Related
Anyone who can provide a system dump of the device?
I'm think /system and /vendor ...
Maybe someone knows a link to a full system update available?
nandroid backups are good too
Hi All,
Seems like there is a lack of information on how to create pre-rooted system images for those with unlocked bootloaders.
There is a new .146 firmware available now but we're still waiting for it to be rooted.
I had messaged Bin4ry previously and he had provided a rough guide. I do not have a X10 nor the knowledge to create a custom yaffs2 tool. So I'm sharing the info here and hope one of you can help with this:
Okay here is what to do:
Grab another SE Handset and unyaffs your system.img to it's system partition in recovery mode, after that connect with adb to recovery and change the system. When you done all your changes use nandroid to backup the modded system.
I used a X10 for that.
The problem is that SE is using a special yaffs2 format. If you want to use mkyaffs/unyaffs you have to change it to special SE-format. How they use yaffs is determined in their kernel sources, i'm tooooo lazy to create a custom mkyaffs for SE phones. but now you know what to look for, maybe you create one ?
Regards
Bin4ry
Originally Posted by sbong
Hi Bin4ry,
while creating the rooted system.img files for Arc, you mentioned that you used a different method instead of "unyaffs, edit files, mkyaffs"
Can you share what is the method you used to add in the files into system.img?
Click to expand...
Click to collapse
Click to expand...
Click to collapse
thanks for your sharing. I like it
I want to have this——"unyaffs, edit files, mkyaffs"
and,thank Bin4ry
Introduction & Notes
Hello, I have created flashable zips containing the stock things for use with our Xperia SP. I used @MrSteve555's antique tutorial on how to package an ftf file into flashable zips.
I also made other might be useful zips that have each of their own purposes for those who wants it. Those zips are listed in the Addons Zip post.
As usual, I am not responsible for any damages caused on your SP. Flashing these are completely your choice and did I even forced you to do so? If you need help, just reply in the thread. :angel: As much as this might scare you, don't worry, it should work fine on your device
All zips are taken from FTFs that are not carrier-locked (thus the name Customised). Since the C5306 is a quite rare variant, the only version I can find that is not carrier-locked is the .205.
Steps
What you should do is choose the respective components that you want to flash to your phone. This will ultimately replaces the old one. Say for example, if you want to have the stock fotakernel, all you need to do is to flash the "fotakernel" zip. This will override any previous modifications that you have made on that partition such as custom recoveries.
Done.
Notes & Warnings
Warning!
The files are exclusive for its Xperia SP model. Do not attempt to take the risk in flashing other version for your Xperia SP model.
The stock kernel is not to be flashed if you are running a custom ROM! (yes, you can still safely flash FOTAKernel and RIL components without any harm)
Note!
Flashing the zips via Cyanogen Recovery is now possible. The zips are signed.
Requirements
Knows how to flash ZIPs via recovery
Knows what to flash
Acknowledged the disclaimer above
Components
These are the partitions that I have extracted:
boot
fotakernel
elabel *
modemst1 *
modemst2 *
fsg *
I didn't include the "system.img" of the stock ROM. If you intent to use Stock ROM, please consider FlashTool method instead.
* I have combined these 4 components in a single zip as they serve the same purpose: RIL (network)
Purpose of each zip files
c530x-stock-fota.zip - This will replace your current fotakernel partition with the stock one. Any custom recoveries that you have flashed using Rashr will ultimately gone.
c530x-stock-kernel.zip - This will replace your current boot partition and the kernel with the stock one. Any custom kernel that you hace flashed will be replaced.
c530x-stock-ril.zip - This will flash the stock RIL components.
Choose your Xperia SP model
This will bring you to the respective posts that contains respective files for your respective model of your Xperia SP.
C5303
C5302
C5306
Alternative install method for terminal enthusiasts
You can extract the zip and "dd" the img to the respective directories in /dev. This section is for terminal enthusiasts so I assume that you guys know where is this located and also knows what the hell is "dd". I suggest for the "dd" to use read block of 4096 for faster flashing process.
Example terminal command:
Code:
dd if='Kernel.elf' of='/dev/block/platform/msm_sdcc.1/by-name/Kernel' bs=4096
Here is the list for reference:
Kernel.elf ----> /dev/block/platform/msm_sdcc.1/by-name/Kernel
FOTAKernel.elf ----> /dev/block/platform/msm_sdcc.1/by-name/FOTAKernel
LTALabel.ext4 ----> /dev/block/platform/msm_sdcc.1/by-name/LTALabel
modemst1.img ----> /dev/block/platform/msm_sdcc.1/by-name/modemst1
modemst2.img ----> /dev/block/platform/msm_sdcc.1/by-name/modemst2
fsg.img ----> /dev/block/platform/msm_sdcc.1/by-name/fsg
Click to expand...
Click to collapse
One small request from me
If this in some ways helped you, consider thanking this main post Your thank can hugely motivates me in contributing more!
C5303
This section is for the the C5303 model only
NOTES
Please read the main post if you haven't read them!
For this model, I have used Customised Singapore 12.1.A.1.207 / R2B CDA 1272-4881
Whole Folder [Google Drive]
FOTAKernel c5303-stock-fota [Download]
Kernel c5303-stock-kernel [Download]
elabel, modemst1, modemst2, fsg combined c5303-stock-ril [Download]
C5302
This section is for the the C5302 model only
NOTES
Please read the main post if you haven't read them!
For this model, I have used Customised Singapore 12.1.A.1.207 / R2B CDA 1272-3116
Whole Folder [Google Drive]
FOTAKernel c5302-stock-fota [Download]
Kernel c5302-stock-kernel [Download]
elabel, modemst1, modemst2, fsg combined c5302-stock-ril [Download]
C5306
This section is for the the C5306 model only
Please read the main post if you haven't read them!
NOTES
Please read the main post if you haven't read them!
For this model, I have used Customised US 12.1.A.1.205 / R3B CDA 1272-4529
Whole Folder [Google Drive]
FOTAKernel c5306-stock-fota [Download]
Kernel c5306-stock-kernel [Download]
elabel, modemst1, modemst2, fsg combined c5306-stock-ril [Download]
Addons Zip
Unrelated flashable zips that might be useful
Folder for Downloads
AdAway Generated Hosts [4.1+] *
[ Download ] Replaces the standard hosts file in /system/etc/hosts with the one generated by AdAway. Could ease your life and save yourself a reboot if you flash this after flashing an update to your ROM. This zip file will get updated when there is a new hosts file update by AdAway. You can check by looking at the text file's name from within the zip file).
ViPER4Android [5.0+] *
[ Download ] This will flash ViPER4Android as a system app. It doesn't end there, it will also push an supolicy that enables you to use V4A with an Enforcing SELinux, it will install the drivers automatically for you, it will remove AudioFX, and all of these will persist on a ROM update (aka dirty flash)! Thanks to the help of @Tomoms, @Arvind7352, @shavendum, @Zenith and @akashsaini7 . Without their help this wouldn't probably happen at all
Android N Emojis [5.0+] *
[ Download ] This will flash the Android N emoji support to your current Andorid version. Note, you can only display the new unicode 9 emojis on the device (no more squares), to actually write them, you will need a keyboard that can already write the new emojis (which most still aren't). Should be compatible with Lollipop and newer, and not for KitKat and below. Tested on Marshmallow.
Remove AudioFX [5.0+] *
[ Download ] Removes AudioFX from your CM-based custom ROM to make way for your preferred sound mod. No more hassle to freeze AudioFX using TiB (or any other freezing tool)
Persisting Walkman [5.0 - 5.1] *
[ Download ] This will flash a file into addon.d folder to make sure that your Walkman and sound effects stays on the ROM when you dirty flash an update. This flashable zip however only compatible with [port][LP] Xperia Sound enhancement by @ankurjn364. Note that this port is only for Lollipop ROMs.
Xperia SP Boot Animation [4.1+] *
[ Download ] Get yourself the original Xperia SP Boot Animation!
Xperia Z5 Boot Animation [4.1+] *
[ Download ] Get yourself an Xperia Z5 Boot Animation! Thanks to @xkeita for porting the Xperia Z5 Boot Animation, especially for creating it for the 720p screen! Please leave a thank to xkeita on the original thread: Xperia Z5 bootanimation for Xperias!
Xperia X Boot Animation [4.1+] *
[ Download ] Get yourself an Xperia X Boot Animation! Thanks to @chitshiv for porting the Xperia X Boot Animation, especially for creating it for the 720p screen! Please leave a thank to chitshiv on the original thread: [MOD] Xperia X Series Bootanimation
* Note
The addons with the star means that the zips will push a backup script into the addon.d folder. This means the files flashed onto the system will survive a dirty flash, granting your modifications to the system persisting.
This will not work if you wiped your /system partition. If you did that, you will need to flash the zips again.
If you dislike this, you can simply delete the scripts that starts with "ts-" located in "/system/addon.d/".
Cool! I added a link to this thread in Tangerine's 1st post. It might be useful for those seeking for a stock FOTAKernel
Tomoms said:
Cool! I added a link to this thread in Tangerine's 1st post. It might be useful for those seeking for a stock FOTAKernel
Click to expand...
Click to collapse
Thank you so much for that! :highfive: :victory:
Update!
All models' respective files are now available
Update!
Now all zips can be flashed on CyanogenRecovery! Thank you so much for @Tomoms in helping me to sign the zips
Update!
All stock components updated with a new supposedly "output design"
Nothing is changed in the original files, it is just that I have changed the log output of the flashable zips so it looks pleasing to the eyes. Also I am now able to make use of the TWRP progress bar thanks to my brain for finally understanding the "set_progress()" Edify syntax
Two new zips added in the Addons zip section
adaway.zip
stock-rom-bootanimation.zip
[ Head on directly to the #5 post ]
Update!
New file name prefix for the Addon zips
Some zips now have the "ts-" prefix in their names
Two new zips added in the Addon zips section
Persisting Walkman
Persisting Xperia Keyboard
[ Head on directly to the #5 post ]
Backup scripts for persistence on ROM update!
AdAway Generated Hosts
Remove AudioFX
Persisting Walkman
Persisting Xperia Keyboard
These flashable zips now have a backup script included with them. This will make the modification on your system stays when you dirty flash a ROM update. Really useful if you prefer having a shorter time on flashing a new update for your current ROM
Update!
New zip added in the Addon zips section!
Xperia Z5 Boot Animation
[ Head on directly to the #5 post ]
New console output design
Well, when you flash a zip, there will be output texts on the screen. I changed the design a bit lol
No more pause
ZIPs will flash instantaneously as "sleep()" functions has been removed in all ZIP's updater-script. This is not really a new change, as I have silently removed it weeks ago. But I think it would be good to write it here
Updated hosts file for AdAway Generated Hosts
Also for those who uses this zip, I always update this zip whenever there is an update from the AdAway app.
Announcement
Currently the files are unaccessible due to CubeServer went off from the face of the Internet. I will upload to another cloud storage soon after collecting all the FTFs and extract them all.
Still can't download, can you solve please?
VladHD said:
Still can't download, can you solve please?
Click to expand...
Click to collapse
I am currently dealing with this. Expect them files available soon. I will edit this post when it is done
EDIT: Now all are updated
Update!
New Xperia Keyboard!
Also included is the Xperia X boot animation.
Updated all mirrors, now on Google Drive
I am very sorry for being very late in updating those mirrors. A few days or so before CubeServer went down, I also did something very irreversible on my HDD, thus making me lost all of the files. Since I only have a local backup of those stock components, this render me unable to mirror it instantly. And about those other remaining lost time, I think everyone can guess that lel. Anyway enjoy, for those who needs them
I'm using CM13 ROM, does these stocks give better performance?
Can anyone explain the benefits of using them? especially ' stock RIL components ' I don't know what is this.
parkavenu said:
I'm using CM13 ROM, does these stocks give better performance?
Can anyone explain the benefits of using them? especially ' stock RIL components ' I don't know what is this.
Click to expand...
Click to collapse
Hmm i should update the OP soon to explain more about using the zips while being on a custom ROM.
This thread is made to cater all my other personal flashable zips that I share, while also focusing on stock components as a main objective of the thread. These so called "stock components" are only for stock ROM with the exception of the RIL components.
Now to answer to your question
The FOTA is useful if you have a some sort of "ritual" and prefer stock FOTA partition when you want to wipe your TWRP recovery. Adrian provided a FOTA eraser that fundametally write zeros to the FOTA partition. That's the difference between this stock FOTA and Adrian's FOTA cleaner. This does not improve or make your experience on CM worse.
The stock Kernel is strictly for stock ROMs. Flashing on another ROM that doesn't depend on stock ROM will make the ROM unbootable. This makes your experience on CM worse.
The RIL components will flash the network-related things to your system. This might be useful for someone who requires baseband (elabel) without needing to use the FlashTool. This may improve your network experience, as it really did for me.
Dirtycow-based TA Dumper for Sony Xperia Devices. (v2.0)
Author:
Jens Andersen
Xda: rayman
Twitter: https://twitter.com/EnJens
GitHub: EnJens
Source can be found on https://github.com/EnJens/backupTA.
Must be built within AOSP (e.g. checkout to external/backupTA)
Changelog:
More devices supported. The dreaded "Permission denied" should be long gone
Stability improved
TA dump is now verified before pulling
An error message is correctly shown when the process fails.
Requirements:
Phone running a dirtycow capable OS (E.g. recent N builds won't work).
If you have already upgraded, downgrading (temporarily) should be possible.
It should work on all recent xperia phones, but there might be exceptions.
It works on Linux, Windows and Mac (OS X)
Instructions:
Ensure you have adb access (e.g. drivers installed, enabled etc)
Run backupTA.sh (linux) or backupTA.cmd (windows) in the root directory.
TA will be saved as TA-ModelNumber-Serial-Timestamp.img in
the backupTA.sh directory.
On failure, the TA file should be missing, but please check that the file is 2.097.152 bytes
Download:
backupTA.zip
Credits:
rayman
Bumble-Bee (Testing)
Myself5 (Testing and some scripts)
oshmoun (Testing)
Androxyde (Testing)
munjeni (checkta source)
Tested on:
Xperia Z1
Xperia ZL
Xperia Z2
Xperia Z3
Xperia Z5
Xperia Z5 Compact
Xperia E5
Xperia M5
Xperia M4 Aqua
Xperia C5
Xperia X
Xperia XA
Xperia XA Ultra
Xperia X Performance
Xperia X Compact
Xperia XZ
XDA:DevDB Information
Universal (Dirtycow-based) TA Backup, Tool/Utility for the OEM Cross Device Development
Contributors
rayman, rayman
Source Code: https://github.com/EnJens/backupTA
Version Information
Status: Stable
Created 2016-12-07
Last Updated 2020-07-27
FAQ:
Q: Why is the backup different between reboots?
A: There is other data stored in the TA partition than just the TA Units. On some devices, the bootloader bootlog is stored there along with other pieces of data.
How it works
A very quick primer on how backupTA works now the source is out:
Sony's devices are extremely locked down with SELinux, and even getting root (with dirtycow) leaves you with very little access to the system.
Other than true root (which is rather difficult to get, although not impossible), only the Sony TA daemon has access to the partition required. But the TA daemon has no access to write any files anywhere on the device where we can pull them...
The basic approach is:
* Overwrite run-as binary with a custom binary
* When executed it switches to root and sets platform_app permissions, which for some bizarre reason is allowed from run-as explicitly. (See note 1)
* Once it has these privileges, it has access to dirtycow /sbin/tad_static
* It overwrites tad_static with a special daemon that allows reading the entire TA partition over the tad socket already used by the system. (See note 2)
* The run-as replacement reads the TA dump over the tad socket and pipes it to stdout to write to a file. (See note 3)
Note 1:
Dirtycow cannot increase the size of any binaries on the system, so to make things actually work, this solution also overwrites screenrecord binary (which is significantly bigger). run-as then executes this after setting up root and does all the fancy things. On some devices the platform-app context with root does not allow reading or writing files anywhere. To get around this, it reads the replacement tad_static from stdin and writes the dump to stdout. The script that runs run-as handles the piping.
Note 2:
When tad_static is first executes during boot, it's cached by linux. For efficiency reasons and because it's on a read-only filesystem, it's executed from this cache in memory. When dirtycow replaces the binary on /sbin, it actually replaces the running binary's code in memory, forcing it to crash. Init automatically restarts it, but now it's the replaced binary running which allows us to dump what we need.
Note 3:
The tad socket is actually quite limited permission-wise too. Only a limited subset of selinux contexts are allowed to read/write to it and the same goes for users. Luckily, root user with some supplementary groups, and the platform_app selinux context does have access to it, so we abuse that fact to talk to the replaced TA daemon.
Awesome. was waiting for this.thanks
Second!
wow nice find! I'm a bit bumped out I allready unlocked my booloader but this is great news!
Awesome... Congrats!!
XP F8131 output :good:
Code:
Picking 64-bit version
Running on F8131 on 64-bit platform
Pushing files
886 KB/s (9984 bytes in 0.010s)
743 KB/s (6088 bytes in 0.008s)
1072 KB/s (14280 bytes in 0.013s)
901 KB/s (10184 bytes in 0.011s)
122 KB/s (876 bytes in 0.006s)
Running scripts to dump ta to "TAIMG" on device
Overwriting run-as
Attempting to dirtycow
Done dirtycowing
Overwriting secondary payload (screenrecord)
Attempting to dirtycow
dirtycow failed
Attempting to dirtycow
Attempting to dirtycow
Done dirtycowing
Attempting exploit
Attempting to dirtycow
dirtycow failed
Waiting for result....
Bad reply received, failing...
Attempting exploit
Attempting to dirtycow
Attempting to dirtycow
dirtycow failed
Waiting for result....
Got a total of 2097152 bytes
Exploit successful!
Dumped TA as TA_F8131_CB512AD0TJ_06122016-2207.img
Pulling image
735 KB/s (2097152 bytes in 2.784s)
Cleaning up
TA Sucessfully pulled to TA_F8131_CB512AD0TJ_06122016-2207.img
****NOTE: Please verify filesize is 2MB ****
Pressione qualquer tecla para continuar. . .
Just a quick heads up. The first attempt failed because /data/local/tmp was not empty! It has two "flat..." files inside it (Stock fw).
Fix can be to change .sh and .cmd scripts to chmod each pushed file separately (instead of *), or even clear that folder.
Code:
Picking 64-bit version
Running on F8131 on 64-bit platform
Pushing files
180 KB/s (9984 bytes in 0.054s)
742 KB/s (6088 bytes in 0.008s)
1983 KB/s (14280 bytes in 0.007s)
1421 KB/s (10184 bytes in 0.006s)
213 KB/s (876 bytes in 0.004s)
[COLOR="DarkRed"]chmod: chmod '/data/local/tmp/flatland' to 100755: Operation not permitted
chmod: chmod '/data/local/tmp/flatland64' to 100755: Operation not permitted[/COLOR]
Running scripts to dump ta to "TAIMG" on device
...
Anyways... It did work like a charm! Respect!!
rayman said:
Dirtycow-based TA Dumper for Sony Xperia Devices.
Author:
Jens Andersen
Xda: rayman
Twitter: @droidray
GitHub: EnJens
Source will follow later this week.
Requirements:
Phone running a dirtycow capable OS (E.g. recent N builds won't work).
If you have already upgraded, downgrading (temporarily) should be possible.
It should work on all recent xperia phones, but there might be exceptions.
Instructions:
Ensure you have adb access (e.g. drivers installed, enabled etc)
Run backupTA.sh (linux) or backupTA.cmd (windows) in the root directory.
TA will be saved as TA-ModelNumber-Serial-Timestamp.img in
the backupTA.sh directory.
Download (Temporary. Will be moved, so please don't link to it):
https://skumler.net/backupTA.zip
Credits:
rayman
Bumble-Bee
Myself5 (Testing and some scripts)
oshmoun
Tested on:
Xperia Z3
Xperia Z5
Xperia Z5 Compact
Xperia X
Xperia XP
Xperia XC
Xperia XZ
Click to expand...
Click to collapse
So just to confirm, this fully backs up the TA partition including DRM keys on the Xperia XZ. So it's okay for me to now unlock the bootloader and restore everything with this? If so this is just what I've been waiting for!
Just to confirm, after TA (including DRMs) is backed up, I can unlock -> root -> then relock + restoring TA so I can have both root and DRMs working flawlessly? including OTA updates?
I don't think root with locked bootloader is possible. But if you got TA backup you can restore whenever you want and relock bootloader. Maybe important if you want to sell phone or if you need guarantee. @rayman
Will it be possible to create. ftf to flash drm key just like in Z5 line?
Whats the difference?
Difference to what? Your in German "android-hilfe", right?
serajr said:
Awesome... Congrats!!
Just a quick heads up. The first attempt failed because /data/local/tmp was not empty! It has two "flat..." files inside it (Stock fw).
Fix can be to change .sh and .cmd scripts to chmod each pushed file separately (instead of *), or even clear that folder.
Anyways... It did work like a charm! Respect!!
Click to expand...
Click to collapse
Good point. I went lazy-mode and just chmod'ed it all and assumed everything there would be shell-user owned...I guess that doesn't always stand true. I'll fix it up.
Sonic Dash said:
So just to confirm, this fully backs up the TA partition including DRM keys on the Xperia XZ. So it's okay for me to now unlock the bootloader and restore everything with this? If so this is just what I've been waiting for!
Click to expand...
Click to collapse
In theory. I've verified it makes a 100% accurate copy of the TA Partition. I can't realistically guarantee anything else, but yes, it *should* work like that. That's kind of the point.
boydzethuong said:
Just to confirm, after TA (including DRMs) is backed up, I can unlock -> root -> then relock + restoring TA so I can have both root and DRMs working flawlessly? including OTA updates?
Click to expand...
Click to collapse
Probably not... The second you flash back the locked TA, signed boot images will be required again and signed boot images mean dm-verity, meaning verified /system partitions, so it wouldn't boot anymore without 100% stock firmware.
DannyWilde said:
I don't think root with locked bootloader is possible. But if you got TA backup you can restore whenever you want and relock bootloader. Maybe important if you want to sell phone or if you need guarantee. @rayman
Will it be possible to create. ftf to flash drm key just like in Z5 line?
Click to expand...
Click to collapse
I don't see why not, but YMMV. It's certainly possible to extract the DRM key from the backup created by this tool and if Flashtool/bootloader allows flashing the data to a TA unit, it'll be possible.
Aaskereija said:
Whats the difference?
Click to expand...
Click to collapse
Difference to what? As of now, there is no tool to backup the TA on Android Versions above 5.1.1 (last Version where iovyroot worked on), exept this one
rayman said:
Good point. I went lazy-mode and just chmod'ed it all and assumed everything there would be shell-user owned...I guess that doesn't always stand true. I'll fix it up.
Click to expand...
Click to collapse
But shouldn't it just go on? I had the chmod failure during the final tests yesterday too, but I'm pretty sure it was just going on at that time.
How can I restore TA? I Backed up TA.
Heesue said:
How can I restore TA? I Backed up TA.
Click to expand...
Click to collapse
Unlock bootloader, flash TWRP, boot to TWRP, adb shell and use dd command to flash TA image back. Then power off and flash stock system, fotakernel and kernel with flashtool.
thanks great work friend, tested in xperia z5 premium
shoey63 said:
Unlock bootloader, flash TWRP, boot to TWRP, adb shell and use dd command to flash TA image back. Then power off and flash stock system, fotakernel and kernel with flashtool.
Click to expand...
Click to collapse
Thanks a lot!
AWESOME!!!
Very Good Job Guys!
BIG THANKS
Xperia X Compact
Seemed to work on Xperia X Compact:
Running 34.1.A.1.198 firmware
Really nice work
Output
Code:
Running on F5321 on 64-bit platform
Pushing files
[100%] /data/local/tmp/dirtycow
[100%] /data/local/tmp/run-as
[100%] /data/local/tmp/exploitta
[100%] /sdcard/dumpta
[100%] /data/local/tmp/backupTA.sh
Running scripts to dump ta to "TA_F5321_QV705K140B_20161207-1151.img" on device
Overwriting run-as
Attempting to dirtycow
Done dirtycowing
Overwriting secondary payload (screenrecord)
Attempting to dirtycow
dirtycow failed
Attempting to dirtycow
Attempting to dirtycow
Done dirtycowing
Attempting exploit
Attempting to dirtycow
dirtycow failed
Waiting for result....
Bad reply received, failing...
Attempting exploit
Attempting to dirtycow
Attempting to dirtycow
Attempting to dirtycow
Attempting to dirtycow
Done dirtycowing
Waiting for result....
Error connecting to unix socket: No such file or directory
Attempting exploit
Attempting to dirtycow
Attempting to dirtycow
Attempting to dirtycow
Attempting to dirtycow
Done dirtycowing
Waiting for result....
Error connecting to unix socket: No such file or directory
Attempting exploit
Attempting to dirtycow
Attempting to dirtycow
Attempting to dirtycow
Attempting to dirtycow
Done dirtycowing
Waiting for result....
Got a total of 2097152 bytes
Exploit successful!
Dumped TA as TA_F5321_QV705K140B_20161207-1151.img
Pulling image
[100%] /data/local/tmp/TA_F5321_QV705K140B_20161207-1151.img
Cleaning up
TA Sucessfully pulled to TA_F5321_QV705K140B_20161207-1151.img
****NOTE: Please verify filesize is 2MB ****
Hello!!!
I have custom rom for Sony Ericsson Xperia X8
You must have ClockworkMod Recovery installed for it to work If you do not have it click HERE
WARNING: TO MAKE AN UPGRADE YOU NEED THE NEWEST FIRMWARE. Android 2.1 (Eclair) / 2.1.1.A.0.6 - 2.1.1.C.0.0
For installation:
1. EXTRACT .ZIP FILE IN /sdcard
2. CREATE A FOLDER TO BE NAMED "clockworkmod" (IF THERE IS, DO NOT TAKE THIS STEP)
3. THEN CREATE ANOTHER FOLDER IN "clockworkmod" THE FOLDER WILL BE NAMED "backup"
4. PASTE FOLDER ON "clockworkmod/backup"
5. REBOOT PHONE IN RECOVERY MODE
6. Clockworkmod Started > Backup and Restore > Restore
7. REBOOT
8. ENJOY!!!
NOTE: SUPPORTED GOOGLE PLAY
THANKS