Database Users

HEIMDALL one-click The safest way to upgrade.

Hi,
We would like to make a idiot proof ROM upgrade method.
Too many people are, for example, accidentally upgrading P9000 ROM onto I9000.
That will brick a phone.
My suggesting is this.
Set phone to usb debugging mode.
Have a single tool that automatically does the following (unfortunately, only possible on a rooted phone):
1) Uses adb to backup the bml1 and bml3 boot loaders. (Might as well backup efs also and check the user has root. If a user cannot get root, they really should not be flashing their ROM in the first place. Some method to automatically check if the phone is "network locked" might help. Can you do things like *#06# from the adb command line?)
2) Do a checksum on the bml1 and bml3 backups to identify which boot loader is actually on the device, and therefore identify the device. I.e. I9000 or P9000.
3) Check the USB ID of the phone is correct.
4) Double checks that the boot loader files provided by the user are compatible.
5) Automatically use adb to switch the phone into download mode
6) Flash only a compatible bootloader.
If a new ROM is published with a new boot loader, prevent the user from using it, until developers upgrade HEIMDALL one-click to recognize the new boot loader.
Have another tool, that does similar, but that will never flash the bootloader. Instead it uses the files provided by the user to flash only the rest of the phone, and never the bootloaders.
So long as the boot loaders are not touched, even if boot loaders are in the user provided file, the user can always recover using the 301K JIG.
Another thing to consider is the PIT. Have the tool implement a feature to read the PIT from the phone and if the PIT provided by the user is the same, automatically do not re-partition.
If the PIT needs changing, only flash the PIT and with the bootloader tool (described above).
This will ensure the user can still reach Download mode, even though the user will have to flash an ROM to be able to boot the phone into Android after that. But the important bit is that the phone will not become a Brick.
Of the current PIT files, I don't think any of them wipe the BML1 and BML3 boot partitions.
They only modify the size of the system and data partitions.
The main way to make all this "safe" is to separate the "repartitioning and installing boot loaders" from the "ROM install".
"ROM install without PIT and bootloaders" is 100% safe, installing boot loaders and PIT is the risky bit, so provide a tool that does it safely.
Maybe include a good boot.bin and Sbl.bin with the safe bootloader tool.
What do people think?

I'm working with Benjamin Dobell, the developer of Heimdall. There will be several features in the first release..
The specs on the .9A release planned features are:
Open source - everyone can contribute
Java app- Cross platform, One download handles all major platforms
One Click Packaging-Developer can add in their PIT, PBL, SBL, Kernel, Modem and FactoryFS(ROM) by dropping files into the zip
Heimdall included-installed automatically for the platform the user is running
User Awareness-User must check "flash bootloader" and they must be "sure they want to do this" which will make it a 3 click operation
The 1.0 release will include more features. I'll make sure to point Benjamin to this thread.

it would be awesome to see this fly

It's good to hear that...
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

I cannot wait to see this! I am an Ubuntu user with Windows 7 only for Odin. Would love to have a reason not to use Windows.....ever.
Sent from my SAMSUNG-SGH-I897 using XDA App

As somewhat of a trial run, I branched this project into "One-Click UnBrick". This installs heimdall and will execute the close-pc-screen command. I am still working on it. The main problem is Win7 drivers. Distributing them in a one-click manner is tough. I've already worked around win7 UAC, registry, filesystem issues, and VC++ issues. The last problem is to figure out how to get the drivers to install for a Gadget device.

[GUIDE] How to check the INTERGITY of a ROM

Hello everyone !
Many a times it happens that we get "Status 7 Error" in Recovery while trying to Flash a Rom or sometimes it may happen that Rom is working fine for everyone but when we try to install the same Rom it gets stuck at Boot or some components don't work as they should .
*What to do in such cases ???
-Well the FIRST thing to do in such situations is check the Integrity of the Rom file that you have downloaded rather than blaming the developer or spamming threads.
*What is File Integrity ???
-State of a computer (electronic) file in which no alteration, addition, or deletion has been made, and which is exactly the way it was stored by its originator.
So in simple words , the Rom file is same as the Author has uploaded it on server and is not altered i.e. corrupted while downloading .
Here I'll Explain three methods to test the integrity of the Rom that you have downloaded :
1.Using 7-Zip or WinRar (Extremely Easy).
2.Using a software to check the MD5-Check sum (Moderately Easy).
3.Using a file explorer to check the MD5-Check sum (Extremely Easy).
Using 7-Zip​
1.Download :
So first of all you need to download the 7-zip compression software which is Open Source (which means FREE!!!) and is one of the Best and reliable compression Tool for Windows/Linux
[Download Link : http://www.7-zip.org/download.html ]
2.Install :
duh ...! Obviously now you have to install 7-zip
3.Perform Integrity check on Rom file :
Go to the location where the Rom that you desire to install is present .
Now,
Right Click on the Rom File > Select 7-zip > Select "Test Archive"
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
If the result dialog box shows "No Errors" then your Rom file is perfectly fine !
Using MD5 Check Sum​
*What is MD5 Checksum ???
-The MD5 message-digest algorithm is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed as a 32 digit hexadecimal number. MD5 has been utilized in a wide variety of security applications. It is also commonly used to check data integrity..
In Simple words MD5 is a mathematical algorithm which performs the calculation on the File and out comes a long hexedecimal number which is refered to as the MD5 checksum.
On PC :
1.Download & Install :
Get any software which calculates MD5 checksum .
Or you can use online tool as well .
2.Perform Integrity check on Rom file :
Select the Rom file and gets it's MD-5 Check Sum value .
for eg. you get it as D93975A6E8CDA54EB61B29A801FA82E9
3.Compare the values with original one :
Now Compare the value that you got in above step with the one given by the Rom's developer or in the Hosting Site .
If they are same then your file is not corrupted !
In the following video I'll demonstrate how to Check the File Integrity using online MD5 Calculation Tool :
​
On phone :
1.Download & Install :
Get any app that checks the Md5 checksum
(I'm using a file explorer here : Explorer)
2.Perform Integrity check on Rom file :
Select the Rom file and long press it > Go to properties > last option is the MD5 checksum.
for eg. you get it as D93975A6E8CDA54EB61B29A801FA82E9
3.Compare the values with original one :
Now Compare the value that you got in above step with the one given by the Rom's developer or in the Hosting Site .
If they are same then your file is not corrupted !
NOTE:
*If your checksum matches the one posted by the dev, you can be sure you have an accurate copy of the downloaded file. If they don't match, then your download is either corrupt, or possibly some kind of trojan.
*You should never install any software if the MD5 sum does not match the one provided by the dev. Instead, try downloading the file again, perhaps from a different mirror. If all else fails, contact the dev as it's possible they might have posted an incorrect checksum, or may have an alternate means by which you can obtain the file.
REMEMBER : Do this procedure twice (Any of the two methods):
1. When you download the Rom(or any file) on PC
2. After transferring the Rom(or any file) to your device .

Hi The "A" Factor. A very good and clear guide, to check the integrity of every downloaded and transferred file could do our life easier, avoiding lots of unnecessary problems.
Thanks a lot.
Cheers.
Sent from my LG P76020L-EUR-XX unlocked and rooted

[APP] DualBootPatcher for Mediatek 64 bit devices

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Hi and welcome to DualBootPatcher app thread for Mediatek 64 bit devices.
It's available for any MT67xx device under two conditions:
- You compile your own version with support for your handset
- You upload your build.prop and your scatter file. I will compile it for you when I get time. SORRY, BUT I HAVE STOPPED THAT
Disclaimer:
Code:
I take no responsibility for any damage to your device or yourself because you use this app.
Keep in mind that using this app, your device may:
- Gain ability to fly
- Give birth to a dragon
- Trigger a thermonuclear explosion!
- Get you fired from your job because alarm app didn't work
- Simply die!
Downloads:
Grab the latest apk here https://snapshots.noobdev.io
How to get your device supported ?
Method 1: Port it yourself
Before you start porting it, check these info first:
Open your scatter file and make sure that the info match the ones below:
Click to expand...
Click to collapse
(For MT6735 & MT6753)
system.img is for SYS21
cache.img is for SYS22
userdata.img is for SYS23
boot.img is for SYS8
recovery.img is for SYS9
(For MT6752 and maybe MT6732)
system.img is for SYS18
cache.img is for SYS19
userdata.img is for SYS20
boot.img is for SYS8
recovery.img is for SYS9
IF ANY OF THESE INFORMATION DO NOT MATCH THE ONES IN YOUR SCATTER FILE, THEN MOVE TO METHOD 2! ELSE, FOLLOW THE STEPS BELOW.
1) Download the App and install it
2) Unpack your TWRP using Carliv Image Kitchen or any other tool
3) Edit the default.prop file in your unpacked TWRP by changing the values of the following lines to n560a (if you have MT6735 or MT6753) , for brand, set it to JIAYU. If you have MT6752 set it to h560 and the brand is the same.
ro.product.model=
ro.product.brand=
ro.product.name=
ro.product.device=
4) Now repack your TWRP and flash it.
5) Boot to your current rom, edit build.prop file and change the same values you did change on step 3. After that, reboot your device and now you are good to go.
6) If you wish to patch a zip, choose n560a - Jiayu S3 Plus for MT6735 or MT6753 (the app should detect that automatically if you did everything right). If you have MT6752, choose h560 - Jiayu S3.
Method 2: Add support for your device yourself!
If you are unlucky and your partition table didn’t match any of the above ones, then you will have to add your device manually and compile the app yourself.
1) Download the source code at https://github.com/chenxiaolong/DualBootPatcher
2) Edit jiayu.cpp file in libmp/devices and add your device’s partitions numbers. For MT6735 & MT6753, base your edit to n560a and for MT6752 base it to h560.
3) Compile it with the new changes. Your device should be supported now.
I haven’t tested for MT6795, but you may check in xiaomi.cpp file to see if you can base your port off one of the device’s configuration in it.
Click to expand...
Click to collapse
Usage:
Refer to this XDA thread to use the app http://forum.xda-developers.com/hot-2/orig-development/app-dualboot-multiboot-infinix-hot-2-t3425807
IF YOU GET BLACK SCREEN OR PHONE VIBRATES FEW TIMES AND REBOOT TO RECOVERY WHEN YOU TRY TO BOOT A SECONDARY ROM, THEN REPLACE “forceencrypt” with “encryptable” ON THE USERDATA PARTITION OF YOUR FSTAB FILE.
Old guide is below if you still need it.
Currently supported devices:
- Tecno Camon C8 (h352)
- Quantom Go 4G (Q2)
- Allview Viper X (V2_Viper_X)
- GiONEE Elife S Plus (SPlus)
- ZTE Blade V6 (Blade_V6)
Downloads:
Current realease is here => DualBootPatcher_arm64.apk mega.co.nz (16 MB)
How to use it ?
Refer to this thread of mine for Infinix HOT 2 or this one for Android One 1st gen devices.
Want to compile it ?
I encourage you to do so!
Clone either the original repo here https://github.com/chenxiaolong/DualBootPatcher and add your device in supported list by editing one of the .cpp files in libmbp/devices
Or, clone my fork of the repo here https://github.com/Nonta72/DualBootPatcher and just edit the mtk64.cpp file in libmbp/devices dir.
Bugs:
- In-app flasher doesn't work
- If you flash an Android 6.0.x rom as secondary, the ROM will show that the sdcard is corrupted even thought it really is not. So you have to install 6.0 ROMs has primary. If you only have 6.0 roms, well, I am sorry but you have to wait till I figure out what triggers the fake sd card corruption.
Credits and thanks:
All thanks go to @chenxiaolong for his awesome and incredible app!

Bootloader unlocked boot screen fix?

After unlocking my 996, I'm met with the unlocked warning screen:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I've seen several other devices fix this with a flashable zip or img file to overwrite or mask the warning. I've yet to see anyone mention it in regard to the V20.
Any help?

Other devices being something besides LG...
That image is in aboot, and you can't modify aboot.

runningnak3d said:
Other devices being something besides LG...
That image is in aboot, and you can't modify aboot.
Click to expand...
Click to collapse
5X is an LG phone: https://forum.xda-developers.com/ne...gdata-tool-t3240052/post63826602#post63826602

It may have been BUILT by LG, but it is still very much a Google phone and they specify the software that goes on it. For the Nexus series Google used the reference implementation of the boot loader.
If you find an imgdata partition on the V20, please be sure and let me know
-- Brian

runningnak3d said:
It may have been BUILT by LG, but it is still very much a Google phone and they specify the software that goes on it. For the Nexus series Google used the reference implementation of the boot loader.
If you find an imgdata partition on the V20, please be sure and let me know
-- Brian
Click to expand...
Click to collapse
Fair point. Thanks for the insight.

Yes, I miss being able to replace this goofy screen as well, I replaced the same bootloader unlocked warning screen on my Moto G4 with this awesome Motorola Developer Edition screen - on that phone it was a simple fastboot command or alternatively a zip you could install via TWRP

I decided to take a look at this again. raw_resources on the V20 is the equivalent partition to imgdata on the Nexus 5X. However, the format is not compatible with the tool that was linked above.
On the 5X they used bitmap images, and on the V20 they decided to use RLE images.
If someone wants to spend some time with a hex editor to figure out the new format, this is doable.
-- Brian

runningnak3d said:
Other devices being something besides LG...
That image is in aboot, and you can't modify aboot.
Click to expand...
Click to collapse
unless you can decrypt the whole aboot which is unlikely.

aboot is not encrypted, it is signed. But as I stated above, I was wrong. The images aren't in aboot directly. They are in raw_resources which is read by aboot. raw_resources isn't signed.

runningnak3d said:
I decided to take a look at this again. raw_resources on the V20 is the equivalent partition to imgdata on the Nexus 5X. However, the format is not compatible with the tool that was linked above.
On the 5X they used bitmap images, and on the V20 they decided to use RLE images.
If someone wants to spend some time with a hex editor to figure out the new format, this is doable.
-- Brian
Click to expand...
Click to collapse
you are talking about this right ?
http://www.fileformat.info/mirror/egff/ch09_03.htm

That is correct. RLE has no header like BMP or JPEG, so you have to know where it starts and where it ends if you have several images contained in one file -- which is what raw_resources is.
There is an index, but since I don't mind the nasty warning, I am not going to waste my time figuring it out
I am sure that it is probably something like:
Name
Beginning offset in raw_resources
End offset in raw_resources
Animated
Frames
blah blah blah
If someone wants to take this on, I will be more than happy to give some input, but at the end of the day solving LAF is far more important to me...
-- Brian

runningnak3d said:
That is correct. RLE has no header like BMP or JPEG, so you have to know where it starts and where it ends if you have several images contained in one file -- which is what raw_resources is.
There is an index, but since I don't mind the nasty warning, I am not going to waste my time figuring it out
I am sure that it is probably something like:
Name
Beginning offset in raw_resources
End offset in raw_resources
Animated
Frames
blah blah blah
If someone wants to take this on, I will be more than happy to give some input, but at the end of the day solving LAF is far more important to me...
-- Brian
Click to expand...
Click to collapse
Thank you very much for checking into all of this. That's amazing feedback.

moto g5 plus partition gpt.bin help / dead phone / wrong firmware

So guys i made mistake in moto g5 plus i flash the wrong firmware moto z2 play and when i back to the old firmware it dosn't flash cause of security downgrade
Note : the 2 first step i mean , the rest all passed
the problem is gpt.bin changed all partition and can't back to old gpt.bin
i flash other wrong bootloader again to fix problem but it going to dead
i read about flashblink and i find solution in forum and it back to bootloader but the problem is stay in file recovery.img
it can't pass cause of small partition and the system stay in bootloop
Guys anyone know how to edit gpt.bin file ? i search in network but most of them speak about extracting it
i need to modify the partition of recovery cause it is 16484 kb and i need 22000 kb to pass the recovery.img
i need guide or tutorial about how to edit gpt.bin file
url of the image ibb.co/gavJEc
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
in the file it is from file called="partition.xml" from "addison_verizon_oem_vzw_user_7.1.1_NDNS26.118-23-12-3_3_release-keys-cid2_vzw" the firmware i flashed wrong
so i didn't know how to convert it to bin or to change the bin files
anyone can help me
thank you

saifoufa said:
So guys i made mistake in moto g5 plus i flash the wrong firmware moto z2 play and when i back to the old firmware it dosn't flash cause of security downgrade
Note : the 2 first step i mean , the rest all passed
the problem is gpt.bin changed all partition and can't back to old gpt.bin
i flash other wrong bootloader again to fix problem but it going to dead
i read about flashblink and i find solution in forum and it back to bootloader but the problem is stay in file recovery.img
it can't pass cause of small partition and the system stay in bootloop
Guys anyone know how to edit gpt.bin file ? i search in network but most of them speak about extracting it
i need to modify the partition of recovery cause it is 16484 kb and i need 22000 kb to pass the recovery.img
i need guide or tutorial about how to edit gpt.bin file
url of the image ibb.co/gavJEc
in the file it is from file called="partition.xml" from "addison_verizon_oem_vzw_user_7.1.1_NDNS26.118-23-12-3_3_release-keys-cid2_vzw" the firmware i flashed wrong
so i didn't know how to convert it to bin or to change the bin files
anyone can help me
thank you
Click to expand...
Click to collapse
Your best bet is to find the right gpt.bin file and flash it.
Now if you really insist, the format is pretty standard. And you can theoretically hex edit the file to create correct partition sizes.
First 512 bytes (0x0-0x1ff) should be MBR, and most manufacturers point to a GUID partition table from here.
At 0x200 you will see GUID partition table header. (you can confirm by signature 45h 46h 49h 20h 50h 41h 52h 54h or "EFI PART" in ascii). The next 92 bytes should be the header. This header contains information about how many partition table entries are going to follow, and where does it start (usually they start at 0x2 LBA, which is 0x400).
You can search the web for its exact format.
Each partition table entry is 128bytes. and so if it has 10 parititons, the paritition table entries will start from 0x400 and will occupy next 1280 bytes. The crc32 value of this 1280 bytes is stored at bytes 88 to 91 of the GUID header. So anytime you touch anything in these partition table entries you may also have to re-calculate the CRC and modify it in the header. Once you change the header, you also have to change the calcuclated CRC value of the header which is stored at bytes 16-19 of the header itself. When calculating CRC of the header the bytes 16-19 is put as zeros.
Now if you are ready to do all this. Then you can find the right partition table entries to modify from its labels (you can find the ascii signatures pretty easily), and the bytes 32-47 of the partition table entry tells the start LBA and end LBA of the partition. You can modify this entry corresponding to the recovery partition entry and all the partitions following it.
But the few key items you have to remember to change, anytime you touch the partition table entry is.

how to calculate crc32 and do you have example ?

If I remember, there are tools inside most hex editors to calculate crc.