I have been messing with my androids for many years now and recently I stumbled onto a thing. My phone has a screen pin and encryption status is "encrypted" but still OrangeFox recovery loads contents of /sdcard /data without any problems. Doesn't matter if that's a newly flashed recovery or just "fastboot boot orange.img" or "fastboot flash recovery orange.img" either way I see this as a huge security risk for my data to be so easily accessible. What am I missing?
yuvrajraghuvanshi said:
I have been messing with my androids for many years now and recently I stumbled onto a thing. My phone has a screen pin and encryption status is "encrypted" but still OrangeFox recovery loads contents of /sdcard /data without any problems. Doesn't matter if that's a newly flashed recovery or just "fastboot boot orange.img" or "fastboot flash recovery orange.img" either way I see this as a huge security risk for my data to be so easily accessible. What am I missing?
Click to expand...
Click to collapse
Mine does the same but it's an alpha build so it has a long way to becoming stable. I'm thinking about changing to another recovery because of this security flaw. I think @DarthJabba9 already knows about it. If he didn't he will know after reading this quote.
Related
Okay,
So I've had my HTC One S for a while now, and just decided to unlock/root/flash custom ROM tonight. Well, I think I got to tired, and I made a few mistakes.
Everything went well initially. I was able to unlock the bootloader, flash new recovery (clockwork), root the phone and install the stable Cyanagen HTS One S built. Cyanagen never booted past the intro animation screen though. I cleared cashe, dalvik cache, and did a factory reset, and then reflashed the rom. Again, nothing.... just got stuck.
I was pretty tired at this point. Long story short, I accidentally formatted the originally rom/google pack file from the "sd card." Now I can't reflash a rom or anything. It's just going around in circles.
I tried doing a "./fastboot update <filename.zip>" but it just gave me an error about not having any android.txt or something like that. Through some of the research I did, it seems you can't actually update a ROM through fastboot? Is that true? If not, what did I do wrong? I'm on a mac btw...
I was then thinking about "adb" but I don't really know much of anything about it. I booted my phone into recovery mode, then went to install zip from side load, and then type "./adb sideload <filename.zip>" in my terminal window. It started to do something, but in the end, it said device not found.
I'm super tired, I've been up all night trying to "unbrick" my phone. I now am coming to the masses in hopes that I'm just too "newby" at this and I'm missing something stupid. Is there a way to flash a new rom on my phone—and for me to hope that that does the trick and lets me boot up that bad boy.
Oh yea. I forgot the biggest mistake yet! I forgot to do a backup of my device before the new ROM was flashed originally! A lot of stupid mistakes. That's why you don't do these kinds of projects for the first time late at night/early in the morn I guess.
Any help would be greatly appreciated. Thanks everyone in advance.
Dd you flash the boot image from the zip file using fastboot.
If not:
Extract the rom zip on your computer which also has fastboot installed on it. Then copy the boot image to the folder where your fastboot is. Then enter into the folder which contains fastboot and the boot image and type fastboot devices after plugging in your device in fastboot mode thorough the bootloader. It should display your phone serial in the command window. Then type fastboot flash boot boot.img then reboot with cm installed and it should work.
Sent from my HTC One using Tapatalk 4 beta
**Press the thanks button if I have helped you.
up user got right. flash boot.img from rm then reboot and fash rom in cwm.
Sent from my WT19i using xda app-developers app
Boom. That seemed to work. Up and running CM. Thanks!
WildfireDEV said:
Dd you flash the boot image from the zip file using fastboot.
If not:
Extract the rom zip on your computer which also has fastboot installed on it. Then copy the boot image to the folder where your fastboot is. Then enter into the folder which contains fastboot and the boot image and type fastboot devices after plugging in your device in fastboot mode thorough the bootloader. It should display your phone serial in the command window. Then type fastboot flash boot boot.img then reboot with cm installed and it should work.
Sent from my HTC One using Tapatalk 4 beta
**Press the thanks button if I have helped you.
Click to expand...
Click to collapse
more problems
Okay. Maybe I need to start a new thread. I'm having some issues. The phone is up and running in CM. I can make/receive calls.
The problem now? CM is not recognizing my built in internal storage on my HTC One S. There is no actual sd card slot on the HTC One S—There are multiple slots for internal storage, and it doesn't seem to be recognizing that space at all. So, I can't use my camera for example.... and my available space for new apps is very limited (should be 32gb if I remember correctly...)
Also, when it did boot, it didn't go into the normal "set up your google account" that android normally goes into. I did add account in settings, but it doesn't seem to be syncing all my contacts/etc/etc.
Any other thoughts on what else I need to do to get my device working as it actually should? Thanks for all the help again.
WildfireDEV said:
Dd you flash the boot image from the zip file using fastboot.
If not:
Extract the rom zip on your computer which also has fastboot installed on it. Then copy the boot image to the folder where your fastboot is. Then enter into the folder which contains fastboot and the boot image and type fastboot devices after plugging in your device in fastboot mode thorough the bootloader. It should display your phone serial in the command window. Then type fastboot flash boot boot.img then reboot with cm installed and it should work.
Sent from my HTC One using Tapatalk 4 beta
**Press the thanks button if I have helped you.
Click to expand...
Click to collapse
... I should mention
Based on my initial message—I did "format SD" at one point when I was attempting to get CM to boot properly initially. Hopefully that didn't jack things up further... When I boot into recover, I'm unable to create a backup or anything like that—it just gives an error when attempting to mount the "sd card."
Any thoughts? Oye. Last time I do late night work on my only phone.
tylermoney said:
Okay. Maybe I need to start a new thread. I'm having some issues. The phone is up and running in CM. I can make/receive calls.
The problem now? CM is not recognizing my built in internal storage on my HTC One S. There is no actual sd card slot on the HTC One S—There are multiple slots for internal storage, and it doesn't seem to be recognizing that space at all. So, I can't use my camera for example.... and my available space for new apps is very limited (should be 32gb if I remember correctly...)
Also, when it did boot, it didn't go into the normal "set up your google account" that android normally goes into. I did add account in settings, but it doesn't seem to be syncing all my contacts/etc/etc.
Any other thoughts on what else I need to do to get my device working as it actually should? Thanks for all the help again.
Click to expand...
Click to collapse
further discovery
Okay, so I did another factory reset just in case—it looks like the factory reset wasn't able to do exactly what it needed either. I saw an error in the formatting of the SD in that process as well. A message like "android-secure" or something like that.
"Error mounting /sdcard/ .android_secure!
"Skipping format..."
tylermoney said:
Based on my initial message—I did "format SD" at one point when I was attempting to get CM to boot properly initially. Hopefully that didn't jack things up further... When I boot into recover, I'm unable to create a backup or anything like that—it just gives an error when attempting to mount the "sd card."
Any thoughts? Oye. Last time I do late night work on my only phone.
Click to expand...
Click to collapse
Fixed it
Okay. So a couple of things here. Thought you guys may like to be updated on the progress, as it is positive.
1) How I fixed the SD card mounting issue
• I tried re-flashing other recoveries, and tried reformatting the sc card from that (using TWRP vs Clockwork currently)—that DID NOT work
• I was able to get the drive to be recognized by osx (not mountable though—had to attempt to mount through recovery)—I then reformatted to a Mac OS Extended (Journaled) format—when I next plugged my phone into the usb port connected to my computer, it stated that the "sd card (there isn't really one...)" was damaged, and asked if I'd like to reformat it—I did, and Valhalla.
2) I realized that I had forgotten to re-flash gapps after the initial re-flash of CM10—which is why my startup wizard never came about and I was unable to sync to my google account... blah blah. So, I flashed google apps, then cyanogen 10, and here we are.
Going to attempt a nightly later on this week probably. Going to keep stable for a few days. Hah.
I guess we can consider this a closed case for now. Thanks.
Hi guys,
I’m currently using a custom MM ROM and after learning how easy it is to get around the lockscreen, I would like to encrypt my device. Really, what’s the point of using PINs and having a fingerprint reader when anyone can just delete a few files and access your data?
So my question is does Kenzo support decrypt from TWRP? I succeeded in encrypting my data, but I can’t get TWRP to accept any PIN or password. I’m afraid to stay encrypted in case I need to access my data in TWRP. I don’t even know if its possible to make backups if you encrypt your data.
So, is there any way to access encrypted data in TWRP?
Good news for everyone interested in protecting their data! (I see there are no such people here.) I solved the problem where anyone could remove my lockscreen with the following method.
First, I flashed stock recovery. You can find it in any official fastboot ROM and flash it either in TWRP or Flashify and similar. Then, I disabled USB debugging (so that no one could use adb to remove the files). And finally I relocked my bootloader (with the command “fastboot oem lock”), which means that no one can flash TWRP in fastboot (you can still flash it in Flashify).
I will congratulate myself. Also, I no longer need to bother @vibhu0009 to implement decryption (I would still feel safer if he did it though )
Filip013 said:
Good news for everyone interested in protecting their data! (I see there are no such people here.) I solved the problem where anyone could remove my lockscreen with the following method.
First, I flashed stock recovery. You can find it in any official fastboot ROM and flash it either in TWRP or Flashify and similar. Then, I disabled USB debugging (so that no one could use adb to remove the files). And finally I relocked my bootloader (with the command “fastboot oem lock”), which means that no one can flash TWRP in fastboot (you can still flash it in Flashify).
I will congratulate myself. Also, I no longer need to bother @vibhu0009 to implement decryption (I would still feel safer if he did it though )
Click to expand...
Click to collapse
Hey! I am interested in unlocking bootloader ONLY and at the same time protect my data and you seem to be having experience in this situations. It would be great if u help.
Note: I am asking everything regarding xiaomi devices.
Q1. Do fastboot commands work if usb debugging is disabled?
Q2. When bootloader is locked, can we flash anything (unsigned roms or images) through fastboot or only signed packages or nothing?
Q3. If i have an unlocked bootloader, is it possible that anyone would flash a custom recovery (TWRP) through fastboot and use its file manager to copy my data to external otg or something even worse, delete my lock screen settings (password files) and have direct access to the device.
What would be the case If i have secure boot (password before bootup) turned on? Will he be able to access the files (encrypted) via recovery's file manager?
Q4. Suppose secure boot is turned on and anyone flashes custom recovery through fastboot, will it boot directly into the recovery or will it ask for password when booting first time into the newly flashed recovery. If it would boot directly into recovery, what will happen if one tries to access files through file manager of recovery. Will he be able to gain access to the files (copy, move, delete)?
Q5. Can a device be factory reset or completely erased including passwords and all by any fastboot commands. Can it be prevented if usb debugging is disabled?
Thanks in advance.
Hi everyone,
I have a Wileyfox Swift 2 which came up with and update available. So I went ahead and installed the new update.
I hated it.
So I tried to install a ROM of the previous update using TWRP Recovery. Problem was I accidentally wiped the original OS the phone was running one without having the ROM I wanted to install on the phone (It was my first time doing something like this). I had no access to the phone apart from the fastboot and TWRP Recovery Screens. I emailed Wileyfox Tech Support and told them what happened. They sent me several versions of the stock OS (the new one I wanted to get rid of, but I would be glad to get it working at all at this point).
I ended up having to use ADB Sideload to get the ROM on the phone and I'm pretty sure it is installed properly. Problem is: when I boot it up these messages come up:'your device software can't be checked for corruption, please lock your bootloader' and then 'dm verity not started in enforcing mode' for 5 seconds, and then it just gets stuck on the white booting up screen until I turn it off or go into Recovery. I know how to fix the bootloader lock error but that erases all user data on the phone. I really need to sort this out so what should I do?
Would appreciate any help,
Thanks!
By the way I don't really care about any data on the device, everything is backed up elsewhere.
After flashing the rom you can use adb in twrp recovery with the following command: adb reboot "dm-verity enforcing"
This should remove the dm verity message and allow your phone to boot.
Thank You
But do you mean have TWRP Recovery open on the phone and have ADB command window open on the computer and type the command because I've done that and it comes up with 'error: device null not found'.
I'm completely new to this sort of thing so as much detail as possible would be appreciated.
Yes, you have to have twrp open and on your pc the adb windows. First type adb devices to see if windows recognizes your phone. Mine says 50580003 recovery, when I type the command. If you get an error, you'll probably need to install the driver in device manager.
Ok thanks for confirming that for me. The problem is that my phone doesn't even show up as being connected to my computer and I can't access the phone's OS to turn on USB Debugging, so when I type the command 'fastboot devices' nothing comes up. Is there a way to do this from TWRP Recovery?
Hmm.... You could try installing the old cyanogen of and use that to enable usb debugging. Alternatively you could try flashing Magisk https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445 . I never tried it but it should work also.
BlueSheep274 said:
Ok thanks for confirming that for me. The problem is that my phone doesn't even show up as being connected to my computer and I can't access the phone's OS to turn on USB Debugging, so when I type the command 'fastboot devices' nothing comes up. Is there a way to do this from TWRP Recovery?
Click to expand...
Click to collapse
Reboot your phone to fastboot mode from TWRP (reboot>bootloader) or the wileyfox boot menu then flash this file
(https://drive.google.com/open?id=0B34ZucLt1HQ9YjFRQ0otbmFRc28)
from your computer with fastboot.
It will also overwrite your recovery, system, data and internal storage partitions.
Facing same/similar problem
boa05 said:
Reboot your phone to fastboot mode from TWRP (reboot>bootloader) or the wileyfox boot menu then flash this file...
(link removed to allow first-time post)
from your computer with fastboot.
It will also overwrite your recovery, system, data and internal storage partitions.
Click to expand...
Click to collapse
Unfortunately the download link you provided is no longer available, would you mind reposting please?
I got the link working. Thanks for sharing. Unfortunately, flashing them failed with the following:
"Updater process ended with ERROR: 7"
Googling the error code, I found this: //.lineageosdownloads(dot)com/fix-error-7-lineage-os/ but I'm still just going round in circles trying to get OTA updates, re-flashing, rebooting into dastboot, losing adb connections and on and on....
markusmunch said:
Unfortunately the download link you provided is no longer available, would you mind reposting please?
Click to expand...
Click to collapse
Sorry about it, here is a reuploaded version.
Exact same problem
Having made exactly the same mistake as the OP, I've managed to re-install the old version of CyanogenOS but I can't get updates OTA or get rid of this dm-verity enforcing error on boot up. Any help would be massively appreciated.
markusmunch said:
Having made exactly the same mistake as the OP, I've managed to re-install the old version of CyanogenOS but I can't get updates OTA or get rid of this dm-verity enforcing error on boot up. Any help would be massively appreciated.
Click to expand...
Click to collapse
Just download the nougat ROM from Wileyfox, they will send you a link if you ask them. Then you can flash boot and system (and if you like all other partitions and radios) and it will then be on nougat and working correctly.
Scott
Worked
RedNas74 said:
After flashing the rom you can use adb in twrp recovery with the following command: adb reboot "dm-verity enforcing"
This should remove the dm verity message and allow your phone to boot.
Click to expand...
Click to collapse
I have been living in dm-verity hell for the past 4 hours trying to fix my phone after a bad firmware flash (4.1.3 replacing a bad SuperSU uninstall), even trying various 4.0.2 firmwares and full packages, as well as a full-phone restore to a previous TWRP backup I had from a few days ago.
I have absolutely no idea why none of the other methods at all worked (such as the simple fastboot oem disable_dm_verity then re-enable command), but this one finally did it on 4.1.3 *fingers crossed it stays that way*
The stock recovery is a thorn in my side. I have unlocked my bootloader and disabled the FRP lock but every time I go to flash TWRP it doesn't stick. Fastboot tells me that the file transfer is completed and OK, as does the phone's screen, but Huawei eRecovery is still there.
I want it gone completely. Would erasing the recovery partition and reformatting it get rid of it?. Or is there a file inside the phone that tells it to keep Huawei eRecovery?.
Closest I've gotten is TWRP 3.1.1.0 by nemo-nemo but the touch controls weren't working properly (slides but doesn't 'click') so I couldn't progress past the initial screen.
raffieltiger said:
The stock recovery is a thorn in my side. I have unlocked my bootloader and disabled the FRP lock but every time I go to flash TWRP it doesn't stick. Fastboot tells me that the file transfer is completed and OK, as does the phone's screen, but Huawei eRecovery is still there.
I want it gone completely. Would erasing the recovery partition and reformatting it get rid of it?. Or is there a file inside the phone that tells it to keep Huawei eRecovery?.
Closest I've gotten is TWRP 3.1.1.0 by nemo-nemo but the touch controls weren't working properly (slides but doesn't 'click') so I couldn't progress past the initial screen.
Click to expand...
Click to collapse
Not a good idea to delete erecovery partition it is a handy fallback if things go badly wrong!
Anyway erecovery and recovery are two separate partitions, they do not interfere with each other!
Try erasing recovery partition before flashing twrp like this
Code:
fastboot erase recovery
then
Code:
fastboot flash recovery twrp.img
I've just had my Nexus 9 a couple of weeks ago, been running on stock OTA 7.1.1 from Google with FireIce kernel. While tweaking around using ElementalX's app on the Play Store, I happened to create a simple script to reboot into recovery (i.e.
Code:
reboot recovery
).
After I ran the script, the tablet turned itself off for about ~3 seconds before showing up the Google logo, but this time it went straight into the stock recovery. I tried powering off the device and power it back on, but it kept going into the stock recovery which I remembered having it replaced with TWRP a few days ago. Things went weirder as I attempted to boot into TWRP using HBOOT (fastboot boot TWRP.img) and do a factory reset, but halfway through the process, it froze with the error 'can't mount /data (invalid argument)'.
I tried a few solutions online, one of which involved the command
Code:
fastboot -w
. I was able to get into the OS, but as soon as the boot animation ends I was asked to enter my password. No matter what the password, what resulted in the end was the same: "Decryption Unsuccessful - Your data is corrupt" and an option to do a factory reset, but to no avail, since it showed error halfway as well.
I noticed that while trying to do
Code:
fastboot -w
, it gave me a warning "f2fs not supported", furthermore the device seemed to be encrypted right from the factory.
Can anyone tell me what exactly happened? How to decrypt my tablet? I've tried FED Patcher but wasn't able to understand the guide thoroughly.
UPDATE: I've managed to install the Lineage OS 15.1 unofficial ROM and so far it's running fine but still get the "encrypted" thing going on.
format data and flash magisk or fec patcher to remove force encryption
ChristopherXI said:
format data and flash magisk or fec patcher to remove force encryption
Click to expand...
Click to collapse
Did that, nothing worked :/