Append 4k blocks using this command on any Linux based distro or termux (Android app) or BusyBox 1.31.
Code:
printf '\x30\x83\x19\x89\x64' | dd of=/path/to/twrp.img ibs=4096 oflag=append conv=sync,notrunc
3. Flash the recovery using edl
4. Directly boot into recovery and see if it boots.
5. If it boots then delete password file of Android and boot into OS.
6. Password should be removed now.
*edl: you must learn to use edl
@mirfatif @saurabh6377 thanks to both of you! I was reading up to understand the steps suggested by @Alecxs
let me try out the different options suggested by you and I will let you know how it goes.
@mirfatif no I did not use any extra encryption apart from setting the regular lock screen
@saurabh6377 1. qcom
2. I dont think I have the permission. Never needed to check it until now and never needed to ask for the permission so guessing I don't have it by default
3. I didn't have any extra layer of encryption apart from the lock screen
so your device is most likely encrypted with FDE and default_password as a lot of older xiaomi devices. lets hope the issue is just with screen lock - however there is not really a good explanation (why unlocking screen fails) other than broken encryption. in such case your data is not recoverable.
please note xiaomi removed the fastboot edl command since oreo 8.1 and there might be downgrade protections, so do not update to later version than 8.0
Please just try to boot your device in EDL mode and report back
Hi all, just wanted to update you that I don't have any result yet. Reading up on each of the steps so I can execute as suggested. I will get back to you when I have some results. Thanks again
follow the link behind fastboot_edl.7z and try to boot into EDL mode with modified fastboot.exe
@Alecxs Just to double check, I am directly following the steps mentioned here: https://forum.xda-developers.com/redmi-note-3/how-to/guide-reboot-to-edl-mode-fastboot-test-t3398718
Is that ok? Doing this first before anything else?
yes. if it works, you can proceed with installing Qualcomm HS-USB QDLoader 9008 Driver (and tell us the COM port from windows device manager)
if fastboot_edl not working, you must find another way to boot into EDL aka shortcircuiting data pins on usb-connector (deep flash cable) or find a test point on the physical motherboard on youtube
found offsets and sizes for partitions in rawprogram0.xml
i have copied all required files from Xiaomi_Redmi_Note_4_V9.0.5.0.NCFMIEI_20171113.0000.00_Global_7.0_XFT and tried to patch the files. in the modified splash.img string SPLASH!! is replaced with HACKED!! hopefully this works. also i have patched default.prop to make adb insecure in case twrp does not work.
there are differences in files when appending manually or with Appender-v4-rec.zip, so actually i have flashed twrp-3.3.1-0-mido.img to another device (Redmi 5), patched with Appender-v4-rec.zip and created a copy of recovery partition afterwards. the result you can find in twrp-hack.zip (this is the only zip file you need)
for debugging purposes i have uploaded boot-insecure.zip and twrp-3.3.1-0-mido.zip which contains all three files: original, manually patched, patched with appender (you don't need this)
@Alecxs I am trying. Sorry I don't have any result yet This is so out of my depth, league, width etc. etc.
Buttttt I am committed to save the data so I will keep going over the steps you suggested until I feel confident to execute them. Really sorry for how slow I am being about it.
I really, really, really appreciate all your help. THANK YOU SO MUCH!
I (seemingly) successfully unlocked my Realme's bootloader yesterday, I even managed to get into the bootloader through the DeepTest app, flash TWRP and get into it, but after resetting the phone, the recovery got overwritten by the stock one and now I cannot get into fastboot by any means.
adb reboot bootloader only displays a message for a split second and then reboots into OS again. Which happened before as well.
However, the DeepTest app doesn't show the Check query button (through which I could get into the fastboot) anymore and the only other button there is Apply to exit in-depth test which only displays You can apply to exit in-depth test after carrying out bootloader lock operation in fastboot mode, but tapping on Ok doesn't do anything.
The phone still seems to be working (even fp sensor), I just cannot get into fastboot.
I've also tried flashing the EU (A.54) build to the B.63 build, nothing changed.
How do I resolve this?
/EDIT: I should also mention that after the first wipe (right after confirming bootloader unlock) the DeepTest app was still working as intended, however after the custom recovery was overwritten by the stock one, it started misbehaving as written above. Wiping the internal storage again (through recovery) didn't fix anything as well.
I'll be very direct, I wanted to install twrp on nokia 5.4 so I was going to apply an update from adb but android recovery only gives me the Reboot system now;Enter fastboot;power off functions within fastboot:Reboot system now;enter recovery;Reboot to bootloader and Power off. Does anyone know how to solve this problem? I didn't find anything on the internet
unlocking nokia 3.4 bootloader
Hi iv got every thing setup to unlock the boot loader but now find out you need a pin which nokia doesnt give out (only nokia 8) was hoping to root with magisk but not sure how to continue without unlocking the boot loader. Is there some way to...
forum.xda-developers.com
This is intended, as triple-color company doesn't want us wipe data on a stolen phone.
To enter sideload mode, execute "adb reboot sideload" under normal OS.