Hello all, I recently bought a z2 off ebay to mess around with, and after reading about the TA I feel it's more trouble than it's worth. Here's where I'm at.
Bought it, tested NF from playstore. Esn shows L1 but did not run test stream to verify 1080. Dumbass me.
Rooted it and backed up TA immediately. Then unlocked bl to try some custom kernels. Realized that I cannot restore ta to a custom kernel and soft bricked.
Used flashtool to recover. Rooted and restored ta then unrooted. At this point I should be stock. But my play store is still uncertified and I cannot re-download nf. If I side load it, it does load and the esn shows l1, but the test streams seem to be locked to 480.
So what do yall think, am I boned? Kaltura reports the phone as l3 now, but my keys seem to still be active.
Related
Strange little story– A tale of (apparent) success snatched from the jaws of chronic stupidity and without any idea why it all worked.
I was given an unwanted X10 Mini Pro for my daughter – which was locked to 3 UK. So I unlocked it using a server unlock bought through eBay. That all worked perfectly but then I wanted to unlock the bootloader and install CM9.
I’d installed CM7 on another X10MP for a friend last year and so I had S1tool etc but of course it reported “RA0405” (locked bootloader) and “non recognised certificate” . (Awww, sh1t !)
Well then I read that flashtool can now unlock the bootloader so I thought I’d give it a try. Running Flashtool 8.10 I tried it but couldn’t get beyond the pop-up window where it asks you to connect the phone in flash mode. (Aww, Double sh1t!!)
Then clicking around the options on flashtool I came across “Root” and thought I’d give it a go in case the BL unlock needed root access. Well it threw up a few lines of text and reported that I was rooted. I re-ran the BL unlock again but no joy. (Awwww, double bugg3ry sh1t!!!).
Call me pig-headed but I then tried S1tool one last time. Again, it don’t work but it did throw up one line that told me specifically that while I still had the dreaded “Capital R” locked bootloader that it was “already rooted”.
On the basis that the phone had cost me nothing and that “root” normally indicates “take me any way you like , big boy” I then went back into flashtool and flashed the NaA ICS kernel. It worked!
I tried to restart into CWM – It worked too!! I wiped and flashed CM9 – It worked!!!!
I rebooted praying to all the saints that it wouldn’t bootloop and eventually a lockscreen appeared and it let me in to the start of the usual setup wizard.
Now, the BL unlocking guides all said that forcing a BL unlock with a non-SEMC/SETools or Optimus unlocked phone ccould either break your Sim-unlock or bork your radio functions completely so I still wasn’t optimistic but I shut the phone down slapped in my daughter’s Voda SIM, restarted and – “By the sacred balls of St Bartholemew!!” everything works just perfectly.
Now my question is simple. In true “idiot savant” mode have I got to the right end-point by a totally illogical and a “that should never have worked” series of blunders? Or could someone intelligent tell me why it worked and (if so) why it isn’t already written-up somewhere as another way to get past your BL and do a custom ROM install?
I’m not touching the damn thing again – in case my luck has now run out - that much I do know……
Could you post the output of S1Tool?
Unlocking the bootloader on an unrecognised simlock-certificate MAY work, but more often than not it destroys the radio-capability.
I'm fairly sure your bootloader is unlocked, can't imagine the nAa-kernel working otherwise, but without the output of S1Tool there's no way of telling
I bought this tablet 2 months ago in our local t-mobile. And everything was fine until 2 weeks ago when it suddenly started loosing gsm signal.
At first i thought it had something to do with me rooting it. So i tried repairing it 2 times but with no luck. After that i tried downgrading to 4.1.2 and that didn't work either.
So basically i can be online (surfing,downloading etc.) for few minutes before it drops gsm signal (no signal icon in statusbar) and after few minutes it comes back and then it drops again...
I'd like to know if it can be fixed without taking it to nearest sony repair service. Did anyone encounter similar problem and manage to fix it?
btw bootloader is locked (unlock allowed: no) so flashin another kernel/ROM is out of the question...
wh15tler said:
I bought this tablet 2 months ago in our local t-mobile. And everything was fine until 2 weeks ago when it suddenly started loosing gsm signal.
At first i thought it had something to do with me rooting it. So i tried repairing it 2 times but with no luck. After that i tried downgrading to 4.1.2 and that didn't work either.
So basically i can be online (surfing,downloading etc.) for few minutes before it drops gsm signal (no signal icon in statusbar) and after few minutes it comes back and then it drops again...
I'd like to know if it can be fixed without taking it to nearest sony repair service. Did anyone encounter similar problem and manage to fix it?
btw bootloader is locked (unlock allowed: no) so flashin another kernel/ROM is out of the question...
Click to expand...
Click to collapse
Have you tried factory resting it ? Also you can unlock the boot loader just search xda im sure ive seen a guide somewhere ? i was going to say take it back to Sony as it might be a hardware problem but since you have rooted it your warranty has been voided...
N1NJATH3ORY said:
Have you tried factory resting it ? Also you can unlock the boot loader just search xda im sure ive seen a guide somewhere ? i was going to say take it back to Sony as it might be a hardware problem but since you have rooted it your warranty has been voided...
Click to expand...
Click to collapse
Well firmware flashing via SUS repair option usually does that for me.. but yeah, i tried factory reset as well. And about bootloader unlocking i've been searching for a guide ever since i bought it. No such luck... Apparently if it's "bootloader unlock allowed: NO", it's meant to stay that way. At least until someone finds a way around it.
I've got a vague idea about how does rooting work and that tells me if i did a complete wipe and flashed my tablet, how can they detect it?
I mean.. it's a complete reinstall, how are they supposed to know that the tablet was rooted on previous firmware if it currently isn't?
wh15tler said:
Well firmware flashing via SUS repair option usually does that for me.. but yeah, i tried factory reset as well. And about bootloader unlocking i've been searching for a guide ever since i bought it. No such luck... Apparently if it's "bootloader unlock allowed: NO", it's meant to stay that way. At least until someone finds a way around it.
I've got a vague idea about how does rooting work and that tells me if i did a complete wipe and flashed my tablet, how can they detect it?
I mean.. it's a complete reinstall, how are they supposed to know that the tablet was rooted on previous firmware if it currently isn't?
Click to expand...
Click to collapse
Well im no pro, but don't they have some kind of binary counter witch tells the manufactures the devices has been rooted ? i know that's how Samsung goes about identifying if the devices has been rooted... But Sony im not too sure, Also your theory does hold ground, if you clean install from the ground up then Sony shouldn't be able to tell, if the device has been rooted, also you do know that Sony have a guide on there website on how to unlock the boot loader ? Here check it out http://developer.sonymobile.com/services/unlock-bootloader/
N1NJATH3ORY said:
Well im no pro, but don't they have some kind of binary counter witch tells the manufactures the devices has been rooted ? i know that's how Samsung goes about identifying if the devices has been rooted... But Sony im not too sure, Also your theory does hold ground, if you clean install from the ground up then Sony shouldn't be able to tell, if the device has been rooted, also you do know that Sony have a guide on there website on how to unlock the boot loader ? Here check it out...
Click to expand...
Click to collapse
I know about that website. That's how i unlock every sony i come across that needs unlocking :laugh:
But it also says if the "Bootloader unlock allowed" is NO in service menu, then there is no hope for unlocking the bootloader. At least not officially.. until someone comes with a solution for that..
So i managed to get some extra details on that problem.
Apparently i can't get LTE signal anywhere. And when i get LTE, connection automatically drops.
Could it be that the LTE chip is faulty? Does that mean that i'll probably get another device... because somehow i doubt that theyll try to replace the motherboard
So just putting this thread together just for research in hope of a Widevine Level 1 on all devices
Some people say its not possible, but im literally steps away from gaining this on an un authorized S905x device
So what do we know so far?
DRM is implemented almost everywhere in the firmware, partitions include
-booloader
-system
-uboot
-kernel
... plus more?
So its not a matter of copying files and adding a few properties to the rom.
From my underatanding and confirmed by a source, the bootloaded must be able to withhold/wipe core DRM data if the bootloader is unlocked or the device is rooted.
There may be an acception to root over UART.
The good think about AMLogiv devices is the simple fact that they distribute updates bundled as firmware, some devices have Widevine L1, some dont.
As most boards/chips are almost exactly the same with slight differences that do no effect functionallity, theoretically we could flash a Widevine L1 firmware on a non widevine L1 device.
Thats the firmware problem solved.
But thats still not enough, from the very very small research and tests ive been able to conduct, we need to flash keys with USB burning tool, and so far im unable to gain these keys..
The keys i think we may require are DHCP and WidevineKeybox, these keys are distributed by manufacturers/sellers of our boxes, they are license files required for flashing certain firmware, if anyone has keys like this please let me know.
As for anyone else who has any info on how we may be able to achieve this goal, if your information is very relavent, PM me, we do not want Google, netflix, amlogic, etc to know we have found a way around this.
For any other useful info post in this thread.
Hi
I'm using VideoStrong K III pro device , and few months ago they update Widevine key . In attachment you can see the app with keys to few videostrong devices . But few weeks ago this key was blocked by Google I think. Maybe it help somehow
bratmat said:
Hi
I'm using VideoStrong K III pro device , and few months ago they update Widevine key . In attachment you can see the app with keys to few videostrong devices . But few weeks ago this key was blocked by Google I think. Maybe it help somehow
Click to expand...
Click to collapse
Hey, my DRM research is complete, seems those new keys were released due to my research as i did gain Widevine L1 on an uncertified device, thats why i removed my other thread
How do I get l1 on my device with wiped drm keys
I'm stuck with l3 on my device (asus zenfone max pro m1) .my drm keys are wiped by the firmware.how do I get l1 on device?
Is it just me or anyone else too for whom some apps still show device as rooted even though the device is unlocked, so forget about the device being rooted. My device is ANE-AL00 C675.
Tested firmwares: 8.0.0.141/150/154 (all stock ROMs)
App showing device as rooted: BHIM(UPI app)(after entering the device PIN)
However other critical apps like Netflix, G-Pay, banking apps are working fine. Though BHIM app works, but it shows my device as rooted, which means something is wrong with my device which I am unable to figure out. Initially I though, there is something wrong with the app, but it works fine with my other rooted device(i.e. Xiaomi RN4 or mido but with Nougat ROM). Next I unlocked the bootloader and rooted it via Magisk, but same results i.e. other critical apps working fine, but same error with BHIM. This issue is quite similar with some One Plus models who too are getting such errors when they update to Oreo ROMs. Is this issue with all official Oreo ROMs(OEMs) or just some particular ROMs or just my device?
Any help from we greatfully apreciated. Someone please help me in this regard.
So basicaly I was being lazy and in a rush. I had done something like this before on much older phone(s) with no issues...
I backed up my working LG G5 in TWRP all partitions. I brought exactly the same model for my wife and wanted to restore my backup to that phone (I have made many customisations on my rom and didnt want to have to manually do it all again for her)
However after unlocking the bootloader, flashing TWRP and installing new base rom (all went fine) I then went to restore my old backup onto this new phone, stupidly I ticked all partitions to restore. I have a feeling that I should have only done the larger partitions. Once I rebooted I got the "cant be trusted" message, I reflashed in UPPERCUT but then the phone booted and then had secureboot enabled. I hit the wrong password (as there was none) 30 times which then forced a format. Now the phone boots fine and works 100% BUT...BUT....
I now can no longer unlock the bootloader as I think its trying to use MY phones bootloader (as its unlock.img says its the wrong one, I have tried both MY phones original unlock.img and my wifes new phones unlock.img but both dont work) I cannot relock the bootloader as it says its already locked... this also now means that through LG official software I cannot recover the phone. Only UPPERCUT can see the phone. I can get to download mode and fastboot.
Also the phones IMEI now says 0, this worried me however her SIM card is working 100% fine (I guess that the IMEI
is cached somewhere, but im worried that if I use some cleaning tools it may scrub it and then she will have no network access)
So basicaly if her phone starts to play up (or I want to upgrade it to Oreo / Lineage at a later date) can anyone offer me advice on how to...
A: Fix / Restore the bootloader (I dont mean recovery) Im confused as to if this is stored on a chip or can be reflashed from the kdz firmware images.
B: Resore the IMEI (I have it written down) incase we get any network issues in the future. Can it be resored or regenerated without some fancy hardware, ie only through software.
C: I dont have Root or TWRP access it seems, any way of Getting Magisk or Super SU on a phone without bootloader unlock, root access or TWRP?
I have had many years experience and never bricked a phone but almost did this time.
I decided to post a solution here, because it was one of the first Google results when I was looking for some help.
Long story short, I did exactly same mistake of restoring all partitions, including the EFS, between two same LG devices. Turns out it messes with IMEI, which is a big no no and phone locks. Now you can't unlock the device again, because there is no IMEI to use in unlocking. Also no flashing or erasing anymore, because it just fails.
So the IMEI needs to be restored first.
My phone was in a bootloop constantly showing the "cant be trusted" message, but I managed to fix that using LGUP. Apparently not all partitions are locked, because trying to flash the same system with LGUP fixed the bootloop, but failed to flash clean system and the data that TWRP flashed was still there. Trying to restore system to factory settings also fails, but it doesn't matter.
Fortunately I was able boot the system, which made fixing it easier than you'd expect:
1. Fixing the IMEI from booted system (no root or unlocking needed):
- Access the hidden menu on your device by dialing a proper number. For LG G5 H850 it is *#546368#*#850#
Where 850 in the last part is your phone model. The number will vary for different models.
- Go to SVC Menu -> CRCWIZARD Test
- Switch tab to Auto MID
- Here you can enter your new IMEI and WiFi and BT MAC addresses, or you can just generate it.
You can also use the generate option for all values and then manually change only the IMEI for the original one.
- Press MID Write button and reboot your device.
- That's it. IMEI issue should be fixed now.
2. Now that you restored your original IMEI, you can again unlock your device using the same unlock.bin file that you used to unlock bootloader the first time.
Voila. From now on the device is again unlocked and you can just go back to flashing whatever you need.