(Mods, if this is in the wrong section, feel free to move it. I posted it here cause I saw most of the SIM unlock related things in the Dev section, but I wasn't sure where to post it.)
I'm sure most of you who are looking to SIM unlock your Captivates have seen/read about Helroz who posted about how to repair your nv_data.bin file so you can get your phone unlocked. Unfortunately, Helroz is from France and it seems he might have poorly translated his post using Google Translate.
If you have a Captivate, please follow the directions in the quote as I have edited them for our phones specifically.
NWolf over at the Vibrant forums made a web based tool that eliminates any problems and confusion. No Java or any runtime files are needed. You only need to know how to read and use ADB. (And if you don't know how to use it, simply follow the directions that he has posted on the site, they are VERY easy to follow and understand.)
Now it says that it is untested for Froyo/2.2 ROMs, however I am running a stock JI6 (apart from being rooted and sideloaded) and it worked just fine for me. Follow the directions exactly and you should not have any issues. NWolf's website is here: http://www.communityhosting.net/sgsunlock/
Also remember, that when you are backing up your /efs directory to your sdcard, that the location has changed. In Eclair it is simply /sdcard but on Froyo it is /mnt/sdcard
Captivate & Vibrant must follow these instructions to unlock the phone:
Step 1: Install / Verify that you have a v2.1 ROM or v2.2 ROM installed.
Step 2: Get your current nv_data.bin file from the /efs directory on your phone. This can be done with ADB or any other method you choose. If you do not with to enter these commands manually, you can download two DOS batch files that accomplish the same thing, though sometimes they encounter problems they can't handle. Most often, the nv_data.bin file is not readable and you will get a permission denied with these batch files. This means something is wrong with your su -c command. You'll need to enter the commands manually, as the batch files won't be able to perform the proper commands.
Download unlock1.bat and unlock2.bat . Run unlock1.bat first, then unlock2.bat after you have your new nv_data.bin file.
To do this with ADB, from the DOS command prompt you can type::
adb pull /efs/nv_data.bin
If you receive a permission denied error, you can fix it by typing the following commands from an ADB shell (type "adb shell" at the DOS command prompt) or from within a terminal on the phone:
su
chmod 777 /efs/nv_data.bin
exit
exit
Then from the DOS command prompt:
adb pull /efs/nv_data.bin
Step 3: Select the file on the main Samsung Galaxy S Unlocker & Repair page
Step 4: Enter your desired Unlock and Unfreeze Codes and click the SUBMIT button
Step 5: Download the new file that is generated for you
Step 6: From ADB shell (Type "adb shell" at the DOS command prompt) or a terminal on your phone, enter the following commands to backup your current EFS related files, in case something goes wrong.
su
mkdir /sdcard/efs_backup
busybox cp -d -r /efs /sdcard/efs_backup
rm /efs/nv*
rm /efs/.nv*
Step 7: Put the new nv_data.bin file you downloaded in the /efs directory, this can be done from a DOS command prompt with ADB with the command:
adb push nv_data.bin /efs
Step 8: Almost done - now we will fix the permissions. From an ADB shell (type "adb shell" at the DOS command prompt) or from within a terminal on the phone:
su
chmod 755 /efs/nv_data.bin
chown radio.radio /efs/nv_data.bin
reboot
If you receive an error after typing chown, use instead:
chown 1001.1001 /efs/nv_data.bin
Step 9: After the phone has rebooted, return to ADB shell ("adb shell" at the DOS command prompt) or a terminal on your phone and type:
su
ls -l -a /efs
If there is an nv_data.bin.md5 file in the directory, all is well. You should continue with these commands:
busybox cp /efs/nv_data.bin /efs/.nv_data.bak
busybox cp /efs/nv_data.bin.md5 /efs/.nv_data.bak.md5
chown radio.radio /efs/.nv_data*
If you receive an error with the chown command, use instead:
chown 1001.1001 /efs/.nv_data*
If there was no nv_data.bin.md5 file, then something went wrong and you'll need to reflash again with a known working ROM that generates a new MD5 file when it's missing. The one you are using does not.
Step 10: Last step! Create a directory on your /sdcard called "efs_good" and copy the /efs files info it. This can be done via ADB shell ("adb shell" at the DOS command prompt) or in a terminal with:
su
mkdir /mnt/sdcard/efs_good
busybox cp -d -r /efs /mnt/sdcard/efs_good
reboot recovery
You are finished. Your phone should be rebooting into recovery. Once the recovery menu comes up, select the Wipe Cache option and reboot. You should NOT be asked for an unlock code anymore. If you are, something went wrong
Click to expand...
Click to collapse
They say a picture is worth a thousand words, so here's proof that this does work:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Credit goes to NWolf for creating the website. Please consider donating to him (for the work) or I (for the support).
Original thread from the Vibrant forums can be found here: http://forum.xda-developers.com/showthread.php?t=822008
Hello I have some questions:
1) So I am assuming that you start this procedure after putting in a non att sim card right?
2) Should the unlock and unfreeze codes be different?
3) Do I do this with my phone connected to the computer in debugging mode?
4)When it says
{cp /efs/nv_data.bin /efs/.nv_data.bak
cp /efs/nv_data.bin.md5 /efs/.nv_data.bak.md5
chown radio.radio /efs/.nv_data*}
If you receive an error with the chown command, use instead:
chown 1001.1001 /efs/.nv_data*
do I have to type the entire thing over again if I get error(from bracket) or do I just type
chown 1001.1001 /efs/.nv_data
joeshmoe08 said:
1) So I am assuming that you start this procedure after putting in a non att sim card right?
Click to expand...
Click to collapse
Doesn't matter if your AT&T sim card is in or not.
2) Should the unlock and unfreeze codes be different?
Click to expand...
Click to collapse
They can be different, or they can be the same. I made them the same for simplicity.
3) Do I do this with my phone connected to the computer in debugging mode?
Click to expand...
Click to collapse
Anytime you use ADB and the command prompt, your phone MUST be in debugging mode.
4)When it says
{cp /efs/nv_data.bin /efs/.nv_data.bak
cp /efs/nv_data.bin.md5 /efs/.nv_data.bak.md5
chown radio.radio /efs/.nv_data*}
If you receive an error with the chown command, use instead:
chown 1001.1001 /efs/.nv_data*
do I have to type the entire thing over again if I get error(from bracket) or do I just type
chown 1001.1001 /efs/.nv_data
Click to expand...
Click to collapse
You need only to type chown 1001.1001 /efs/.nv_data*
Performed all the steps and can verify that network lock status now says off!
WheresWaldo said:
Performed all the steps and can verify that network lock status now says off!
Click to expand...
Click to collapse
How do I get to the network status screen?
jhernand1102 said:
How do I get to the network status screen?
Click to expand...
Click to collapse
*#7465625#
Sent from my Captivate
miztaken1312 said:
Doesn't matter if your AT&T sim card is in or not...[/B]
Click to expand...
Click to collapse
Thank you so much for the quick response, tried it and got it working!
joeshmoe08 said:
Thank you so much for the quick response, tried it and got it working!
Click to expand...
Click to collapse
My pleasure. Beats paying attention in night class.
Sent from my Captivate
miztaken1312 said:
(Mods, if this is in the wrong section, feel free to move it. I posted it here cause I saw most of the SIM unlock related things in the Dev section, but I wasn't sure where to post it.)
I'm sure most of you who are looking to SIM unlock your Captivates have seen/read about Helroz who posted about how to repair your nv_data.bin file so you can get your phone unlocked. Unfortunately, Helroz is from France and it seems he might have poorly translated his post using Google Translate.
NWolf over at the Vibrant forums made a web based tool that eliminates any problems and confusion. No Java or any runtime files are needed. You only need to know how to read and use ADB. (And if you don't know how to use it, simply follow the directions that he has posted on the site, they are VERY easy to follow and understand.)
Now it says that it is untested for Froyo/2.2 ROMs, however I am running a stock JI6 (apart from being rooted and sideloaded) and it worked just fine for me. Follow the directions exactly and you should not have any issues. NWolf's website is here: http://www.communityhosting.net/sgsunlock/
Also remember, that when you are backing up your /efs directory to your sdcard, that the location has changed. In Eclair it is simply /sdcard but on Froyo it is /mnt/sdcard
They say a picture is worth a thousand words, so here's proof that this does work:
All the information from this post is from NWolf's website and all the credit goes to him. Thanks man! If this works for you, you should really consider donating to him, I know I sure am.
Original thread from the Vibrant forums can be found here: http://forum.xda-developers.com/showthread.php?t=822008
Click to expand...
Click to collapse
Pretty cool. I haven't checked, but just looking at the site, I figured you could just rewrite the FFFFFF in the nv_data.bin with whatever code you want. I didn't have a way to test it and asked for testers, but no one was interested. Since it worked as I thought, I'll put it in superoneclick
Now I have not paid much attention from when I unlocked on 2.1. Are people unlocked on 2.1 going to 2.2 and having their phones re-lock? Or do they never unlock on 2.1 and we now have an option for 2.2. I am just curious as my phone says it is still unlocked from when I upgraded to 2.2 about 1 month ago.
CLShortFuse said:
Pretty cool. I haven't checked, but just looking at the site, I figured you could just rewrite the FFFFFF in the nv_data.bin with whatever code you want. I didn't have a way to test it and asked for testers, but no one was interested. Since it worked as I thought, I'll put it in superoneclick
Click to expand...
Click to collapse
So then in superoneclick are you going to update the existing unlock method or will there be two ways?
Ps: when will the new version be availabe (I already unlocked of course but many friends who have captivate want to unlock but are afraid to even touch cmd prompt)
joeshmoe08 said:
So then in superoneclick are you going to update the existing unlock method or will there be two ways?
Ps: when will the new version be availabe (I already unlocked of course but many friends who have captivate want to unlock but are afraid to even touch cmd prompt)
Click to expand...
Click to collapse
Actually, this isn't the same method as I thought. I'll look into it...
flashman2002 said:
Now I have not paid much attention from when I unlocked on 2.1. Are people unlocked on 2.1 going to 2.2 and having their phones re-lock? Or do they never unlock on 2.1 and we now have an option for 2.2. I am just curious as my phone says it is still unlocked from when I upgraded to 2.2 about 1 month ago.
Click to expand...
Click to collapse
This is for people who went from 2.1 and were sim locked and then went to 2.2 and wanted to sim unlock but couldn't due to corrupted NV_data files.
And Joe, please keep those questions in his thread. I wanna keep this thread for troubleshooting this method.
Sent from my Captivate
That's weird. My method is Helroz's method of patching the file with 00000000 instead of FFFFFFFF, but this website does something else completely different.
It's weird because the website says: "This tool is based off of Helroz's work, many thanks to him for the groundwork that made this possible."
Does your method insert the unfreeze code as well?
Sent from my Captivate
I just realized helroz has a new method: http://forum.xda-developers.com/showpost.php?p=8887801&postcount=31
I'll take a look at it later.
Code:
public boolean effectuer(byte[] sim, byte[] freez)
throws IOException
{
boolean fail = false;
FileInputStream f = new FileInputStream("./nv_data.bin");
FileInputStream sortie_lect = new FileInputStream("./nv_data.binvierge");
int total_s = sortie_lect.available();
int total_e = f.available();
byte[] b = new byte[total_e];
byte[] s = new byte[total_s];
sortie_lect.read(s);
sortie_lect.close();
f.read(b, 0, total_e);
int val_imei = 85;
for (int i = 0; i < val_imei; ++i)
{
s[(1572868 + i)] = b[(1572868 + i)];
System.out.println(b[(1572868 + i)]);
}
int val_productcode = 238;
for (int i = 0; i < val_productcode; ++i)
{
s[(1605636 + i)] = b[(1605636 + i)];
System.out.println(b[(1605636 + i)]);
}
try
{
int val_unfreez = 8;
for (int i = 0; i < val_unfreez; ++i)
{
if ((freez[i] >= 48) && (freez[i] <= 57)) {
s[(1572937 + i)] = freez[i];
System.out.println(b[(1572937 + i)]);
}
else {
JOptionPane.showMessageDialog(null, "Erreur : Vous n'avez pas renseigner un chiffre a la position " + (i + 1) + " du code de defreezage");
fail = true;
break;
}
}
val_unfreez = 8;
for (int i = 0; i < val_unfreez; ++i) {
if ((freez[i] < 48) || (freez[i] > 57)) break;
s[(1572945 + i)] = freez[i];
System.out.println(b[(1572945 + i)]);
}
int val_simlock = 8;
for (int i = 0; i < val_simlock; ++i) {
if ((sim[i] >= 48) && (sim[i] <= 57)) {
s[(1572954 + i)] = sim[i];
System.out.println(b[(1572954 + i)]);
}
else {
JOptionPane.showMessageDialog(null, "Erreur : Vous n'avez pas renseigner un chiffre a la position " + (i + 1) + " du code de simlockage");
fail = true;
break;
}
}
val_simlock = 8;
for (int i = 0; i < val_simlock; ++i) {
if ((sim[i] >= 48) && (sim[i] <= 57)) {
s[(1578094 + i)] = sim[i];
System.out.println(b[(1578094 + i)]);
}
}
}
catch (ArrayIndexOutOfBoundsException e)
{
JOptionPane.showMessageDialog(null, "Erreur : Nombre de chiffres invalides, réessayer.");
fail = true;
}
FileOutputStream sortie_ecrit = new FileOutputStream("./nv_data.binvierge");
sortie_ecrit.write(s);
sortie_ecrit.close();
sortie_lect.close();
f.close();
return fail;
}
}
will port
Edit: This is just two things in one. It replaces your SIM and UNFREEZE code by replacing it with 000000, exactly as I theorized.
The rest "restores" your product code in case you messed it up. There's no need to do that unless you've been hex editing your files.
The code is pretty inefficient though. I still don't understand why the website makes so many changes to the file...
For some reason I the website doesn't actually patch your file. It just reads the IMEI and plugs it into another template file. That's pretty risky...
miztaken1312 said:
This is for people who went from 2.1 and were sim locked and then went to 2.2 and wanted to sim unlock but couldn't due to corrupted NV_data files.
And Joe, please keep those questions in his thread. I wanna keep this thread for troubleshooting this method.
Sent from my Captivate
Click to expand...
Click to collapse
my bad
When going through the steps outlined on the unlocker page I am running into an issue with step #11.
The instructions read:
Step 11: Last step! Create a directory on your /sdcard called "efs_good" and copy the /efs files into it. This can be done via ADB shell ("adb shell" at the DOS command prompt) or in a terminal with:
su
mkdir /sdcard/efs_good
cp -d -r /efs/efs_good
efs reboot recovery
You are finished.
However, when I run those commands I get this a usage screen for the cp command as well as this:
# efs reboot recovery
efs: not found
What am I missing here?
It's just "reboot recovery".
miztaken1312 said:
It's just "reboot recovery".
Click to expand...
Click to collapse
Thank you.
And the cp command? Do you suppose there was an incidental line wrap and the command should read cp -d -r /efs/efs_good efs?
Related
Before we start, ROOT access, along with the "usb debugging" to be enabled on your phone for this unlock to be successful. Your phone must be connected to the computer.
UPDATE:One-click unlock for PC & MAC Created: http://forum.xda-developers.com/showthread.php?t=761751
The first step requires ADB which is a console that comes with the Android SDK, and is located in the C:\ Drive.
You can create a easy script to access adb by creating a text file and copying the following information:
Code:
@echo off
cd c:\android-sdk-windows\Tools
adb devices
pause
adb shell
NOTE: The android sdk must be in the C:\ drive for the script to work, and you can rename the "android-sdk-windows" to something else if you have an alternate name for your android sdk folder.
name the script ADB, and rename the .txt extension to .bat (enable view hidden file extensions in folder options) and run it for quick, and easy access to adb.
Now that problem is solved, lets get on to extracting the actual file from the internal sd card, to your computer for the purpose of extracting the unlock code.
Run adb.bat to open up adb, or any other method you might use and you should see a cmd promt with A list of the devices attached along with your device.
Press any key, and you should see a $ -----> type "su" (without the quotation marks) and press [ENTER]. If your device has already granted "su" or Superuser permissions to your desktop adb console, then you should see a # now you type
the following:
cat /efs/nv_data.bin >> /sdcard/nv_data.bin
press [ENTER] and you should see a repetition of the command you just typed with the difference being that the "#" is not before it, but under it.
You have successfully transferred the file to your internal sd card!
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Now to transferring the file that we will obtain the unlock code, to the computer to extract said code.
On your phone (while still connected to the computer) you must mount the USB storage to extract the file off the internal SD card, (to do this drag the notification bar down while connected, and click the "usb connected" button, which will prompt a pop up for "Mount" and "Don't Mount", we'll be mounting the sd card to extract the file)
now check "my computer" and look for the storage disk of the internal sd card for your phone (not the external!)
then move the "nv_data.bin" file to your C:\ drive
Now you need to download the "sgux.exe" unlock code finder, you can find it at the following:
http://www.mediafire.com/?js8dgn3nic5asb0 or http://www.multiupload.com/2IAYWWGF8A
after downloading the file from either mirror (the media fire one is zipped, which means you need to extract it) you need to move the sgux.exe file to your C:\
Now onto the last step:Obtaining the Code!
after having both the sgux.exe, and nv_data.bin file in the C:\ drive
Run your command promt (run>cmd or if you have a "windows key" press the windows key+r) in the command prompt type "cd C:\" (without the quotation marks) then sgux.exe nv_data.bin and voila the proccess should generate your own 8-digit unlock code!!
Now give yourself a pat on the back for your hard work ;P
HOW TO LOCK SAMSUNG GALAXY S - FOR WARRANTY AND ALTERNATIVE "UNLOCK"
After you get the NCK code using the method above, enter: *7465625*638*#
There will be a pop-up box.
Complete the first field (MCC/MNC) with the network you want your phone locked to (eg. 226 10 where 226 = romania; 10 = orange etc.) and the second field (Control Key) with the NCK extracted from the .bin file.
Press OK and your phone should relock.
This method can also be used in the case where the universal unlock code doesn't work, this is done by "locking the device to the carrier+sim" so someone who uses Rogers in Canada, would use the NETWORK "MCC" for their Country (302) and MNC for the carrier (720) so you use 302 720 with the instructions above to lock the phone to Rogers in Canada, thus allowing you to use the sim card. This is a "unlock" in terms that you can use it with another carrier, but not a "universal" unlock that can be used with any carrier without the hassle of repeating the above method.
Here are the MCC/MNC country codes:
http://en.wikipedia.org/wiki/Mobile_Network_Code
HOW TO UNLOCK AFTER PLACING DIFFERENT SIM
After inserting new sim, you should be prompted to enter unlock code, if not then to unlock your phone just use the code: #7465625*638*# and enter your NCK in the pop-up box. Press OK. Phone should get unlocked .
Click to expand...
Click to collapse
NOTE: Below I have attached the "adb.bat script, and the sgux.exe" files in zips, for those who want to download it directly from here.
I have flashed to JM5 and with Samset 1.9f, It comes pre-rooted but does not have a terminal emulator yet and Id like to give this a try on my locked Galaxy S, but Im not familiar with how to get ADB for my computer.. maybe you can add the steps or post another link for ADB ?
EarlZ said:
I have flashed to JM5 and with Samset 1.9f, It comes pre-rooted but does not have a terminal emulator yet and Id like to give this a try on my locked Galaxy S, but Im not familiar with how to get ADB for my computer.. maybe you can add the steps or post another link for ADB ?
Click to expand...
Click to collapse
I've included all the instruction for running ADB , but in that case make sure you have the android sdk installed
You can download it at the following:
http://dl.google.com/android/android-sdk_r06-windows.zip
Extract the zip, and then just follow my instructions in my original post.
I've also included a script to run it directly, it's attached in the first post and is called "adb.zip" that has the adb.bat script inside.
UPDATE:
You can also use the original method
http://forum.xda-developers.com/showpost.php?p=7776555&postcount=1
but instead of the adb code in there which is the following:
Code:
adb shell
su
dd if=/dev/block/bml3 of=/sdcard/bml3.bak
the above is the original method, but for some adb consoles there's a VITAL step missing!
the actual dev directory.
So below is the fix for the first method to work (use this)
Code:
adb shell
cd /dev/block
su
dd if=/dev/block/bml3 of=/sdcard/bml3.bak
Bowsa2511 said:
UPDATE:
You can also use the original method
http://forum.xda-developers.com/showpost.php?p=7776555&postcount=1
but instead of the adb code in there which is the following:
Code:
adb shell
su
dd if=/dev/block/bml3 of=/sdcard/bml3.bak
the above is the original method, but for some adb consoles there's a VITAL step missing!
the actual dev directory.
So below is the fix for the first method to work (use this)
Code:
adb shell
cd /dev/block
su
dd if=/dev/block/bml3 of=/sdcard/bml3.bak
Click to expand...
Click to collapse
the cd /dev/block shouldn't matter but I will add it to the guide
dagentooboy said:
the cd /dev/block shouldn't matter but I will add it to the guide
Click to expand...
Click to collapse
In my case (along with others) it wouldn't recognize and direct to the directory automatically, causing the creation of the nv_data.bin method.
The simple fix was directing adb to that directory XD
Bowsa2511 said:
In my case (along with others) it wouldn't recognize and direct to the directory automatically, causing the creation of the nv_data.bin method.
The simple fix was directing adb to that directory XD
Click to expand...
Click to collapse
ok sounds good. I found the nv_data.bin method by tracing where bml3 was being mounted. It turns out bml3 is mounted at /efs .... that is probably why you need su to copy bml3 because it is in use.
guys, could you please explain how to sim unlock but with some easier methods
these ADB and so on just have eaten my brains
spent 3 hours and 0 result
using mac os + windows 7 as virtual machine
DarkVasyaK said:
guys, could you please explain how to sim unlock but with some easier methods
these ADB and so on just have eaten my brains
spent 3 hours and 0 result
using mac os + windows 7 as virtual machine
Click to expand...
Click to collapse
Check out the original thread here. I updated it with an automatic script to generate the code.
It Worked.............great................Thank you so much.......
thansk for this!
Instructions worked perfectly ... got my code!
Now just have to find a foreign SIM to complete the job ...
Thanks to all that made this possible. AT&T was being a real PITA about unlocking.
Bowsa2511 said:
Before we start, ROOT access, along with the "usb debugging" to be enabled on your phone for this unlock to be successful. Your phone must be connected to the computer.
The first step requires ADB which is a console that comes with the Android SDK, and is located in the C:\ Drive.
You can create a easy script to access adb by creating a text file and copying the following information:
Code:
@echo off
cd c:\android-sdk-windows\Tools
adb devices
pause
adb shell
NOTE: The android sdk must be in the C:\ drive for the script to work, and you can rename the "android-sdk-windows" to something else if you have an alternate name for your android sdk folder.
name the script ADB, and rename the .txt extension to .bat (enable view hidden file extensions in folder options) and run it for quick, and easy access to adb.
Now that problem is solved, lets get on to extracting the actual file from the internal sd card, to your computer for the purpose of extracting the unlock code.
Run adb.bat to open up adb, or any other method you might use and you should see a cmd promt with A list of the devices attached along with your device.
Press any key, and you should see a $ -----> type "su" (without the quotation marks) and press [ENTER]. If your device has already granted "su" or Superuser permissions to your desktop adb console, then you should see a # now you type
the following:
cat /efs/nv_data.bin >> /sdcard/nv_data.bin
press [ENTER] and you should see a repetition of the command you just typed with the difference being that the "#" is not before it, but under it.
NOTE: Below I have attached the "adb.bat script, and the sgux.exe" files in zips, for those who want to download it directly from here.
Click to expand...
Click to collapse
Thank you for your step by step sir, very helpful, as i was trying to figure out how to get ADB running on my PC.
Thanks again.
not working...tried all methods for pc
tried adb method and cannot create nv_data.bin file system is read-only
tried unlocker app and it says NO CODES FOUND, and also says are you sure your using a samsung galaxy S.
my phone is samsung i897 captivate under att contract, never had to enter a code in the past, but now the phone is locked and i cant retrieve the code, any ideas?
Help please
i´ve tried to unlock have searched der nv_data.bin with a root explorer app, copied this to sd and from there in my folder c:\hack, where the sgux.exe is also
I run it and following i see if its ready:
Opening file <nv.bata.bin>....
Searching code block....
Found
Searching Code...
C:\hack>
where is my code?
Please help
Awesome guide! Can't wait to get my phone monday
I tried adb, and when I type su I get a reply superuser denied, don't understand why, need help
bump......
After running sgux.exe nv_data.bin, this is what show up:
MCC/MNC lock :00101
Any idea?
I'm on att, but currently roaming in China...
after I type su, it say's "Permission denied" what am I doing wrong? Can some please help me
Would it be at all possible to get something like this made for Defy?
This is a script from Galaxy Nexus forums, so I don't think it would work on Defy..
http://forum.xda-developers.com/showthread.php?t=1434950
What it Does
There are various apps out there that can achieve the same result but this is a simple script that uses a random number generator to swap in a random boot animation each time you boot. The script runs one just before the animation and never again until you boot the next time.
You can have any number of animations that will randomise and you can also set a flag to have just one run without needing to delete the others.
Click to expand...
Click to collapse
Couldn't you write a quick shell script to randomly choose a file from SD and copy it over the current bootanimation.zip? It would be executed after boot finishes, perhaps by an app to manage scripts. Just an Idea.
ArRaY92 said:
Couldn't you write a quick shell script to randomly choose a file from SD and copy it over the current bootanimation.zip? It would be executed after boot finishes, perhaps by an app to manage scripts. Just an Idea.
Click to expand...
Click to collapse
I haven't a clue :s I really hope it can be done though.. there are so many awesome boot animations!
Plus I'm making one of my own... or trying to.
Hoping for someone who knows about scripts and things
Okay, I think I will have a go. Let me just find out how to get a random number in unix shell that is in a certain range.
okay, so lets try.
Code:
#!/system/bin/sh -
#Change folder
cd /mnt/sdcard/bootanimations
ls > list
#Get random file
set -- *
length=$#
ran=$(hexdump -e '1/1 "%d"' -n 1 /dev/urandom)
rand=$(( $ran % ($length + 1) ))
file=$(sed -n "${rand}"p list)
#Copy over old animation
cp -f "$file" /system/media/bootanimation.zip
echo "successful if 0: " $?
rm list
Works now, took a piece of code from the other script because I could not get ${!rand} to work on the phone.
Works great for pictures and such too.
ArRaY92 said:
Okay, I think I will have a go. Let me just find out how to get a random number in unix shell that is in a certain range.
Click to expand...
Click to collapse
Perhaps looking at the script I linked to will help?
My script should work, only drop animations into /sdcard/bootanimations.
run once after boot with smanager from playstore
ArRaY92 said:
My script should work, only drop animations into /sdcard/bootanimations.
run once after boot with smanager from playstore
Click to expand...
Click to collapse
I'll give it a try!
After running this I reboot (a couple) and test it?
I'm assuming it needs SU in SManager?
Is this a patch? Will it need anything to remove it if it doesn't work and I can't a boot?
Sorry haha
pk92 said:
I'll give it a try!
After running this I reboot (a couple) and test it?
I'm assuming it needs SU in SManager?
Is this a patch? Will it need anything to remove it if it doesn't work and I can't a boot?
Sorry haha
Click to expand...
Click to collapse
No, this is only a small shell script. I think it needs SU to copy the animation over the existing one.
I am however not sure, if cp copies over the old file without forcing, let me look this up
You can just delete it from sManager if it does not work. Will not prevent you from booting if it fails, phone boots fine without animation. In case of failure, I would however think that it would just fail to change the animation
edit: I added the -f flag to cp.
ArRaY92 said:
No, this is only a small shell script. I think it needs SU to copy the animation over the existing one.
I am however not sure, if cp copies over the old file without forcing, let me look this up
You can just delete it from sManager if it does not work. Will not prevent you from booting if it fails, phone boots fine without animation. In case of failure, I would however think that it would just fail to change the animation
edit: I added the -f flag to cp.
Click to expand...
Click to collapse
Thanks so much for writing it by the way
I'd take a guess that it does need SU to copy the animation, as it is going to a root directory (/system/media).
Does your script mount /system/media as RW or is that not needed in a script? (I have NO idea haha, I'm studying Software Dev but no idea about Android development).
I'll try it out later tonight when I get home (Going out for a few drinks)
pk92 said:
Thanks so much for writing it by the way
I'd take a guess that it does need SU to copy the animation, as it is going to a root directory (/system/media).
Does your script mount /system/media as RW or is that not needed in a script? (I have NO idea haha, I'm studying Software Dev but no idea about Android development).
I'll try it out later tonight when I get home (Going out for a few drinks)
Click to expand...
Click to collapse
Will test it on my own mobile now.
edit: **** wont work
For the hell of it, I cant make it work with sh. Bash works nicely. Most stupid thing is: sManager always forces sh when executing scripts. If you tap on start konsole from within sManager, it starts /system/xbin/bash. calling the script from there works.
I have no Idea for a clean workaround
ArRaY92 said:
Will test it on my own mobile now.
edit: **** wont work
For the hell of it, I cant make it work with sh. Bash works nicely. Most stupid thing is: sManager always forces sh when executing scripts. If you tap on start konsole from within sManager, it starts /system/xbin/bash. calling the script from there works.
I have no Idea for a clean workaround
Click to expand...
Click to collapse
Will I have to run the script each boot? Sorry for all the questions haha.
I'm trying to make my own Boot Animation at the moment... Using Flash CS6 for now..
The part0 (non loop) will be drawing the Pentagram, then the elements appearing
The part1 (loop) will be the elements animated until boot.
I'll be using it with this Boot Logo
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
https://dl.dropbox.com/u/25175326/bootlogos/pentagram.raw
Ok, The only problem I get now is this:
Code:
localhost bootanimations # cp -f $file /system/media/bootanimation.zip
cp: can't create '/system/media/bootanimation.zip' : File Exists
Going to try deleting the boot animation from there and running.
-EDIT-
Deleted /system/media/bootanimation.zip
Ran the script
Ended up with the default Android boot animation :|
Hm. I added the -f to force overwriting. For me it works, I tried it with pictures, every time the the script is executed, I have another picture with the same name. Only make sure to not include sub folders or other files then zip files in the folder.
Sent from my MB525 using xda app-developers app
ArRaY92 said:
Hm. I added the -f to force overwriting. For me it works, I tried it with pictures, every time the the script is executed, I have another picture with the same name. Only make sure to not include sub folders or other files then zip files in the folder.
Sent from my MB525 using xda app-developers app
Click to expand...
Click to collapse
Does the script need to be ran each boot to work?
My process:
Open SManager
Click script - Edit - Copy all
Menu > Console
Run Shell
Hold screen - Paste
No errors at all
Back button - Kill
Reboot (normal)
/sdcard/bootanimations contains the following files:
"Portal.zip"
"CM9.zip"
The only one that seems to run is Portal.zip, making me think that it does need to be run each boot.. Any way around this?
Perhaps it being a flashable zip that does something along these lines or this or something ?
Possible way to get it to run at startup:
Install Autostart (Root)
Download the script Autostart.sh and place it at /data/opt/autostart.sh (Permissions 755 I think)
Place your Boot Animations in /sdcard/bootanimations - They can be named anything.
Reboot your phone, and the script should run
When you next reboot your phone you should have random boot animations working..
This is all just theory so far, I haven't tested it yet!
Nevermind, It seems the Autostart app doesn't work on ICS (so I'm assuming JB too.)
Perhaps a flashable .zip is the best way, editing system files
pk92 said:
Does the script need to be ran each boot to work?
My process:
Open SManager
Click script - Edit - Copy all
Menu > Console
Run Shell
Hold screen - Paste
No errors at all
Back button - Kill
Reboot (normal)
/sdcard/bootanimations contains the following files:
"Portal.zip"
"CM9.zip"
The only one that seems to run is Portal.zip, making me think that it does need to be run each boot.. Any way around this?
Perhaps it being a flashable zip that does something along these lines or this or something ?
Click to expand...
Click to collapse
What shell does smanager open?
Also, did you try just creating a script.sh file with the code I posted and when opening it in sManager klick run? Without any copy and paste?
There is even a button to give su rights to script.
ArRaY92 said:
What shell does smanager open?
Also, did you try just creating a script.sh file with the code I posted and when opening it in sManager klick run? Without any copy and paste?
There is even a button to give su rights to script.
Click to expand...
Click to collapse
After I click run shell it says:
Code:
exec sh -c "cd '/mnt/sdcard' ; exec /system/xbin/bash"
dcard' ; exec /system/xbin/bash"
[COLOR="Red"]localhost[/COLOR] [COLOR="Blue"]sdcard #[/COLOR]
No errors, but the boot anim doesn't seem to change (from what I can see)
I did try saving it as a .sh and open in sManager but you said it only uses sh not bash?
Result of running .sh file without editing anything:
Code:
exec sh 'mnt/sdcard/Random Boot Animation.sh'
andom Boot Animation.sh' <
:not found/Random Boot Animation.sh:line 2:
/mtn/sdcard/Random Boot Animation.sh: cd: line 4:
can't cd to /mnt/sdcard/bootanimations
/mnt/sdcard/Random Boot Animation.sh: line 5: ca:
read-only file system
:not found/random Boot Animation.sh: line 6:
sed: list: No such file or directory
:not found /Random Boot Animation.sh: line 13:
': no such file or directory
Seems to be a bit... messed up lol
(when running as executable i get this:
Code:
# exec sh -c '/mnt/sdcard/script.sh'
sh: /mnt/sdcard/script.sh: Permission Denied
Code:
#!/system/bin/sh -
#Change folder
cd /mnt/sdcard/bootanimations
rm list
ls > list
#Get random file
set -- *
length=$#
ran=$(hexdump -e '1/1 "%d"' -n 1 /dev/urandom)
rand=$(( $ran % ($length + 1) ))
file=$(sed -n "${rand}"p list)
#Copy over old animation
cp -f "$file" /system/media/bootanimation.zip
echo "successful if 0: " $?
This one works for me reliably...
pk92 said:
After I click run shell it says:
Code:
exec sh -c "cd '/mnt/sdcard' ; exec /system/xbin/bash"
dcard' ; exec /system/xbin/bash"
[COLOR="Red"]localhost[/COLOR] [COLOR="Blue"]sdcard #[/COLOR]
No errors, but the boot anim doesn't seem to change (from what I can see)
I did try saving it as a .sh and open in sManager but you said it only uses sh not bash?
Result of running .sh file without editing anything:
Code:
exec sh 'mnt/sdcard/Random Boot Animation.sh'
andom Boot Animation.sh' <
:not found/Random Boot Animation.sh:line 2:
/mtn/sdcard/Random Boot Animation.sh: cd: line 4:
can't cd to /mnt/sdcard/bootanimations
/mnt/sdcard/Random Boot Animation.sh: line 5: ca:
read-only file system
:not found/random Boot Animation.sh: line 6:
sed: list: No such file or directory
:not found /Random Boot Animation.sh: line 13:
': no such file or directory
Seems to be a bit... messed up lol
(when running as executable i get this:
Code:
# exec sh -c '/mnt/sdcard/script.sh'
sh: /mnt/sdcard/script.sh: Permission Denied
Click to expand...
Click to collapse
Sorry for my intermission.
The
:not found/random Boot Animation.sh: line 6:
line, is related with EOL. You are using MS-Dos end of line, but Android (as linux, unix based system) needs Unix end of line for scripts.
When I edit script on Windows, I use Scite it allows change and convert EOL.
There is a lot of Text editors whith this EOL feature.
I would like implement EOL check in SManager, but it is my eternal TODO.
Regards,
Devwom
devwom said:
Sorry for my intermission.
The
:not found/random Boot Animation.sh: line 6:
line, is related with EOL. You are using MS-Dos end of line, but Android (as linux, unix based system) needs Unix end of line for scripts.
When I edit script on Windows, I use Scite it allows change and convert EOL.
There is a lot of Text editors whith this EOL feature.
I would like implement EOL check in SManager, but it is my eternal TODO.
Regards,
Devwom
Click to expand...
Click to collapse
So you wrote sManager? Nice work. One thing that bothers me though, is that if you start a console it starts up bash, but if you run a script it forces sh. That really sucks for testing. Please correct me if I am wrong, or if you have any advice.
Also, the design is kind of old But as long as it works...
[email protected] /cygdrive/c/Users/user/Desktop
$ adb forward tcp:5555 tcp:5555
bash: adb: command not found
[email protected] /cygdrive/c/Users/user/Desktop
$ adb shell
bash: adb: command not found
[email protected] /cygdrive/c/Users/user/Desktop
$ /system/bin/busybox nc -l -p 5555 -e /system/bin/busybox dd if=/dev/block/mmcblk0p12
Can you help ? when i paste this command(adb forward tcp:5555 tcp:5555
adb shell
/system/bin/busybox nc -l -p 5555 -e /system/bin/busybox dd if=/dev/block/mmcblk0p12) on cgywin this what happens.
i really want my phone's internal memory back. it's taken from this guide : http://forum.xda-developers.com/gala...y-yes-t1994705 +,when he says to open another terminal ,he means another window of cygwn not just the one i am using ?
i Really need your advice. i want to recover every kind of data from before the format. adb is installed ,nc is in the folder it's suppose to be ,busybox and the other app installed on my device. all are set in their place.
im on my pc win 7 downloaded and did what is on the guide...
+what does it mean connect your phone in adb mode and unlock the screen ? i connent my phone normally through usb and my adb detects my phone in the list in the commmand prompt and thats all ...
is there a mode i am suppose to be into while accessing my phone through usb cable from my pc ?
EDIT : i saw a guide about it,i try now ...
Are you on Android 4.3+? If so, don't waste your time. That method doesn't work anymore when you have deleted your files.
Lennyz1988 said:
Are you on Android 4.3+? If so, don't waste your time. That method doesn't work anymore when you have deleted your files.
Click to expand...
Click to collapse
4.1.2
Dorpwnz said:
4.1.2
Click to expand...
Click to collapse
Ok then it should work. What's your question? It's not very clear in your first post.
Lennyz1988 said:
Ok then it should work. What's your question? It's not very clear in your first post.
Click to expand...
Click to collapse
Im in the stage where it says "pv command not found nc command not found" and creates only a 0 bytes file on my directory right now .
using the "improved" guide [it really made some things clear] http://forum.xda-developers.com/galaxy-s4/general/guide-internal-memory-data-recovery-t3093292
+ p.s ,doest it matter if my first terminal says "adb server is out of date.,killing...
deamon succesful!
or it doesnt matter that much
because honestly ,all i get is bash: pv command not found and bash : nc command not found together in the same prompt like this :
bash: pv command not found
bash: nc: command not found and i need to put adb forward tcp:5555 tcp:5555
cd /samsung
nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p10.raw and click enter to get them . and all i get in the end is a 0 byte file
p.s , i have nc.exe in bin and also pv ... so what could be the problem
i copy past t adb forward tcp:5555 tcp:5555
cd /samsung from notepad in order to do this. if i write it down manually by hand all i get is "permission denied" message without even an 0 byte file. nothing at all...
Dorpwnz said:
Im in the stage where it says "pv command not found nc command not found" and creates only a 0 bytes file on my directory right now .
using the "improved" guide [it really made some things clear] http://forum.xda-developers.com/galaxy-s4/general/guide-internal-memory-data-recovery-t3093292
+ p.s ,doest it matter if my first terminal says "adb server is out of date.,killing...
deamon succesful!
or it doesnt matter that much
because honestly ,all i get is bash: pv command not found and bash : nc command not found together in the same prompt like this :
bash: pv command not found
bash: nc: command not found and i need to put adb forward tcp:5555 tcp:5555
cd /samsung
nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p10.raw and click enter to get them . and all i get in the end is a 0 byte file
p.s , i have nc.exe in bin and also pv ... so what could be the problem
i copy past t adb forward tcp:5555 tcp:5555
cd /samsung from notepad in order to do this. if i write it down manually by hand all i get is "permission denied" message without even an 0 byte file. nothing at all...
Click to expand...
Click to collapse
Use this thread for reference:
http://forum.xda-developers.com/gal...de-internal-memory-data-recovery-yes-t1994705
Read the last pages and search for that question in there. I can remember it's been discussed lot's of times in that thread.
ps you did follow this part?
"Cygwin installed to [c:\cygwin] with pv and util-linux from the repo (at the package selection screen search for pv then util-linux and click on Default to change it to Install)."
and you have to have the x86 version NOT the x64 version.
Lennyz1988 said:
Use this thread for reference:
http://forum.xda-developers.com/gal...de-internal-memory-data-recovery-yes-t1994705
Read the last pages and search for that question in there. I can remember it's been discussed lot's of times in that thread.
ps you did follow this part?
"Cygwin installed to [c:\cygwin] with pv and util-linux from the repo (at the package selection screen search for pv then util-linux and click on Default to change it to Install)."
and you have to have the x86 version NOT the x64 version.
Click to expand...
Click to collapse
with pv and linux from the repo . i dont know what it means but in the package selection i've searched for pv and after that util linux but i had to install both debug,base and utils because every time i searched for pv and changed to install and after that searched util-linux and changed to install i had to notice that if i search pv again i will find it in "default" mode.
p.s my cygwin is x86 even the setup file is called like that.
oh and in one phrase of the guide i have sent you (the "improved" one):
19. Right-click on the RAW space and select Format... MAKE SURE to change the File system to FAT32. Set the Allocation unit size dropdown to 'Default.' MAKE SURE that the Perform a quick format checkbox is CHECKED. You do not want to overwrite the entire new drive with all zeroes (0's) and destroy your data. Quick Format means that it will only attempt to destroy the index for the drive by establishing a new index. Without this box checked the Windows operating system will write zeroes (0's) across the entire volume, potentially destroying your data. Select the OK button.
what is the point ? in the middle of the proccess i will have to format my NTFS drive and all the date i personally have in there will be lost.
Lennyz1988 said:
Use this thread for reference:
http://forum.xda-developers.com/gal...de-internal-memory-data-recovery-yes-t1994705
Read the last pages and search for that question in there. I can remember it's been discussed lot's of times in that thread.
ps you did follow this part?
"Cygwin installed to [c:\cygwin] with pv and util-linux from the repo (at the package selection screen search for pv then util-linux and click on Default to change it to Install)."
and you have to have the x86 version NOT the x64 version.
Click to expand...
Click to collapse
Now if i write adb forward tcp:5555 tcp:5555
cd /samsung
nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p10.raw manually by hand instead of permission denied it says pv command not found ,wierd.
Did you download pv and util-linux from WITHIN cygwin? You have to select it during the installation of cygwin.
Lennyz1988 said:
Did you download pv and util-linux from WITHIN cygwin? You have to select it during the installation of cygwin.
Click to expand...
Click to collapse
in the search option i search for one of the packages , change from default to install.
when i search the second package [for example util linux,and the first one pv] i change the second package from default to install.
But,when i check if everything is alright by searching the first one again, i notice that it changed back to defualt! like i didnt change it to install a second before.
anyway,when i check in the folder, i see the files appear in there.
edit : in cygwin folder, i cant see a file called util-linux in it's bin folder,if it's okay.
okay i have fixed the misunderstanding with the cygwin search using a video.
okay, still $ nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p10.raw
bash: nc: command not found
bash: pv: command not found
in https://www.youtube.com/watch?v=Mwn20Udp5YA&feature=iv&src_vid=HomqBx0J0e8&annotation_id=annotation_583506
3:07 part of the video. sucks.
okay ,still $ nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p10.raw
bash: nc: command not found
bash: pv: command not found
in 3:07 part of the video
Sucks.
Dorpwnz said:
okay ,still $ nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p10.raw
bash: nc: command not found
bash: pv: command not found
in 3:07 part of the video
Sucks.
Click to expand...
Click to collapse
You sure you installed it to [c:\cygwin] ?
Lennyz1988 said:
You sure you installed it to [c:\cygwin] ?
Click to expand...
Click to collapse
Yup
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
i navigated to samsung (my folder where the vhdtool is) in cygwin and then did the command ($ nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p10.raw)
nc is at bin in cygwin where it should be . util-linux and pv are installed as it gave me their utils and debug to install in the cygwin search in the cygwin setup and all is fine.
im just stuck here and cant make any transfare..
Dorpwnz said:
Yup View attachment 3415018
i navigated to samsung (my folder where the vhdtool is) in cygwin and then did the command ($ nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p10.raw) View attachment 3415023
nc is at bin in cygwin where it should be . util-linux and pv are installed as it gave me their utils and debug to install in the cygwin search in the cygwin setup and all is fine.
im just stuck here and cant make any transfare..
Click to expand...
Click to collapse
You also selected NC when installing cygwin?
Lennyz1988 said:
You also selected NC when installing cygwin?
Click to expand...
Click to collapse
no , i just downloaded it manually and put in in the bin ... like the guide says
Dorpwnz said:
no , i just downloaded it manually and put in in the bin ... like the guide says
Click to expand...
Click to collapse
Try to install it directly from the cygwin setup.
UPDATE Thanks to @thjubeck for testing this, it seems that this userdebug kernel actually works on all devices running antirollback v0 and running Marshmallow! I only have the Sprint variant, so be careful!!! Enjoy root guys
A bit of a disclaimer is that this is root through adb. dm-verity is off and system is rw, so you can install apps as root, get a hotspot hack to work, and anything through a shell but I am having trouble installing SuperSU. Please try yourself though as I am probably doing something wrong! If there are any bugs you have found please post them, as this phone is my backup and not my daily driver.
So okay, here is the guide:
PLEASE MAKE SURE YOU HAVE A WAY TO GO BACK INCASE THINGS GO WRONG. DO NOT ATTEMPT TO ROOT THIS WITHOUT HAVING A KDZ/TOT FOR YOUR DEVICE THAT YOU KNOW YOU CAN FLASH BACK TO. I AM NOT RESPONSIBLE FOR THINGS GOING WRONG.
Here is the fix for LGUP
1. Download this zip
2. Install Terminal Emulator from the Play Store
(This is modified from the V20 bootloader unlock, HUGE thanks to all of those devs for sharing their dirtysanta code with me and allowing me to modify it!)
3. Copy all the files from inside the "dirtysanta-boot" and paste it into your active ADB directory
4. Plug your device into the computer and verify ADB is working. Then;
On Windows, double-click "RUNMEFIRST.bat, DO NOT CLOSE THE LOG WINDOW THAT OPENS, then double-click "Step1.bat"
On Linux/MacOS ("#" Signifies a comment below)
Code:
./RUNMEFIRST.sh
# OR
bash ./RUNMEFIRST.sh
Open a Separate Terminal next to the RUNMEFIRST terminal, then type:
Code:
./Step1.sh
# OR
bash ./Step1.sh
(When you run The sh or Bat files there may be a Permission denied error on 2 files: Flatland and Flatland64. This is normal and nothing to worry about.)
5. Wait for a shell prompt, then type (or copy):
Code:
run-as con
chmod 0777 /storage/emulated/0/*
6. Open Up Terminal Emulator on your phone
Type:
Code:
id
Check if context is "Untrusted_app". If it is then we're good to go!
7. Type into Terminal Emulator:
Code:
applypatch /system/bin/atd /storage/emulated/0/dirtysanta
8. Watch the RUNMEFIRST dialog for when it tells you to run Step2 (we don't have a step 2)
9. Reboot the phone into recovery mode and wipe data again
BOOM! Now the you have a userdebug kernel running on a userdebug system Time to turn off dm-verity, otherwise you will have a red triangle on reboot (Your device is corrupt. It cannot be trusted and may not boot) and cannot edit /system.
1. Finish setting up the phone and enable USB Debugging in developer options (you should know how to do this)
2. Plug the phone into your computer, and run these commands
Code:
adb root
adb disable-verity
3. Reboot the phone
4. Run
Code:
adb root
adb shell
mount -o rw,remount,rw /system
Bam. Enjoy your FULL UNLIMITED root shell with system set to rw and dm-verity off!!! Just make sure to type "adb root" before "adb shell"
If you ever want to go back, just flash your stock TOT/KDZ with UPPERCUT and you'll be all good!
BUY ME A PIZZA FOR THE HARD WORK: BTC 197ct1uti4zutJu76bYAW51H8NZ6zXeoEV PayPal: [email protected]
THANKS:
@tungkick for the userdebug boot and helping me with the ZV4 TOTs
@autoprime for UPPERCUT
@me2151 @glitschi667 @EMSpilot @elliwigy for their AMAZING work on the V20 and sharing their code!
I'm using a H850, but still - thanks for your work!
Thanks for the amazing work while almost every one lose the hope .
Allow me to ask about the other versions H860 in my case .
Any chance to modified your files to make it work ?
If you need a testing phone to try figure it out Pm me .
Again thanks for this great job
I'm a Canadian H831 owner. Just wanted to post to say great work so far and if you get SuperSU or another SU app installed, enjoy the $850 bounty.
I think I also found an unlimited hotspot hack, so there's that too!
You're doing God's work, sir. :good:
I wish I had that variant... you'be renewed my hope though.
I have a Canadian H831 [Telus], how much of an undertaking is it to rejigger your method for it?
Delete
Honestly Annoying said:
I think I also found an unlimited hotspot hack, so there's that too!
Click to expand...
Click to collapse
Care to share this info?
Sent from my LGE LG-H830 using XDA Labs
Honestly Annoying said:
Hello everyone, finally the moment you've all been waiting for! I know that a certain user who will not be named has been spreading false information about our root progress, so I am taking it upon myself to release what I personally have gotten to work
A bit of a disclaimer is that this is root through adb. dm-verity is off and system is rw, so you can install apps as root, get a hotspot hack to work, and anything through a shell but I am having trouble installing SuperSU. Please try yourself though as I am probably doing something wrong!
So okay, here is the guide:
ONLY FOR SPRINT USERS ON ZV4. YOU WILL HAVE TO WIPE YOUR DEVICE AND THIS IS YOUR WARNING HERE. DEVICE MAY BE UNSTABLE AS IT IS A USERDEBUG BUILD. THIS IS YOUR WARNING
1. Download these files here and unzip them to desktop https://drive.google.com/open?id=0B2OlLU7vg4YzLWdQYW8tWkxTbFU
2. Set up LGUP from Autoprime's guide here http://forum.xda-developers.com/lg-g5/development/uppercut-lgup-loader-g5-variants-t3511295
3. Make sure you have working ADB set up on your computer
3. Put device in download mode and plug in to computer
4. Flash LS992ZV4_04.userdebug.tot as UPGRADE
5. Boot phone into recovery mode and wipe data
6. After phone is finished setting up, install Terminal Emulator from the Play Store
(This is copied from the V20 bootloader unlock, HUGE thanks to all of those devs for sharing their dirtysanta code with me and allowing me to modify it!)
7. Copy all the files from inside the "dirtysanta-boot" and paste it into your active ADB directory
8. Plug your device into the computer and verify ADB is working. Then;
On Windows, double-click "RUNMEFIRST.bat, DO NOT CLOSE THE LOG WINDOW THAT OPENS, then double-click "Step1.bat"
On Linux/MacOS ("#" Signifies a comment below)
Code:
./RUNMEFIRST.sh
# OR
bash ./RUNMEFIRST.sh
Open a Separate Terminal next to the RUNMEFIRST terminal, then type:
Code:
./Step1.sh
# OR
bash ./Step1.sh
(When you run The sh or Bat files there may be a Permission denied error on 2 files: Flatland and Flatland64. This is normal and nothing to worry about.)
9. Wait for a shell prompt, then type (or copy):
Code:
run-as con
chmod 0777 /storage/emulated/0/*
10. Open Up Terminal Emulator on your phone
Type:
Code:
id
Check if context is "Untrusted_app". If it is then we're good to go!
11. Type into Terminal Emulator:
Code:
applypatch /system/bin/atd /storage/emulated/0/dirtysanta
12. Watch the RUNMEFIRST dialog for when it tells you to run Step2 (we don't have a step 2)
13. Reboot the phone into recovery mode and wipe data again
BOOM! Now the you have a userdebug kernel running on a userdebug system Time to turn off dm-verity
1. Finish setting up the phone and enable USB Debugging in developer options (you should know how to do this)
2. Plug the phone into your computer, and run these commands
Code:
adb root
adb disable-verity
3. Reboot the phone
4. Run
Code:
adb root
adb shell
mount -o rw,remount,rw /system
Bam. Enjoy your FULL UNLIMITED root shell with system set to rw and dm-verity off!!! Just make sure to type "adb root" before "adb shell"
If you ever want to go back, just flash the LS992ZV4_04.tot with UPPERCUT and you'll be all good!
BUY ME A PIZZA FOR THE HARD WORK: BTC 197ct1uti4zutJu76bYAW51H8NZ6zXeoEV (sorry, no PayPal :/)
THANKS:
@tungkick for the userdebug boot and helping me with the ZV4 TOTs
@autoprime for UPPERCUT
@me2151 @glitschi667 @EMSpilot @elliwigy for their AMAZING work on the V20 and sharing their code!
@schiziodd for showing how to hex edit TOT
Click to expand...
Click to collapse
Hello, I am working on the root for the Verizon V10 and I came across this today. I was wondering how you made the userdebug.tot because I know this will work on it, Dirty Santa works up to the same point as you, so i'm wondering if I could do this and maybe even get supersu to work. Thank you
@Honestly Annoying could it be possible for you to "spoof" the firmware info and change the variant (LS992ZV4) to other locked g5 (such as the h831 h860..) so we can try to flash it via uppercut and see how much it's broken ?
Update: Now works on all devices running antirollback v0!!!!
Honestly Annoying said:
Update: Now works on all devices running antirollback v0!!!!
Click to expand...
Click to collapse
Will this work on Canadian variant? How do we know what version of antirollback we have?
mapleleafs89 said:
Will this work on Canadian variant? What is antirollback v0?
Click to expand...
Click to collapse
I am not sure how to check the antirollback version on on actual phone, you would need @autoprime for that.
Antirollback is basically exactly what it sounds like: It is part of each update that disallows users to rollback to previous versions of their software. This is built off of the first version of antirollback (v0) for the G5, so it will only work on phones with that version. You can test it out yourself, as it won't do any permanent damage, but just make sure you have a working TOT/KDZ to go back on.
*#546368#*850# (hiden menu)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
BrunoSlivar said:
*#546368#*850# (hiden menu)
Click to expand...
Click to collapse
I enter this in the dialer and call, it says USSD code running but then throws an error "Connection problem or invalid MMI code."
BrunoSlivar said:
*#546368#*850# (hiden menu)
Click to expand...
Click to collapse
Thanks for that!
mapleleafs89 said:
I enter this in the dialer and call, it says USSD code running but then throws an error "Connection problem or invalid MMI code."
Click to expand...
Click to collapse
Change the "850" to your model number. Such as "830" for T-Mobile or "992" for Sprint
Aha! 831 Canadian variant running Marshmallow. Almost upgraded to nougat but then saw this thread thankfully, I guess I will hold off if this means it increases my chances of getting root
For those interested, I can confirm that every h831 firmware up to nougat has a rollback count of 0, and from @autoprime :
H850 and H860 are fuse 00 and Sprint ZV3/4 are fuse 00.
Click to expand...
Click to collapse
Anything higher than ZV4 is 01 or higher.
Click to expand...
Click to collapse
I don't know what I missed, but now I get Your device is corrupt. It cannot be trusted and will not boot . I'mma try to flash back my system and try it again.
H860 with Nougat and anti-rollback version 0
P.S : I can't enter recovery or download mode ... how much I'm I screwed ? It just keeps rebooting
Here is a quick guide on disabling Amazon's lock screen and replacing it with a friendlier one, much closer to AOSP stock. You'll even be able to set a custom wallpaper. This should work on all Amazon tablets.
Requirements:
- Must be rooted, have access to ADB or install a terminal emulator on your tablet.
- M-Locker. Download the APK at the end of this post.
Instructions:
1. Thank @Thibor69 for this step: Plug your tablet into your PC and open an ADB window or open a terminal on device. Make sure you have SuperUser rights. Copy and paste the code below. This will disable your lock screen (sets option to none in security settings). When done, reboot:
Code:
adb shell
su
sqlite3 /data/system/locksettings.db "UPDATE locksettings SET value = '1' WHERE name = 'lockscreen.disabled'"
2. Download, install, and make a system application (/system/priv-app), M-Locker (attached at the end of this post). Make sure to give it access to notifications and enable accessibility service. I found the application here. Thank @-XperiaMan- for posting this application.
You can add a wallpaper or a small message (pretty much the same as a custom carrier label).
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Will try it on my Fire 7 2017!
DragonFire1024 said:
2. Download, install, and make a system application (/system/priv-app), M-Locker (attached at the end of this post). Make sure to give it access to notifications and enable accessibility service. I found the application here. Thank @-XperiaMan- for posting this application.
Click to expand...
Click to collapse
What is your preferred method for performing this step?
MisterMalakai said:
What is your preferred method for performing this step?
Click to expand...
Click to collapse
Just download the app, place it in system/priv-app (make a folder with the same name as the apk and place it in there) and set permissions to 644 and reboot.
Sent from my Amazon KFSUWI using XDA Labs
might want to add
requirements:
must have sqlite3 installed (can be installed through magisk?)
*edit, whelp tried the command twice as su (karnak #), looked like it took, but still see lock screen after both attempts and reboots.
HD 8 2018, 6.3.01, rooted,magisk,twrp,xposed, nova launcher using hijacklauncher, installed sqlite3 through magisk
LukasB1 said:
might want to add
requirements:
must have sqlite3 installed (can be installed through magisk?)
*edit, whelp tried the command twice as su (karnak #), looked like it took, but still see lock screen after both attempts and reboots.
HD 8 2018, 6.3.01, rooted,magisk,twrp,xposed, nova launcher using hijacklauncher, installed sqlite3 through magisk
Click to expand...
Click to collapse
Magisk may revert the setting to default (default being the img that magisk mirrored when installed). You may have to go into magisk settings, toggle on core mode only, make the changes in the magisk image, reboot and toggle off coremode only.
Sent from my Amazon KFSUWI using XDA Labs
Interesting, I installed sqlite3 with magisk, but get 'No such file or directory' when trying to run the binary. The really weird part is:
Code:
karnak:/ # sqlite3 /data/system/locksettings.db "UPDATE locksettings SET value = '1' WHERE name = 'lockscreen.disabled'"
/system/bin/sh: /system/xbin/sqlite3: No such file or directory
1|karnak:/ # which sqlite3
/system/xbin/sqlite3
karnak:/ # ls -la /system/xbin/sqlite3
-rwxr-xr-x 1 root root 1198888 2019-06-10 16:53 /system/xbin/sqlite3
It's clearly there... So... wtf, I've been a Linux user for over 10 years... I can't recall seeing anything like this.
Ziffnil said:
Interesting, I installed sqlite3 with magisk, but get 'No such file or directory' when trying to run the binary. The really weird part is:
Code:
karnak:/ # sqlite3 /data/system/locksettings.db "UPDATE locksettings SET value = '1' WHERE name = 'lockscreen.disabled'"
/system/bin/sh: /system/xbin/sqlite3: No such file or directory
1|karnak:/ # which sqlite3
/system/xbin/sqlite3
karnak:/ # ls -la /system/xbin/sqlite3
-rwxr-xr-x 1 root root 1198888 2019-06-10 16:53 /system/xbin/sqlite3
It's clearly there... So... wtf, I've been a Linux user for over 10 years... I can't recall seeing anything like this.
Click to expand...
Click to collapse
Permissions?
Ziffnil said:
Interesting, I installed sqlite3 with magisk, but get 'No such file or directory' when trying to run the binary. The really weird part is:
Code:
karnak:/ # sqlite3 /data/system/locksettings.db "UPDATE locksettings SET value = '1' WHERE name = 'lockscreen.disabled'"
/system/bin/sh: /system/xbin/sqlite3: No such file or directory
1|karnak:/ # which sqlite3
/system/xbin/sqlite3
karnak:/ # ls -la /system/xbin/sqlite3
-rwxr-xr-x 1 root root 1198888 2019-06-10 16:53 /system/xbin/sqlite3
It's clearly there... So... wtf, I've been a Linux user for over 10 years... I can't recall seeing anything like this.
Click to expand...
Click to collapse
i get the "no such file" error like you unless you add "su" to the beginning of the line
su sqlite3 /data/system/locksettings.db "UPDATE locksettings SET value = '1' WHERE name = 'lockscreen.disabled'"
after hitting enter, there is no error. it goes to a new line with karnak #
but when you look at the file modification times, it has not changed at all.
i've also copy/pasted the file into sdcard, modified it, cut/copy/paste it back, and got stuck in boot loop.
if you delete the locksettings files, on the next system reboot, the files are created again.
so far i have not found a working solution for HD8 2018. even searching for how to do this you can find a ton of answers spread across sites and that line works, but those are for other devices /phones/etc. HD8 2018, not sure what to do.
*edit, forgot to mention that i did try dragon's reply above about putting magisk into core mode, but still the same outcome. no error after the command line, looks like it took, but file was not modified and nothing changes at all. and as mentioned above, i tried and tried different ways, permissions, moving the file elsewhere to modify it and put it back which caused bootloop, etc.
LukasB1 said:
Interesting, I installed sqlite3 with magisk, but get 'No such file or directory' when trying to run the binary. The really weird part is:
i get the "no such file" error like you unless you add "su" to the beginning of the line
su sqlite3 /data/system/locksettings.db "UPDATE locksettings SET value = '1' WHERE name = 'lockscreen.disabled'"
after hitting enter, there is no error. it goes to a new line with karnak #
but when you look at the file modification times, it has not changed at all.
i've also copy/pasted the file into sdcard, modified it, cut/copy/paste it back, and got stuck in boot loop.
if you delete the locksettings files, on the next system reboot, the files are created again.
so far i have not found a working solution for HD8 2018. even searching for how to do this you can find a ton of answers spread across sites and that line works, but those are for other devices /phones/etc. HD8 2018, not sure what to do.
*edit, forgot to mention that i did try dragon's reply above about putting magisk into core mode, but still the same outcome. no error after the command line, looks like it took, but file was not modified and nothing changes at all. and as mentioned above, i tried and tried different ways, permissions, moving the file elsewhere to modify it and put it back which caused bootloop, etc.
Click to expand...
Click to collapse
I don't use magisk. Its too much trouble when you need or want to change anything in /system. So unfortunately I'm unable to assist you in this regard beyond the only piece of advise I gave. Apologies.
Sent from my Droid Razr M using XDA Labs
Can install the M Locker as an user app without root