Related
Hello,
Right now I have the stock FRF85B build on my nexus one. I want su and superuser, nothing else. I have already unlocked the bootloader. What do I do from here.?I do not want to install custom ROMs at this point.
Go to erasethis.net/wordpress I wrote an entry today similar to what you want includes links
disgustip8ted said:
Go to erasethis.net/wordpress I wrote an entry today similar to what you want includes links
Click to expand...
Click to collapse
That's great - but didn't you start with a custom recovery?
Can you drop a custom recovery on a stock recovery for FRF85B without the right Superboot?
I ask, because I am also stuck with this stock build and recovery. And when I read the instructions for installing Amon_RA, one of the prerequisites is Superboot. The problem is that there is no Superboot for this build yet.
HALP! I feel like I'm stuck in a chicken-and-egg scenario.
Ah I forgot that part. Wrote that up while at work. Inthe last section there is a link to the page where lox posts an update.zip for root access. I opened the zip and extracted the boot.img and flashed that I think,then I flashed the recovery for amon-ra.
After that is when I put the update.zip from lox on and flashed his update.zip for root access with the such utility.
The method posted in the dev section works perfectly. Root without unlocking. Then you can install a custom recovery/rom if you want.
__________________________________
N1 w/ XDA App
I second this post. I am in the EXACT same situation as the original poster and I'm frankly embarrassed that I can't figure out what to do next.
If we're making huge requests, can you write it up for mac users? There is a surprising lack of documentation for us. I hope this doesn't open me up to a flamewar - if it counts for anything I've been lustily eying windows 7..
edit: I'm an idiot and had not googled the right question. If you run a mac, and have the bootloader unlocked already please see this link:
http://theonda.org/articles/2010/03...-performance-boost-and-some-serious-geek-cred
use your brains to suss out the relevant directions, make sure you have a more updated version of ROM Manager or RA or whatever custom recovery you want and basically just ignore the stuff about custom radios etc. You're basically just using the terminal (or whatever windows / linux does) to flash the custom firmware back on.
Again if you have the bootloader already unlocked (icon appears on startup), just find generic directions for your OS on how to install custom recovery. On the mac, it's simply few terminal commands using the fastboot program linked off the page linked above.
Sorry I can't be of more help - i have to be up early and it's pushing midnight.
Stop, listen. Follow my directions, if you fail to follow directions I will no longer help you. Don't PM me and ask. If you screw up ask in the thread.
Rooted Users (Non - Root Users scroll down below):
MR1 RUU
http://www.multiupload.com/KU7GSF2EY0
PG05IMG_MR1_no_hboot.zip - c64b4367086fff4f51ec3d5d766a0456
Bootloader (FLASH THIS LAST) FLASHING THIS WITHOUT SUCESSFULLY FLASHING THE ABOVE FILE WILL CAUSE A SECURITY WARNING
http://www.multiupload.com/26WG1UZCXR
abda920f3e159fb05c00d8c54a5b8768 - PG05IMG_hboot_1.4.0000.zip
Flash the above PG05IMG_MR1_no_hboot.zip to restore everything to stock + OTA BUT still will have the s-off bootloader.
Rename PG05IMG_MR1_no_hboot.zip as PG05IMG.zip, and flash through hboot (like in the root guide).
To restore the bootloader, rename PG05IMG_hboot_1.4.0000.zip as PG05IMG.zip and flash through the bootloader. DO NOT FLASH THIS unless you are absolutely sure PG05IMG_MR1_no_hboot.zip flashed to your device, without issue.
Now you are done, enjoy. If you screwed up, and got a security warning contact me, don't stress. Then again, don't screw up.
Non root users wanting to return to 1.12.605.6 (Stock, pre OTA) can continue below:
NOT FOR ROOT USERS
Taken from AndroidPolice: [Tutorial] How To "Un-Root" The HTC ThunderBolt And Return It To Stock. Please check the site out.
One of the most popular questions about rooting the ThunderBolt is how to undo the process and return to stock, which renews your eligibility for customer support. Well, here you go:
Instructions:
Please read the whole tutorial first, and pay attention to every detail. Note that your battery needs to be charged to at least 40% at the beginning of the process, and remember to check the MD5 sums of all downloaded files before diving in. As always, neither Android Police nor Team AndIRC are responsible for any damage this may cause to your phone, and, needless to say, returning to stock means you will no longer be able to use root apps like ShootMe and Titanium Backup.
First, download the following files:
Stock firmware (MD5 sum: 7141f5620f6128af77d50587e341f4b0)
exploits.zip (MD5 sum: 3b359efd76aac456ba7fb0d6972de3af)
Next, push exploits.zip and misc.img.
Code:
adb push misc.img /data/local/
adb push busybox /data/local/
adb shell chmod 777 /data/local/busybox
To gain root and flash misc.img:
Code:
adb shell
su
/data/local/busybox md5sum /data/local/misc.img
If the output is anything other than "c88dd947eb3b36eec90503a3525ae0de," stop and start over again.
Now let’s write misc.img:
Code:
dd if=/data/local/misc.img of=/dev/block/mmcblk0p17
Rename "PG05IMG_Mecha_VERIZON_WWE_1.12.605.6_Radio_1.16.00.0223r_NV_8k_1.41_9k_1.64_
release_174685_signed.zip" to "PG05IMG.zip" before placing it on your SD card.
Finally, reboot into bootloader mode by entering the following command. Allow the stock firmware to flash.
Code:
adb reboot bootloader
You’re done – your phone should now be stock, S-ON.
Bookmarking this, just in case. Thanks, Jcase!
Looks like I'll be going back to Froyo for now. I believe the Sense in GB leak is older than the stock on the device.. plus.. camera doesn't work, weather in clock widget doesn't work.. quadrant score is pretty low.. As for now.. I don't see any solid reason to upgrade to GB.. (though I wish I did).. sigh!
http://forum.xda-developers.com/showthread.php?t=1082114
Follow that to return to stock from gingerbread
I am getting No Image or Wrong Image Error In Final Step. I downloaded Stock Firmware Twice but same issue!
Can anyone help me out? I am not able to return to stock. I have BAMF remix 1.6.3 installed and trying to get back to stock as i have to send this device back to Verizon for replacement. I tried everything..file name is correct....md5 sum is correct however in final step when i tried to load the stock FW the boot-loader says wrong image!!
i downloaded stock FW from every possible source but no different!
Please Help!
If I wanted to unroot and use pre ota software? Would I have to perform both procedures or is there a way to go straight to the pre ota with s-on?
spjoneser said:
If I wanted to unroot and use pre ota software? Would I have to perform both procedures or is there a way to go straight to the pre ota with s-on?
Click to expand...
Click to collapse
Take the pre ota RUU, and make a custom ruu out of it without the hboot, and then proceed with the instructions in the first half.
jcase said:
Take the pre ota RUU, and make a custom ruu out of it without the hboot, and then proceed with the instructions in the first half.
Click to expand...
Click to collapse
First of all Jcase, thanks for the time, I know it's valuable to the community.
So just so I'm clear.... All I need to do is remove "hboot_7630_1.04.0000_110223.nb0" from the pre ota ruu or is there more to be altered than just that?
And if that's all I have to do is flash those seperate, could you tell me briefly why you could not just flash all at once? Would it not flash the rest of it if the stock hboot was installed first?
spjoneser said:
First of all Jcase, thanks for the time, I know it's valuable to the community.
So just so I'm clear.... All I need to do is remove "hboot_7630_1.04.0000_110223.nb0" from the pre ota ruu or is there more to be altered than just that?
And if that's all I have to do is flash those seperate, could you tell me briefly why you could not just flash all at once? Would it not flash the rest of it if the stock hboot was installed first?
Click to expand...
Click to collapse
Yes, because some radios seem to cause the files to flash in different orders, doing it like this keeps me from having to make multiple versions.
Sent from my LG Revolution
Question I have used the oneclick program to get ride of the NV recovery but I think im still rooted because I still see my superuser program on my stock 2.2. Can I just download Rom Manager and use clockwork Recovery to flash the Zips? I have to stock recover now which just formats the phone pretty much.
Androidfreakz said:
Question I have used the oneclick program to get ride of the NV recovery but I think im still rooted because I still see my superuser program on my stock 2.2. Can I just download Rom Manager and use clockwork Recovery to flash the Zips? I have to stock recover now which just formats the phone pretty much.
Click to expand...
Click to collapse
You need to consult the author of the program, because I don't know what it did, I can't support their application.
Sent from my LG Revolution
This flashes EVERYTHING back to stock? I have my boss tripping that his phone is bad after rooting it. I want to know if this reverts the baseband back to stock too?
AnalyzeFaith said:
This flashes EVERYTHING back to stock? I have my boss tripping that his phone is bad after rooting it. I want to know if this reverts the baseband back to stock too?
Click to expand...
Click to collapse
Reverts everything back to stock + OTA
Can I still use these steps to revert to stock after flashing the leaked Gingerbread Radio?
i am rooted and so i followed directions for first file and lost root.. so for the second file(its been forever since rooting) do i run adb commands( like step 6 for rooting) for install or can i use fastboot and bootloader? Does the second file bring root back?
Droid_ALM2ND said:
Can I still use these steps to revert to stock after flashing the leaked Gingerbread Radio?
Click to expand...
Click to collapse
yes
1234567890
droidrev71 said:
i am rooted and so i followed directions for first file and lost root.. so for the second file(its been forever since rooting) do i run adb commands( like step 6 for rooting) for install or can i use fastboot and bootloader? Does the second file bring root back?
Click to expand...
Click to collapse
Of course you lost root, this is for restoring to stock. It removes root.
jcase said:
Of course you lost root, this is for restoring to stock. It removes root.
Click to expand...
Click to collapse
well the good news is it works..the bad news is i didn't realize it was back to factory stock (like out of the box) which is very useful.. my bad.. so how do i install the bootloader file?
droidrev71 said:
well the good news is it works..the bad news is i didn't realize it was back to factory stock (like out of the box) which is very useful.. my bad.. so how do i install the bootloader file?
Click to expand...
Click to collapse
if you are S-off, you can just flash the MR1 upgrade from the root guide, otherwise you have to do a complete re-root.
This guide tells you how to create a goldcard very easily giving you the ability to flash custom rom and root again. Guide found here: http://android.modaco.com/content/general-discussion/305672/creating-a-goldcard/. There is a standalone pc application which allows creating a gold card. Link for app found here: http://android.modaco.com/content/software/308798/pc-application-goldcardtool/.
Note: Does not work for Aria but made here since at the time it wasn't tested.
Thanks ECEXCURSION for the link.
Very interesting, thanks for the guide! I don't need a GoldCard, but it's interesting to read none the less.
Just found this in that thread. Someone made a stand-alone PC application to generate GoldCards: http://android.modaco.com/content/software/308798/pc-application-goldcardtool/
theonew said:
This guide tells you how to create a goldcard very easily giving you the ability to flash custom rom and root again. Guide found here: http://android.modaco.com/content/general-discussion/305672/creating-a-goldcard/. Please post your results.
Click to expand...
Click to collapse
Did you actually try this yourself?
Making a gold card won't help you root the Aria.
drumist said:
Making a gold card won't help you root the Aria.
Click to expand...
Click to collapse
Didn't think so but I tried it anyway. Created the gold card but the RUU failed when it tried to write the hboot.
drumist said:
Making a gold card won't help you root the Aria.
Click to expand...
Click to collapse
Oh.. Thought that was the purpose of a goldcard.
My mistake.
What is it that's holding one back from writing to the hboot?
m a r k said:
What is it that's holding one back from writing to the hboot?
Click to expand...
Click to collapse
HTC implemented a new hboot in the latest official 2.2.2 update for the Aria. The new hboot version is 1.0.2.0000. This hboot can not be overwritten by flashing back to the original RUU. The new hboot also fixed the exploit that was used to root the Aria previously.
To date the Aria with the new hboot is un-rootable without hardware.
m a r k said:
What is it that's holding one back from writing to the hboot?
Click to expand...
Click to collapse
HTC devices have a security flag that allows the phone's NAND memory to be written to. This is referred to as the S-ON/S-OFF flag. In order for the NAND memory which houses the HBOOT loader and ROM to be written to, the security flag needs to be OFF. The HBOOT loader can control this flag and when an official HTC signed RUU is used, the HBOOT loader will turn the flag OFF and allow the RUU contents to be written to the NAND memory.
Previous versions of the HBOOT had an exploit in it that allowed rooting and installing a custom recovery, i.e. ClockworkMod and this is how custom ROMs were installed. The current HBOOT version no longer has this exploit available via software. The only way a new HBOOT or Recovery module can be written to the Aria is if the security flag is turned OFF and as of now the only way to do that is to use the XTC Clip device.
tpbklake said:
HTC devices have a security flag that allows the phone's NAND memory to be written to. This is referred to as the S-ON/S-OFF flag. In order for the NAND memory which houses the HBOOT loader and ROM to be written to, the security flag needs to be OFF. The HBOOT loader can control this flag and when an official HTC signed RUU is used, the HBOOT loader will turn the flag OFF and allow the RUU contents to be written to the NAND memory.
Previous versions of the HBOOT had an exploit in it that allowed rooting and installing a custom recovery, i.e. ClockworkMod and this is how custom ROMs were installed. The current HBOOT version no longer has this exploit available via software. The only way a new HBOOT or Recovery module can be written to the Aria is if the security flag is turned OFF and as of now the only way to do that is to use the XTC Clip device.
Click to expand...
Click to collapse
Well done - nice summary of the situation.
I have rooted the updated Aria with my XTC clip. There is a guy that frequents the IRC channel in my thread who has a cell phone store and an XTC clip. I've coached him through a couple of updated Aria roots and he's competent to do the job. He won't charge much, and whoever wants him to do the work will have to pay a modest fee plus return shipping. All he would need is the device - no case, no batter cover, no battery, no sim, no sdcard, no cables - no box. This makes shipping in a small padded envelope via USPS cheap - even insured.
Anyone interested should stop by the IRC channel in my sig.
OP: please update post #1 so a lot of people don't spin their wheels on that process - it's futile.
tpbklake said:
HTC devices have a security flag that allows the phone's NAND memory to be written to. This is referred to as the S-ON/S-OFF flag. In order for the NAND memory which houses the HBOOT loader and ROM to be written to, the security flag needs to be OFF. The HBOOT loader can control this flag and when an official HTC signed RUU is used, the HBOOT loader will turn the flag OFF and allow the RUU contents to be written to the NAND memory.
Previous versions of the HBOOT had an exploit in it that allowed rooting and installing a custom recovery, i.e. ClockworkMod and this is how custom ROMs were installed. The current HBOOT version no longer has this exploit available via software. The only way a new HBOOT or Recovery module can be written to the Aria is if the security flag is turned OFF and as of now the only way to do that is to use the XTC Clip device.
Click to expand...
Click to collapse
After I went through the AlphaRev flashing process, I learned the truth of the previous HBOOT's exploit is that it let you gain temporary NAND unlock.
While it's unlocked and once you got temporary root permission from, for example, the famous RageAgainstTheCage, then you are allowed to put su and SuperUser.apk to your system partition to gain permanent root permission, and flash recovery image to recovery partition as well.
The above is basically how Unrevoked works, imo. As for AlphaRev, it needs your device to be rooted already. It gets temporary NAND unlock first, then flashes and runs a boot image with a NAND module that would add some extra partitions, including HBOOT of course, to the MTD table in order to flash an hacked HBOOT/SPL into your device.
The new 1.x HBOOT has that exploit patched, both Unrevoked and AlphaRev won't work anymore. This thread I found might be the last hope that doesn't involve XTC Clip:
How-To [Root] The myTouch 3GS if you updated to Offical 2.2.1 and lost root
ladios said:
After I went through the AlphaRev flashing process, I learned the truth of the previous HBOOT's exploit is that it let you gain temporary NAND unlock.
While it's unlocked and once you got temporary root permission from, for example, the famous RageAgainstTheCage, then you are allowed to put su and SuperUser.apk to your system partition to gain permanent root permission, and flash recovery image to recovery partition as well.
The above is basically how Unrevoked works, imo. As for AlphaRev, it needs your device to be rooted already. It gets temporary NAND unlock first, then flashes and runs a boot image with a NAND module that would add some extra partitions, including HBOOT of course, to the MTD table in order to flash an hacked HBOOT/SPL into your device.
The new 1.x HBOOT has that exploit patched, both Unrevoked and AlphaRev won't work anymore. This thread I found might be the last hope that doesn't involve XTC Clip:
How-To [Root] The myTouch 3GS if you updated to Offical 2.2.1 and lost root
Click to expand...
Click to collapse
The problem with this solution is it requires an HTC engineering hboot. Here is a thread posted by ATTN1 when the Aria was first released stating that a Liberty eng-hboot doesn't exist:
http://forum.xda-developers.com/showpost.php?p=6910622&postcount=12
tpbklake said:
The problem with this solution is it requires an HTC engineering hboot. Here is a thread posted by ATTN1 when the Aria was first released stating that a Liberty eng-hboot doesn't exist:
http://forum.xda-developers.com/showpost.php?p=6910622&postcount=12
Click to expand...
Click to collapse
It's worth to try. I don't think anyone has tried this on Aria before. Previously we just tried to install an old RUU with gold card hoping the hboot would be downgraded, but this is different.
Step 5-6, hboot installs LIBEIMG.zip. We can extract the rom.zip from RUU and rename it.
Step 7-9, DO NOT REBOOT and get into stock recovery. These must be the key if this happens to work.
Step 10, apply update.zip which is a clockworkmod flashable zip.
Again, it's worth to try, as they got this work on stock 2.2.1 espresso with hboot 1.x. We just need to make an MISC.img to let people try.
ladios said:
It's worth to try. I don't think anyone has tried this on Aria before. Previously we just tried to install an old RUU with gold card hoping the hboot would be downgraded, but this is different.
Step 5-6, hboot installs LIBEIMG.zip. We can extract the rom.zip from RUU and rename it.
Step 7-9, DO NOT REBOOT and get into stock recovery. These must be the key if this happens to work.
Step 10, apply update.zip which is a clockworkmod flashable zip.
Again, it's worth to try, as they got this work on stock 2.2.1 espresso with hboot 1.x. We just need to make an MISC.img to let people try.
Click to expand...
Click to collapse
Sign me up...it's worth a shot.
Sorry for the double post.
I did the following:
Created a gold card.
Obtained update.zip(clockwork).
Extracted rom.zip from the original 2.1 RUU.
Downloaded superoneclick v1.9.1.
Put update.zip and rom.zip on the gold card.
Unmounted the goldcard.
Ran superoneclick and got success on shell root.
Used adb shell and poked around.
My question:
How do we get around not having the engineering recovery package for the Aria?
Im keeping my eye on what happens here.
A$$h4t said:
Sorry for the double post.
I did the following:
Created a gold card.
Obtained update.zip(clockwork).
Extracted rom.zip from the original 2.1 RUU.
Downloaded superoneclick v1.9.1.
Put update.zip and rom.zip on the gold card.
Unmounted the goldcard.
Ran superoneclick and got success on shell root.
Used adb shell and poked around.
My question:
How do we get around not having the engineering recovery package for the Aria?
Click to expand...
Click to collapse
I did a little research about the mtd0.img that was mentioned in the referenced thread and found some posts about creating a mtd0.img (misc.img) for the HTC Desire. There is even a web site that lets you input the appropriate values from your phone and it generates one for you. Don't know if it will work on the Aria, but it may be a place to start. Just Google HTC+Desire mtd0.img and you'll find the various posts. That would be the misc.img that ladios mentioned.
tpbklake said:
I did a little research about the mtd0.img that was mentioned in the referenced thread and found some posts about creating a mtd0.img (misc.img) for the HTC Desire. There is even a web site that lets you input the appropriate values from your phone and it generates one for you. Don't know if it will work on the Aria, but it may be a place to start. Just Google HTC+Desire mtd0.img and you'll find the various posts. That would be the misc.img that ladios mentioned.
Click to expand...
Click to collapse
I'm unclear on this as I thought the CID was much longer than 8 characters yet the image creator only requires 8.
A$$h4t said:
I'm unclear on this as I thought the CID was much longer than 8 characters yet the image creator only requires 8.
Click to expand...
Click to collapse
We can use hex editor to make our own.
Open android-info.txt extracted from the rom.zip you are using
On the line begin with "cidnum: ", there's an 8-character CID number, copy that
On the line begin with "mainver: ", that's the rom version, eg. 1.35.707.5, then 707 would be the rom's region code
Use a hex editor to open mtd0.img extracted from espresso-eng.zip
At 0x0000, overwrite the CID number with the one you found in android-info.txt
At 0x00A0, overwrite the version number with 1.01.XXX.1 where XXX is the region code, eg. 1.01.707.1
Save and use it
To whom who also want to try, please use the files in this post and follow the instructions in How-To [Root] The myTouch 3GS if you updated to Offical 2.2.1 and lost root.
Liberty version of needed files:
(1) Engineering package: liberty-eng.zip is attached.
(4) Stock firmware: Download LIBEIMG_Liberty_hTC_Asia_WWE_1.35.707.5_Radio_47.41.35.10_7.09.35.13_release_138500_signed.zip and rename it to LIBEIMG.zip
(5) ClockworkMod Recovery: Download recovery-clockwork-2.5.0.7-liberty.zip and rename it to update.zip
Hi about 10 months ago I rooted my Wildfire with no problems using Turkeys ultimate guide from these forums.
I have got apps to sd, live wallpapers running, and all is good. However my phone is still S-on and the H Boot version is 0.80.0002.
When I was playing around with the settings in SetCPU it informed me that the binary was out of date and to update it, but when i tried it would not update as the phone is still S-on.
My question is can I S-off using Revolutionary as it is already rooted? Obviously I will back up using clockworkmod, but if I s-off the phone are there any obvious advantages apart from being able to update the binary in SetCPU?
Thanks
Are you talking about an outdated Superuser Binary? If so, you can download the latest binary here:
http://tinyurl.com/63tsg9c
And simply flash it in Clockworkmod Recovery. This will give you the updated binary and SetCPU should work fine again.
If you have to get S-OFF, then, you will have to apply the official Froyo RUU and update your HBoot to 1.01.0001 because Revolutionary doesn't support any other HBoots, including 0.80.x. Advantages include a writeable /system partition (Which enables you copy paste stuff in the /system folder on a running handset, one case in point is precisely what you described. This will allow updating of the binary), and the other advantage is enabling of Fastboot commands, which allows you to flash stuff like radio's, recoveries, nandroid backups etc directly to the phone without using Clockworkmod Recovery.
Tl;dr - You will have to completely format your device, install official Froyo, and only then can you obtain S-OFF
And simply flash it in Clockworkmod Recovery.
When you say simply flash it in Clockworkmod recovery, what do you mean? And when you say apply the official Froyo RUU and update the HBoot how can I do that as I am running Wildpuzzle ROM at the moment and it says there are no updates available, so can you explain in simple terms what steps to take?
Thanks
Flash in Clockworkmod Recovery - Same way as you installed your WildPuzzle ROM ZIP file. Turn off phone, start using Vol Down + Power, then navigate to RECOVERY, Press Power Button. Here, select "Install Zip from SDCard", then browse to "Select Zip from SDCard", and select the Zip file I linked above.
This entire process is called "flashing".
If you are still interested in getting S-OFF:
- Download the EXE WWE Froyo 2.22.405.1 RUU from here:
http://shipped-roms.com/index.php?category=android&model=Buzz
- Connect your Wildfire to your PC, run it. It will automatically proceed and perform the required steps.
- If you get s Customer ID 131, you will need to create a Goldcard using your SDCard. This an be done using GoldcardTool. The required steps and download can be found here:
http://android.modaco.com/topic/308798-pc-application-goldcardtool/
IMO, I would not recommend you to go for S-OFF since it doesn't seem you are too much inclined to stuff like these (It is not a necessity. Besides, once /system is writeable, it is a two edged sword. Messing something up there will likely cause your phone to not boot). Further, it breaks certain functions on Sense ROMs which needs an additional fix found here:
http://forum.xda-developers.com/showthread.php?t=1156713
hey man, you could also try the test version of unrevoked 3.2 and run that to s off your phone. it works on your h-boot ( i know as i have the same)
since i am new the forum wont let me post the link, its to sstop spamming :/ just search for unrevoked test 3.2 ( it has to be test 3.2 because the others wont work on the hboot to my knowlege. :/)
just download the program and run it and it should do it with no hassle.
good luck
heavy_metal_man said:
hey man, you could also try the test version of unrevoked 3.2 and run that to s off your phone. it works on your h-boot ( i know as i have the same)
Click to expand...
Click to collapse
That's totally incorrect. Rooting with Unrevoked =/= S-OFF. Besides, on the very first line the OP says he has rooted his phone using Unrevoked.
ah, sorry about that i was looking at unrevoked forever :/ just ignore me ........
This METHOD was developed ONLY for an UNLOCKED Motorola Droid Razr Maxx HD XT926m phone that is already updated to the last version of KitKat 4.4.2 (System version "183.46.15.XT926.Verizon.en.US").
IF YOU HAVE AN LOCKED BOOTLOADER AND TRY THIS METHOD IT WILL BE ONLY YOUR RESPONSABILITY IF YOU DAMAGE YOUR PHONE !!!
My Motorola XT926m had an UNLOCKED BOOTLOADER (ICS 4.0.4) and I flashed via RSD Lite the last stock firmware, "183.46.15"... After that, I was, of course, unhappy, because I read on different forums that this firmware version didn't support root... I tried to download the Hydrogen Peroxide xt926 application that others users recommended here on XDA forum, without success.
But now, after I applied this method, my phone is again rooted... Enjoy the steps, but be carefull, it was developed for XT926 phones with UNLOCKED BOOTLOADER!
1. Download the files "VZW_XT926_4.4.2-KDA20.62-10.1_CFC_1FF.xml" and "VZW_XT926_4.4.2-KDA20.62-15.1_CFC_1FF.xml" from the Motorola firmware site: "motofirmware.com/files/file/"...
2. Unpack the files...
3. Substitute/replace the "gpt", "tz" files (FROM the folder with "15.1" version TO the folder with "10.1" version)... You should replace all the files that "RSD Lite" will tell you that don't fit when you try to flash the new stock firmware. You will obtain a MODIFIED version of "183.46.10" stock KitKAt 4.4.2 firmware!!!
4. Flash this MODIFIED "10.1" firmware with "RSD Lite v6.1.5 Multi-Flash" (without using Rsd Script Generator.jar), but don't forget to remove the first two 'getvar' lines in the xml file.
5. Download and install the "Towel Root.apk" and root the phone...
6. Now your phone should be ROOTED.
What to do NEXT:
7.Download from the Play Store and install "Superuser.apk" made by ClockWordMode and after reboot the application will ask you to update SU binary. In my case, the SU binary didn't support an online update and I installed the "Superuser.zip" file downloaded from the ClockWorkMode site, via recovery method, in order to gain this update (you can do this as well, if you already have a TWRP or CWM recovery installed on your phone). With the other version of superuser, like "SuperSU.apk" or "Superuser.apk" ("eu.chainfire.supersu-2.apk", the last version, 5.6mb, for example) you will need to follow the same steps...
8. Using "Total Commander.apk", you can go to "File System root"/"Etc"/"installrecovery.sh", and finally rename this last file... Or you can use "ES3 File Explorer.apk" in order to rename the same "installrecovery.sh" file in "Device"/"Etc" folder (choose, for example, the name "installrecovery.shbak")...
9. Flash with "Flashify.apk" (downloaded form PLay Store) a new "recovery img.": "TWRP.img" (2.8.3.0) or "CWM.img" (6.0.4.8) for KitKat... You can find them on "rootjunkysdl.com/?device=Droid%20Razr%20HD&folder=Firmware"...
10. If you flashed "TWPR recovery.img" you will need to install "Stericson.busybox-1.apk" (from Play Store...), because TWRP works with this busy box... (You could install "TWRP.apk" as well, but you must be careful, because you will need to be able to boot into Recovery mode directly from your phone (with the combination key), not from this app... Many times, the phone is able to boot into recovery mode from TWRP application, but not from the bootloader... That's why it is better to uninstall TWRP application if you have this problem). If you flashed a "CWM.img" you can install "RomManager.apk".
11.Now it is the time to backup your system to SD card!
That's it. My phone was unlocked, and I didn't have any issue following all this steps... If you're locked don't try it.
But.. If you're locked you could instead use an application named 'Safestrap' for some purposes (read more here on XDA forum please), because is destinated for the phones with locked bootloader...
Hi ,
Since this is a guide it does not belong to XDA Assist
Please Read The Purpose of XDA Assist
Please Standby when Moderators Move the Thread To Your Device Specific Forum
RAZR HD General
jackeagle said:
Hi ,
Since this is a guide it does not belong to XDA Assist
Please Read The Purpose of XDA Assist
Please Standby when Moderators Move the Thread To Your Device Specific Forum
RAZR HD General
Click to expand...
Click to collapse
THANKS!
I know you took a lot of time to write this up, but there is a downgrade method posted on here already. Also, there is no need to rename recovery.sh. All you need to do after flashing recovery is power off the phone and immediately boot straight back into recovery so the install script completes.
To answer your question, no, you can't unlock .15.
RikRong said:
I know you took a lot of time to write this up, but there is a downgrade method posted on here already. Also, there is no need to rename recovery.sh. All you need to do after flashing recovery is power off the phone and immediately boot straight back into recovery so the install script completes.
To answer your question, no, you can't unlock .15.
Click to expand...
Click to collapse
Thank you, I wasn't able to find another downgrade method, could you give me the link, please?
http://forum.xda-developers.com/showthread.php?t=2789743
But... to flash CWM or TWRP for update the binaries, you need to be bootloader unlocked... to flash a custom recovery...
joel_sinbad said:
But... to flash CWM or TWRP for update the binaries, you need to be bootloader unlocked... to flash a custom recovery...
Click to expand...
Click to collapse
Correct. That's why this method is flawed and probably should be pulled before someone bricks their phone.
RikRong said:
Correct. That's why this method is flawed and probably should be pulled before someone bricks their phone.
Click to expand...
Click to collapse
Yeah, unfortunately this post makes no sense, I mean, if you accidently flash the gpt.bin, you're screwed... and so many risks, plus, you can't flash custom recovery, and you can maybe downgrade the system and boot, but you still can't downgrade the bootloader...
joel_sinbad said:
Yeah, unfortunately this post makes no sense, I mean, if you accidently flash the gpt.bin, you're screwed... and so many risks, plus, you can't flash custom recovery, and you can maybe downgrade the system and boot, but you still can't downgrade the bootloader...
Click to expand...
Click to collapse
This method is for an XT926 with UNLOCKED BOOTLOADER, with the last 183.46.15 update and the root access lost. I only described the steps that I already done with my phone. My Maxx HD is working and has root access again... I flashed custom recovery too (TWRP 2.8.3.0), I haven't any other problem.
RikRong said:
http://forum.xda-developers.com/showthread.php?t=2789743
Click to expand...
Click to collapse
Thank you, unfortunately is not working for the xt 926 phone that already took the last 183.46.15 update:
"..........************WARNING*************
this guide only works completely if you did NOT take the 183.46.15 update rolling out around 9/9/14 .............".
Until now I don't have any other option, I'm forced to preserve the method that I mentioned in my thread.
ciprianv. said:
Thank you, unfortunately is not working for the xt 926 phone that already took the last 183.46.15 update:
"..........************WARNING*************
this guide only works completely if you did NOT take the 183.46.15 update rolling out around 9/9/14 .............".
Until now I don't have any other option, I'm forced to preserve the method that I mentioned in my thread.
Click to expand...
Click to collapse
The piece you are referring to that doesn't work on .15 is the unlock and root. The downgrade should work on an unlocked phone.
That aside, your steps are very confusing and could easily cause a locked user to brick their phone. Please clarify or I will continue reporting this thread until it gets removed.
RikRong said:
The piece you are referring to that doesn't work on .15 is the unlock and root. The downgrade should work on an unlocked phone.
That aside, your steps are very confusing and could easily cause a locked user to brick their phone. Please clarify or I will continue reporting this thread until it gets removed.
Click to expand...
Click to collapse
I just edited the post. I clearly specified that this methid is ONLY FOR UNLOCKED BOOTLOADERS (XT926M).
ciprianv. said:
I just edited the post. I clearly specified that this methid is ONLY FOR UNLOCKED BOOTLOADERS (XT926M).
Click to expand...
Click to collapse
Thanks for doing that, I just want to make sure no one messes up their phone.