Phones as USB Mass Storage under today's Android Versions - Android Q&A, Help & Troubleshooting

Good day!
Since version 4.x of the Android mobile phone operating system, Google has removed the USB Mass Storage mode and replaced it with Picture Transfer Protocol (PTP) and Media Transfer Protocol (MTP). This means that the phone appears as a camera or scanner in Windows Explorer, without a drive letter, and that means that many file types cannot be copied to the phone, no new files created there, many PC based recovery and synchronization programs do not function properly, etc. The feature was removed to take control out of users' hands, because a lot of things would be a lot easier to achieve if one could access all directories and files on the phone from the PC -- a disk/hex editor is a powerful tool. Yes, some people bricked their devices by using them stupidly, but given all the locks and hurdles that manufacturers and carriers increasingly impose on customers who paid a huge sum of money for their little toys with every new version of the operating system, there is a clear tendency to see: milk consumers for all they are worth, but keep in control and decide what they are allowed to do.
To partially remedy the problem, most tutorials recommend to install a WebDAV server on the phone and map it as a network drive on the PC via Wi-Fi. Unfortunately, many of the more interesting operations need to be done before the phone is up and running, before software is installed and before a Wi-Fi network can be configured/established, and other operations can simply only be done via USB cable.
There is a company called Cranking Pixels that produces a PTP as well as an MTP driver for Windows, which bring back the drive letter for file-based (not sector based) operations. Unfortunately, there do not seem to be any recent versions floating around in the netherworld, and the price for the software is rather steep, especially when needing several copies. Therefore I would like to ask ...
a.) User experience
Does anybody have experience with the software and can say whether it offers sufficient bang for the buck to justify the expense? This means being able to access all folders & subfolders, create/copy/delete/edit/move all types of files from/to the phone and PC? Can system files be modified/patched so that certain flags that the phone system sets when detecting a rooted phone can be modified in a way that things like OTA updates, secure folders and banking applications still work?
b.) Similar programs
Is anyone aware of similar solutions that do the same or more but cost less?
c.) Alternative solutions
Are there other approaches that bring back Mass Storage USB mode to Android Oreo and Pie, be it flashed files for the phone, be it modified USB drivers for the computer or whatever?
Yes, phones can be rooted and so on, and so on, but it usually requires manual intervention to keep things running smoothly after every update and security patch. There are also many situations when being able to treat the phone like a mass storage device (external hard disk or USB stick) is simply more convenient and quicker or preferable for other reasons.
Any pointers and tips will be appreciated. Thank you for your attention and have a pleasant afternoon.

Related

[Q] What Have I Done...

In a moment of madness the other day, I ordered one of these devices. I've had some experience of Android on an HTC Wildfire & Archos 101 so thought it would be a relatively safe bet. But oh no.
Can't find a way to access photos on a Windows Media Connect server with the supplied apps & of course, there's no user guide supplied. Look online & the current user guide is for Gingerbread when the device has Froyo. So I thought I'd check & see if Gingerbread has been released in the UK & if that made any difference. Dear old Samsung can't be like other manufacturers & provide a simple "check for software update" in the settings menu, that would be far too simple. No, you need to download & install a Windows program & update via USB. Now while a PITA, would be just about acceptable if Samsung had ever in their history written a decent piece of Windows software - which they haven't. PC Studio & Emodio being two examples of flaky software with pigeon English. So no surprise whatsoever when Kies proves to be yet another piece of ****.
Anyone have any idea why Kies can't establish a USB connection to W7 despite the mass storage device connecting fine? Just sits there trying to connect. No errors, no timeout, just sits there.
When posting here, you really need to post your variant... 4.0 or 5.0?
I'm surprised you're still on Froyo - usually it's United States customers that get screwed on updates but both the 4.0 and 5.0 are on Gingerbread I'm fairly certain.
Apologies, too busy ranting, it's 5.0.
After trying an XP machine with another USB cable I've discovered that the device has to be manually placed into Kies mode under Settings > USB. Again, why can't they just prompt when the USB is connected like other manufacturers?!
Anyway, so now I finally have Kies running & it tells me that despite the current online manual being for Gingerbread, Froyo is the latest available. Think I'll just give up, send it back & write a big note to self never to buy anything from Samsung again.
"Anyone have any idea why Kies can't establish a USB connection to W7 despite the mass storage device connecting fine?"
Yes, because you have to set the USB mode to KIES mode. That is for Gingerbread; I do not know if that is the case for Froyo, or why you have the old system.
I have a 5.0, never used Kies and don't plan to. USB set on "Mass Storage", connects with USB instantly. I'm on W7. Must used USB cable provided (unless you're lucky and found another that works, many don't). Never used Media Connect, can't help you there, I just dragged all my MP3 into the extrernal SD card.
crocodile said:
In a moment of madness the other day, I ordered one of these devices. I've had some experience of Android on an HTC Wildfire & Archos 101 so thought it would be a relatively safe bet. But oh no.
Can't find a way to access photos on a Windows Media Connect server with the supplied apps & of course, there's no user guide supplied. Look online & the current user guide is for Gingerbread when the device has Froyo. So I thought I'd check & see if Gingerbread has been released in the UK & if that made any difference. Dear old Samsung can't be like other manufacturers & provide a simple "check for software update" in the settings menu, that would be far too simple. No, you need to download & install a Windows program & update via USB. Now while a PITA, would be just about acceptable if Samsung had ever in their history written a decent piece of Windows software - which they haven't. PC Studio & Emodio being two examples of flaky software with pigeon English. So no surprise whatsoever when Kies proves to be yet another piece of ****.
Anyone have any idea why Kies can't establish a USB connection to W7 despite the mass storage device connecting fine? Just sits there trying to connect. No errors, no timeout, just sits there.
Click to expand...
Click to collapse
I have a 5.0 from the UK as well and the 2.3.5 Gingerbread ODIN version posted in the Android Dev section (http://forum.xda-developers.com/showthread.php?t=1389809) works fine on our devices. It even saves you the hassle of using Kies which is a giant pain.
As for Windows Media Connect, not exactly sure what protocol it uses but you may have some luck with the AllShare app provided by Samsung (unsure if it was included in the Froyo version but it is definitely standard in Gingerbread.) Hope you have some luck as it really is a great device once you get past the initial humps. Let us know how it goes.
Thanks guys.
markr041 said:
Yes, because you have to set the USB mode to KIES mode. That is for Gingerbread; I do not know if that is the case for Froyo, or why you have the old system.
Click to expand...
Click to collapse
Worked that out in the end thanks. According to this thread, Gingerbread isn't released in the UK:
http://forum.xda-developers.com/showthread.php?t=1362386
n64_ali said:
I have a 5.0 from the UK as well ..
Click to expand...
Click to collapse
Seen the Odin option but don't really want to start hacking in case it does need to go back. Haven't looked to see if Odin can revert back to Froyo. If it can I may give it a go but hearing reports that Gingerbread knackers the GPS receiver.
AFAIK, Media Connect is just another DLNA. The Gallery app seems to have no option to view anything on the LAN & AllShare seems to be limited to creating AV playlists. It can't view photos & every video file on my server is apparently in an "unsupported format"!
The hardware seems decent enough but I'm not sure I have the will or desire to source replacements for every pre-installed app. My worry going forward is that Samsung pull their usual stunt of "Here's a new model, we don't have to bother with the (6 month) old one now"...
I use File Expert to view/move files/pictures on my home PC, does a wireless connection (as do many explorers). FX File Explorer is also nice (as well as Astro and ES Strong). Most pre-installed apps on any device have much better free counter parts. I don't think I'm use anything that came with the phone (other than system stuff), and I'm not rooted (yet)... but will be so I can get rid of it all for good. Although there's tons of app space, so doesn't bother me much at the moment.
Music Player: Cubed
File Explorer: File Expert
Tasks: Any.do
Calls: GrooveIP
Mail: K9
Photos: Quickpic
Texting: Google Voice
Camera: Camera Zoom
Apps:: Appbrain
Calendar: Yes I am using default calendar! (with Simple Cal Widget)
Kindle Reader
Not much there that came with it!
tcat007 said:
I have a 5.0, never used Kies and don't plan to. USB set on "Mass Storage", connects with USB instantly. I'm on W7. Must used USB cable provided (unless you're lucky and found another that works, many don't). Never used Media Connect, can't help you there, I just dragged all my MP3 into the extrernal SD card.
Click to expand...
Click to collapse
All of my USB cables work with the device (from N900, N950, various other phones) so I'm not sure why people have troubles with this. But I may just be lucky.
Re Windows Media Connect server, does the pre-installed app called "AllShare" not work?
lardman said:
Re Windows Media Connect server, does the pre-installed app called "AllShare" not work?
Click to expand...
Click to collapse
crocodile said:
AllShare seems to be limited to creating AV playlists. It can't view photos & every video file on my server is apparently in an "unsupported format"!
Click to expand...
Click to collapse
Can't be sure without any proper documentation but it appears to be limited as above.
I'm really not sure the device offers enough to make the effort of rooting in order to uninstall all the garbage worth while.
I'd like to think that the lack of an official Gingerbread release means Samsung are working on fixing the bugs. But my previous experience of their products makes me think otherwise.
Lack of Gingerbread is more likely something weird that's UK-specific... In the US, it's been Gingerbread from the beginning and I think international devices in the rest of the world are too.
I have never had good results with UPnP media format support on any device - even my PS3 is really damn finicky. However it's annoying that the G70 seems to have issues with UPnP streaming of stuff it plays locally.
I rarely view photos on my phone and haven't ever done it on the player, but in my case I have a Smugmug account so I just browse my galleries that way.
It seems like unfortunately your usage patterns are in a corner case where the device doesn't do so well. UPnP support is kinda "meh" - but as I said I've never seen any device where it wasn't. An iPod touch would probably do just as badly trying to browse photos via UPnP.
AllShare plays my HD video files on my server
"AllShare seems to be limited to creating AV playlists. It can't view photos & every video file on my server is apparently in an "unsupported format"!"
I have used AllShare. It sees all of my video files files on my server (just a home computer that shares). And I have played 640x480 AVI video files and a 720p wmv video file from my server smooth as butter and with great resolution on the SGP. It will not stream or play 1080p video files, however (which is in accord with the specs).
For what it's worth, I have no 720 files never mind 1080. AllShare can see them all (a mixture of AVI & MPG mostly) but won't play them. However, I can create a shortcut to them with ES FIle Explorer & play them all fine with Rockplayer. Guess I need to find a photo viewer than can do the same.

[Q] Hidden folders through Android MTP

Hey !
I've searched the web as well as the forum but i didn't find any solution and it seems i'm not the only one wanting to do that.
Is it possible to see hidden folders of internal sdcard through MTP ?
I really talk about hidden folder like ".android_secure", not the photos that aren't yet scanned by the media scanner service.
In my windows environment i already set the view all hidden files/folders as well as view system files.
If i have to change folders permissions through terminal what are the correct permissions i should put ?
Thanks for the help !!
Am i the only having that problem ?
Do you guys see the hidden folders through mtp connexion ?
If you'd bother reading a bit before asking questions, you might have the answer already.
http://en.wikipedia.org/wiki/Media_Transfer_Protocol
MTP and PTP specifically overcome this issue by making the unit of managed storage a local file rather than an entire (possibly very large) unit of mass storage at the block level. In this way, MTP works like a transactional file system - either the entire file is written/read or nothing.
More or less, it is designed to keep hidden what should be hidden stick to USB storage or FTP/SCP.
PS: can't believe we're using a transfer protocol designed by Microsoft in a Linux-based system mastered by Google. The horror, the pain... no wonder it doesn't work on my Mac!
VAXXi said:
If you'd bother reading a bit before asking questions, you might have the answer already.
http://en.wikipedia.org/wiki/Media_Transfer_Protocol
MTP and PTP specifically overcome this issue by making the unit of managed storage a local file rather than an entire (possibly very large) unit of mass storage at the block level. In this way, MTP works like a transactional file system - either the entire file is written/read or nothing.
More or less, it is designed to keep hidden what should be hidden stick to USB storage or FTP/SCP.
PS: can't believe we're using a transfer protocol designed by Microsoft in a Linux-based system mastered by Google. The horror, the pain... no wonder it doesn't work on my Mac!
Click to expand...
Click to collapse
Thx for the link ! I knew what mtp is but its always good to refresh things up
I read the whole article and unfortunately it doesn't answer my question.
I understood that its the same for all of us meaning that we are not able to see hidden folders.
But the main question is if there is a way to bypass this behavior ? Where is this defined exactly ?
It seems according to the article that its not on the file permission layer ? Should it be at partition level ? How can mtp know what to share with the host ?
It's not a "behaviour" per se, but more/less a database. Remember that media scanner program which wakes up every time you change something on your SD card, be it internal or external ? it simply keeps a "database" of files which are presented to the MTP client (your computer) and hides away the phone's internal folders which are not supposed to be seen by the end-user.
Theoretically, this is done in order to have the iPhone-like behaviour: seeing the entire device memory as one big unified storage which you can fill as you want (no more of those partition size limitations which brought us the app2sd hacks). In my opinion, it's more or less just a small step done in order to "secure" phones for DRM protected content.
Studios and media companies require devices to have such measures of protection in order to allow you to sell media content (like movies, books, etc) and since Google wants to push its business further with the Play Store, it needs to cave in to the studios' demands. In the future, it will probably even become illegal (DMCA-style) for me to give you the information below
Back to the technical part of our show now.
At the first boot in the life of the device, Media Scanner will look under /system/media and index everything there. After that, it will scan everything under /mnt/sdcard (hence your external SD card too, if you have one, as it's mounted under /mnt/sdcard/external_sd). On some devices, you have an "internal.db" file and one "external-123xyz.db" file; that's a unique ID of the SD card which was scanned. The idea here is you might have 2-3 SD cards which you swap often, and it's not nice to do a full rescan each time you change the SD card. These databases are in /dbdata/databases/com.android.providers.media (on my phone, there is only one "external.db" for example).
So what you're looking for is a way to populate this database with all the files found by the Media Scanner. But Media Scanner doesn't want you to see the hidden folders you mentioned above. So, you get an application which doesn't ignore them, like Rescan SD Card! or SDrescan.
Happy now ?
Thank you very much i really enjoyed reading the explanation as it answers completely my questions and it makes sense !
Ill give a try to the apps but i'm also curious to investigate on those files
Cheers
PS. Is this a disguised way to support non open source protocols ?
Well, you could poke around inside the database with sqlite if you want. But don't really see what's so interesting about them.
It is just another protocol which is supported, which happens to be designed by Microsoft (and probably licensed/paid by Google to be used in Android). I understand the technical explanation behind this decision, but I'm also wary that someday UMS will be disabled by default and enabling it will disable content purchasing for that device (just like having a rooted phone now disables some "sensitive" apps, like banking and online TV).
As a system admin its interesting to know whats happening on my system
As a hobby its interesting for my personal knowledge
And from a development point of view it gives me some ideas for maybe future apps
You say that its just another protocol which is supported but to my understanding there are not so many of them ! So i would say that Google was kind of forced to use the MTP method, first from a hardware point of view and second to be compliant with the rest of the world.
Is there any other protocol that could suite their needs ? Since USB mass storage is not usable on some devices and MTP is well spead.
.HiddenAndroid folders in Win - Here Yesterday, Gone Tomorrow
<Win 7 and GN2>
What's curious and a bit frustrating to me is that, yesterday, when I mounted my device ALL of the hidden (.folders and .files) were visible and searchable. Today, when I went to explore some more, all are gone. I understand that I can use a 3rd party app, just can't figure out why it was visible yesterday and not today.
Hmmph
Did you ever resolve this issue? I really hate MTP for several reasons but this is one of the reasons why! I need to back up all my directories on the SDCard because some apps store them as hidden files in hidden directories. Furthermore, I came across the Play Store bug that requires me to delete a "temp.asec" file in the ".android_secure" directory, but of course it is not visible.
In a post further up it was suggested to use a "Rescan" app to force the DB to include hidden files/directories, but I have tried no less than 4 of these apps, and all they do is trigger the built-in android media scan, which is the problem in the first place!
So has anyone ever been able to access hidden files and directories using MTP?
EDIT: I have an HTC phone that actually shows hidden files and directories, so they have obviously implemented their own media scan. The problem I am currently having is on a Samsung phone (Epic 4G touch)
It may depend on the implementation. For example, using stock rom for the phone doesn't show some files and folders, for example folders starting with dot. But if you use Neatrom Lite it will show all files and folders.
Flash forward about 6 years and Samsung still does not show hidden folders/files when viewing the phone contents in Windows File Explorer, but HTC does.
The reason this is still a problem for me, is that I want to backup the contents of a particular directory (WhatsApp) which contains some hidden folders, so I can restore it anytime on a new phone or the same phone.
I recently switched from HTC to Samsung and alas, it seems the problem with this implementation still exists. Anyone found a workaround to this to allow File Explorer to see the hidden folders?
Update: It appears that hidden .nomedia files (and probably others) appear under regular folders, so the problem is limited to hidden folders themselves

[Q] A new Atrix OS with open Linux installation.

Hello XDA Developers!
tl;dr I need either a solid, light OS replacement for Android 2.3 on my Atrix, or I need a video streaming and virtualization app with no lag that works between android devices and either windows or linux desktop.
First I'd like to say how impressed I am with you folks. Massive amounts of work most be done on a regular basis, and so I tip my hat to you in thanks for looking at my potential problem/question.
I've got two devices that I'd like to make some serious software changes to, one of them my Atrix (the other is a Flytouch Tablet ARM11 with Android 2.3, but that's for a different forum). Let me start by saying that I like to think of myself as very technically literate, but when it comes to linux I just don't have nearly as much experience as I do with windows/mac, and it is about to really show.
What I want to do is load a light Linux OS on these devices. Normally, if I was going to install a new windows kernel on a machine I would copy an ISO to a USB thumb drive and make the drive bootable (using the MS program Windows 7 USB/DVD maker), then startup the PC and either through the BIOS or by hitting the proper button during the startup sequence I would ask the PC to boot into the drive and begin the installation.
Questions:
What is the image file type for mobile OS's?
How would one choose the right type of linux OS for an Atrix?
What is the difference between flashing a ROM and installing and OS?
Why is it when I updated my phone recently that it became unrooted?
(and) Is there any way to revert this process to make rooting easier?
Is there any way to capture a video output (like a stream) and broadcast it to these mobile devices so I can avoid changing their software alltogether?
(and) Could I just remotely control another PC from the mobile device, letting it do all the actual computing?
Can I use the Webtop Dock as a monitor for my desktop if I can find the proper HDMI cable to connect it to the HDMI output on my desktop video card?
(and) Can I also connect the Micro USB and use the keyboard/mouse (hooked into my desktop motherboard) on it as well?
(and finally) Can I use my Atrix as a prototype omni-tool by docking it in a docking station, attaching various tools that work with a linux operating system (wide-spectrum ultrasound imaging, temperature monitors, vital monitors, electronic laser saw (USB) (with separate power attachment of course) and extendable, movable USB cameras?) and then strapping it onto my wrist with a cool leather bracer design?
My end-goal is to have all three of these devices on the same network, with the ability to seamlessly access my data between them. For example, if I'm working on a document, I'd like to be able to access the document in a document editing program across all the platforms (imagine google docs with multiple users) however with one MAJOR stipulation: I'll be on a local network with NO INTERNET ACCESS!
Briefly (to better help you understand just what I'm trying to do) I am a freelance archaeologist/deep sea explorer/ROV tinkerer about to do a series of surveys mostly by myself in some VERY remote locations. I'll have a Wi-Fi network to link all of my devices together running out of my boat, but it's only for data sharing between each other, and since Satellite Internet is a joke, I can't think of any way to get data out there, and I've decided to live without it while I'm away.
I have a webtop dock for my Atrix, and the environment developed by Motorola is far too restrictive. I've tried countless fixes to try and get the webtop2SD to work, but I must be doing something wrong (Maybe the latest update screwed it?). I think since I'd like to use some linux applications while on the mobile devices, I would rather install a custom OS for both.
OR (preffered)
Even more simply, I'd like to stream the video feed and remotely control my desktop PC (located on the boat) on the mobile devices, but with yet another stipulation: I can't have FPS lag (I usually get 1-2 FPS with all the virtualization and remote control apps I've tried). This would in some senses be the preferred option, since I really don't want to spend oodles of hours trying to get some program to work in a difficult, restricted environment like these mobile device's current OS's. Is there a good, non-lagging version of desktop virtualization for Android OS?
About that webdock: I can't seem to find a female-to-female micro HDMI cable anywhere on the internet, thought I did find one Micro HDMI extension cable, and bought it promptly. I could buy another, but cut the male ends off and splice the female parts together (**** just got kinky). But if I could, would this work?
Phew that was a lot! Again thanks so much for thinking for me!
I've personally never found any kind of remote desktop software that works without lag, but it might be possible to find some. Someone else might know what to tell you there.
After doing some basic searching, the only collaborative document solution that I've found has been Etherpad Lite. You could set up a desktop or laptop running linux as the server, and all the other devices on your small network could (theoretically) run a browser based client similar (but far less advanced) than Google Docs. This way, everything on your LAN/WLAN could access the application, if it's stout enough to support your needs.
https://github.com/Pita/etherpad-lite
http://en.wikipedia.org/wiki/Collab...Real-time_collaborative_text_editing_software
Everything you're looking for just seems to be limited for Android, I wish you the best of luck.
I have always found Teamviewer great for remote PC control from my Atrix. They have a nice app and free license for home/personal use. I get minimal lag controlling my PC at home when at work, but that's over WiFi. Not very fast and pretty laggy if I am on data with my Atrix.
BTW............I can work on documents, transfer files to and from PC's and laptops, print documents on my wireless printer, etc. across my home network from my Atrix, all routed through a Netgear WNR3500L running stock firmware (dd-wrt actually slowed my network down and reduced WiFi range considerably, so I reverted to stock).
First, there is no "magic" within the lapdock device. It is a nice HDMI screen, a couple crappy input devices on the USB side, and a battery. The standard Moto software does recognise the usb device and do some software magic, but certainly you could use the dock on it's own w/o the phone.
As to completely replacing the /osh webtop OS that Motorola provides, that is challanging.
There are 2 basic ways to open it up though. Go to the developers subforum and look for webtop2sd and "full Debian".
Somebody did post recently with an attempt to fully replace the webtop OS. he was using gentoo, so look for that and you should find it. But I suspect it is early, and likely to be a significant WP.
As to learning all this ****. If you do some Linux developement or heavy hacking (which it kind of sounds like) you should set up a full full blown 'droid dev platform and start playing. It is big and bulky, but you will learn faster that way than just searbhing around.
EDIT: just reread your post that you are light on Linux. if you want to do anything more than just follow along, it might be a good idea to setup something like an Ubuntu and get familiar there. 'Droid is way different looking (it really basterdises things around) but yoiu need to know both if you want to play with webtop hacks.
Thanks all. I'll look around again to see if I can find the threads you mentioned. I've tried Webtop2SD but to no success so far.
Thanks again.

[Help] What's the limitation on MTP for Android (Non-Root)

I'm currently researching around for a School project on the limitations of Media Transfer Protocol before doing a POC on how vulnerable is an old version of Android (2.3.6) when directly connected to an unknown PC via USB Cable (USB Debugging switched off).
So far some of the testings that I have tried on Android and IOS are both limited to just retrieving Media Files (e.g. Photos), Recordings etc, nothing really sensitive over here. Next up I'm trying to achieve retrieving sensitive information such as text messages/contacts or even running an infected apk file, but had no luck doing it. So I just want to know if such a thing is possible before I continue messing around without knowing the limitations of it.

G8 Power - Google Locked - USB Dev mode not on - can only access SD card - Best way to get Root?

Picked up a Moto G8 Power off Ebay and I havent touched an Android since I flashed a HTC Desire with Cyanogen Mod years ago.
Product/Variant: sofair XT2041-3 64GB PVT
?BootLoader? BL:MBM-3.0-sofiar-reteu-0f8934adaf8-210928
BaseBand: M6125_43.45.03.48R Sofia_rowdsds_cust
Recovery mode shows: RPES31.Q4U-47-35-9/54bc43
oem_locked
Spent all of today going around in circles.
Google Locked = it wants a pin to verify. Ebay ad stated it was google locked house clearance and not stolen. Nothing shows up in CheckAmend.com
On an offline PC
Android Studio installed - strangely ADB nowhere to be found.
ADB installed separately.
Got Magisk apk
Got from lolinet mirrors
XT2041-3_SOFIAR_RETEU_11_RPES31.Q4U-47-35-9_subsidy-DEFAULT_regulatory-DEFAULT_CFC.xml
blankflash_sofiar_RPE31.Q4U-47-35
From Motorola
Motorola_Mobile_Drivers_64bit
Rescue_and_Smart_Assistant_v6.3.2.12_setup - This will not install and I find this error in the Windows eventlog
MDM Declared Configuration: Function (checkNewInstanceData) operation (Read isNewInstanceData) failed with (The parameter is incorrect.)
Motorola support cant help until monday, but it might be a ASLR or some other MS security thing.
TWRP is missing the Motorola G8 on their website, G7 and G9 and others exist, so this is not an option.
Followed some of those youtube videos showing how to bypass the FRP, which appear to use a variety of tricks to either disable the Google Play Service or use an app to launch another app, a bit like getting the 2nd dial tone by calling a business freephone number, and hacking their phone system to get an onward outbound dial tone in the 80's.. Showing my age!
Before I put the device online using wifi and no sim for mobile data, I could get access to the Androids settings, where I could list apps, set permissions and other things so I'd tried to disable the play store, but these tricks wouldnt work. Put it online and it appears Android has been updated so those previous tricks for getting all the apps listed and makiing changes to their permission etc is no longer there. One of them was using the emergency phone, getting to the contact detail and then choosing a pic to gain access to other apps and that also stopped working and has disappeared which is why I say I think its been updated in all but version number!
I can access a fat32 sd card in recovery mode, but the apk files I put on it dont show, just the folders Android created on blank Fat32 partitions.
USB and ADB dont detect this device so I cant use the Wireshark USB to watch what is going over the USB connection.
AFAIK Android DeveloperMode/Debugging Mode is disabled.
I havent touched an android since the HTC Desires appeared and then I ported it Cyanogen Mod, but I subsequently learnt the UK Police had access to my phone even back then!
Not taking it apart to get access to the JTAG (just yet), I bought a few broke Pixel4A to see what I could learn about them when they arrive as well.
I see in fastboot, the mention of a "console [NULL]:null" is this the fastboot.exe alongside adb.exe in android tools, or something else?
So is there any other way or suggestion to get root for this device?
I fancied looking at LineageOS, or maybe some other OS like an unofficial port of GrapheneOS. I've found the device tree info put up by someone on here which would suggest its possible to port from Android 10Q to an Android11 distro/os, but my first hurdle is my stumbling block, I cant get the USB to work and have not found any other way to get beyond this stage to poke around with the OS and phone.
So any pointers, suggestions, advice, will be much appreciated!
TIA
Edit. It looks like Android/Google/Motorola have done a good job at locking down this OS and phone.
Edit2
Saw this thread here about making sure the Motorola drivers are installed properly.
[HELP] I seem to have bricked my Moto G Power and not it's stuck on bootloader.
This is what it looks like, and if I try to boot into recovery or system it just says "no operating OS found." Windows won't recognize it when trying to connect via USB. Any way to fix this? Help would be greatly appreciated.
forum.xda-developers.com
On Win10x64 I've been into c:\windows\system32\DriverStore\FileRepository, sorted the subfolders by todays date/time and can see a number of subfolders like
motoandroid.inf_amd64_dd80f24dcfb3dc931
motoandroid2.inf_...
motodrv.inf_....
motousbnet.inf....
and when inspecting one of the .inf files in notepad I can see there appears to be a service linked to the driver, but when I check the services, there isnt any services installed.
So I'm starting to think maybe Motorola's installation software doesnt work on windows with the default windows security settings, like exploit protection running.
More investigations...
Edit4
In the Control Panel (yes its still there in Win10), Device Manager, Other Devices are a couple of entries which the latest attempt to install the Motorola USB x64 msi installer created.
These are:
Mot Composite ADB Interface
Motorola ADB Interface
In c:\Windows\system32\drivers are a couple of 0KB wdf files (Windows Driver Foundation) files:
Msft_Kernel_WinUSB_01009.Wdf
MSft_Kernel_motoandroid_01009.wdf
Msft_User_WpdFs_01_11_00.wdf
So when looking at the c:\windows\system32\DriverStore\FileRepository I think the driver that needs to be installed can be found in the subfolder:
motoandroid.inf_amd64_dd80f24dcfb3dc931
However opening the motoandroid.inf file inside I can see lines like
DriverVer=03/25/2013, 1.3.0.0
As this folder was created about 30mins+ earlier, am I correct to believe the actual motorola driver was created back in 25th March 2013 and is version 1.3?
I know its possible to edit inf files to make drivers W2k and XP drivers work on later versions of windows, but the motorola website has the version number 6.4 but is this 6.4 the version number of the installation program?
Anyway scrolling further down the motoandroid.inf I can see towards the bottom instructions to install a service
"Mot ADB Interface Installation Driver" and it needs to find the actual driver in %root%\System32\Drivers\motoandroid.sys
Various paramaters, like a transfer size 4096bytes, a debug level of 2 and plenty of guids which will be found in the registry.
Anyway uninstalling the software as now removed these subfolders from the DriverStore\FileRepository, so a reboot and another attempt to see where its failing.
I just hope it doesnt need an internet connection, as this offline pc is a dev machine.
Onwards and upwards....
Edit 5
So the Windows 10 setting which prevents the Lenevo Rescue and Smart assist from installing is the Windows App and Browser Control > Exploit Protection > Force randomisation for images (Mandatory ASLR) when its on.
You can have every other windows setting on, like ransomware protection, normal ASLR, DEP etc etc and LMSA installs fine, right now its downloading an image to flash from FastBoot, but its not got the Developer mode/USB debug enable in android to make this possible.
Now lets see if I can get the Motorola USB drivers to work with ADB...
Got to say these forums are excellent cheap intelligence gathering tools for manufacturers and software companies to harden their products.
So tried lots and lots of these types of YouTube videos which are exploiting an SE Linux "vulnerabilities/design flaw" by getting access to enough of the system in order to disable/force stop certain apps in order to get past FRP block.
Some of these are less than a month old with less than 100 views, but I also suspect some of them of doing a bit of camera editing. I guess its a way of bunking up the number of views for a youtube account, before it gets rebranded, if thats even possible!?!
Now I managed to get the Lenovo Rescue and Smart Assist program to work, once I realised it will not install when Windows Exploit protection/Mandatory ASLR is enabled (which is a give away as to what the installer is doing on my system as well), and the give away information which suggests it might be worth downloading wireshark and installing the USB "packet" sniffer is the fact that when LMSA is running and you plug your usb cable into the Motorola phone, the phone displays the battery power as a xx% inside a swirling circle of sorts.
So there is some sort of USB communication taking place?
The other thing that gives it away is when you type in your IMEI number into the LMSA Rescue section, its detecting the version of firmware and wants to download the latest version.
LMSA did this to me last night as it downloaded
SOFIAR_RETEU_RPES31.Q4U_47_35_12_subsidy_DEFAULT__regulatory_DEFAULT_CFC.XML.zip
which I guess I can search for on this computer, or at least search for files on my windows hard drive created within a certain date/time frame, as the filename might be scrambled/obfuscated in some temp folder.
So is it just Firmware level communication, or is there some sort of Android communication taking place as well?
If its just firmware, then what could be elucidated/deduced from attacking the firmware? Perhaps its time to get the Wireshark USB sniffer out after all.
As I can also put an SD card into the phone (the start of a potential side channel attack) and the phone will load the SD card, I could explore different routes like some "malware" embedded using a picture to attach to the Emergency Contact details, maybe some PHP embedded in the pictures EXIF data or something that could trigger some other secondary app/process in Android into action.
It might pay for me to lookup the Google Android source if its open source, and look at the Android project source which is open source for any vulnerabilities. Anything mentioned in Github could give away clues
Configure on-device developer options | Android Studio | Android Developers
Learn how to configure system behaviors that help you profile and debug your app performance.
developer.android.com
So are there any issues listed here which doesn't just affect Android 13, but maybe earlier versions as well?
Google Issue Tracker
issuetracker.google.com
So lots of less obvious or not publicly mentioned intelligent sources of potential attack vectors in plain sight.
Seeing if I can alter the cpu clock speed and quantum could also help to introduce some instability, Linux has a wider range of cpu schedulers than windows, but this route tends to hang systems and I have to get enough access to this phone in order to change the route.
The recovery msg logs seen when selecting different bootloader options give away info, I think this is DMesg output of sorts. I'm not a linux programmer, just a boring old windows programmer.
I could explore what else could be loaded from the SD card, using the Bootloader menu options. I was surprised the APK packages dont appear in SD card in the "Recovery Mode > Apply updates from SD card" option. Maybe its not expecting a APK file extension? Mybe its expecting a different file of sorts like a .bin file or .img file. Is this where BlankFlash comes into play?
I have to admit, buying a second hand phone like this with FRB enabled off Ebay from a guy purporting to be in Salisbury home of Noivchok, is also a great way of spreading the latest and greatest malware to unsuspecting hackers and also to phish those who could potentially get around the FRB restriction with the minimum of effort. The UK civil service have their own internal postal system so has something been posted internally down the M5 motorway from Cheltenham, for some intelligence gathering or a cheap way of outsourcing some device cracking?
Oh well the silence is deafening.
So Motorola Support Centre have been in touch and stated:
I am really sorry to say that the kill switch feature, which is known as "Google Lock" is not bypassable by anyone other than the repair center.
So they are stating the Android Factory Reset Protection (FRP) can be bypassed which is another way of saying it can be undone, so the next challenge is finding out where on the device this flag or flags resides.
Is it something like the RaspberryPi One Time Programmable (OTP) switch's that may not be One Time Programmable but like the dip switches seen on the motherboards of early 8086/286/386/etc personal computers, or something else like a file on the main storage device with the rest of android.
I think the first thing to do is get Wireshark and the USB sniffer to see what information is being sent over the USB cable.
And as its possible to get the device online via wifi, it's probably a good idea to see what information is being sent over wifi, so using wireshark on a raspberrypi masquerading as an access point might be useful as well.
So the first thing to do is have a look at the Android documents
Android
Android has 74 repositories available. Follow their code on GitHub.
github.com
https://developer.android.com/reference/android/app/admin/FactoryResetProtectionPolicy
The factory reset protection policy determines which accounts can unlock a device that has gone through untrusted factory reset.
So it looks like Android are also stating the Factory Reset Protection can be undone. It seems a that a single user setup and a corporate setup exist, where a corporate account could be used to remotely wipe a device and then reenable the device, I guess if the user hands it back to the company.
https://developer.android.com/about/versions/marshmallow/android-6.0-changes API 23
EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS is removed so NFC bump provisioning cannot programmatically unlock a factory reset protected device.
You can now use the EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE extra to pass data to the device owner app during NFC provisioning of the managed device.
Interestingly, NFC can be used to unlock FRP in earlier versions of Android. and its possible to use NFC to potentially configure and more other devices using NFC. As NFC is just a low power and thus low range frequency in the RFID range of frequencies alot of other things could be possible. NFC to me is just like any other form of communication method, beit a usb cable, telephone wire, wifi, ultrasonic sounds, or Infrared.
Radio-frequency identification - Wikipedia
en.wikipedia.org
NFCIP-1 and NFCIP-2
Near-field communication - Wikipedia
en.wikipedia.org
As NFC can communicate a request and response, and Android is using NFC to configure devices, using NFC may be a novel attack vector for peoples android devices, without them knowing about it unless they capture on a personal webcam everyone and every NFC device they come in to close contact with. Maybe using payment terminals could become a new attack vector at your favorite local retail outlet?
Well if Covid doesnt make people socially distanced, then maybe an NFC attack vector might if it works beyond the claimed 4cm operating range! Unfortunately this phone does not come with NFC, but others do.
I've got to find the source code....
Android (operating system) - Wikipedia
en.wikipedia.org
Most versions of Android are proprietary. The core components are taken from the Android Open Source Project (AOSP), which is free and open-source software (FOSS) primarily licensed under the Apache License.
Search results for "factory reset protection" | Android Open Source Project
source.android.com
The default implementation of Test Harness Mode uses the same storage mechanism as Factory Reset Protection to store the ADB keys temporarily in a persistent partition.
So it looks like I need to gain access to this "persistent partition" and try to find this ADB for starters.
Seems a bit sneeky of Google and Android here. https://source.android.com/docs/security/bulletin/2016-02-01
At the bottom of the Android webpage is a link to Factory Images of the Google Nexus and Pixel phones which jumps you to Google web page. No indication what so ever I'm leaving Android and going to Google!
Flashing devices | Android Open Source Project
source.android.com
To enable OEM unlocking on the device:
In Settings, tap About phone, then tap Build number seven times.
When you see the message You are now a developer!, tap the back button.
In Settings, tap System, then tap Developer options and enable OEM unlocking and USB debugging. (If OEM unlocking is disabled, connect to the internet so the device can check in at least once. If it remains disabled, your device might be SIM locked by your carrier and the bootloader can't be unlocked.)
Reboot into the bootloader and use fastboot to unlock it.
For newer devices (2015 and higher):
fastboot flashing unlock
For older devices (2014 and lower):
fastboot oem unlock
Tip: if you're seeing `adb devices` output before reboot but fastboot or the flash script are misbehaving, it might be issues with your USB cable. Try a different port and/or switching connectors. If you are using a USB C port on your computer try a USB A port instead.
Confirm the unlock onscreen.
Well the instructions I've seen only talk about the gaining access to settings and the doing 7 taps on the Build Number. Lets see if the rest of the instructions work.
Onwards and upwards....
Well sent the phone back the Ebay seller claiming to be a house clearance business wouldnt provide any paperwork to back up his claims of how he came to be in possession of the phone. So as I planned to do some computer forensics on it, like retrieve the files wiped by a Factory Reset, and the perverse interpretation of the law in this UK, I wasnt prepared to go any further with the phone. So its been sent back. The banks have already shown how untouchable they are, other big businesses are also in the same position and finding illegal stuff on a phone is not a risk I'm not prepared to take without paperwork.

Categories

Resources