Related
, operable program or batch file.
(update: I'm trying to find a tegra note root guide but I think I'm going to die of old age before I find one that explains the actual steps for 1. finding the tegra note windows drivers 2. how to install them every step explained 3. every step explained how to root this tablet oh god why did I not buy a windows tablet this time ok)
http://forum.xda-developers.com/showthread.php?t=2586432
I tried towelroot but it doesn't do anything after 15 seconds.
You either need to install Fastboot and ADB look in dev are for links or your not in the directory where the adb and fastboot executables are.
This is why your getting this error. Also i have tried towelroot and it froze my tegranote right out i have to reflash the device again to get it working or more over just the /System partition.
If you have gone though the OTA updates and have hit past 4.3 then you can simply use the SuperTool to restore your tablet which has everything in there for you including the fastboot and adb.
Just make sure you wasn't on 4.2.2 before using this methord.
Also you haven't said which brand of tablet you have either.
By looks of the link you posted your after installing root via either CWM or TWRP (I suggest using TWRP!)
if thats the case.
Install fastboot and adb files some where and also the recovery image of choice then do the fastboot flash recovery (name of recovery .img file ) then download the SuperSU zip and flash that in your chosen recovery you will then be rooted!.
kingroot v3.5 or older
If you want to root without PC on TN7 use kingroot and if you having trouble installing fastboot send me an email
Afaik you loose the OTA updates after rooting (because of twrp) so how do you keep your system up to date? or is this somthing that you risk in order to root your phone
You can try to flash the stock recovery back and install the firmware manually or using the updater, or you find the firmware in flashible zip format and flash it through twrp. I personally rooted without keeping Twrp so i can still update.
Thanks for answering! And yeah the problemas is that I cant find the firmware updates anywhere, so how do I root without a custom recovery? Can you tell me some hints to find the solution or a link? Thanks again
EDIT: Oh, just found a way, and in case someone is also wondering heres how its done: You have to boot to twrp through adb, and then you can flash super su without flashing the custom recovery . This is the generic way to do it, have not tested im my P8 yet, will report later.
fede011 said:
Thanks for answering! And yeah the problemas is that I cant find the firmware updates anywhere, so how do I root without a custom recovery? Can you tell me some hints to find the solution or a link? Thanks again
EDIT: Oh, just found a way, and in case someone is also wondering heres how its done: You have to boot to twrp through adb, and then you can flash super su without flashing the custom recovery . This is the generic way to do it, have not tested im my P8 yet, will report later.
Click to expand...
Click to collapse
*No need to go through all the hassle there is an automated script which i used it myself if you are still on stock recovery, it installs Twrp to flash superSu and then restores the original recovery.
http://forum.xda-developers.com/p8l...otloader-root-p8-p8lite-t3164956#post62851688
*If you are on Twrp, you can download "Huawei update extractor" http://forum.xda-developers.com/showthread.php?t=2433454 use it to extract your firmware (update.app) and take from it the 'recovery.img'. Then go to platform-tools where you open the CMD from, place the recovery.img in it you can rename it to "stockrecovery.img"
then "shift+right click" open the command line.
type: adb reboot bootloader
type: adb devices ----->to see your device
type: fastboot flash recovery 'type hear the name of recovery'
example: flastboot flash recovery stockrecovery.img
type: fastboot reboot ----->reboot device
some tutorial i found on youtube:
https://www.youtube.com/watch?v=YfWYKREeQeQ
By the way the method for Twrp i haven't tested but that's the theory, so please do it on your own risk and do the required research. Goodluck:good:
Edit: Another method in theory if you have Twrp could be to use 'flashify' app https://play.google.com/store/apps/details?id=com.cgollner.flashify&hl=en to flash the stock 'recovery.img' which you extracted from the stock firmware. No need to use adb.
Rashad83 said:
*No need to go through all the hassle there is an automated script which i used it myself if you are still on stock recovery, it installs Twrp to flash superSu and then restores the original recovery.
http://forum.xda-developers.com/p8l...otloader-root-p8-p8lite-t3164956#post62851688
*If you are on Twrp, you can download "Huawei update extractor" http://forum.xda-developers.com/showthread.php?t=2433454 use it to extract your firmware (update.app) and take from it the 'recovery.img'. Then go to platform-tools where you open the CMD from, place the recovery.img in it you can rename it to "stockrecovery.img"
then "shift+right click" open the command line.
type: adb reboot bootloader
type: adb devices ----->to see your device
type: fastboot flash recovery 'type hear the name of recovery'
example: flastboot flash recovery stockrecovery.img
type: fastboot reboot ----->reboot device
some tutorial i found on youtube:
https://www.youtube.com/watch?v=YfWYKREeQeQ
By the way the method for Twrp i haven't tested but that's the theory, so please do it on your own risk and do the required research. Goodluck:good:
Edit: Another method in theory if you have Twrp could be to use 'flashify' app https://play.google.com/store/apps/details?id=com.cgollner.flashify&hl=en to flash the stock 'recovery.img' which you extracted from the stock firmware. No need to use adb.
Click to expand...
Click to collapse
I still haven't changed the bootloader so it will be easier, I was waiting for the email from huawei but never received, but with the link you provided I was able to get the code instantly (since my model GRA-UL10 isn't on the list) its late here so will try it tomorrow. But I have a final question, will be possible to flash SuperSU without flashing twrp? There is a command that lets you boot twrp without flashing I just don't want to reflash my bootloader unnecessarily, thanks in advance. After this I will probably post a guide since it is not easy to find everything in one place.
fede011 said:
I still haven't changed the bootloader so it will be easier, I was waiting for the email from huawei but never received, but with the link you provided I was able to get the code instantly (since my model GRA-UL10 isn't on the list) its late here so will try it tomorrow. But I have a final question, will be possible to flash SuperSU without flashing twrp? There is a command that lets you boot twrp without flashing I just don't want to reflash my bootloader unnecessarily, thanks in advance. After this I will probably post a guide since it is not easy to find everything in one place.
Click to expand...
Click to collapse
In order to root your device you need a custom recovery which gives you the ability to push files which is not possible with the stock recovery that's how i understand it. The script in the link i gave u automates the steps you have to do manually, if you are going to root the device using the command line you will need a su.zip to flash using twrp, and a twrp recovery image through which you will access the file system, and finally knowing the command lines to do it all which is all in all is a hassle. So booting into or flashing twrp isn't really a big deal (at least for me) as long as you have the stock recovery by the end of it all.
Hello everyone,
These are the steps i used to root my LG G3 running official marshmallow. I rooted my LG G3 d851 and d850 by this method and i am sure that this will work on most variant (Not sure about Sprint or korean edition but you can give it a try).
But first Disclaimer
Code:
I take no responsibility to/for bricked devices.
This is simple guide to help rooting and installing TWRP.
If everyone ended up with a soft or hard brick then i am not responsible for anything.
Off-course you can ask for help but can't force or annoy me.
Anyways good luck with that. Have a Happy rooting :cool:
So let's begin. Make sure that "USB debugging is on" for your device and drivers for that are also installed
Download drivers
Steps (Please do in sequence to avoid problem)
1: Download the official king root apk from here.
Download
2: Also download correct twrp for your device
Download twrp
3: Now root your device
a: Install kingroot apk. b: Connect to internet and run the kingroot application
c: Let the application do it work by clicking on root now.
(It can display cannot root your device sometime but forget it. After process is complete the device would be rooted temporary)
4: As device is rooted temporary so don't restart it.
5: Make sure adb is setup properly on your pc if not then follow the guide
Guide
6: Now copy your download twrp recovery (of step 2) to your device and name it twrp (With extension it would be twrp.img).
7: Connect your device to pc (If it is not) in usb debugging mode.
Run "minimal adb and fastboot" (of step 5). Now type commands
Code:
adb devices
This will show you device if driver are installed properly.
Now type
Code:
adb shell
su
Allow supersu permission from your device. (# will appear in minimal adb window)
Now type
Code:
dd if=/sdcard/twrp.img of=/dev/block/platform/msm_sdcc.1/by-name/recovery
exit
exit
TWRP recovery will now be installed on your device. To boot into recovery type.
Code:
adb reboot recovery
If you did everything good then recovery will start. You can now flash custom roms on your device and also can flash supersu zip to get permanent root. Get zip from Here
If you had anything else then ask in comments.
Hit thanks if this helped you
I thought the bootloader from lollipop and up closed the exploit which allowed to execute non signed images, am i wrong? (except d851 which is factory unlocked bootloader)
Kingroot = bloatware which is not trustable
walter79 said:
Kingroot = bloatware which is not trustable
Click to expand...
Click to collapse
Once you are in recovery you'll flash another ROM anyway... so no problem with that
This method bricked my phone it went well all up to the last step and then never booted in recovery mode. Just left me with a completely black screen!!!! After it rebooted it no longer had root permissions to run TWRP is what I think happened.
I had to pull the battery out to get it to boot, and now I'm doing a complete factory reset.
Just install flastify after kingroot.
Install twrp via flastify.
Sent from my LG-D851 using Tapatalk
Ok, I managed to revert back to stock, but it took a little effort on my part. Since the twrp file overwrote the stock recovery file, I ended up in a boot loop because I had tried to remove kingroot with superme su. Whoops, always read the instructions about your root method, but I'm really a rookie here so it's my first time rooting and I panicked about getting kingroot off of my device. Managed a total soft brick.
Still had download mode, so I was able to revert back to factory image using LG UP along with lg up's dll extension LGUP_8974_DLL_Ver_0_5.msi
Install the msi first, then lg up, I used the driver LGMobileDriver_WHQL_Ver_4.0.4 for the phone.
Then Connect the device run LG-UP and point it to the original stock .tot file,
This was the only way I was able to run recovery and it worked.
I just wanted to mention it in case anyone else ends up soft-bricking their marshmallow D850 phone, like I did. Whoops, rookie here...:silly:
How to flash dll or msi file
Sent from my iPhone using Tapatalk
ledbetterd
it doesn't work on LG G3 D850 w/ 6.0 because Kingroot doesn't have a strategy to root this phone w/ this version
Kingroot not work on LG G3 D85130G
Enviado desde mi LG-D800 mediante Tapatalk
didn't work.. MM with 852 stock
Introduction
Hello everyone, this is a guide to assist you with customizing your Pixel 2! I will be going over installing fastboot and adb, unlocking your bootloader, how to flash the factory images for clean flashes and upgrades, and how to root. Please feel free to ask any questions if you need clarification. Enjoy!
This information has been distilled from Google's official factory image site and the Magisk thread.
Installing fastboot and adb
Thankfully, Google has provided just adb, fastboot, and systrace as a simple zip file, making this process super easy. You MUST be on at LEAST 26.0.2 for the commands in this guide to work. When in doubt, grab the latest copy and install them using the following instructions.
SDK Platform-Tools for Windows
SDK Platform-Tools for Mac
SDK Platform-Tools for Linux
Windows:
Unzip the folder somewhere on your hard drive.
Go to the folder containing the adb and fastboot files and type "cmd" in the path bar at the top.
A command prompt should open with the current folder showing on the prompt.
Type the following commands:
Code:
adb --version
fastboot --version
You should see some information appear. If that is the case, you were successful!
Mac/Linux:
Unzip the folder somewhere on your hard drive.
Navigate to that folder with your terminal.
Run the following commands:
Code:
sudo install adb dmtracedump e2fsdroid etc1tool fastboot hprof-conv make_f2fs mke2fs mke2fs.conf sload_f2fs sqlite3 /usr/local/bin
sudo mkdir -p /usr/local/lib64
sudo install lib64/libc++.so /usr/local/lib64
Type the following commands:
Code:
adb --version
fastboot --version
You should see the version information, along with telling you they are installed to /usr/local/bin. If so, you were successful!
Unlocking the bootloader
WARNING: This WILL wipe your entire phone. Please make copies or backups of any important data. This can also go wrong rendering your device inoperable. Proceed with caution.
On your phone, open Settings, navigate to "System" then "About phone", and tap on the build number 7 times.
Go one menu up, click on "Developer options", and turn on USB debugging and OEM unlocking.
In your terminal, type the following command:
Code:
adb reboot bootloader
Run the following command:
Code:
fastboot flashing unlock
Follow the prompts on your device then reboot!
Flashing factory images
NOTE #1: You CANNOT downgrade factory images. Google has prevented users from doing so to keep them safe from vulernabilities that were patched. You should only upgrade or reinstall the current image.
NOTE #2: If you have mounted /system as rw at any point (like in TWRP), you must upgrade using the factory image method. OTAs will fail because they cannot verify the integrity of the disk since its verity data has been changed.
NOTE #3: Flashing the factory images requires an unlocked bootloader. Flashing the OTA zips does not (but if anything goes wrong, you may not be able to recover without an RMA).
Updating to a new release (factory image):
Download the latest factory image from Google's website.
Reboot into the bootloader:
Code:
adb reboot bootloader
Unzip the factory image.
Inside you will see a bootloader image, a radio image, an image zip file, and a couple of flash scripts.
If you are on Windows, open the "flash-all.bat" file in a text editor. If you are on Mac or Linux, open the "flash-all.sh" instead.
Remove the "-w" flag before the fastboot command towards the end of the file. This will prevent fastboot from formatting your device.
Run the flash all script! Open a command prompt, navigate to the folder with the script, and run one of the following commands:
Windows:
Code:
flash-all
Mac/Linux:
Code:
./flash-all.sh
Reboot once it is finished!
Updating to a new release (OTA zip):
Download the latest OTA zip from Google's website
Reboot into recovery:
Code:
adb reboot recovery
Hold down the power button and push volume up
Select "Apply update from ADB"
Run the following command from the folder containing the OTA zip:
Code:
adb sideload <zip_name>.zip
Reboot once it is finished!
Clean flashing a factory image (wipe everything):
Download the latest factory image from Google's website
Reboot into the bootloader:
Code:
adb reboot bootloader
Unzip the factory image.
Run the flash all script! Open a command prompt, navigate to the folder with the script, and run one of the following commands:
Windows:
Code:
flash-all
Mac/Linux:
Code:
./flash-all.sh
Reboot once it is finished!
Rooting with Magisk
NOTE #4: This section assumes you are not going to install TWRP. If you are, skip to the next section and just flash the latest Magisk zip after installing TWRP.
Download the Magisk zip from the official thread and install the manager from the zip.
Grab a boot image to patch (either the one from the latest factory image or a custom kernel one) and push it to your device:
Code:
adb push <path_to_file> /sdcard/Download
Open Magisk Manager and click the Install button.
Click "Install" at the first prompt then choose "Patch Boot Image File". A file manager will pop up.
Select the boot image you want to patch and let Magisk Manager patch it.
Pull it off your device:
Code:
adb pull /sdcard/MagiskManager/patched_boot.img
Reboot into the bootloader:
Code:
adb reboot bootloader
Flash the boot image and reboot.
Code:
fastboot flash boot patched_boot.img
fastboot reboot
Open Magisk Manager and you should be rooted!
Installing TWRP
NOTE #5: If you just want to temporarily boot TWRP to flash Magisk and your custom kernel, you can just skip flashing the installer zip in this process.
NOTE #6: TWRP can be unstable at times given the way that security has been set up on this device (lack of decryption, failing to boot, etc).
Download both the TWRP image and zip installer from the official site.
Temporarily boot the TWRP image.
Code:
fastboot boot <path_to_twrp_image>
Flash the TWRP installer zip.
Reinstall Magisk and your custom kernel if you had them.
Reboot and profit!
Common issues
Outdated fastboot/adb: This device requires the latest fastboot and adb binaries to work properly. A lot of common quick adb/fastboot installation guides link to installers that are old. Please manually install the latest using the information at the beginning of the thread!
Using a USB-3.0 or USB-C port: Some newer USB ports do not work with fastboot. Issues manifest as weird errors during a flash. Use a different USB cable/port.
Closing statements
If there are any procedures you would like to see added (like flashing a custom kernel or booting TWRP), I am happy to add them if requested. Also, when requesting help, please be as specific as possible where you get confused. I want this guide to be clear as possible.
Reserved
Reserved
Stuck on this step
Run the flash all script! Open a command prompt, navigate to the folder with the script, and run one of the following commands:
How do I navigate in command prompt? When I typed flash-all, it said it is not a internal command etc. When I dragged and dropped flash-all into the command prompt, it said C:\Users\W Balls\Downloads\SAMPWND_SYSTEMROOT_ADB_FILES>"C:\Users\****** Jim\Downloads\walleye-opd1.170816.025-factory-4752baae\walleye-opd1.170816.025\flash-all.bat"
error: cannot load 'bootloader-walleye-mw8998-002.0059.00.img'
rebooting into bootloader...
OKAY [ 0.004s]
finished. total time: 0.004s
error: cannot load 'radio-walleye-g8998-00122-1708311414.img'
rebooting into bootloader...
OKAY [ 0.010s]
finished. total time: 0.015s
W/ ( 6448): Unable to open 'image-walleye-opd1.170816.025.zip': No such file or directory
error: failed to open zip file 'image-walleye-opd1.170816.025.zip': I/O Error
Press any key to exit...
You are calling the flash-all.bat out of a differende directory (C:\Users\W Balls\Downloads\SAMPWND_SYSTEMROOT_ADB_FILES) therefore it can't find the system image files since they are located under C:\U sers\****** Jim\Downloads\walleye-opd1.170816.025-factory-4752baae\walleye-opd1.170816.025. Make sure you extract your image to that directory, open up a command promt and navigate to it with "cd C:\Users\W Balls\Downloads\SAMPWND_SYSTEMROOT_ADB_FILES" and call the flash-all.bat from there.
Check out this for basic command line stuff https://www.digitalcitizen.life/command-prompt-how-use-basic-commands
---------- Post added at 10:58 AM ---------- Previous post was at 10:56 AM ----------
I tried this and it seems the magisk manager isn't able to download magisk on its own at least on my device:
Code:
DownloadManager: [356] Stop requested with status HTTP_DATA_ERROR: Unable to resolve host "forum.xda-developers.com": No address associated with hostname
DownloadManager: [356] Finished with status WAITING_TO_RETRY
EDIT: Seems like DNS66 was blocking the download patching was scucessfull now.
This is weird, can't I make 2 posts in a row??
Anybody figure out a solution for flashing when on MacOs High Sierra? Platform tools 26.0 1 was a fix for high Sierra, yet 26.0.2 seemed to have lost that commit, so fastboot doesn't work at all. Wondering if it's safe to use 26.0.1 on the pixel 2
nathanchance said:
Flashing factory images
Click to expand...
Click to collapse
First, thanks for putting this together. I've rooted using your method.
Regarding OTA updates: I've read that if we've rooted, we will need to un-root before we can receive an OTA update. Is this always true, or only if we've installed a custom recovery like TWRP? It would be really handy to have a guide on how to un-root, update, then re-root.
Related - let's say that for whatever reason, we have to flash an OTA update manually, rather than actually getting it OTA. Do we lose root by doing so?
Thanks!
JayBlack_686 said:
First, thanks for putting this together. I've rooted using your method.
Regarding OTA updates: I've read that if we've rooted, we will need to un-root before we can receive an OTA update. Is this always true, or only if we've installed a custom recovery like TWRP? It would be really handy to have a guide on how to un-root, update, then re-root.
Related - let's say that for whatever reason, we have to flash an OTA update manually, rather than actually getting it OTA. Do we lose root by doing so?
Thanks!
Click to expand...
Click to collapse
Magisk's OTA section should clear up some of your doubts: https://github.com/topjohnwu/Magisk/blob/master/docs/tips.md#ota-installation-tips
nathanchance said:
Magisk's OTA section should clear up some of your doubts: https://github.com/topjohnwu/Magisk/blob/master/docs/tips.md#ota-installation-tips
Click to expand...
Click to collapse
Looks really straightforward, thank you! Might be cool to point to it in the OP. I bet I'm not the only one who was only vaguely aware of the impact that rooting has on how we get OTAs. Then again, maybe everyone else wants to run custom ROMs.
JayBlack_686 said:
Looks really straightforward, thank you! Might be cool to point to it in the OP. I bet I'm not the only one who was only vaguely aware of the impact that rooting has on how we get OTAs. Then again, maybe everyone else wants to run custom ROMs.
Click to expand...
Click to collapse
Good point, I'll add it here in a bit
Sent from my Pixel 2 XL using XDA Labs
OTA vs factory image
Howdy,
really appreciate @nathanchance for putting this together. Would you mind adding a few lines about the differences between OTA and factory images. As a layman i haven't got the foggiest idea which route to go and would appreciate some wisdom. Thanks!
Thank you so much for this guide but can anybody please explain how you can tell which image to patch ?
I am unable to get this to work magisk is showing this message: stock kernel cannot be patched please use a custom kernel
i downloaded: walleye-opd1.170816.010-factory-63083164.zip
unsure as to whether this is correct for my phone as they are quite a few and its unclear how to tell
i have a pixel 2 from the UK that was factory unlocked and i unlocked the boot loader
what am i doing wrong please help
tango650 said:
Howdy,
really appreciate @nathanchance for putting this together. Would you mind adding a few lines about the differences between OTA and factory images. As a layman i haven't got the foggiest idea which route to go and would appreciate some wisdom. Thanks!
Click to expand...
Click to collapse
The primary difference is that the OTA can be flashed on an unlocked bootloader and is designed not to wipe your phone.
UpGrad3 said:
Thank you so much for this guide but can anybody please explain how you can tell which image to patch ?
I am unable to get this to work magisk is showing this message: stock kernel cannot be patched please use a custom kernel
i downloaded: walleye-opd1.170816.010-factory-63083164.zip
unsure as to whether this is correct for my phone as they are quite a few and its unclear how to tell
i have a pixel 2 from the UK that was factory unlocked and i unlocked the boot loader
what am i doing wrong please help
Click to expand...
Click to collapse
Are you supplying the boot image to Magisk? Show me a screenshot of what Magisk says when it tries to patch.
Thanks @nathanchance for this. I'm not a technical person, but can follow directions. This is the 4th phone that I've rooted following directions of some very smart and talented people here on XDA. I don't do this kind of thing everyday, and am not up on programming or coding or whatever you guys call it now days.
All I ended up doing is taking the OTA from Google to the .025. Then followed the Magisk rooting instructions to get root. I had Unlocked it the first day I turned the phone on, I haven't put my SIM in yet, but will play around with it a little more, and finish setting it up,
Again, thanks for the GUIDE to this Pixel 2 phone.
nathanchance said:
The primary difference is that the OTA can be flashed on an unlocked bootloader and is designed not to wipe your phone.
Are you supplying the boot image to Magisk? Show me a screenshot of what Magisk says when it tries to patch.
Click to expand...
Click to collapse
That is what i get. I have even flashed the whole factory image to the phone and still get this
@UpGrad3 you need to extract the boot.img out of your zip (walleye-opd1.170816.010-factory-63083164.zip) file and process this one, I'll guess you tried with the whole zip?? Also you can "attach" pictures to the post and not include the full res with the image tags...
@drmason I did extract the img from the zip. I followed the instructions exactly which is why im so confused as to what is going on ? Ok sorry i will do in future.
Amended post
UpGrad3 said:
@drmason I did extract the img from the zip. I followed the instructions exactly which is why im so confused as to what is going on ? Ok sorry i will do in future.
Amended post
Click to expand...
Click to collapse
You got the boot.img from the zip file that was inside the zip file?
from https://forum.xda-developers.com/showpost.php?p=74429474&postcount=90
Step by step
1. Download and extract factory image. Mine was taimen-opd1.170816.010-factory-c796ddb4.zip
***2. Once extracted go into the folder and extract image-taimen-opd1.170816.010.zip.
There you will find the boot.img.
---------- Post added at 08:36 AM ---------- Previous post was at 08:27 AM ----------
nathanchance said:
Good point, I'll add it here in a bit
Sent from my Pixel 2 XL using XDA Labs
Click to expand...
Click to collapse
@nathanchance, one more suggestion for the OP: at one point I was looking at using the stock boot img and couldn't figure out how to get it. Later, I found the below post, where the first two steps are essentially "open the zip inside the zip for the boot.img" to extract the stock boot image. Maybe it's really obvious, but I didn't get it.
https://forum.xda-developers.com/showpost.php?p=74429474&postcount=90
@UpGrad3 you are using the latest Magisk Manager 5.4.1 for this?
JayBlack_686 said:
You got the boot.img from the zip file that was inside the zip file?
from https://forum.xda-developers.com/showpost.php?p=74429474&postcount=90
Step by step
1. Download and extract factory image. Mine was taimen-opd1.170816.010-factory-c796ddb4.zip
***2. Once extracted go into the folder and extract image-taimen-opd1.170816.010.zip.
There you will find the boot.img.
---------- Post added at 08:36 AM ---------- Previous post was at 08:27 AM ----------
this is where i was going wrong i was using a file that had bootloader in the name rather than going into the second zip and finding boot
@nathanchance, one more suggestion for the OP: at one point I was looking at using the stock boot img and couldn't figure out how to get it. Later, I found the below post, where the first two steps are essentially "open the zip inside the zip for the boot.img" to extract the stock boot image. Maybe it's really obvious, but I didn't get it.
https://forum.xda-developers.com/showpost.php?p=74429474&postcount=90
Click to expand...
Click to collapse
drmason said:
@UpGrad3 you are using the latest Magisk Manager 5.4.1 for this?
Click to expand...
Click to collapse
yes i was
although im now stuck on the bootscreen with the G any suggestions ?
Fixed.
incase it happens to anyone else. i restored the factory image again then started the root procedure. im now rooted and fully working
Since we don't have TWRP yet for our 8T, having ADB enabled on the stock recovery can be really helpful if you are unlocked and rooted.
For example, removing problematic magisk modules.
I tried to install the EdExposed module and ended with a boot loop. To get back I had to flash the stock boot.img again and reconfigure all my modules again.
Having ADB enabled in OOS recovery will let us delete the problematic module at /data/adb/modules without having to delete the working modules.
Credit goes to @s3axel for the Post in Oneplus 8 forums
Quoting the procedure to create the modified recovery.img :
s3axel said:
Description of the method to modify recovery by yourself:
Prerequisites:
Android Image Kitchen (credit to osm0sis for providing this tool)
the original recovery image file (henceforth called "recovery.img"). You can extract this yourself from an update zip file by unpacking "payload.bin" and then use a tool like payload_dumper (credit to vm03 for providing this) to extract the recovery.img file
Now do the following:
unpack image with Image Kitchen --> this will create a "ramdisk" and a "Split_img" directory with the unpacked content within
navigate into the "ramdisk" folder and use a text editor (on windows preferably Notepad++) to edit the file "prop.default"
look for entry "ro.adb.secure" and change entry value from "1" to "0". Note this entry can occur multiple times (I noticed twice), change each --> this will prevent adb from asking for authorization (the recovery does not provide such a dialogue)
look for entry "ro.debuggable" and change this from "0" to "1" --> this actually enables ADB
look for entry "ro.secure" and change this from "1" to "0" --> may be unnecessary but I wanted to avoid brick in case a modified recovery would result in such a behavior
save textfile
repack the image with Android Image Kitchen and voila:
you have a new modified recovery image you can flash
Click to expand...
Click to collapse
Installation Procedure:
s3axel said:
Prerequisites:
Oneplus 8T
unlocked bootloader
access to fastboot on the phone
adb and fastboot
Installation:
Reboot the phone to fastboot, then flash the recovery from fastboot with the command
Code:
fastboot flash recovery <filename>
(with <filename> being the name of the recovery in the format of "recovery.img" you wish to flash)
Uninstall:
Same as installation, but flash the original stock recovery instead.
Usage:
Boot up recovery, enter the encryption key if the file system is encrypted. Then connect the phone to a PC and you are ready to go with adb. E.g. by using
Code:
adb shell
to open a shell and access the file system. Magisk modules are located in /data/adb/modules, deleting the corresponding directory there will remove the module in question.
Step-by-step this would be:
Code:
cd /data/adb/modules
to change to the Magisk modules directory
Code:
ls
to list the content of this directory, each module has its own directory, usually with a well-recognizable name
Code:
rm -r <directory>
to delete the directory in question. Tip: in console TAB-autocomplete works
Notes of caution:
ADB security is disabled as I could not get the recovery to allow for authorizing a connected computer. As a consequence, any computer connected is automatically authorized in ADB, although with an encrypted filesystem at least no data is accessible without the key.
with direct ADB access to your file system you can easily wreck you phone requiring a factory reset or even reinstallation of the OS from fastboot - please be careful about what you are doing
Credits: Thanks to osm0sis for Android kitchen and all great developers for the Oneplus devices.
Click to expand...
Click to collapse
Pre-patched files for the lazy (upto 11.0.4.5):
To find your model and build:
Code:
adb shell getprop ro.product.model
KB2001
adb shell getprop ro.build.version.ota
OnePlus8TOxygen_15.I.16_GLO_0160_2010150110
KB2000 / KB05?? - Chinese Variant
11.0.1.2 Hydrogen_15.H.16_OTA_0160_all_2010150101_4101
STOCK recovery.img
adb patched recovery
KB2001 / KB05DA - Indian Variant
11.0.1.2 - OnePlus8TOxygen_15.I.16_GLO_0160_2010150110
STOCK recovery.img
adb patched recovery
11.0.2.3 - OnePlus8TOxygen_15.I.17_OTA_0170_all_2010240047
STOCK recovery.img
adb patched recovery
11.0.3.4 - OnePlus8TOxygen_15.I.18_OTA_0180_all_2011010208
STOCK recovery.img
adb patched recovery
11.0.4.5 - OnePlus8TOxygen_15.I.19_OTA_0190_all_2011101438_3032f.zip
STOCK recovery.img
adb patched recovery
KB2003 / KB05BA - EU Variant
11.0.1.2 - OnePlus8TOxygen_15.E.17_GLO_0170_2010150108
STOCK recovery.img
adb patched recovery
11.0.2.3 - OnePlus8TOxygen_15.E.18_OTA_0180_all_2010240038
STOCK recovery.img
adb patched recovery
11.0.3.4 - OnePlus8TOxygen_15.E.19_OTA_0190_all_2011010157
STOCK recovery.img
adb patched recovery
11.0.4.5 - OnePlus8TOxygen_15.E.20_OTA_0200_all_2011101442_ed5dc.zip
STOCK recovery.img
adb patched recovery
KB2005 / KB05AA - International Variant thanks to @card13
https://drive.google.com/drive/folders/1-i4P8sWPfyqwgYvBsKWAAftQW7m66Z70?usp=sharing
KB2007 / KB05CB - T-Mobile Variant
¯\_(ツ)_/¯
Code:
❯ adb devices
List of devices attached
75317573 recovery
❯ adb shell
# df
Filesystem 1K-blocks Used Available Use% Mounted on
rootfs 3648448 40396 3608052 2% /
tmpfs 3837328 1160 3836168 1% /dev
tmpfs 3837328 0 3837328 0% /mnt
tmpfs 3837328 0 3837328 0% /apex
tmpfs 3837328 4 3837324 1% /linkerconfig
tmpfs 3837328 24 3837304 1% /tmp
/dev/block/sda11 491464 140484 350980 29% /mnt/vendor/op2
/dev/block/sda20 11760 164 11596 2% /metadata
/dev/block/dm-3 1516540 1511956 4584 100% /vendor
/dev/block/sda2 27632 10452 17180 38% /mnt/vendor/persist
/dev/block/dm-7 110397292 6627020 103770272 7% /data
I will edit this post over time with few notes/misc stuff.
For some reason, the only way we can boot into the recovery is to perform a fastboot flash.
Fastboot boot recovery.img does not seem to work and I have no idea why. (Even on stock recovery.img!!)
It just ends up in a black screen.
If someone could explain why it'll be great, cuz if we can just temporarily boot into the patched recovery, we can pull the boot.img files and provide root for all the variants of the 8T without waiting for a full OTA, with the below method:
Next, there *might* be a way to root other variants of 8T which do not have the full OTA zips
WARNING: I am NOT responsible if this does not work. you have been advised! This can render your recovery partition unusable until OnePlus releases full OTA ZIPs for all variants of the 8T!
Unlike boot.img, I was actually successful in flashing the EU KB2003 recovery.img on my Indian variant KB2001. running OOS 11.0.1.2.KB05DA
So I tried to flash the adb-patched recovery.img from the EU OTA into my Indian 8T and I was able to enter the adb shell as root!
Now I can easily get the image of all the partitions as well. Here's a snippet from my PC:
Code:
~/oss_stuff/Android-Image-Kitchen
❯ adb devices
List of devices attached
75317573 recovery
~/oss_stuff/Android-Image-Kitchen
❯ adb shell
# ls -al /dev/block/bootdevice/by-name/boo*
lrwxrwxrwx 1 root root 16 1970-01-03 04:30 /dev/block/bootdevice/by-name/boot_a -> /dev/block/sde11
lrwxrwxrwx 1 root root 16 1970-01-03 04:30 /dev/block/bootdevice/by-name/boot_b -> /dev/block/sde35
Copy the active slot (b in my case) as boot.img to sdcard and reboot:
Code:
# dd if=/dev/block/bootdevice/by-name/boot_b of=/data/media/0/boot.img
196608+0 records in
196608+0 records out
100663296 bytes (96 M) copied, 0.247740 s, 388 M/s
# reboot
I am already rooted, so I am expecting magisk manager to detect a magisk patched bootimage.
And it did. Screenshot attached.
Again I AM NOT 100% SURE IF ALL THE VARIANTS CAN FLASH THE SAME RECOVERY.IMG.
Since there is no full OTA Available, if the patched recovery does not work you will have to wait for the full ZIP to be released to restore your recovery. You have been warned!
DroidFreak32 said:
I will edit this post over time with few notes/misc stuff.
For some reason, the only way we can boot into the recovery is to perform a fastboot flash.
Fastboot boot recovery.img does not seem to work and I have no idea why. (Even on stock recovery.img!!)
It just ends up in a black screen....
Click to expand...
Click to collapse
Sadly I have no real explanation either, but I had the same effect during my testing - I assumed it's related to some mechanism around the encryption of the partitions.
Cheers & thanks for continuing this for the 8T !
Sorry but I want to ask a noob question: can I use this method to adb sideload a FULL OTA zip via this recovery as currently when I'm trying to switch to EU OOS from IN OOS, the local upgrader says that I can't install an older version of OOS
dijia1124 said:
Sorry but I want to ask a noob question: can I use this method to adb sideload a FULL OTA zip via this recovery as currently when I'm trying to switch to EU OOS from IN OOS, the local upgrader says that I can't install an older version of OOS
Click to expand...
Click to collapse
No I don't think this recovery allows flashing in the first place.
DroidFreak32 said:
No I don't think this recovery allows flashing in the first place.
Click to expand...
Click to collapse
Well, first of all, nice of you to post this for everybody. I had did this following the same tutorial, my first day I received my phone itself, and I also encountered the same issue of unable to boot recovery img.
Btw, you are right. OnePlus disabled adb sideload in their A/B devices. I researched extensively and couldn't find a way to re-enable it.
Well, even if it was present, it will only allow zips with signed keys from OP to be flashed, so not a replacement for TWRP anyway.
As for flashing OP updates and other custom roms, you can use fastbootd.
@theincognito Did you ever figure out the reason why they disabled ADB and ADB Sideloading? And do you know if OnePlus has a workaround (new protocol or command to accomplish the same effect)?
card13 said:
@theincognito Did you ever figure out the reason why they disabled ADB and ADB Sideloading? And do you know if OnePlus has a workaround (new protocol or command to accomplish the same effect)?
Click to expand...
Click to collapse
First of all, ADB was there to facilitate ADB sideloading. Once sideloading went away, they removed ADB entirely.
As for removing sideloading, as far as I can understand, it started when they switched to A/B partition for their phones, because by default, A/B devices don't have a dedicated recovery partition(like Pixel/Android One phones). So they removed it.
However, from OnePlus 8, OnePlus brought back the dedicated recovery partition while still using A/B. So, now, if they want, they could bring back the sideloading, imo.
As for workaround, there are only 2 options: TWRP (or any custom recovery) and fastbootd.
You can flash stock roms via fastbootd, but that involves extracting the zip via payload and flashing the images individually. As for custom roms, from fastbootd, you can use "fastboot update <rom.zip>". As simple as that.
@theincognito Thank you for the info it is very, very informative and gives me a lot of ideas of what to try next!
@DroidFreak32 I uploaded all my Recovery files to my GDrive, along with all my rooting files. https://drive.google.com/drive/folders/1-i4P8sWPfyqwgYvBsKWAAftQW7m66Z70?usp=sharing
Hace latest ota 11.0.3.4 BA recovery modified and recovery stock?
---------- Post added at 01:23 AM ---------- Previous post was at 01:22 AM ----------
card13 said:
@theincognito Thank you for the info it is very, very informative and gives me a lot of ideas of what to try next!
@DroidFreak32 I uploaded all my Recovery files to my GDrive, along with all my rooting files. https://drive.google.com/drive/folders/1-i4P8sWPfyqwgYvBsKWAAftQW7m66Z70?usp=sharing
Click to expand...
Click to collapse
Have latest ota 11.0.3.4 BA recovery modified and recovery stock?
hmm. seems, they changed something with the adb rights in 11.0.3.4.
ls /data is also permitted.
(edit: i used adb-recovery to delete a magisk module previous on 11.0.2.3)
ChillDuder said:
hmm. seems, they changed something with the adb rights in 11.0.3.4.
ls /data is also permitted.
(edit: i used adb-recovery to delete a magisk module previous on 11.0.2.3)
Click to expand...
Click to collapse
It's working fine here
What's your 8t model?
Also updated the op with links for patched recovery from 11.0.3.4
DroidFreak32 said:
It's working fine here
What's your 8t model?
Also updated the op with links for patched recovery from 11.0.3.4
Click to expand...
Click to collapse
KB2003
Thank you. I'll flash again later. Maybe i did something wrong in the prop file.
if your device been rooted and grant su for adb shell, you can also use CMD to enter commands "
>adb shell
$su
#magisk --remove-modules
"to remove all modules and reboot;
others,you had to flash the stock boot.img again
hanajoruno said:
if your device been rooted and grant su for adb shell, you can also use CMD to enter commands "
>adb shell
$su
#magisk --remove-modules
"to remove all modules and reboot;
others,you had to flash the stock boot.img again
Click to expand...
Click to collapse
su in adb shell dont worked for me (su binary isnt installed from magisk)
but for whatever reason, i have to reboot normaly, and via advanced poweroff menu directly to recovery. then it worked flawless. weird. previous i reboot to fastboot and from there to recovery. seems that this maybe is a differnce.
Thank you! Thank you so much. I tried a risky module and it crashed my phone. I was so scared as I had a lot of important data which I didn't backup. I followed your guide and I was able to remove the module and boot properly. I just can't thank you enough. You saved my life.
@liver20 No I am still on 11.0.1.2 since I haven't had time this week (life loves to get in the way) to unroot -> Apply Incremental OTA update file -> re-root.
I'm getting the black screen even after flashing the recovery. I can get into adb but have no way of decrypting? I am not able to enter my pattern. Am I missing something here?
xDanVitox said:
I'm getting the black screen even after flashing the recovery. I can get into adb but have no way of decrypting? I am not able to enter my pattern. Am I missing something here?
Click to expand...
Click to collapse
What's your oos build and 8t variant?
Have you tried manualy patching the recovery image yourself from your oos build instead of using the patched images by me?
DroidFreak32 said:
What's your oos build and 8t variant?
Have you tried manualy patching the recovery image yourself from your oos build instead of using the patched images by me?
Click to expand...
Click to collapse
I'm on 11.0.4.5 - KB2005
I did, yes. I used the broken TWRP to pull the recovery off of my phone and patched that. I tried using the one from unpacked kebab image as well. Tried booting and flashing and both give the same result. They both "work" but result in blank screen. Flashing back my backup original copy from my phone returns normal function.
Am I supposed to be seeing my pattern input the same as stock?
And thanks for the response!