Related
Hey All.
I have a new Aria with a stock 2.2 build, and the associated Bootloader but I want to get root access to see if I can address my Bluetooth issues
All evidence points to me needing to edit /system/etc/bluetooth/audio.conf but without getting root access I can’t even read the file let alone edit it, so this is still a guess.
Any way we have lots of dodgy little phone shops around Melbourne, and odds on at least one will have an XTC clip. So what is it I actually want them to do?
I know I need to end up with a copy of su in system/bin, Is that what I am asking for? Or am is that not what is required?
FALCON-LORD said:
Hey All.
I have a new Aria with a stock 2.2 build, and the associated Bootloader but I want to get root access to see if I can address my Bluetooth issues
All evidence points to me needing to edit /system/etc/bluetooth/audio.conf but without getting root access I can’t even read the file let alone edit it, so this is still a guess.
Any way we have lots of dodgy little phone shops around Melbourne, and odds on at least one will have an XTC clip. So what is it I actually want them to do?
I know I need to end up with a copy of su in system/bin, Is that what I am asking for? Or am is that not what is required?
Click to expand...
Click to collapse
You would like them to turn security off on the phone and put it in a S-OFF state. With S-OFF, you would be able to flash a custom recovery and gain root access.
So does this mean I can't just insert the binaries i require into the existing OS?
There appear to be some one touch solutions for some ROMs (Universal Androot) wouldn't this indicate that you can just apply the binaries?
FALCON-LORD said:
So does this mean I can't just insert the binaries i require into the existing OS?
There appear to be some one touch solutions for some ROMs (Universal Androot) wouldn't this indicate that you can just apply the binaries?
Click to expand...
Click to collapse
The problem with temporary root on the Aria is the Security Flag (S-ON). As long as that is enabled, you cannot mount the /system partition in Read/Write mode so that you can push new binaries. With the Aria you need to mount the /system partition from ClockworkMod in order to push new binaries to it.
tpbklake said:
The problem with temporary root on the Aria is the Security Flag (S-ON). As long as that is enabled, you cannot mount the /system partition in Read/Write mode so that you can push new binaries. With the Aria you need to mount the /system partition from ClockworkMod in order to push new binaries to it.
Click to expand...
Click to collapse
O.K. So from that statement am I right to assume that you set S-Off, apply your ROM (Or push your binaries) then set S-On so that you can mount it and boot.
How does Universal Androot work then? It would have to push the binaries on without setting S-Off?
FALCON-LORD said:
O.K. So from that statement am I right to assume that you set S-Off, apply your ROM (Or push your binaries) then set S-On so that you can mount it and boot.
How does Universal Androot work then? It would have to push the binaries on without setting S-Off?
Click to expand...
Click to collapse
Once you s-off your phone you would leave it s-off, no need to put it back to s-on and why would you want too?
My phone is s-off, I can flash the official 2.2.2 rom and then turn around and easily get back to a different rooted rom any time I want by flashing a custom recovery followed by the rom of choice.
FALCON-LORD said:
O.K. So from that statement am I right to assume that you set S-Off, apply your ROM (Or push your binaries) then set S-On so that you can mount it and boot.
How does Universal Androot work then? It would have to push the binaries on without setting S-Off?
Click to expand...
Click to collapse
You cannot set the security flag on the Aria with HBOOT 1.02 via any software method. That is the reason why you cannot gain permanent root using Unrevoked anymore. On HBOOT 1.02 you can only turn S-OFF by using the XTC Clip hardware. As A$$h5t pointed out, once you get S-OFF, you do not want to turn security back on.
What I was trying to say was even if Universal Androot could get you temporary root on the Aria HBOOT 1.02, it would not be able to turn security off so and mount the /system partition in Read/Write mode.
tpbklake said:
You cannot set the security flag on the Aria with HBOOT 1.02 via any software method. That is the reason why you cannot gain permanent root using Unrevoked anymore. On HBOOT 1.02 you can only turn S-OFF by using the XTC Clip hardware. As A$$h5t pointed out, once you get S-OFF, you do not want to turn security back on.
What I was trying to say was even if Universal Androot could get you temporary root on the Aria HBOOT 1.02, it would not be able to turn security off so and mount the /system partition in Read/Write mode.
Click to expand...
Click to collapse
O.K. I think I have it now.
So you used to be able to mount the system partition on the phone with S-OFF, the change they made in HBOOT 1.02.000 is what stops it. Thus Universal doesn’t work, and you can’t play on the system partition in the same way. So not only do you now need the XTC Clip, but the options open to you even with that are still more limited than they were…
Is that about right?
[EDIT]
O.K. After re-reading I see that assessment is wrong.
It is that The Clip sets S-Off, which mounts system as rw, then anding su is a separate issue…
Wouldn’t this mean that Universal could theroeticaly work on a system where s-off has been set?
[/EDIT]
FALCON-LORD said:
O.K. I think I have it now.
So you used to be able to mount the system partition on the phone with S-OFF, the change they made in HBOOT 1.02.000 is what stops it. Thus Universal doesn’t work, and you can’t play on the system partition in the same way. So not only do you now need the XTC Clip, but the options open to you even with that are still more limited than they were…
Is that about right?
Click to expand...
Click to collapse
Almost.
Prior to HBOOT 1.02, with ClockworkMod recovery installed, it was able to temporary turn security off and on to mount the /system partition. On the Aria we were never able to get permanent S-OFF via a software solution like some of the other HTC models.
With the XTC Clip, you can now get permanent S-OFF on the Aria which will give you more options, not less options than before. With S-OFF, you are able to mount both the /system and the /recovery partition in Read/Write mode, so you can not only install new ROMs, but also different custom recovery.
FALCON-LORD said:
O.K. I think I have it now.
[EDIT]
O.K. After re-reading I see that assessment is wrong.
It is that The Clip sets S-Off, which mounts system as rw, then anding su is a separate issue…
Wouldn’t this mean that Universal could theroeticaly work on a system where s-off has been set?
[/EDIT]
Click to expand...
Click to collapse
Yes and yes.
O.K. So with that in mind, I go an get the Droid Clipped, it will now be S-Off, which means /system will be set to rw.
Now I need to get su into system/bin, which I won’t have permissions for, that is the next challenge right?
So is there a way to do that without using an entirely custom ROM?
FALCON-LORD said:
O.K. So with that in mind, I go an get the Droid Clipped, it will now be S-Off, which means /system will be set to rw.
Now I need to get su into system/bin, which I won’t have permissions for, that is the next challenge right?
So is there a way to do that without using an entirely custom ROM?
Click to expand...
Click to collapse
I believe once you are s-off you can just adb push it to /system/bin.
Also, there are 2.2.2 roms out there which are basically the stock rom already rooted and ATT crap removed if you want to stay close to stock.
A$$h4t said:
I believe once you are s-off you can just adb push it to /system/bin.
Also, there are 2.2.2 roms out there which are basically the stock rom already rooted and ATT crap removed if you want to stay close to stock.
Click to expand...
Click to collapse
The copy I have doesn’t have all the AT&T Crap, it is a generic unlocked build.
That then means the next question is where do I get a adb to push in su?
[EDIT]
O.K. Further research shows that my question makes no sense…
How do I get a copy of su to push onto the phone using adb
Any quick link to a guide to set up a dev environment and adb?
[/EDIT]
[RE-EDIT]
O.K. I now have ADB Sorted and am punting around on the phones system.
Now what?
Obviously get the phone clipped to make the system volume RW.
But that still doesn't give me the rights to push a file onto the phone, so then what? (And where do i get the file to push?)
I note that originally a version of su was on the phones that only worked from adb. for my current purposes this would suffice
[/RE-EDIT]
FALCON-LORD said:
The copy I have doesn’t have all the AT&T Crap, it is a generic unlocked build.
That then means the next question is where do I get a adb to push in su?
[EDIT]
O.K. Further research shows that my question makes no sense…
How do I get a copy of su to push onto the phone using adb
Any quick link to a guide to set up a dev environment and adb?
[/EDIT]
[RE-EDIT]
O.K. I now have ADB Sorted and am punting around on the phones system.
Now what?
Obviosly get the phone clipped to make the system volume RW.
But that still doesn't give me the rights to push a file onto the phone, so then what? (And where do i get the file to push?
[/RE-EDIT]
Click to expand...
Click to collapse
With the system in an S-OFF state, you can use HBOOT to flash a custom rooted ROM or custom recovery (ClockworkMod) by copying the associated ZIP file to the root of your microSD card and name it LIBEIMG.zip. Next time you boot into HBOOT, it will find the zip file and attempt to install it.
Once you get the Aria clipped, I would pay a visit to the Aria IRC chat room for more specifics and questions. These guys will be able to assist you on the best steps to take.
http://webchat.freenode.net/?channels=#liberatedAria
Follow the directions in this post: http://forum.xda-developers.com/showpost.php?p=13650005&postcount=67
(Not the quoted part, the part that attn1 says to do.) This should install Clockwork on your phone.
Oh, and adb is in the platform-tools folder of the Android SDK and fastboot is in tools folder.
FALCON-LORD said:
O.K. So with that in mind, I go an get the Droid Clipped, it will now be S-Off, which means /system will be set to rw.
Now I need to get su into system/bin, which I won’t have permissions for, that is the next challenge right?
So is there a way to do that without using an entirely custom ROM?
Click to expand...
Click to collapse
S-OFF alone does not make system r/w. You will still have a secure boot image.
The next step will be installing custom recovery, which is a snap once you have S-OFF. From there, you can install whatever you want on system, or flash rooted stock ROMs, or just root routines.
FYI, most people are not happy with just root access; they eventually will want basic busybox services and the ability to customize on the fly.
Come into the IRC channel in my sig if you have questions.
With Radio S-OFF fastboot flash image won't work directly, but this will work to install clockworkmod simply and easily:
Prerequisites:
HTC android usb device driver (if you use windows)
adb and fastboot utilities for your platform
Code:
adb reboot bootloader
fastboot erase cache
fastboot oem rebootRUU
fastboot flash zip clockwork2501.zip
fastboot reboot
Download:
MD5: 5d01f06af3ce99f27d23cf8a2df47926 clockwork2501.zip
Thanks tpbklake, drumist & attn1, I think I am getting close to feeling ready to do this.
So as I see it have to do the following.
Prerequisite items
Install HTC Sync (USB Driver)
Install Oracle JDK (Prerequisite for SDK)( http://www.oracle.com/technetwork/java/javase/downloads/jdk-6u25-download-346242.html )
Install SDK (for ADB) (http://developer.android.com/sdk/index.html )
Get copy of clockwork.zip ( http://forum.xda-developers.com/attachment.php?attachmentid=591945&d=1305031790 )
So Once I have all of the ingredients perform the following actions
Find somewhere with an XTC clip to set S-Off
Go home and plug the phone into the PC
Copy clockwork.zip to the root of SD Card
Open a cmd prompt at adb directory (C:\Program Files\Android\android-sdk\platform-tools and enter the following commands
Code:
adb reboot bootloader
cd C:\Program Files\Android\android-sdk\tools
Code:
fastboot erase cache
fastboot oem rebootRUU
fastboot flash zip clockwork2501.zip
fastboot reboot
So from my reading it appears doing this means I can now load things onto the system partition, by copying them as a zip package onto the SD and then booting into CWM and selecting “install zip from sdcard” and this will allow me to install su.
Is that about the length of it?
So I still need a zip with su in it and then I am able to raise my privileges?
A few corrections:
1) You don't have to install the Oracle JDK for what you are doing, you can skip that step completely.
2) Don't place the clockwork.zip on the SD card. You need to have it on your computer, and it will copy the file over to your phone when you issue the fastboot command. You will want to place it in the tools folder.
3) Before you run the adb/fastboot commands, type the following at the command prompt:
Code:
path %PATH%;C:\Program Files\Android\android-sdk\platform-tools
After doing this you can run all commands from the \tools folder, including adb, until you close that command line box.
4) I believe you need the HBOOT drivers installed on your system (this is in addition to the HTC Sync drivers). Follow the installation directions here: http://unrevoked.com/rootwiki/doku.php/public/windows_hboot_driver_install
drumist said:
A few corrections:
1) You don't have to install the Oracle JDK for what you are doing, you can skip that step completely.
2) Don't place the clockwork.zip on the SD card. You need to have it on your computer, and it will copy the file over to your phone when you issue the fastboot command. You will want to place it in the tools folder.
3) Before you run the adb/fastboot commands, type the following at the command prompt:
Code:
path %PATH%;C:\Program Files\Android\android-sdk\platform-tools
After doing this you can run all commands from the \tools folder, including adb, until you close that command line box.
4) I believe you need the HBOOT drivers installed on your system (this is in addition to the HTC Sync drivers). Follow the installation directions here: http://unrevoked.com/rootwiki/doku.php/public/windows_hboot_driver_install
Click to expand...
Click to collapse
Thanks Drumist.
The SDK package wouldn’t install without the JDK installed, so that is why I have added that in, I have changed my steps for where to put clockwork, thanks for the line on path (I should have done that initially…)
Once I have done all of this then I take it I follow some instructions like these?
http://geeknizer.com/how-to-root-motorola-droid/
can I use the su package they have linked there? It looks like these instructions were written for a much earlier droid release.
I take it if that is correct it will look more like this..
Code:
cd C:\Program Files\Android\android-sdk\platform-tools
adb push su /data/local
adb shell su
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
cd /system/bin mv su osu
cat /data/local/su > su
chmod 6755 su
I'm not sure what the best method is to root an unrooted ROM. My personal recommendation is to just install one of the ROMs from this site that already have root. You can always make a Nandroid backup first in case you don't like the subtle differences between those ROMs and the one you're using now.
The USB port on my ph is broken so I need to send it back. In addition, I don't know ANYONE with a windows machine. So far I've restored stock ROM and factory settings with P10IMG.zip, but I still have S-OFF. I think I rooted with Gfree. When I look at the wiki, it looks impossible without a windows machine and working USB port. What are my options? is there a slightly older stock rom that will auto unroot my ph and allow me to upgrade to 2.2. I'm afraid if I try to flash gingerbread in order to gain S-on, they'll take one look and charge me 500 bucks.
generally speaking as long as the problem isnt root related (ie broken usb) they wont charge you.. i didnt do gfree so i cant say exactly how to s-on
Thanks, I'm still trying to get it S-on.... I hope you're right about them not caring but since I'm returning it under warranty and not under insurance... I'm nervous. Me and Murphy's Law don't get along so well.
http://forum.xda-developers.com/wiki/index.php?title=HTC_Vision#Returning_to_Stock
If you have access to a microsd to sd card adaptor, a different phone with a working usb port, or if you have root explorer (which you should have) you can do everything in that guide to return to stock.
A pc and adb is not required for this guide. Its just convient.
Sent from my HTC Vision using Tapatalk
PanCubano said:
http://forum.xda-developers.com/wiki/index.php?title=HTC_Vision#Returning_to_Stock
If you have access to a microsd to sd card adaptor, a different phone with a working usb port, or if you have root explorer (which you should have) you can do everything in that guide to return to stock.
A pc and adb is not required for this guide. Its just convient.
Sent from my HTC Vision using Tapatalk
Click to expand...
Click to collapse
I've read the portion I would need to do "Alternative: Use gfree to get radio S-ON and the original CID" a gazillion times and honestly, it's like reading greek. I have no idea how I could do that process using my good ph and a sd card. Can you elaborate... with stupid simple instructions
I'm still unable to figure this out. The wiki instructions are:
ON YOUR PC:
Unzip gfree_06.zip to a place on your computer. Open a terminal or command window, navigate to where the files are on your computer, and type:
$ adb push gfree /data/local/tmp/gfree
$ adb shell chmod 777 /data/local/tmp/gfree
gfree should now be in your phone at /data/local/tmp
IN THE ROOT SHELL (in the first terminal/command) : Now run:
# /data/local/tmp/gfree -s on -c T-MOB010
# sync
I put Gfree on the root menu of the sdcard since I can't figure out how to put it /data/local/tmp/gfree without a USB or ADB. Changed the command to
/sdcard/gfree -s on -c T-MOB010
and, I get permission denied *sighs* I don't know what to do.
I have the temp root using visionary instead of psneuter because the wiki said, I needed to Temp root prior to unrooting and the psneuter instructions were for adb. Every seemed okay but I guess not. Any idea where to go from here?
Hi all,
I appreciate this forum is cram packed with info, but for me as a newb...I can't see the woods for the trees :-(
I have a stock Orange D-HD ( A2.3.3 with sense 2.1 ) and basically just want to unlock it to use an O2 sim.
I have previously flashed WM6 cooked roms onto Kaisers / Hermes & Himyies so do understand the basic principle. And I grasp the basic point about rooting as I have flashed a Superpad device too.
http://forum.xda-developers.com/showthread.php?t=964996
So I started to follow the above tutorial thread and downloaded Visionary+ and S-OFF etc.
But even though I set USB root debugging, when I run Visionary+ to temp-root, my DHD just runs the triange message a few seconds and then just goes blank.
Is there an alternative way to root instead of visionary+ ???
Someone pls help me get past the first hurdle and root my device
Thanks
I got stuck too but...
Did u try ticking the 'root on startup or reboot' option? then restart. it may take a few goes, u'll probably notice Superuser has been installed then Temproot should happen next reboot. Permroot's the same, may take a few times to stick. To test if ur root has worked try installing Titanium Backup from market, u'll need it once ur rooted.
If you have a Stock HTC with Android 2.3.3 you need to downgrade the software version first before you can use visionary.
[GUIDE] How to downgrade 1.7x/1.8x/2.x to 1.32.405.6
ahh ok, will do.
None of this was mentioned in the guide link I mentioned in the original post. It would be worthwhile for that guide to be modded to reflect the fact a downgrade is needed.
"Open up a cmd and go to Downgrade folder"...is this done on the PC or the phone??? don't understand...
hey, have you created a goldcard mentioned in section 1 of the tutorial?
ermm,, nope
I wasn't sure I needed to as it seemed to be related to branded phones. Mine is locked to orange at present....but it doesn't have an orange splash screen or any orange logo on the phone casing. Thought if my 'build' number had '405' in the middle...that this meant I didn't need a goldcard creating...
wrong or right peeps??
ebod said:
None of this was mentioned in the guide link I mentioned in the original post.
Click to expand...
Click to collapse
Ehem......
wid0w said:
If your Desire HD is running stock firmware 1.7x, please check this guide in order to downgrade:
http://forum.xda-developers.com/showthread.php?t=905003
Click to expand...
Click to collapse
and
wid0w said:
Basic Setup
...
- Desire HD with lower than 1.7x stock ROM
...
Click to expand...
Click to collapse
I think the guide captures every detail.
for3st said:
Ehem......
and
I think the guide captures every detail.
Click to expand...
Click to collapse
All very well if you understand what a rom is. My software page is full of 2.50 , 2.6 type numbers and nothing below 1.7....hence my comment.
Also, I've made a goldcard out of a spare 1gb sd, and copied PD98img.zip to it. So for the next bit....do I now put that goldcard in my HTC and connect to the PC whilst set in USB debugging enabled mode.
Then do I put this lot below into the win-xp pc 'run' box line by line or one whole lump?:-
adb push misc_version /data/local/tmp
adb push fre3vo /data/local/tmp
adb shell chmod 777 /data/local/tmp/fre3vo
adb shell chmod 777 /data/local/tmp/misc_version
adb shell
./data/local/tmp/fre3vo -debug -start FBB00000 -end FFFFFFFF
ebod said:
All very well if you understand what a rom is. My software page is full of 2.50 , 2.6 type numbers and nothing below 1.7....hence my comment.
Also, I've made a goldcard out of a spare 1gb sd, and copied PD98img.zip to it. So for the next bit....do I now put that goldcard in my HTC and connect to the PC whilst set in USB debugging enabled mode.
Then do I put this lot below into the win-xp pc 'run' box line by line or one whole lump?:-
adb push misc_version /data/local/tmp
adb push fre3vo /data/local/tmp
adb shell chmod 777 /data/local/tmp/fre3vo
adb shell chmod 777 /data/local/tmp/misc_version
adb shell
./data/local/tmp/fre3vo -debug -start FBB00000 -end FFFFFFFF
Click to expand...
Click to collapse
one by one......
I dont use Visionary+ , it just dont work in my phone,end me up using manual method. Plus S-off and Engineering S-off.
First of all, DOWNGRADE UR PHONE TO 1.32
Gaining Radio S-OFF:
This method will get you the Radio S-OFF flag while SIM-unlocking it and setting up SuperCID, which means
1. This method will root your phone for the process if it isn’t already rooted. If you just want to permanently root your phone
2. Make sure you have ADB installed on your computer. Also, if you have previously installed VISIONary on your phone in order to root it, uninstall it first before proceeding.
3. Download Desire HD S-OFF Toolkit and unzip its contents to your computer. Put it in your adb folder
4. Enable USB Debugging on your phone from Settings > Applications > Development.
5. Connect your phone to your computer via USB.
6. Launch a Command Prompt/Terminal window on your computer, navigate to the folder where you extracted the files in Step 3 and enter the following commandsne by one , press enter after each line
adb push su /sdcard/su
adb push Superuser.apk /sdcard/Superuser.apk
adb push rage /data/local/tmp/rage
adb push busybox /data/local/tmp/busybox
adb push root /data/local/tmp/root
adb push gfree /data/local
adb shell chmod 0755 /data/local/tmp/*
adb shell chmod 777 /data/local/gfree
7. Install Terminal Emulator app on your phone from the Android Market and launch it.
8. Enter the following command in Terminal Emulator on your phone:
/data/local/tmp/rage
9. In a while, you will see the output “Forked #### childs”. Now press ‘Menu’ and tap ‘Reset Term’ to exit Terminal Emulator.
10. Launch Terminal Emulator again. You will notice that it force-closes. Don’t worry and just launch it again, and you should have a root shell indicated by the # prompt instead of $.
11. Now enter the following commands in Terminal Emulator:
/data/local/gfree -f
sync
/data/local/tmp/root
sync
If you get a ‘mkdir: /system/xbin already exists’ error during the process, ignore it and proceed.
12. Wait patiently while the process finishes. Once it is complete, reboot your phone.
You should now have Radio S-OFF, SIM-unlock and SuperCID all set on your phone. If you just want to install ClockworkMod recovery and custom ROMs etc., you are all good to go and do not need to gain Engineering S-OFF. You may simply install ClockworkMod Recovery, find a custom ROM of your choice and flash it to your phone from recovery.
Gaining Engineering S-OFF:
You should attempt to gain Engineering S-OFF if and only if you want to gain absolute access to your Desire HD including the ability to flash a radio or edit all your phone’s partitions the way you want. If you are not absolutely sure what you are about to do, we recommend that you do NOT proceed.
1. Make sure you have already gained radio S-OFF by following the above-mentioned steps.
2. Download the Engineering HBoot for HTC Desire HD and extract the contents of the zip files.put in adb folder
3. Enable USB debugging (if not already enabled) and connect your phone to the computer.
4. On your computer, launch Command Prompt/Terminal, navigate to the folder where you extracted the files in Step 2 and enter these commands:
adb push hboot-eng.img /data/local
5. Finally, launch Terminal Emulator on your phone and enter these commands, being EXTREMELY careful not to make any mistake here:
su
dd if=/data/local/hboot-eng.img of=/dev/block/mmcblk0p18
Make sure to allow when Super User access is requested. Wait till the process is finished and you’re done!
You now have the Engineering S-OFF HBoot installed and with this, you have absolute control over your HTC Desire HD. You can now flash radios of your choice to your phone and have access to modify all its partitions as well as unbrick it in certain circumstances where no other method would revive your device.
Click to expand...
Click to collapse
rohithksaj said:
one by one......
Click to expand...
Click to collapse
...but I get lost here : "•Open up a cmd and go to Downgrade folder, execute commands:"i.e. I don't understand a 'cmd' is an where I open it from..
EDIT : okay finally at 1.32 & rooted ( yey!)
wanting to check whether the S-OFF info is right but having a mare trying to get bootloader screen to stop from tripping to HBOOT and running the PD98IMG ( even though I took out the goldcard ).
Is there some specific combination to hold vol-down and power for a set number of seconds? I've tried 10+ times and can't stop it going onto the HBOOT update thingy :-(
Ok folks...back to my painful rooting excercise
I'm still in this thread
http://forum.xda-developers.com/showthread.php?t=964996
..trying to eastablish whether or not my S-OFF info is correct before proceeding further. The thread says :-
"Testing Eng S-off and Radio S-OFF
1. Power Down Your Device
2. Go to Bootloader
3. If it says Ace PVT ENG S-OFF your phone is ENG S-OFF.
4. use Volume down to get to system info and tap power button to select
5. check CID for CID-11111111 (if you have this all is done 100%)
6. Reboot
"
how can I check my "CID-11111111" info ? where is it displayed?
DOH STUPID STUPID STUPID!!!!!
Before I made my goldcard I put a copy of pd98img.zip on my SD card....and although I took out the goldcard...when I put the normal SD back in, I neglected to recall it had a copy of pd98img.zip still sat on it.
Thats why I couldn't access bootloader.
Anyways, I have the right S-OFF info so its now onwards the next step
I hope somebody can help me with this little anomaly.
Been trying to downgrade htc panache with gingerbread 2.3.3.
I was able to successfully execute the cmds listed on the guide http://forum.xda-developers.com/showthread.php?t=1178912; however, when i try to downgrade the misc_version, I get the following error:
> adb push misc_version /data/local/tmp/misc_version
> adb push flashgc /data/local/tmp/flashgc
> adb shell chmod 777 /data/local/tmp/*
> adb shell
> cd /data/local/tmp
# ./misc_version -s 1.00.000.0
./misc_version -s 1.00.000.0
./misc_version -s 1.00.000.0: PERMISSION DENIED
According to the guide I should have seen something like this (--set_version set. VERSION will be changed to: 1.00.000.0
Patching and backing up partition 17...)
I was also not sure as to when the cmd "adb push PD15IMG.zip /sdcard/PD15IMG.zip" be executed, before or after downgrading? And when doing this should I have my regular SD card or gold card inserted in the phone?
I wasn't able to find the solution to the problem. Hope you can be of help
The correct tutorial to root the Panache is here :
http://forum.xda-developers.com/showpost.php?p=16858971&postcount=98
Be sure your sdcard is not mounted and usb debugging is enable.
The misc command must be execute with your regular sdcard.
The PD15IMG. zip must be pushed on your goldcard and is only used in the next step (dowgrading to froyo)
Regards
Sent from my HTC Panache / CM7 using xda premium.
thanks...i'll give it a try
SprigganMaster said:
The correct tutorial to root the Panache is here :
http://forum.xda-developers.com/showpost.php?p=16858971&postcount=98
Be sure your sdcard is not mounted and usb debugging is enable.
The misc command must be execute with your regular sdcard.
The PD15IMG. zip must be pushed on your goldcard and is only used in the next step (dowgrading to froyo)
Regards
Sent from my HTC Panache / CM7 using xda premium.
Click to expand...
Click to collapse
I gave it a try...I followed the guide precisely. Everything goes smoothly until I reach the "Change Version" section. When i try to downgrade the misc version i keep getting PERMISSION DENIED.
The error is generated after executing this command: "# ./misc_version -s 1.00.000.0"
I have been at this days, but with no luck.
Check your bootloader version if its 86.000 then u can use gingerbreak to root
Sent from my HTC Glacier using xda premium
allendon said:
I hope somebody can help me with this little anomaly.
Been trying to downgrade htc panache with gingerbread 2.3.3.
I was able to successfully execute the cmds listed on the guide http://forum.xda-developers.com/showthread.php?t=1178912; however, when i try to downgrade the misc_version, I get the following error:
> adb push misc_version /data/local/tmp/misc_version
> adb push flashgc /data/local/tmp/flashgc
> adb shell chmod 777 /data/local/tmp/*
> adb shell
> cd /data/local/tmp
# ./misc_version -s 1.00.000.0
./misc_version -s 1.00.000.0
./misc_version -s 1.00.000.0: PERMISSION DENIED
According to the guide I should have seen something like this (--set_version set. VERSION will be changed to: 1.00.000.0
Patching and backing up partition 17...)
I was also not sure as to when the cmd "adb push PD15IMG.zip /sdcard/PD15IMG.zip" be executed, before or after downgrading? And when doing this should I have my regular SD card or gold card inserted in the phone?
I wasn't able to find the solution to the problem. Hope you can be of help
Click to expand...
Click to collapse
You are doing something wrong in step 6 of the temp root guide.... Step 6 is successful if your device is kicked out of adb shell...... If you have the 86.0000 bootloader just install gingerbreak and root your phone no nees to follow all these steps
Sent from my HTC Glacier using xda premium
mansisingh said:
You are doing something wrong in step 6 of the temp root guide.... Step 6 is successful if your device is kicked out of adb shell...... If you have the 86.0000 bootloader just install gingerbreak and root your phone no nees to follow all these steps
Sent from my HTC Glacier using xda premium
Click to expand...
Click to collapse
GingerBreak worked great on my Panache. My bootloader was 86.0000
mansisingh said:
You are doing something wrong in step 6 of the temp root guide.... Step 6 is successful if your device is kicked out of adb shell...... If you have the 86.0000 bootloader just install gingerbreak and root your phone no nees to follow all these steps
Sent from my HTC Glacier using xda premium
Click to expand...
Click to collapse
Ok, I managed to get through. Step 6 was successful. It was able to find an exploit at the end, then it kicks the device out of adb shell.
I skipped the temp rooting backup guide as i have nothing to backup.
Next I pushed the PD15IMG.zip file in to the sd card and rebooted. It scanned it but nothing happened. The guide said it was expected so I rebooted inserted the gold card and tried again. Nothing happened. It scanned the .zip file and remained at the bootloader screen. No t-mobile splash or anything like the guide says. This is what I see:
GLACIER PVT SHIP S-ON
HBOOT-0.89.0005
MICROP-0429
RADIO-26.09.04.26_M
eMMc-boot
What am I doing wrong? Could it be the .zip file is defective? I couldn't access the link for that file on the guide. megaupload is blocked, so i had to download it from elsewhere. It is 10.2 MB and has one radio.img file and another android-info .txt file.
Please help
mansisingh said:
You are doing something wrong in step 6 of the temp root guide.... Step 6 is successful if your device is kicked out of adb shell...... If you have the 86.0000 bootloader just install gingerbreak and root your phone no nees to follow all these steps
Sent from my HTC Glacier using xda premium
Click to expand...
Click to collapse
Please don't spread misinformation. Gingerbreak only works if you are already S-OFF. It is not going to work on the Panache which comes with the 0.89 HBOOT. If your Panache mysteriously came with 0.86 then it's an anomaly and you got lucky.
Also from my experience, you can do everything using one gold card - you don't need a separate non-gold SD to make any particular things happen.
---------- Post added at 12:17 PM ---------- Previous post was at 12:13 PM ----------
The 10 MB files are just radio files. That's not what you need.
For the correct downgrade file, the MD5 checksum is 49D07F0EE7DE1765A6A84CB12FA53110. There is another copy available at the following links:
http://www.multiupload.com/QZS83O5L1U
http://cmw.22aaf3.com/glacier/stock/1.17.531.2/PD15IMG.zip
http://goo-inside.me/ruu/glacier/fu....140e_26.03.02.26_M_release_155771_signed.zip
It worked! the problem was i didn't have the right PD15IMG file.
I'm now rooted with s-off and froyo.
Thanks very much
I noticed that my bootloader was downgraded to 0.85 and not 0.86. Is that OK?
I think you should be ok
congrats on the rooting
allendon said:
It worked! the problem was i didn't have the right PD15IMG file.
I'm now rooted with s-off and froyo.
Thanks very much
I noticed that my bootloader was downgraded to 0.85 and not 0.86. Is that OK?
Click to expand...
Click to collapse
Yay! Once you have Radio S-OFF your bootloader version doesn't really matter anymore, because no matter what you flash you're still S-OFF.
cmstlist said:
Yay! Once you have Radio S-OFF your bootloader version doesn't really matter anymore, because no matter what you flash you're still S-OFF.
Click to expand...
Click to collapse
Ehhh...Not really. Your bootloader is really important because you will either stay with the .86 one or your root method will flash the engineering H-boot which is .85.2007, The engineering H-boot is essential for things like reviving bricks (brick is not when your eMMC fails) and flashing things like recovery.img's and custom splash screens.
Nicgraner said:
Ehhh...Not really. Your bootloader is really important because you will either stay with the .86 one or your root method will flash the engineering H-boot which is .85.2007, The engineering H-boot is essential for things like reviving bricks (brick is not when your eMMC fails) and flashing things like recovery.img's and custom splash screens.
Click to expand...
Click to collapse
Even without ENG HBOOT, once you have Radio S-OFF, any version bootloader will accept an unsigned PD15IMG.zip. You can recover from bricks, flash recovery and splash screens from there too.
Sent from my Nook Color!
REply
cmstlist said:
Please don't spread misinformation. Gingerbreak only works if you are already S-OFF. It is not going to work on the Panache which comes with the 0.89 HBOOT. If your Panache mysteriously came with 0.86 then it's an anomaly and you got lucky.
Also from my experience, you can do everything using one gold card - you don't need a separate non-gold SD to make any particular things happen.
---------- Post added at 12:17 PM ---------- Previous post was at 12:13 PM ----------
The 10 MB files are just radio files. That's not what you need.
For the correct downgrade file, the MD5 checksum is 49D07F0EE7DE1765A6A84CB12FA53110. There is another copy available at the following links:
Click to expand...
Click to collapse
These links don't seem to be dead... Are there any other links you can post??
Sorry, I don't own the Panache anymore.
Sent from my Nexus 7 using Tapatalk HD
If you have successfully unlocked your HTC One M7 Bootloader, you will see the following text at the top of your Bootloader screen:
Code:
*** UNLOCKED ***
And, if you installed a custom recovery, it will change to the following:
Code:
*** TAMPERED ***
*** UNLOCKED ***
You can get rid of your TAMPERED text and/or change your LOCKED, RELOCKED or UNLOCKED status. This guide applies to all HTC One M7 Hboot versions.
Minimum requirements:
1. Your HTC One must be S-OFF.
2. Your device must be rooted.
There are different ways of achieving the same results, but this is the easiest (and safest) method using a tool called revone: http://forum.xda-developers.com/showthread.php?t=2314582. Note that revone is primarily intended to be used to S-OFF but it also has some very useful additional features, which are exactly what we're going to use here. You will find all the commands in the original revone thread but if you're having difficulties, then this guide for "noobs" should be helpful.
Stepwise procedure:
1. You need adb and fastboot. Download both in a single package: http://goo.gl/T6InE - credits to mike1986. Extract the folder "mini-sdk" and place it at C:/
2. Download revone: http://revolutionary.io/revone. Place it in your adb and fastboot folder, for example, C:/mini-sdk/
3. Connect your HTC One to your PC via USB cable. Boot up your HTC One and leave it on its homescreen. Test if the USB connection is working by clicking on the Start button > Run > type "CMD". This will open the Command Prompt window. From there, type:
Code:
cd c:\
cd mini-sdk
adb devices
You should see the serial number of your phone to confirm successful adb connection. This is what i get:
Code:
C:\Documents and Settings\Administrator>cd c:\
C:\>cd mini-sdk
C:\mini-sdk>adb devices
List of devices attached
FA36******** device
4. Now, you need to copy revone to your phone. In the same Command Prompt window, type:
Code:
adb push revone /data/local/tmp/
Here is my log to confirm that revone has been successfully copied:
Code:
C:\mini-sdk>adb push revone /data/local/tmp/
2893 KB/s (648208 bytes in 0.218s)
5. Now, open an adb shell by simply typing:
Code:
adb shell
You should see the following:
Code:
C:\mini-sdk>adb shell
[email protected]:/ #
If you see the $ symbol instead of the # symbol, type su (your HTC One needs to be rooted otherwise this won't work).
6. Use the Command Prompt to move to the folder where you placed revone on your phone and and set new permissions:
Code:
cd /data/local/tmp
chmod 755 revone
Here is what it looks like on my Command Prompt window:
Code:
[email protected]:/ # cd /data/local/tmp
cd /data/local/tmp
[email protected]:/data/local/tmp # chmod 755 revone
chmod 755 revone
7. Now, you can finally remove the TAMPERED text and switch between LOCKED, RELOCKED or UNLOCKED. Following from above, if you want to get rid of the TAMPERED text, type:
Code:
./revone -t
If you want to set the Bootloader as LOCKED, type:
Code:
./revone -l
If you want to set the Bootloader as RELOCKED, type:
Code:
./revone -r
If you want to set the Bootloader as UNLOCKED, type:
Code:
./revone -u
After you've made the changes according to what you want, you can now reboot the device and check if the changes have been applied. Type:
Code:
exit
exit
adb reboot bootloader
You should now be in the Bootloader menu and you can confirm the changes.
If this was useful, just click on the THANKS button!
tried it but stuck here
c:\sdk>adb push revone /data/local/tmp/
then it just sits there any ideas?
nathlynn22 said:
tried it but stuck here
c:\sdk>adb push revone /data/local/tmp/
then it just sits there any ideas?
Click to expand...
Click to collapse
Make sure your phone is on its homescreen (not bootloader or fastboot). Did you follow step 2 and 3? Did you see your serial no. after typing adb devices?
electronical said:
Make sure your phone is on its homescreen (not bootloader or fastboot). Did you follow step 2 and 3? Did you see your serial no. after typing adb devices?
Click to expand...
Click to collapse
yeah mate followed it all just in the end tried couple more times as revone thread said it can crash ETC SO ALL SORTED NOW THANKS. sorry about useless post
Hi, I havev a problem during the procedure :
"You should see the following:
Code:
C:\mini-sdk>adb shell
[email protected]:/ #
If you see the $ symbol instead of the # symbol, type su (your HTC One needs to be rooted otherwise this won't work)."
I see the $ symbol, but when I type su, nothing happend, error " "su"is not recognized as an internal or external command"
I need to reflash a modded recovery to root device ?
I want to return 100% stock
EDIT : the response was : YES ! thanks for your work !
@electronical
thanks for this very easy to understand tutorial buddy
... Note that revone is primarily intended to be used to S-OFF (applicable only if you have Hboot 1.44)...
Click to expand...
Click to collapse
So does that apply only to S-OFF'ing or to everything?
EDIT: I found another method and I successfully reset the TAMPERED flag
worked perfectly. thanks for the great guide :highfive:
commencal661 said:
So does that apply only to S-OFF'ing or to everything?
EDIT: I found another method and I successfully reset the TAMPERED flag
Click to expand...
Click to collapse
By "... Note that revone is primarily intended to be used to S-OFF (applicable only if you have Hboot 1.44)..." what i meant is that you can use revone to S-OFF only if the device has Hboot 1.44, otherwise Rumrunner is required in order to S-OFF.
It's simple enough, but to avoid the remote possibility of anyone else having the same confusion, i have edited that bit of info out. However, it's important to keep in mind that you can't S-OFF with revone if your device has Hboot 1.54 or above. But if your device is already S-OFF, you can use revone to remove the tampered flag and lock/relock/unlock, irrespective of your Hboot version.
Perfect!! Great and simple to follow tutorial.
Thanks!
electronical said:
If you have successfully unlocked your HTC One M7 Bootloader, you will see the following text at the top of your Bootloader:
Code:
*** UNLOCKED ***
And, if you installed a custom recovery, it will change to the following:
Code:
*** TAMPERED ***
*** UNLOCKED ***
You can get rid of your TAMPERED text and/or change your LOCKED, RELOCKED or UNLOCKED status. This guide applies to all HTC One M7 Hboot versions.
Minimum requirements:
1. Your HTC One must be S-OFF.
2. Your device must be rooted.
There are different ways of achieving the same results, but this is the easiest method using a tool called revone: http://forum.xda-developers.com/showthread.php?t=2314582. Note that revone is primarily intended to be used to S-OFF but it also has some very useful additional features, which are exactly what we're going to use here. You will find all the commands in the original revone thread but if you're having difficulties, then this guide for "noobs" should be helpful.
Stepwise procedure:
1. You need adb and fastboot. Download both in a single package: http://goo.gl/T6InE - credits to mike1986. Extract the folder "mini-sdk" and place it at C:/
2. Download revone: http://revolutionary.io/revone. Place it in your adb and fastboot folder, for example, C:/mini-sdk/
3. Connect your HTC One to your PC via USB cable. Boot up your HTC One and leave it on its homescreen. Test if the USB connection is working by clicking on the Start button > Run > type "CMD". This will open the Command Prompt window. From there, type:
Code:
cd c:\
cd mini-sdk
adb devices
You should get the serial number of your phone. This is what i get:
Code:
C:\Documents and Settings\Administrator>cd c:\
C:\>cd mini-sdk
C:\mini-sdk>adb devices
List of devices attached
FA36******** device
4. Now, you need to copy revone to your phone. In the same Command Prompt window, type:
Code:
adb push revone /data/local/tmp/
Here is my log to confirm that revone has been successfully copied:
Code:
C:\mini-sdk>adb push revone /data/local/tmp/
2893 KB/s (648208 bytes in 0.218s)
5. Now, open an adb shell by simply typing:
Code:
adb shell
You should see the following:
Code:
C:\mini-sdk>adb shell
[email protected]:/ #
If you see the $ symbol instead of the # symbol, type su (your HTC One needs to be rooted otherwise this won't work).
6. Use the Command Prompt to move to the folder where you placed revone on your phone and and set new permissions:
Code:
cd /data/local/tmp
chmod 755 revone
Here is what it looks like on my Command Prompt window:
Code:
[email protected]:/ # cd /data/local/tmp
cd /data/local/tmp
[email protected]:/data/local/tmp # chmod 755 revone
chmod 755 revone
7. Now, you can finally remove the TAMPERED text and switch between LOCKED, RELOCKED or UNLOCKED. Following from above, if you want to get rid of the TAMPERED text, type:
Code:
./revone -t
If you want to set the Bootloader as LOCKED, type:
Code:
./revone -l
If you want to set the Bootloader as RELOCKED, type:
Code:
./revone -r
If you want to set the Bootloader as UNLOCKED, type:
Code:
./revone -u
After you've made the changes according to what you want, you can now reboot the device and check to see if the changes have been applied. Type:
Code:
exit
exit
adb reboot bootloader
You should now be in the Bootloader and you can confirm the changes.
If this was useful, just click on the THANKS button!
Click to expand...
Click to collapse
This is very useful and it works. I am able to S-OFF (Windows 8, 32Bits) and removed the "tempered" and change "unlocked" to "locked" just like original. Crushalot, thanks for this, but can you point out how I can remove the "red descriptions (the development purpose...)" on boot screen and the Tell HTC, please?
Wait to hear from you
Hi there, first of all amazing guide, I've been trying to remove all flags but seemed way too hard to do it , but as easy as it may be I'm kinda stuck here. When I run the adb device command I don't get anything, it doesn't find any device :S any idea what's going on? Also, I'm trying to get my phone to stock for warranty purpose after I've done this if I have available the 4.2 or 4.3 update (I don't remember which one) and I run it through TWRP will this unroot the phone?
THANX http://forum.xda-developers.com/images/smilies/laugh.gif
Ricky-Lim said:
This is very useful and it works. I am able to S-OFF (Windows 8, 32Bits) and removed the "tempered" and change "unlocked" to "locked" just like original. Crushalot, thanks for this, but can you point out how I can remove the "red descriptions (the development purpose...)" on boot screen and the Tell HTC, please?
Wait to hear from you
Click to expand...
Click to collapse
Removing the red banner: http://rumrunner.us/hboots/
Tamiis said:
Hi there, first of all amazing guide, I've been trying to remove all flags but seemed way too hard to do it , but as easy as it may be I'm kinda stuck here. When I run the adb device command I don't get anything, it doesn't find any device :S any idea what's going on? Also, I'm trying to get my phone to stock for warranty purpose after I've done this if I have available the 4.2 or 4.3 update (I don't remember which one) and I run it through TWRP will this unroot the phone?
Click to expand...
Click to collapse
See link above for removing red banner. To go back to 100% stock: http://forum.xda-developers.com/showthread.php?t=2358738
electronical said:
Removing the red banner: http://rumrunner.us/hboots/
See link above for removing red banner. To go back to 100% stock: http://forum.xda-developers.com/showthread.php?t=2358738
Click to expand...
Click to collapse
Hi, I used the rumrunner hboot. Red banner removed. OK
I want to go back to 100% stock but I don't want to brick my device!!
I'm in 3.62.401.1 stock rom with the rumrunner hboot.
thanks
Thanks mate!
The "-s 0 -t" from revones description really had me disoriented, didn't seem to work, but your commands worked perfectly! Thanks a lot!!
Hi i followed the commands, I can get rid of the tampered flag but I get an error when I try ./revone -l
[email protected]:/data/local/tmp # ./revone -l
./revone -l
revone v0.2.1
revone failed (error code = -1)
Any idea?
If I am s-off with rumrunner... Can I use this guide to remove tampered? Or is only for renove s-off phones?
Sent from my HTC One using Tapatalk 4
Can this be done in Terminal Emulator?
Sent from my Nexus 7 using xda app-developers app
I s-offed a while ago with revone. I need to send in for warranty. Just looking to get unlocked removed. I already flashed stock recovery. Do I need to have a custom recovery to run -l command?
If so, can I still flash stock recovery after I relock the device?
what is it?
commencal661 said:
So does that apply only to S-OFF'ing or to everything?
EDIT: I found another method and I successfully reset the TAMPERED flag
Click to expand...
Click to collapse
what is the another method bro? thanks