Related
What does Hero CVT Ship S-ON mean?
And what about
<SEND> Simlock at Hboot Mode?
Nobody knows?
Ganii said:
What does Hero CVT Ship S-ON mean?
And what about
<SEND> Simlock at Hboot Mode?
Click to expand...
Click to collapse
It means that SPL has security turned on so you cannot use it to flash or boot the phone with custom kernel/recovery and other images.
Thanks!
And how can we change?
What are advantages disadvantages?
But to flash custom rom,I boot into recovery-RA-hero-v1.6.2 img.
what the difference?
Eddie1506 said:
It means that SPL has security turned on so you cannot use it to flash or boot the phone with custom kernel/recovery and other images.
Click to expand...
Click to collapse
That isn't correct. You can still boot flash custom recovery images with an S-ON bootloader - we were flashing and booting new recovery images long before an S-OFF SPL was made available!
I believe that the main difference is than an S-OFF SPL allows you to boot/flash unsigned images. You also need an S-OFF SPL to replace an operator boot logo (e.g. the T-Mobile G2 screen when I switch on my G2).
Regards,
Dave
foxmeister said:
That isn't correct. You can still boot flash custom recovery images with an S-ON bootloader - we were flashing and booting new recovery images long before an S-OFF SPL was made available!
Click to expand...
Click to collapse
Ofcourse, you can flash official images signed with HTC official private key.
How could you flash custom recovery and boot images if those custom images weren't signed by HTC, but instead test/self signed?
Eddie1506 said:
Ofcourse, you can flash official images signed with HTC official private key.
How could you flash custom recovery and boot images if those custom images weren't signed by HTC, but instead test/self signed?
Click to expand...
Click to collapse
if that was true you'd need the s-off spl to install ANY custom rom, since they are all signed with testkeys. if you don't believe it start a poll who has custom rom without unlocked spl, i'll betcha it's more than 80% here...
the s-on spl checks for a valid signature, but not for the key itself. the s-off spl doesn't even check the signature.
Eddie1506 said:
Ofcourse, you can flash official images signed with HTC official private key.
How could you flash custom recovery and boot images if those custom images weren't signed by HTC, but instead test/self signed?
Click to expand...
Click to collapse
An S-ON bootloader just required that the images are signed - the actual key itself is irrelevant.
An S-OFF bootloader will flash images that are unsigned.
Note that the S-OFF bootloader only appeared in the wild on the 24th November when Paul @ MoDaCo released one that he'd had for a while (see here), and many of us were flashing custom rom/recovery images long before then.
As Kendon has already posted, I doubt that most people here have ever bothered to flash the S-OFF bootloader, unless they particularly felt the need to replace the operator boot logo.
Regards,
Dave
Ok, then what's the purpose of GoldCard method if we can flash custom images that are properly signed with S-ON bootloader?
P.S. I'm also new to Android platform, so I also am trying to understand. Dont be harsh
what about the simlock part?
foxmeister said:
An S-ON bootloader just required that the images are signed - the actual key itself is irrelevant.
An S-OFF bootloader will flash images that are unsigned.
Note that the S-OFF bootloader only appeared in the wild on the 24th November when Paul @ MoDaCo released one that he'd had for a while (see here), and many of us were flashing custom rom/recovery images long before then.
As Kendon has already posted, I doubt that most people here have ever bothered to flash the S-OFF bootloader, unless they particularly felt the need to replace the operator boot logo.
Regards,
Dave
Click to expand...
Click to collapse
Thanks,now understand a little bit!
And Yes,what about the simlock part and is there a method
how I can check the sim-lock at my HTC Hero?
Eddie1506 said:
Ok, then what's the purpose of GoldCard method if we can flash custom images that are properly signed with S-ON bootloader?
P.S. I'm also new to Android platform, so I also am trying to understand. Dont be harsh
Click to expand...
Click to collapse
The latest version of the SPL (the so called "perfect SPL") specifically disallows remote booting via Fastboot, which effectively prevents you from replacing the recovery image and thus flashing custom images.
The Goldcard method just allows you to downgrade your firmware to an earlier version of the firmware (still with an S-ON SPL) that does not have this restriction. Once you have done this, you can replace your recovery image and flash custom ROMs.
Regards,
Dave
Ganii said:
Thanks,now understand a little bit!
And Yes,what about the simlock part and is there a method
how I can check the sim-lock at my HTC Hero?
Click to expand...
Click to collapse
I don't know what the "SIM-lock as HBoot" specifically means. I wouldn't be at all surprised if it just refers to a lock via SIM pin code.
If you want to check if your Hero is locked to a specific carrier, the easiest solution is just to stick a different carriers SIM in the device and see what happens!
Regards,
Dave
foxmeister said:
The latest version of the SPL (the so called "perfect SPL") specifically disallows remote booting via Fastboot, which effectively prevents you from replacing the recovery image and thus flashing custom images.
The Goldcard method just allows you to downgrade your firmware to an earlier version of the firmware (still with an S-ON SPL) that does not have this restriction. Once you have done this, you can replace your recovery image and flash custom ROMs.
Regards,
Dave
Click to expand...
Click to collapse
Ah, so! Thanks for explanation!
foxmeister said:
I don't know what the "SIM-lock as HBoot" specifically means. I wouldn't be at all surprised if it just refers to a lock via SIM pin code.
If you want to check if your Hero is locked to a specific carrier, the easiest solution is just to stick a different carriers SIM in the device and see what happens!
Regards,
Dave
Click to expand...
Click to collapse
Yes,that`s the easiest method,but I thought there is a method
which show`s me lock codes or similar!
For Windows Mobile devices I found a method,but not for Android!
Thanks anyway!
This guide tells you how to create a goldcard very easily giving you the ability to flash custom rom and root again. Guide found here: http://android.modaco.com/content/general-discussion/305672/creating-a-goldcard/. There is a standalone pc application which allows creating a gold card. Link for app found here: http://android.modaco.com/content/software/308798/pc-application-goldcardtool/.
Note: Does not work for Aria but made here since at the time it wasn't tested.
Thanks ECEXCURSION for the link.
Very interesting, thanks for the guide! I don't need a GoldCard, but it's interesting to read none the less.
Just found this in that thread. Someone made a stand-alone PC application to generate GoldCards: http://android.modaco.com/content/software/308798/pc-application-goldcardtool/
theonew said:
This guide tells you how to create a goldcard very easily giving you the ability to flash custom rom and root again. Guide found here: http://android.modaco.com/content/general-discussion/305672/creating-a-goldcard/. Please post your results.
Click to expand...
Click to collapse
Did you actually try this yourself?
Making a gold card won't help you root the Aria.
drumist said:
Making a gold card won't help you root the Aria.
Click to expand...
Click to collapse
Didn't think so but I tried it anyway. Created the gold card but the RUU failed when it tried to write the hboot.
drumist said:
Making a gold card won't help you root the Aria.
Click to expand...
Click to collapse
Oh.. Thought that was the purpose of a goldcard.
My mistake.
What is it that's holding one back from writing to the hboot?
m a r k said:
What is it that's holding one back from writing to the hboot?
Click to expand...
Click to collapse
HTC implemented a new hboot in the latest official 2.2.2 update for the Aria. The new hboot version is 1.0.2.0000. This hboot can not be overwritten by flashing back to the original RUU. The new hboot also fixed the exploit that was used to root the Aria previously.
To date the Aria with the new hboot is un-rootable without hardware.
m a r k said:
What is it that's holding one back from writing to the hboot?
Click to expand...
Click to collapse
HTC devices have a security flag that allows the phone's NAND memory to be written to. This is referred to as the S-ON/S-OFF flag. In order for the NAND memory which houses the HBOOT loader and ROM to be written to, the security flag needs to be OFF. The HBOOT loader can control this flag and when an official HTC signed RUU is used, the HBOOT loader will turn the flag OFF and allow the RUU contents to be written to the NAND memory.
Previous versions of the HBOOT had an exploit in it that allowed rooting and installing a custom recovery, i.e. ClockworkMod and this is how custom ROMs were installed. The current HBOOT version no longer has this exploit available via software. The only way a new HBOOT or Recovery module can be written to the Aria is if the security flag is turned OFF and as of now the only way to do that is to use the XTC Clip device.
tpbklake said:
HTC devices have a security flag that allows the phone's NAND memory to be written to. This is referred to as the S-ON/S-OFF flag. In order for the NAND memory which houses the HBOOT loader and ROM to be written to, the security flag needs to be OFF. The HBOOT loader can control this flag and when an official HTC signed RUU is used, the HBOOT loader will turn the flag OFF and allow the RUU contents to be written to the NAND memory.
Previous versions of the HBOOT had an exploit in it that allowed rooting and installing a custom recovery, i.e. ClockworkMod and this is how custom ROMs were installed. The current HBOOT version no longer has this exploit available via software. The only way a new HBOOT or Recovery module can be written to the Aria is if the security flag is turned OFF and as of now the only way to do that is to use the XTC Clip device.
Click to expand...
Click to collapse
Well done - nice summary of the situation.
I have rooted the updated Aria with my XTC clip. There is a guy that frequents the IRC channel in my thread who has a cell phone store and an XTC clip. I've coached him through a couple of updated Aria roots and he's competent to do the job. He won't charge much, and whoever wants him to do the work will have to pay a modest fee plus return shipping. All he would need is the device - no case, no batter cover, no battery, no sim, no sdcard, no cables - no box. This makes shipping in a small padded envelope via USPS cheap - even insured.
Anyone interested should stop by the IRC channel in my sig.
OP: please update post #1 so a lot of people don't spin their wheels on that process - it's futile.
tpbklake said:
HTC devices have a security flag that allows the phone's NAND memory to be written to. This is referred to as the S-ON/S-OFF flag. In order for the NAND memory which houses the HBOOT loader and ROM to be written to, the security flag needs to be OFF. The HBOOT loader can control this flag and when an official HTC signed RUU is used, the HBOOT loader will turn the flag OFF and allow the RUU contents to be written to the NAND memory.
Previous versions of the HBOOT had an exploit in it that allowed rooting and installing a custom recovery, i.e. ClockworkMod and this is how custom ROMs were installed. The current HBOOT version no longer has this exploit available via software. The only way a new HBOOT or Recovery module can be written to the Aria is if the security flag is turned OFF and as of now the only way to do that is to use the XTC Clip device.
Click to expand...
Click to collapse
After I went through the AlphaRev flashing process, I learned the truth of the previous HBOOT's exploit is that it let you gain temporary NAND unlock.
While it's unlocked and once you got temporary root permission from, for example, the famous RageAgainstTheCage, then you are allowed to put su and SuperUser.apk to your system partition to gain permanent root permission, and flash recovery image to recovery partition as well.
The above is basically how Unrevoked works, imo. As for AlphaRev, it needs your device to be rooted already. It gets temporary NAND unlock first, then flashes and runs a boot image with a NAND module that would add some extra partitions, including HBOOT of course, to the MTD table in order to flash an hacked HBOOT/SPL into your device.
The new 1.x HBOOT has that exploit patched, both Unrevoked and AlphaRev won't work anymore. This thread I found might be the last hope that doesn't involve XTC Clip:
How-To [Root] The myTouch 3GS if you updated to Offical 2.2.1 and lost root
ladios said:
After I went through the AlphaRev flashing process, I learned the truth of the previous HBOOT's exploit is that it let you gain temporary NAND unlock.
While it's unlocked and once you got temporary root permission from, for example, the famous RageAgainstTheCage, then you are allowed to put su and SuperUser.apk to your system partition to gain permanent root permission, and flash recovery image to recovery partition as well.
The above is basically how Unrevoked works, imo. As for AlphaRev, it needs your device to be rooted already. It gets temporary NAND unlock first, then flashes and runs a boot image with a NAND module that would add some extra partitions, including HBOOT of course, to the MTD table in order to flash an hacked HBOOT/SPL into your device.
The new 1.x HBOOT has that exploit patched, both Unrevoked and AlphaRev won't work anymore. This thread I found might be the last hope that doesn't involve XTC Clip:
How-To [Root] The myTouch 3GS if you updated to Offical 2.2.1 and lost root
Click to expand...
Click to collapse
The problem with this solution is it requires an HTC engineering hboot. Here is a thread posted by ATTN1 when the Aria was first released stating that a Liberty eng-hboot doesn't exist:
http://forum.xda-developers.com/showpost.php?p=6910622&postcount=12
tpbklake said:
The problem with this solution is it requires an HTC engineering hboot. Here is a thread posted by ATTN1 when the Aria was first released stating that a Liberty eng-hboot doesn't exist:
http://forum.xda-developers.com/showpost.php?p=6910622&postcount=12
Click to expand...
Click to collapse
It's worth to try. I don't think anyone has tried this on Aria before. Previously we just tried to install an old RUU with gold card hoping the hboot would be downgraded, but this is different.
Step 5-6, hboot installs LIBEIMG.zip. We can extract the rom.zip from RUU and rename it.
Step 7-9, DO NOT REBOOT and get into stock recovery. These must be the key if this happens to work.
Step 10, apply update.zip which is a clockworkmod flashable zip.
Again, it's worth to try, as they got this work on stock 2.2.1 espresso with hboot 1.x. We just need to make an MISC.img to let people try.
ladios said:
It's worth to try. I don't think anyone has tried this on Aria before. Previously we just tried to install an old RUU with gold card hoping the hboot would be downgraded, but this is different.
Step 5-6, hboot installs LIBEIMG.zip. We can extract the rom.zip from RUU and rename it.
Step 7-9, DO NOT REBOOT and get into stock recovery. These must be the key if this happens to work.
Step 10, apply update.zip which is a clockworkmod flashable zip.
Again, it's worth to try, as they got this work on stock 2.2.1 espresso with hboot 1.x. We just need to make an MISC.img to let people try.
Click to expand...
Click to collapse
Sign me up...it's worth a shot.
Sorry for the double post.
I did the following:
Created a gold card.
Obtained update.zip(clockwork).
Extracted rom.zip from the original 2.1 RUU.
Downloaded superoneclick v1.9.1.
Put update.zip and rom.zip on the gold card.
Unmounted the goldcard.
Ran superoneclick and got success on shell root.
Used adb shell and poked around.
My question:
How do we get around not having the engineering recovery package for the Aria?
Im keeping my eye on what happens here.
A$$h4t said:
Sorry for the double post.
I did the following:
Created a gold card.
Obtained update.zip(clockwork).
Extracted rom.zip from the original 2.1 RUU.
Downloaded superoneclick v1.9.1.
Put update.zip and rom.zip on the gold card.
Unmounted the goldcard.
Ran superoneclick and got success on shell root.
Used adb shell and poked around.
My question:
How do we get around not having the engineering recovery package for the Aria?
Click to expand...
Click to collapse
I did a little research about the mtd0.img that was mentioned in the referenced thread and found some posts about creating a mtd0.img (misc.img) for the HTC Desire. There is even a web site that lets you input the appropriate values from your phone and it generates one for you. Don't know if it will work on the Aria, but it may be a place to start. Just Google HTC+Desire mtd0.img and you'll find the various posts. That would be the misc.img that ladios mentioned.
tpbklake said:
I did a little research about the mtd0.img that was mentioned in the referenced thread and found some posts about creating a mtd0.img (misc.img) for the HTC Desire. There is even a web site that lets you input the appropriate values from your phone and it generates one for you. Don't know if it will work on the Aria, but it may be a place to start. Just Google HTC+Desire mtd0.img and you'll find the various posts. That would be the misc.img that ladios mentioned.
Click to expand...
Click to collapse
I'm unclear on this as I thought the CID was much longer than 8 characters yet the image creator only requires 8.
A$$h4t said:
I'm unclear on this as I thought the CID was much longer than 8 characters yet the image creator only requires 8.
Click to expand...
Click to collapse
We can use hex editor to make our own.
Open android-info.txt extracted from the rom.zip you are using
On the line begin with "cidnum: ", there's an 8-character CID number, copy that
On the line begin with "mainver: ", that's the rom version, eg. 1.35.707.5, then 707 would be the rom's region code
Use a hex editor to open mtd0.img extracted from espresso-eng.zip
At 0x0000, overwrite the CID number with the one you found in android-info.txt
At 0x00A0, overwrite the version number with 1.01.XXX.1 where XXX is the region code, eg. 1.01.707.1
Save and use it
To whom who also want to try, please use the files in this post and follow the instructions in How-To [Root] The myTouch 3GS if you updated to Offical 2.2.1 and lost root.
Liberty version of needed files:
(1) Engineering package: liberty-eng.zip is attached.
(4) Stock firmware: Download LIBEIMG_Liberty_hTC_Asia_WWE_1.35.707.5_Radio_47.41.35.10_7.09.35.13_release_138500_signed.zip and rename it to LIBEIMG.zip
(5) ClockworkMod Recovery: Download recovery-clockwork-2.5.0.7-liberty.zip and rename it to update.zip​
Basically, I want to know if i can flash a new radio when i rooted using visionary method. I dont know if a radio s-off is required or whatever, or whether or not i have it.
I think permroot and S-OFF is enough, but if you wanna have radio S-OFF, then you need to use gfree. It's not yet clear that the other radios are any better than the one you have already, but if you're up for experimenting, do as you please.
any chance you could explain what radio S-OFF means?
According to this page:
. . . The security level is a flag stored on the radio; when the flag is S-OFF, the bootloader (HBOOT) will no longer check the signatures of firmware images before flashing them. This allows custom firmware images to be uploaded, including unsigned boot, recovery, splash1, and hboot images (as well as official images that have been modified). When the system is S-OFF, the NAND flash memory protection is also reduced; this allows all partitions (including /system) to be written to while the operating system is booted. . . .
Click to expand...
Click to collapse
I think radio S-OFF also is what allows you to unlock the SIM and Carrier ID, which is what gfree does.
I was looking for an alternative method to flash a new radio on my HTC DHD, because I cannot connect my DHD anymore to the pc. It will only charge my phone. Even in the bootloader my pc doesn't recognize my phone. This is due a hardware problem that recently occured on my phone I think, but i still wanted to upgrade my radio with the newest version.
So I searched for an other method, instead of the fastboot one, but didn't found a lot of info. Only that I needed a flashable zip file with the name PD98IMG.zip. Normally you flash the whole phone with that file, but I only wanted to flash the radio.
Then I discovered that inside the PD98IMG.zip file the radio.img and the android-info.txt files are in it. So I decided to delete all the other files in the zipfile. I placed the edited PD98IMG.zip file on the root of my SD card and started my phone in the bootloader. Now the bootloader asked me to update and I did that. The update went fine and now my radio is up to date!!
I don't know if this method is save or not, and that you need S-OFF and ENG-OFF, but I have both so that wasn't a problem for me.
This method is very interesting
Thank you for having shared.
Totally safe.
Sent from my Motorola Startac running Atari 2600 software!
http://forum.xda-developers.com/showthread.php?t=1054304
Hope this helps.
Sent from my Desire HD using Tapatalk
lauw8 said:
I was looking for an alternative method to flash a new radio on my HTC DHD, because I cannot connect my DHD anymore to the pc. It will only charge my phone. Even in the bootloader my pc doesn't recognize my phone. This is due a hardware problem that recently occured on my phone I think, but i still wanted to upgrade my radio with the newest version.
So I searched for an other method, instead of the fastboot one, but didn't found a lot of info. Only that I needed a flashable zip file with the name PD98IMG.zip. Normally you flash the whole phone with that file, but I only wanted to flash the radio.
Then I discovered that inside the PD98IMG.zip file the radio.img and the android-info.txt files are in it. So I decided to delete all the other files in the zipfile. I placed the edited PD98IMG.zip file on the root of my SD card and started my phone in the bootloader. Now the bootloader asked me to update and I did that. The update went fine and now my radio is up to date!!
I don't know if this method is save or not, and that you need S-OFF and ENG-OFF, but I have both so that wasn't a problem for me.
Click to expand...
Click to collapse
You need only S-OFF (Signature OFF).
With s-off the bootloader doesn't control the signature of the zip file, so it flash it without problem.
I always flash radio with this method, and you can downgrade always without any procedure, just put PD98IMG.zip in the root of sd card and reboot in bootloader
is this method working if i have already ENG S-OFF ?
L00n said:
is this method working if i have already ENG S-OFF ?
Click to expand...
Click to collapse
Yes, it works.
Hello all.. I am tryin to install the engineering bootloader and the file I need from the wiki page is not there anymore. Does anyone know where I can obtain a true copy of it. I d/l one and its not right, the md5sum was incorrect. It should be md5sum: df4fd77f44993eb05a4732210d2eddc6. Thanks if you can help. Im just trying to be thorough as i am learning all this. I have it rooted with s=off but I want to install eng. bl ....Thanks
**It is for MyTouch 4g**
Use this. Its the eng h-boot and clockworkmod recovery.
https://rapidshare.com/#!download|...|3930|R~C053B71776B49869847E4E328CF8DEC4|0|0
I got it from one of the stickies in the dev section.
Also, I have 2 Mt4g. One of the has the bootloader unlocked via HTCdev. I keep trying to flash a Stock 2.2.1 rom to it so I can do the Perma Root method on it. I have a custom rom on it currently, but it has s=on. Now the other one was stock 2.3.4 and I just got finished rooting it, for practice. Now back to the one with the bootloader unlocked by HTC, will traditional methods still work on it? I cant seem to get the adb/fastboot method to install the 2.2.1 rom on it. what would you recommend I do to get s=off on it if Im bent on doing it?
jjbadd385 said:
Also, I have 2 Mt4g. One of the has the bootloader unlocked via HTCdev. I keep trying to flash a Stock 2.2.1 rom to it so I can do the Perma Root method on it. I have a custom rom on it currently, but it has s=on. Now the other one was stock 2.3.4 and I just got finished rooting it, for practice. Now back to the one with the bootloader unlocked by HTC, will traditional methods still work on it? I cant seem to get the adb/fastboot method to install the 2.2.1 rom on it. what would you recommend I do to get s=off on it if Im bent on doing it?
Click to expand...
Click to collapse
I know NOTHING about the unlocked bootloader, so forgive me. Will flashing the froyo PD15IMG.zip from bootloader not replace your bootloader with the stock S-On bootloader that the rooting w S-Off guides are written for? Or has HTC figured out some way to bone you on that?
PD15IMG method of downgrading should take you to the older OS.
It won't necessarily take you to the older bootloader.
Not sure that being on the older bootloader is required for gfree to work. The older OS is indeed required.
Ok I'll tell you what I did this morning. I read a bunch last night. I am trying desperately to grasp & understand things. Its just there are so many different ways to acheive what I want to accomplish. Im doing this in small goals. My goal at this point is to get this MT4G, that is bootloader unlocked by HTC, to flash the Stock 2.2.1 Rom.But for some reason, it wont. Ive tried using my PC ADB/fastboot method, with no success. This morning I tried Recovery Clockwork, which I did wipe/factory reset, wipe cache, wipe davli cache, and then I choose the write zip from sd card, PD15IMG, and it wont do that either. I know I could be more helpful if I gave the exact errors but I forgot what they are, and at this point I am beginning to think that because its HTCdev unlocked, its not going to let me flash the 2.2.1. It does everything fine, until I attempt to flash the 2.2.1. The md5sum is ok too. If it were you, and you were running a custom ROM (ProjectMIUI 2.2.17 [R6]- UPDATED 2/21/12), and your device was HTC unlocked, but you wanted to get s=off, with engineer boot, how would you begin, and what method would YOU use? Give me some of your excellent advice for my birthday, which is today.
pdimg.zip files are flashed through the bootloader, not recovery. To do this, put zip on root of SD card power off phone hold volume down and power until bootloader appears and follow onscreen prompts.
HTC-Dev-unlocked bootloader 100% allows downgrading, because someone already did it before you. If you fail achieving it - means you're doing something wrong again and again, not realizing it. If I were you, I would think - why is it that your attempts to flash PD15IMG fail - and correct what you're doing wrong. But obviously, this excellent advice was given to you some time before your birthday, and still didn't help.
So, here's another advice:
Go download a PRE-ROOTED 2.2.1-based ROM.
Assuming you find one: flash it in recovery and flash boot.img from it separately.
Reboot to ROM.
Run gfree.
Flash Eng HBOOT.
If you don't find any 2.2.1-based ROM available, then you're out of luck. Sit down and find out what you're doing wrong that doesn't let you downgrade with PD15IMG.
Or just keep your phone as it is, and flash kernels manually, until you understand more.
Ok,I understand what you are saying. But when I put it on the root of my SD card as I have done multiple times, I pwr up in hboot, I wait on the blue progress bar, then a gold progress bar, then I get an error, I think it was "older version" if I remember correctly. There's not much I can do wrong to mess up a simple hboot flash of PD15IMG,you boot your phone up and wait ...
Sent from my HTC Glacier using Tapatalk
To avoid this error, you need to flash the MISC partition to "fool" the phone into thinking it's older than it is.
Read the downgrading guide, and since you're rooted - execute the "misc_version" part only:
> adb push misc_version /data/local/tmp/misc_version
> adb shell chmod 777 /data/local/tmp/*
> adb shell
Click to expand...
Click to collapse
If you see "$", it means you're not running in root shell. Then execute "su" and verify that you get "#" to continue.
# cd /data/local/tmp
# ./misc_version -s 1.00.000.0
Click to expand...
Click to collapse
You should see:
--set_version set. VERSION will be changed to: 1.00.000.0
Patching and backing up partition 17...
Click to expand...
Click to collapse
Then attempt downgrading again.
Jack_R1 said:
To avoid this error, you need to flash the MISC partition to "fool" the phone into thinking it's older than it is.
Read the downgrading guide, and since you're rooted - execute the "misc_version" part only:
If you see "$", it means you're not running in root shell. Then execute "su" and verify that you get "#" to continue.
You should see:
Then attempt downgrading again.
Click to expand...
Click to collapse
Everything went well until I got to the flashing part again. I did it 2 times, one time with fastboot and i got this:
C:\adb>fastboot-windows oem rebootRUU
... OKAY
From my PC:
C:\adb>fastboot-windows flash zip StockRom.zip
sending 'zip' (319593 KB)... OKAY
writing 'zip'... INFOadopting the signature contained in this image...
INFOzip header checking...
INFOzip info parsing...
FAILED (remote: 99 unknown fail)
From my phone:
The next time, I did it in hboot from the handset and it returned an error that said "wrong zip file"
**I think I am going to be content flashing roms and the boot.img seperately until I find someone with this problem that figures it out. Besides I have another mt4g that I perm rooted s=off, so I truly feel like I have followed instructions well, since my 2nd phone worked out. Its just this one with the HTC unlocked b/l giving me problems.
Thank You for your help...
You insist on NOT following the guide, so I won't help you anymore.
FOLLOW THE DAMN GUIDE UNTIL YOU UNDERSTAND WHAT YOU'RE DOING!
Because obviously, you're doing lots of basically wrong stuff, like trying to flash a PD15IMG.ZIP by fastboot, or using fastboot oem commands.
I understand u getting frustrated, but I have followed the guide. It don't work that way either. It tells me " wrong zip file" in hboot when I do, & I know its the right one because I checked the md5sum. If its lettin me flash any Rom in CWM recovery, why can't I flash a 2.2.1 Rom in recovery? But just to let u know, I have followed the guide to the t, more than once. Sorry if u r getting frustrated but I have tried everything u told me, & thanks for helping.
Sent from my HTC Glacier using Tapatalk
Ok it says
***UNLOCKED*** (by HTCdev)
GLACIER PVT SHIP S-ON
HBOOT-0.89.0007
MICROP-0429
RADIO-26. 13.04.19_M
eMMC-boot
Dec 13 2011 21:07:39
HBOOT
FASTBOOT
RECOVERY
FACTORY RESET
SIMLOCK
IMG CRC
I do have Visionary and a stock unrooted 2.2.1 (PD15IMG). I also have Recovery CWM 5.0.2.0 and 4ext, just to let u know what resources I have. I think I have d/l everything under the sun..lol
Sent from my HTC Glacier using Tapatalk
Anglgodes19 said:
Good, now that makes it easy as I deleted my modified stock rom last year which I made specially for rooting, so lets move on...
1) Gain TempROOT via VISIONary+
2) On terminal.
adb shell [enter]
su [enter]
dd if=/dev/block/mmcblk0p17 of=/sdcard/msicold.img [enter]
3) Access /sdcard/msicold.img and open it in hex editor.
4) Find MSIC value XXX.XXX.XXX.XXX (ex: 2.09.1800.1) and change it to OTA "1.17.531.2" and save the file as msicnew.img on SDCard.
5) Now back on adb terminal:
dd if=/sdcard/miscnew.img of=/dev/block/mmcblk0p17 [enter]
sync [enter]
6) Now reboot in to bootloader and flash PD15IMG.zip as you would normally do.
Report back if you have issues or problems or can't find it in that case I suggest you upload your msicold.img and ill edit for you so you can replace it.
Click to expand...
Click to collapse
Ok I did that and opened the msicold.img in hex editor, and honestly I dont have a clue as to what i was doing, but i think i located the value and because i followed the downgrade guide, i beleive its 1.00.000.0, but i dont know how to change it. Any way i can email it to u and have u change it? my email is [email protected] if you will send me a blank email, I'll reply back with the attatched file...Thank you..
jjbadd385 said:
Ok I did that and opened the msicold.img in hex editor, and honestly I dont have a clue as to what i was doing, but i think i located the value and because i followed the downgrade guide, i beleive its 1.00.000.0, but i dont know how to change it. Any way i can email it to u and have u change it? my email is ****** if you will send me a blank email, I'll reply back with the attatched file...Thank you..
Click to expand...
Click to collapse
You may want to edit this post. Ask anyone interested in helping to PM you. Posting your email address on an open forum isn't a good idea.
estallings15 said:
You may want to edit this post. Ask anyone interested in helping to PM you. Posting your email address on an open forum isn't a good idea.
Click to expand...
Click to collapse
Wonder what happened to Anglgodes19 and all his posts? He disappeared like a theif in the night!!
1.00.000 is the correct value.
If bootloader doesn't accept PD15IMG.ZIP - it either means you're doing something wrong even though you're 100% sure you're not, or that HTC-Dev-unlocked HBOOT doesn't accept the image for downgrading, which I highly doubt.
In any case, as I wrote you, you can download and flash any 2.2.1 pre-rooted ROM, if you find one with working link, and continue the guide from there.
I don't think I can help you with anything beyond this point.
Jack_R1 said:
1.00.000 is the correct value.
If bootloader doesn't accept PD15IMG.ZIP - it either means you're doing something wrong even though you're 100% sure you're not, or that HTC-Dev-unlocked HBOOT doesn't accept the image for downgrading, which I highly doubt.
In any case, as I wrote you, you can download and flash any 2.2.1 pre-rooted ROM, if you find one with working link, and continue the guide from there.
I don't think I can help you with anything beyond this point.
Click to expand...
Click to collapse
Ok then, one last question. If I cannot get my phone to flash via hboot, Is it possible to flash the 2.2.1 rom through CWM like I am flashing other roms? Or if I flash a rooted 2.2.1 rom could I the proceed in getting s-off/ eng hboot? Or does it have to be done through hboot only with a stock rom? Or possibly a modified 2.2.1 rom that has been made to flash in recovery?
'