Hi,
I own a Pono player, which is great when it comes to sound, but has a crappy firmware.
On early versions, it seems that debugging was easier (https://forum.xda-developers.com/t/...-file-1-0-3-gingerbread-complete-rom.2967757/) but since version 1.0.6 everything is locked (or I'missing something.. how did they extract logs, ROMs, etc?).
So my idea is to craft a fake update file in order to re-enable adb, push a new main app, etc.
The upgrade process works as follow:
- Connect the PonoPlayer and put a "pono_1.0.6.update" file on the /.pono/ directory
- Craft a firmware.xml file which is supposed to contain the current firmware version: set it to 1.0.5
- Disconnect the Pono, it now thinks it' in version 1.0.5 and an upgrade to 1.0.6 is available.
Internally, the main Pono app scans the .pono/ folder and calls RecoverySystem.verifyPackage.
This works just fine: the device updates again to version 1.0.6.
Now I want to modify this update file and I still have no success even with a simple unpack/repack, without touching anything, thus not altering signatures.
I've tried to unpack/repack using apktool ("apktool d pono_1.0.6.update" + "apktool b pono_1.0.6.update.out") but the firmware update fails (stucked at 0%, and according to the app code that's what happens when an unexpected exception occurs).
I've tried to re-sign it (PonoPlayer is using the android testkey) with no more success.
How is it that a simple unpack/repack creates an apk with seems wrong is some ways?
Thanks for any help, I'm quite stucked..
NothNoth said:
Hi,
I own a Pono player, which is great when it comes to sound, but has a crappy firmware.
On early versions, it seems that debugging was easier (https://forum.xda-developers.com/t/...-file-1-0-3-gingerbread-complete-rom.2967757/) but since version 1.0.6 everything is locked (or I'missing something.. how did they extract logs, ROMs, etc?).
So my idea is to craft a fake update file in order to re-enable adb, push a new main app, etc.
The upgrade process works as follow:
- Connect the PonoPlayer and put a "pono_1.0.6.update" file on the /.pono/ directory
- Craft a firmware.xml file which is supposed to contain the current firmware version: set it to 1.0.5
- Disconnect the Pono, it now thinks it' in version 1.0.5 and an upgrade to 1.0.6 is available.
Internally, the main Pono app scans the .pono/ folder and calls RecoverySystem.verifyPackage.
This works just fine: the device updates again to version 1.0.6.
Now I want to modify this update file and I still have no success even with a simple unpack/repack, without touching anything, thus not altering signatures.
I've tried to unpack/repack using apktool ("apktool d pono_1.0.6.update" + "apktool b pono_1.0.6.update.out") but the firmware update fails (stucked at 0%, and according to the app code that's what happens when an unexpected exception occurs).
I've tried to re-sign it (PonoPlayer is using the android testkey) with no more success.
How is it that a simple unpack/repack creates an apk with seems wrong is some ways?
Thanks for any help, I'm quite stucked..
Click to expand...
Click to collapse
Alright, I think I got it:
When rebuilding, the original scripts found in META-INF/com/ are lost. Just need to figure out how I can place them back.
It's probably for me time to read: https://forum.xda-developers.com/t/guide-index-how-to-modify-an-apk.4208093/post-84170227
NothNoth said:
Alright, I think I got it:
When rebuilding, the original scripts found in META-INF/com/ are lost. Just need to figure out how I can place them back.
It's probably for me time to read: https://forum.xda-developers.com/t/guide-index-how-to-modify-an-apk.4208093/post-84170227
Click to expand...
Click to collapse
For the record, I finally found how to fix that: https://forum.xda-developers.com/t/need-tech-advice-before-archeology.4306981/#post-85423037
Hi, I inadvertently wiped ny pono player, so now no music shows on player or the SD card. I formatted the internal memory when I was supposed to format the SD card. I am sure the player will now be unusable. Is this right ?
Related
I am at a point where I would really like to reformat & apply the 14 HDX 8.9 update in order to test a few things that I would like to try on a clean slate.. Unfortunately, it fails & is deleted after telling me that the version on my device is newer.
I have tried editing the FWUpdate zip, which includes a text file showing Ernie version numbers in several combinations of higher sequential numbers, but it still fails. I have also poured through hours of HEX & init files, try to determine where this data is called from.
Does anybody know where else the version/date data may be polling from with in the update.bin archive?
I don't know if you fixed it, but modifying the date in build.prop seems to work.
I have 2014 HDX 8.9 with Fire OS 4.5.2...
Letvme kno if need any file
GSLEON3 said:
I am at a point where I would really like to reformat & apply the 14 HDX 8.9 update in order to test a few things that I would like to try on a clean slate.. Unfortunately, it fails & is deleted after telling me that the version on my device is newer.
I have tried editing the FWUpdate zip, which includes a text file showing Ernie version numbers in several combinations of higher sequential numbers, but it still fails. I have also poured through hours of HEX & init files, try to determine where this data is called from.
Does anybody know where else the version/date data may be polling from with in the update.bin archive?
Click to expand...
Click to collapse
Read my post from here. You can reflash using this technique, but I think the result would be the same to doing a restore.
There are 2 or 3 files in the zip where the version number is present. Get it from build.prop and grep for all the files that contain it.
LE
Could you let it download the 4.5.2 ota and then try to copy the crafted ota to the internal storage. I'm hoping that the check-binary script can access and copy the downloaded ota. This would be a simple way to dump a 3.2.7 downgrade ota when someone gets it.
Be careful not to let your tablet idle after it downloads the new ota. After trying this you can do a factory restore to delete the ota from cache.
Hello everyone,
I use an LG Optimus L4 II (e445). I rooted it but then decided I had too much on it and decided to restore to factory settings. It all worked fine. However, when I got to the Google Account sign in page, it gave me the "couldn't establish a reliable connection to the server" error message. I followed every single tutorial I could find online as to how to solve this. None of them worked. Eventually, I re-rooted it (using VRoot) and managed to download an apk of ES file explorer and locate the hosts file. This had one line that shouldn't have been there:
127.234.104.240 android.clients.google.com
From what I can make out, this is the address of google's sign in servers. So somehow (I suspect malware/dodgy rooting program?) my hosts file has been edited to stop me logging into google. Restoring the device does nothing, neither does unrooting/rerooting. When I open up the file in ES (when rooted) and edit out the bad lines, I can't save for some reason- I think the /system folder is write protected.
So I tried to make the /system folder writeable. I used the android sdk to do this (mount -o command) but this did not do anything. I downloaded the mount /system apk and installed that, it did not help either. I tried /pull and /push on the hosts file to edit it and send it back using the apk. I could successfully pull and edit it, but it would not let me push it back. I'm kind of stuck here. I can effectively not use my phone- I can't use most apps and can't download any, and have no other solutions up my sleeve. Any ideas?
Thanks a lot,
Louis
(PS I hope I've posted correctly, I'm a n00b to this website )
Louietheflyisme said:
Hello everyone,
I use an LG Optimus L4 II (e445). I rooted it but then decided I had too much on it and decided to restore to factory settings. It all worked fine. However, when I got to the Google Account sign in page, it gave me the "couldn't establish a reliable connection to the server" error message. I followed every single tutorial I could find online as to how to solve this. None of them worked. Eventually, I re-rooted it (using VRoot) and managed to download an apk of ES file explorer and locate the hosts file. This had one line that shouldn't have been there:
127.234.104.240 android.clients.google.com
From what I can make out, this is the address of google's sign in servers. So somehow (I suspect malware/dodgy rooting program?) my hosts file has been edited to stop me logging into google. Restoring the device does nothing, neither does unrooting/rerooting. When I open up the file in ES (when rooted) and edit out the bad lines, I can't save for some reason- I think the /system folder is write protected.
So I tried to make the /system folder writeable. I used the android sdk to do this (mount -o command) but this did not do anything. I downloaded the mount /system apk and installed that, it did not help either. I tried /pull and /push on the hosts file to edit it and send it back using the apk. I could successfully pull and edit it, but it would not let me push it back. I'm kind of stuck here. I can effectively not use my phone- I can't use most apps and can't download any, and have no other solutions up my sleeve. Any ideas?
Thanks a lot,
Louis
(PS I hope I've posted correctly, I'm a n00b to this website )
Click to expand...
Click to collapse
After trying for a few weeks now, I've still had no success. One idea has come to me though- installing a rom. Would downloading a custom ROM change my hosts file? Also, if so, could anyone recommend one that is similar to default android? One last idea that I've got at the moment is sonehow completely wiping the hard drive of the phone and reinstalling androud on it, though I have no idea whether that is even possible, and if so, how to do it. I would really appreciate some help here!
Thanks again,
Louis
After reading, I can only talk as one who knows less than you.
Let me say this from the start.
Root=/= unlock bootloader
Find a way to unlock boot loader first, with a Google search.
Use fastboot to flash a recovery (.IMG) made for your phone. fastboot is something like adb.
Let's just say that that is more complicated than rooting. It gave me a headache at first.
_______/
Pertaining to your problem, how about a reflash of the system image?
The official lg mobile support tool may help you with this.
Search for your phone model on the lg support page, look under manuals and downloads, then under software update.
J2270A said:
After reading, I can only talk as one who knows less than you.
Let me say this from the start.
Root=/= unlock bootloader
Find a way to unlock boot loader first, with a Google search.
Use fastboot to flash a recovery (.IMG) made for your phone. fastboot is something like adb.
Let's just say that that is more complicated than rooting. It gave me a headache at first.
_______/
Pertaining to your problem, how about a reflash of the system image?
The official lg mobile support tool may help you with this.
Search for your phone model on the lg support page, look under manuals and downloads, then under software update.
Click to expand...
Click to collapse
I'm not entirely sure I understand you here, but I'll try. What would unlocking the bootloader do to my phone? Would it enable r/w on the system folder? Also, what is a reflash of the system image? How would I do that?
I'll try these things if I can, but would still appreciate help.
Look around on http://wiki.cyanogenmod.org/w/Basic_concepts?
It should give you some info in flashing and unlocking.
It can give people quite a headache, with all those terms.
________
As for the part under the line, I'm talking about a restoring of the phone to the default state via official methods.
Instructions would be given by the official support programme.
J2270A said:
Look around on [I can't post urls yet ]
It should give you some info in flashing and unlocking.
It can give people quite a headache, with all those terms.
________
As for the part under the line, I'm talking about a restoring of the phone to the default state via official methods.
Instructions would be given by the official support programme.
Click to expand...
Click to collapse
Ok, so from what I can work out, cyanogen does not support my device. Would doing it for a similar device work? Are there any ROMs that support my device?
under the line, restoring the phone via the official ways actually just wipes the user data, not including the HOSTS file which is what I need to wipe. What I really need it is basically a ROM that completely wipes my phone and reinstalls some version of android.
Any other ideas?
While there may not be official support for a phone for a custom ROM, you may be able to find unofficial ports/versions if you search for it in the forums.
From what I know, a system reinstall via official methods wipes data and almost everything else, then downloads from its servers system files to be installed to the phone. At least, my phone was reverted to a stock ROM when I restored it after using a custom ROM. It may be different for some, but generally, this is what I think.
Important: only use a ROM made for your device model only, do not use the ones made for a similar phone, the small differences are no longer small in this case and will cause a system error(?)
Generally, once you have successfully unlocked boot loader using a method for your phone, the instructions afterwards are generally the same for all phones. You'll be able to get better answers in the threads specifically for your phone, so try to look for one and look for the already tried methods,
Here's one:
<You'll need to quote to copy link>
Louietheflyisme said:
Hello everyone,
I use an LG Optimus L4 II (e445). I rooted it but then decided I had too much on it and decided to restore to factory settings. It all worked fine. However, when I got to the Google Account sign in page, it gave me the "couldn't establish a reliable connection to the server" error message. I followed every single tutorial I could find online as to how to solve this. None of them worked. Eventually, I re-rooted it (using VRoot) and managed to download an apk of ES file explorer and locate the hosts file. This had one line that shouldn't have been there:
127.234.104.240 android.clients.google.com
From what I can make out, this is the address of google's sign in servers. So somehow (I suspect malware/dodgy rooting program?) my hosts file has been edited to stop me logging into google. Restoring the device does nothing, neither does unrooting/rerooting. When I open up the file in ES (when rooted) and edit out the bad lines, I can't save for some reason- I think the /system folder is write protected.
So I tried to make the /system folder writeable. I used the android sdk to do this (mount -o command) but this did not do anything. I downloaded the mount /system apk and installed that, it did not help either. I tried /pull and /push on the hosts file to edit it and send it back using the apk. I could successfully pull and edit it, but it would not let me push it back. I'm kind of stuck here. I can effectively not use my phone- I can't use most apps and can't download any, and have no other solutions up my sleeve. Any ideas?
Thanks a lot,
Louis
(PS I hope I've posted correctly, I'm a n00b to this website )
Click to expand...
Click to collapse
Well, the same problem persists on my phone as well. Whenever I change the hosts file by removing the additional line, it saves but after some time it comes again and I have to remove it again and again!
Ish Takkar said:
Well, the same problem persists on my phone as well. Whenever I change the hosts file by removing the additional line, it saves but after some time it comes again and I have to remove it again and again!
Click to expand...
Click to collapse
I have this problem with my S3 and I always delete the "hosts" file! I should find witch process make this file!!
Hi,
I'm actually trying to port Firefox OS 2.1 on the Nexus 7 2013 (aka "flo"), and after managed to download and compile the sources, I am facing a problem at the last step. Instead of flashing Firefox OS on my Nexus via the conventional method (using flash.sh), I would like to create a recovery-flashable zip file (as is often seen with custom ROMs). However, I have no idea how to build one, and the analysis of some zip files does not really helped me to understand which files to include and which script to write.
Here are the files generated by the build: http :// i.imgur.com / MgobUsp.png
If anyone could help me and explain me how to create that famous zip file ^^.
In advance,
thank you
Nobody? :-/
@cmbaughman was working on this in this thread: http://forum.xda-developers.com/showthread.php?t=2479192&page=6
ImCoKeMaN said:
@cmbaughman was working on this in this thread: http://forum.xda-developers.com/showthread.php?t=2479192&page=6
Click to expand...
Click to collapse
Due to a large project that came my way at work, I've been unable to work on this however I hope to in a few weeks after we demo our new apps. If you want to check mine out it's here http://goo.gl/gioiDv however the only real issue with mine which is quite fixable was that I used the wrong version of the Gaia, and webapps. You can use mine as a template really, here is how:
1. Build FF OS
2. Now when building ( I am going from memory here so ask if you ha e questions), pass the argument otapackage and you'll get a "flashable" update.zip in your out dir.
3. Find either a fully built version of ff for any device but make sure its the same version, OR build Gaia yourself, see the official docs for how to do that as they explain it very well.
4. From that you go through the output and find the webapps dir.
5. Copy webapps to your built otapckage at /system/b2g/webapps.
6. Now I'd use either my update script from the link I gave you (after looking through and updating anything that needs updated because mine is a few months old.) Make sure there is nothing in there about formatting data or anything (cause you don't want to lose that!) And after repackaging (use a kitchen or whatever method you prefer), you'll have a flashable Firefox zip.
Its a process so use a little trial and error and you'll overcome any issues you find. Any questions let me know.
ImCoKeMaN said:
@cmbaughman was working on this in this thread: http://forum.xda-developers.com/showthread.php?t=2479192&page=6
Click to expand...
Click to collapse
Due to a large project that came my way at work, I've been unable to work on this however I hope to in a few weeks after we demo our new apps. If you want to check mine out it's here http://goo.gl/gioiDv however the only real issue with mine which is quite fixable was that I used the wrong version of the Gaia, and webapps. You can use mine as a template really, here is how:
1. Build FF OS
2. Now
any progress on this im intrested in doing this
Don't waste your time creating such a zip file, just use fastboot to flash the various IMG compiled files.
Hello.
I was forced to reinstall firmware due to phone issues.
Now I'm again with root and TWRP.
Firmware is on nougat, version c900b300 but many files are missing.
In particular, themes cannot be applied even if I can download them.
I followed a procedure suggested for the Mate 8 but with no results.
Is someone able to help me?
I think this is not a post for q&a section.
Otherwise please move it.
Thanks.
Ah, even the ringtones folder is empty, but this is not a big issue...
Try these 2 methods
1 - https://forum.xda-developers.com/honor-6x/help/solved-huawei-gr5-2017-honor-6x-problem-t3606037
2 - https://forum.xda-developers.com/honor-6x/help/theme-issue-5-0-upgrade-t3579812/page2
First method pushed FM spk in data folder, I rebooted but no FM radio app shows up.
Regarding second method, Google drive file doesn't exist.
I hope to be able to install Oreo when available through TWRP.
Now I don't have the updater and I'm not receiving ota update from Huawei. Unfortunately I'm stuck with March security updates
Dammit, I'm out of ideas at the moment. Plus, i didn't knew that even updater was missing... You wanna try with an apk of mine extracted?
of course mate.
Now I'm more relaxed, as I understand that is better just playing with this phone. I'm not gonna put job related files anymore in, so if something happens, I can recover easily.
Baaaaaaaaad phone...
Ah, sorry if I forgot to mention that I miss A LOT of file. Basically all the crapware like Health or Huawei related bullshits, updater, ringtones, themes are not installing. Cannot even load a different wallpaper.
But I have nougat base and patches till March.
Better than nothing!
Ringtones= thank you Zedge to exist!
Themes= amen, I can live with it
Diamantes said:
Ah, sorry if I forgot to mention that I miss A LOT of file. Basically all the crapware like Health or Huawei related bullshits, updater, ringtones, themes are not installing. Cannot even load a different wallpaper.
But I have nougat base and patches till March.
Better than nothing!
Ringtones= thank you Zedge to exist!
Themes= amen, I can live with it
Click to expand...
Click to collapse
For Huawei bloatware it's surely a positive thing if you don't care, since that those results "well" radicated into system and aren't easy to remove. For all the rest, looks like you are on a firmware build that was created to another build, and so causes various incompatibilities... But it's the worst case that i saw, except bricking related cases maybe a rebranding to an other variant, with the flash of another firmware could solve at least the missing apps issue. Anyway, i uploaded the updater apk; after all i don't think it'll works sincerely neither making it a system app with apps or modules like systemizer, if all those issues are present already... But in the worst case here, you'll just get an install failure due to an apk version that doesn't match your first, initial build. Try for fun, i would say.
Thank you for the tips.
Even if I read on this forum (honor in general) many different opinions regarding how to flash a Rom with twrp...and sometimes even with dload method.
I mean: it seems to me that with twrp is compulsory to flash the zip with "PV" only, even if many disagree
With dload, unzip the folder and better to put all the files, not only the .app one inside...
Am I right?
By the way, the updater apk should be put inside what folder? Of course it cannot be installed normally (file corrupted)
You can use apps like Link2SD, but if the file looks corrupt (had this problem too when i accidentally deleted compass app time ago) it means that doesn't matches your build number. You could try by installing a version that matches your actual build.
Diamantes said:
Thank you for the tips.
Even if I read on this forum (honor in general) many different opinions regarding how to flash a Rom with twrp...and sometimes even with dload method.
I mean: it seems to me that with twrp is compulsory to flash the zip with "PV" only, even if many disagree
With dload, unzip the folder and better to put all the files, not only the .app one inside...
Am I right?
By the way, the updater apk should be put inside what folder? Of course it cannot be installed normally (file corrupted)
Click to expand...
Click to collapse
Yes, with dload method, you need to flash all files available in zip to get everything working, i tries this and everything worked for me without anything missing.
For flashing zip, yes it is PV files that can be flashed via Twrp
The problem, as far as I know, is that now Huawei stopped releasing ROM files and even the .ru website now will have problems to collect files...
Diamantes said:
The problem, as far as I know, is that now Huawei stopped releasing ROM files and even the .ru website now will have problems to collect files...
Click to expand...
Click to collapse
They are still getting it. Not sure how
Solution
Hey, i have had the same Problem with the theme changer - found this solution which just take 1 minute
Themes:
- I downloaded the Huawei Tool from here:
https://forum.xda-developers.com/honor-8/development/tool-srk-tool-huawei-bootloader-root-t3470823
- enable USB-Debugging connect your phone to the PC and start the tool
- choose "7" for utilities
- after that choose "12. Install /data/hw_init (Mate8,P9,P9 Plus)" and confirm
- after reboot the theme change will work again!
Will it work on honor 6x? The hw data is only for p9 ,isnt it?
starkeeper2018 said:
Hey, i have had the same Problem with the theme changer - found this solution which just take 1 minute
Themes:
- I downloaded the Huawei Tool from here:
https://forum.xda-developers.com/honor-8/development/tool-srk-tool-huawei-bootloader-root-t3470823
- enable USB-Debugging connect your phone to the PC and start the tool
- choose "7" for utilities
- after that choose "12. Install /data/hw_init (Mate8,P9,P9 Plus)" and confirm
- after reboot the theme change will work again!
Click to expand...
Click to collapse
Will it work on honor 6x..the hw data is showing only for honor p9 ,etc but not 6x
Hi everyone,
I own a PonoPlayer which is running Android 2.3 (ARM v7 / Cortex A8). I'd like to perform some software upgrades but sadly the device is not running adb.
I'd like some tech advice before going deeper, just to make sure I'm using the proper approach and not wasting my time
Disclaimer: I read everything I could find about the Pono (there's some old thread about it on this forum) but that didn't really help.
What I already tried:
Because I'm more a developper and vulnerability researcher I started by what I'm comfortable with: looking for vulnerabilities. I decompiled the main APK (player-release.apk) but found nothing obviously exploitable.
The last available firmware update is version 1.0.6. The upgrade bundle is clearly based on that : https://github.com/Lekensteyn/make-gapps-zip
Decompressing the archive using apktool shows:
boot.img
META-INF (which contains META-INF/com/google/android/updater-script)
recovery
system
The update bundle seems to be signed using the test-keys found on the above repository. So I tried to forge a fake 1.0.7 update bundle by simply unpacking 1.0.6 and repacking + signing. This fails, the player detects the 1.0.7 update bundle, tries to perform the upgrade and is stuck. Obviously, someting wrong happens but since I've no log or any kind of remote access, there's no way for me to debug.
Next step:
I plan to setup a Android 2.3 emulator, running a dummy ARMv7 image and use it to load the 1.0.6 legit update bundle. Thus I would have something close to the real Player image.
From this, I would be able to load my 1.0.7 fake update and see what goes wrong.
I this something obvious that I'm missing? I this the proper approach?
Thanks for any advice!
Allright, here's my own follow up !
I ended up finding how to create an OTA package for the Pono Player.
Basically, I start from the last known firmware (1.0.6), patch it and re-bundle it.
Hopefully, the Pono Player uses the Android test keys ...
My main issue (for the last 4 years..) was that the whole OTA package is signed, not just its contents, by adding a specially crafted zip comment.
This can be enabled by using the "-w" option of the signapk command.
I've successfully updated the licences.txt (let's start small ) file on the device.
All the required scripts for unpacking/repacking an OTA package are available here: https://github.com/NothNoth/PonoPwn