[HOWTO][GUIDE] Flash anything on G925F without tripping Knox - Galaxy S6 Edge General

How to Root your SM-G925F (International S6 Edge):
This should work on both 5.0.2 and 5.1.1. I have upgraded to 5.1.1 before doing this.
I recommend you hold off on this operation if your device is still running 5.0.2 and don't want to upgrade to 5.1.1.
If you want to keep 5.0.2 and still perform this operation than you must use a compatible 5.0.2 Kernel and TWRP - posted below.
WARNING: Because of the engineering bootloader which is 5.0.2 you're going to lose the Fingerprint scanner. If you can live without it then proceed.
Root without tripping Knox and having all the functionality (keeping the Fingerprint scanner working) on 5.1.1 is not possible.
Only for 5.1.1, custom kernel and TWRP for 5.0.2 posted below + also a different method for 5.0.2
1. Download ODIN v 3.10.6 from http://forum.xda-developers.com/showthread.php?t=2711451 and extract it to a folder.
2. Search online/PM me for the engineering bootloader for your device G925F
3. Download the 3 archives from: http://forum.xda-developers.com/gal...p-recovery-2-8-7-1-g925f-android-5-1-t3144866
3.a.1 TWRP 2.8.7.1 for S6 Edge - https://www.androidfilehost.com/?fid=24052804347765202
3.a.2 TWRP 2.8.7.1 for S6 - https://twrp.me/devices/samsunggalaxys6.html
3.b.1 Unikernel latest version - recommended kernel with so many benefits, now also working with devices that are using the enginnering bootloader (no need for 3.c. if choosing this kernel) - http://forum.xda-developers.com/showthread.php?p=60533128
3.b.2 Alex-V Kernel - works on a G925F that has an engineering bootloader. All the other ones mess with the display in a way that you'll get a white screen with greenish non-understandable ui elements - https://www.androidfilehost.com/?fid=24052804347765201
3.c. Super SU - https://www.androidfilehost.com/?fid=24052804347765203
4. Disable Reactivation lock by going into Settings -> Lock screen and security -> Find My Mobile -> Login with your Samsung Account and then disable Reactivation lock
5. Disable Fingerprint screen lock type by going into Settings -> Lock screen and security -> Screen lock type and select any other screen type than Fingerprint
6. Copy to the your device's sdcard (phone): custom kernel and rest of downloaded files to flash
7. Shut down device and start in Download Mode (with the phone turned off keep pressing on power, volume down and home at the same time until a green screen pops up, then you'll need to press on the volume up key)
8. First you'll need to flash the engineering bootloader. Open ODIN and click on BT and select the appropriate sbin file downloaded at step 2. Flash it and wait for the device to reboot.
Don't be alarmed by the green text that will appear in the top left corner when the Samsung logo is being displayed. It's 100% normal and the device hasn't suffered any damage.
9. Enter Download Mode again and this time in ODIN, go to options and uncheck the Reboot device. Click on AP and select the TWRP 2.8.7.1 and flash it.
10. The device won't reboot because you've unchecked the Reboot device option. You'll need to press on power + volume down + home until the device turns off and then pres on power + volume up + home until you'll see the device enter the TWRP recovery. At that point the buttons can be released.
11. Inside TWRP press on Install and navigate to where you have stored the custom kernel and rest of the files. Select the custom kernel (then add another zip to flash and then select Super SU if using Alex-V kernel). Flash them and reboot your device.
12. Congratulations now you have a rooted G925F with Knox fuse intact!
13. You can now flash anything custom on your device without tripping Knox as long as you don't flash the bootloader with a stock one, you need to keep the engineering bootloader flashed.
If you want to return to stock at anytime you can flash a full stock ROM from Samsung and all should be fine. Knox isn't going to get tripped because everything is returning to stock, even the bootloader.
14. WARNING: Before flashing anything else after you've successfully acquired root you should backup your EFS partition just in case via TWRP recovery.
All credits for rooting and installing TWRP on G925F go to Alex-V, AndreiLux, simple Team, chainfire
The research on which kernel is going to root and work perfectly with a G925F that has an engineering bootloader installed go to me. A lot of trial and error, white & greenish screen, overheat etc...
If you have any questions post below.
Enjoy!
Custom Kernel and TWRP only for 5.0.2 - untested but should work
http://forum.xda-developers.com/galaxy-s6-edge/development/28-04-2015-hybridmax-kernel-t3095373
Different workaroung for making it work for 5.0.2 users
If you're device is running 5.0.2 and it gets stuck on the Samsung screen, in order to fix it you'll need to flashed a stock 5.1.1 ROM then repeat the tutorial and all will work as expected with Knox being intact.
Device on which you can use the following custom ROM tutorial:
G925F 5.1.1 rooted with engineering bootloader
1. Download the 5.1.1 custom ROM you want
2.Download Unikernel or Alex-V's kernel
3.Copy to your device the files downloaded at 1 and 2
4.Boot your device into TWRP (recovery mode)
5.Flash the 5.1.1 custom ROM and the custom kernel. (you can select multiple things to flash one after another without rebooting the device afterwards)
6.After the ROM is flashed you'll need to continue the flashing procedure and not reboot the device until the custom kernel is also flashed
7.After the 2 packages have been flashed successfully you can reboot the device and enjoy your new rooted G925F running a custom ROM, custom Kernel and with your Knox intact.
Enjoy!
WARNING:
If you try to flash any other kernel, one that's not built specifically for G925F like Unikernel or Alex-V's you'll end up with a wrong TSP FW version, one that belongs to G920. Currently the only fix available for this issue is to use a specifically built kernel/stock kernel for G925F.
Here's what you're going to get after flashing any unified kernel (check via *#2663#)
Phone's TSP FW version: ST015681 - incorrect (G920)
Part's TSP FW version: ST0195E4 - correct (G925)
TSP threshold: 512
config tsp fw version: G920_ST_3A1F
tsp checksum data: 1B5C2E4D
Both Phone and Part have to have the same version, the correct one ST0195E4 for G925. If you try to use the TSP FW Update command you will make them both have the G920 TSP FW...so until a solution for this is found we cannot use any unified kernel while running the engineering bootloader.
Latest BOOTLOADER/MODEM/Stock-Kernel Packages for S6 G920F/I/T & S6 Edge G925F/I/T models
http://forum.xda-developers.com/showpost.php?p=60112855&postcount=3
- credit goes to @edgarf28
How to fix cm.bin flash failed - stuck in download mode
http://forum.xda-developers.com/galaxy-s6/help/solved-stuck-download-mode-failed-odin-t3104736
Disclaimer: Proceed with extreme caution as I take no responsibility for any damages to your phone. Do it at your own risk
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Reserved

Only F? No luck on W8 or A?
Does also engineering boot loader gives ability to reset knox too...?
I know Samsung service center can do it...
Or can we change the model with the engineering bootloader? (Aka switch W8 to F, T to A, others vise versa)
(Looking at HTC all series with S-OFF like god mode)
Sent from my iPad using Tapatalk

ytwytw said:
Only F? No luck on W8 or A?
Does also engineering boot loader gives ability to reset knox too...?
I know Samsung service center can do it...
Or can we change the model with the engineering bootloader? (Aka switch W8 to F, T to A, others vise versa)
(Looking at HTC all series with S-OFF like god mode)
Sent from my iPad using Tapatalk
Click to expand...
Click to collapse
Unfortunately only F and T have been leaked for both G920 & G925.
I don't know about resetting Knox. I am under the impressing that the Knox Fuse is a psihical hardware one and once it gets burnt there's no way going back.
Haven tried to change the model, I'm guessing you are referring to a deeper change, not only to what's displayed inside the About, which would be pretty hard without deep knowledge of how a Samsung phone knows what model it is.

if it was a fuse it woudnt come on S3/Note2 because these phones were built before knox was even announced, unless they had a spare efuse lying around in the phones just to activate it in near future....

Hey is this a thread to promote Alex´s work? if so its fine, but i found that Aou kernel has a solution for the fingerprint issue on the Tmovile variants over the Unix kernel, am i wrong?

eltoffer said:
Hey is this a thread to promote Alex´s work? if so its fine, but i found that Aou kernel has a solution for the fingerprint issue on the Tmovile variants over the Unix kernel, am i wrong?
Click to expand...
Click to collapse
Yes and no. It promotes the only combination that is available to have a rooted G925F with custom kernel, rom, Knox intact running 5.1.1. Aou is only available for G92xT. I'm not aware of any workaround to fix the fingerprint sensor on 5.1.1 while running on a 5.0.2 engineering bootloader.

pmichaelro said:
How to Root your SM-G925F (International S6 Edge):
If you have any questions post below.
Enjoy!
Click to expand...
Click to collapse
Hi , i really want to try this one and im sure there's people out there willing to know aswell is there anyway you can provide us with screenshot of your phone version / rom and what is your current knox after doing this method ived been searching for an answer (Found only g925t) and i wanna make sure if it does work with F, so im still doing my research properly before attempting this . thank you

Repulsa said:
Hi , i really want to try this one and im sure there's people out there willing to know aswell is there anyway you can provide us with screenshot of your phone version / rom and what is your current knox after doing this method ived been searching for an answer (Found only g925t) and i wanna make sure if it does work with F, so im still doing my research properly before attempting this . thank you
Click to expand...
Click to collapse
Added screenshots

I sent you PM about bootloader you didn't answered me.

slavush said:
I sent you PM about bootloader you didn't answered me.
Click to expand...
Click to collapse
I've checked my PM's and saw that I answered them all. I haven't received any PM from you though. Send me one and I will answer you. Thanks

Hey buddy i know this is a stupid question but i don't know why hehe: if we root, and then flash the OEM sboot.bin and/or kernel we should keep the root, right? but we also recover the fingerprint sensor, or how it works?

eltoffer said:
Hey buddy i know this is a stupid question but i don't know why hehe: if we root, and then flash the OEM sboot.bin and/or kernel we should keep the root, right? but we also recover the fingerprint sensor, or how it works?
Click to expand...
Click to collapse
If you don't want to trip Knox you first have to flash the engineering bootloader, this will make the fingerprint scanner to not work. Then you can flash any custom kernel/rom without tripping knox. If you flash the OEM bootloader but keep anything else custom flashed you will trip Knox. So it's up to you. Keep Knox intact, lose fingerprint scanner, enjoy root and customisation or keep everything stock or don't care about knox and flash anything you want.

pmichaelro said:
If you don't want to trip Knox you first have to flash the engineering bootloader, this will make the fingerprint scanner to not work. Then you can flash any custom kernel/rom without tripping knox. If you flash the OEM bootloader but keep anything else custom flashed you will trip Knox. So it's up to you. Keep Knox intact, lose fingerprint scanner, enjoy root and customisation or keep everything stock or don't care about knox and flash anything you want.
Click to expand...
Click to collapse
Ok thanks for your PM reply, so lets get clear...
if you say fingerprint scanner issue is due to the sboot if i flash the stock 5.1.1 one over the root ONLY (everything else stock), am i going to trip knox? i do not think so, can't see why would it be so

eltoffer said:
Ok thanks for your PM reply, so lets get clear...
if you say fingerprint scanner issue is due to the sboot if i flash the stock 5.1.1 one over the root ONLY (everything else stock), am i going to trip knox? i do not think so, can't see why would it be so
Click to expand...
Click to collapse
I'll explain one more time.
You need to keep the engineering bootloader flashed at all times if you want to flash a custom kernel in order to get root and not trip Knox.
If you flash the engineering bootloader,then the kernel and then flash the stock bootloader back you are going to trip knox because you would be running a custom kernel. Is that more clear now?

pmichaelro said:
I'll explain one more time.
You need to keep the engineering bootloader flashed at all times if you want to flash a custom kernel in order to get root and not trip Knox.
If you flash the engineering bootloader,then the kernel and then flash the stock bootloader back you are going to trip knox because you would be running a custom kernel. Is that more clear now?
Click to expand...
Click to collapse
Ok maybe I explain myself in a wrong way
1.- flash sboot.bin 5.0.2
2.- flash twrp recovery
3.- flash SU.zip
4.- flash back stock recovery 5.1.1 (at this point we achieved root and an intacted Knox)
5.- flash back stock sboot.bin 5.1.1 (so here we recover the fingerprint scanner)
This is the way I think, where is the fail? Sorry if I'm an annoying guy XD
NOTE: I'm only concerning about getting root I don't care about custom roms or so, just root
Enviado desde mi S6 Edge Gold

eltoffer said:
Ok maybe I explain myself in a wrong way
1.- flash sboot.bin 5.0.2
2.- flash twrp recovery
3.- flash SU.zip
4.- flash back stock recovery 5.1.1 (at this point we achieved root and an intacted Knox)
5.- flash back stock sboot.bin 5.1.1 (so here we recover the fingerprint scanner)
This is the way I think, where is the fail? Sorry if I'm an annoying guy XD
NOTE: I'm only concerning about getting root I don't care about custom roms or so, just root
Enviado desde mi S6 Edge Gold
Click to expand...
Click to collapse
You misses a step there. In order to get root you'll need to flash a custom kernel. That's a deal breaker if you want to keep root, knox intact and return to stock bootloader. You simply cannot have this combination.

pmichaelro said:
You misses a step there. In order to get root you'll need to flash a custom kernel. That's a deal breaker if you want to keep root, knox intact and return to stock bootloader. You simply cannot have this combination.
Click to expand...
Click to collapse
Hi i tested this on my s6 edge 5.0.2 stocked rooted rom (pingpong root), I follow the instruction , Got stuck after flashing the bootloader engineering (Green on top).Boot into download mode then i flash the twrp using odin (untick auto reboot) Turn off the device and trying to boot into recovery but to no avail (Power/Volup/home) ,Repeat the process atleast 3 times , Thats ok so i give up I tried flashing the Stock samsung firmware 5.0.2 using odin (Tested 3 times aswell its keep failing cm.bin or .mbn or something in odin ).
There you go No matter how many times i flashed the stock 5.0.2 via odin keep saying cm.bin .. FAIL .. so i had to flashed stocked 5.1.1 samsung firmware in order for the phone to boot but my knox still 0x0 and thats fine . Or i might did something wrong .. anyways no worries i did it before i send it to them to get a new replacement (DPixel) as long its still 0x0 and Thanks...

Repulsa said:
Hi i tested this on my s6 edge 5.0.2 rooted using pingpong , I follow the instruction , Got stuck after flashing the bootloader engineering (Green on top).Boot into download mode then i flash the twrp using odin (untick auto reboot) Turn off the device and trying to boot into recovery but to no avail (Power/Volup/home) ,Repeat the process atleast 3 times , Thats ok so i give up I tried flashing the Stock samsung firmware 5.0.2 using odin (Tested 3 times aswell its keep failing cm.bin or .mbn or something in odin ).
There you go No matter how many times i flashed the stock 5.0.2 via odin keep saying cm .. FAIL .. so i had to flashed stocked 5.1.1 samsung firmware in order for my phone to boot. but my knox still 0x0 and thats fine . Or i might did something wrong .. anyways Ill test it out on 5.1.1 firmware later Thanks tho...
Click to expand...
Click to collapse
This is because you already have 5.1.1 baseband installed, you can't downgrade that IMG
Enviado desde mi S6 Edge Gold

Am I missing something?
I followed every step, and everything was successfull until the point I tried to flash xtroselite, once the flash is done, if the screen goes black i can not get it on anymore, just a white band in top. Any idea?
Thank you in advance.

Related

[SUPPORT THREAD] Canadian N900W8 KNOX 0x0 Status {Updated April 5th 2015}

Important Information
List of ROMs installable on the SM-N900W8 (by Model number): Here
Current Firmware: N900W8VLU2DOC4 - Download
Status: VULNERABLE
Latest Recommended Modem (LP): N900W8VLU2DOC4
Previous Recommended Modem (KK): N900W8VLUCNI1
Flashing a Modem:
If you have an invulnerable bootloader, you can flash any of the latest modems through Odin no problem, download and flash under CP.​If the modem does not stick after flashing:
Flash it without Auto-reboot ticked.
Manually turn off your phone (battery pull required), then immediately go back into Download Mode.
Flash it again, then manually reboot the phone (battery pull again) after done.​
GPS Problems Fix (Not Locking): Here by @crom1.
Thanks @Calen77 for the find!​
Vulnerable: Trippable
Invulnerable: Untrippable under any circumstances while running the bootloader loaded phone. Odin flashing friendly.
Semi-invulnerable: Trippable under one condition (can be ignored if you don't plan to downgrade). Otherwise they are all untrippable.
All 4.3 N900W8 bootloaders are normal bootloaders and will trip when it detects any modification.
All 4.4.2 N900W8 bootloaders are unable to be tripped when doing just rooting and installing custom recovery.
-> The leaked Mexican bootloader allows you to avoid tripping the bootloader even through a downgrade of 4.4.2 to 4.3.
-> Canadian 4.4.2 bootloaders will trip if you attempt any downgrade to 4.3. This is the only issue.
-> You can flash a different modem, a different ROM base (AOSP or TW), CSC, Kernel, Recovery and NOT trip KNOX on any devices.
Click to expand...
Click to collapse
Currently known N900W8 4.3 vulnerable bootloaders: MI5, MJ1, MJ4
Currently known N900W8 4.4.2 invulnerable bootloaders: MEXICAN NA2
Currently known N900W8 4.4.2 semi-invulnerable bootloaders: NB7
Currently known N900W8 5.0 vulnerable bootloaders: DOC4
For the people running MI5, MJ1 vulnerable bootloaders (excluding MJ4) and not willing to upgrade to 4.4.2 -> I suggest using URDLV to root without tripping KNOX: http://forum.xda-developers.com/showthread.php?p=46818375
For the people running MJ4 vulnerable bootloader and not willing to upgrade to 4.4.2 -> You can use Kingo root to root, however this is a fondly avoided app, as the first version sent your IMEI to a server in China. Hesitant to upgrade to 4.4.2? You're done.
For the people running MJ4 vulnerable bootloader -> I suggest following the guide below this Q&A to get your phone to 4.4.2, so you get the Mexican bootloader to be free of all KNOX and it's dread. (Highly recommended)
For the people running NB7 semi-invulnerable bootloader -> You are free to root, custom ROM flash, replace your kernel, modem updating through Odin, etc. Just do not attempt to downgrade if you want to preserve KNOX.
Q: But but but, what if I.....
A: NA2 bootloader? Nothing you do can touch your bootloader UNLESS you intentionally upgrade your phone through KIES or Odin. These are the only two tools that is able to touch your bootloader. Everything you do will preserve KNOX. The hierarchy of your phone stands so that the bootloader is on top of the recovery partition, and everything else is under recovery. Recovery is unable to touch the Bootloader (like how a normal office worker can't fire their boss).
Q: How about.....
A: NA2 bootloader? You are safe. Stop worrying about sh*t.
Q: How does this work?
A: The Mexican NA2 was a leaked firmware for the N900W8 intended for development devices, it was never released in the "NA#"'s officially for the N900W8 models. (Need confirmation if tripped KNOX on the Mexican version of N900W8) This could mean they turned off the functionality of the security breach on these devices while trying to distinguish the two different N900W8's modems so they don't trip everyone's KNOX when the OTA is released. In layman's terms, the Mexican firmware was the base for the Canadian version, but when applying different patches to distinguish the two regions, they needed a development version that doesn't trip KNOX. The latest NB7 was not patched most probably due to either not noticing this flaw or slow updates as usual (very, very slow).
Q: How do I check my bootloader version?
A: Using @vndnguyen's app on the play store, located here. Look under Firmware Info (in green), and then under Bootloader version. Take the last three characters for the actual bootloader version.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Q: I'm on DOC4, can I follow the guide after this?
A: No.
==================================================================================================
My guide to get any Canadian Note 3 on 4.3 to 4.4.2 safely without tripping KNOX
Credits will also go to @Oogar and @polish_pat for the tutorials and their original files!
This is my version of @Oogar's and @polish_pat's guides, and I will keep them up to date. What's the difference? Well I will keep the links as fresh as possible and mirroring them as I see fit.
I will also provide pictures so that you will be assured you are doing the correct thing.​
Step 0: Verify your BOOTLOADER version
If your bootloader is of version MI5, MJ1 or MJ4, move onto the next step. Click the button below for a brief instruction how to check.
If your bootloader is of version NA2 (somehow) or NB7, skip to the contents of Step 4, however you won't be on a "happy" (invulnerable) bootloader if you are on NB7.
Using @vndnguyen's app on the play store, located here. Look under Firmware Info (in green), and then under Bootloader version. Take the last three characters for the actual bootloader version.
Step 1: Download these files!
Odin v3.09 - Fast Link
Samsung Kies (for drivers) - Direct Link -- Official Samsung Link
PIT File: (PIT) HLTE_CAN_OPEN.pit
BL File: BL_N900W8UBUCNA2_336994_REV03_user_low_noship_MULTI_CERT.tar.md5
AP File: AP_N900W8UBUCNA2_336994_REV03_user_low_noship_MULTI_CERT.tar.md5
CP File: (CP) Rogers Modem.tar
CSC File: (CSC) Canadian Multi CSC.tar
Step 2: I am on MI5/MJ1/MJ4!
NOTE: This will erase all your data from your phone as you will be flashing a LEAKED firmware. Official ROMs do not wipe your data. Make sure you make a backup.
Install Kies, then reboot your computer. (Do not open Kies, it will affect Odin!)
Extract Odin3 on your desktop using WinRAR or 7zip.
Open up "Odin3 v3.09.exe"
Turn off your phone and hold the HOME BUTTON + VOLUME DOWN + POWER BUTTON until you see a warning -> Press Down to Continue.
Plug in your phone using the original USB 3.0 cable (highly recommended)
Step 2 complete! Move onto the next step if you succeeded. If not, try restarting your computer.
Step 3: Odin's opened, device detected!
Make sure your Odin looks exactly like this (as shown in the photo below) with all the defaulted values. Do not tick anything unnecessary that is not mentioned in the photo. If your Odin looks EXACTLY like the photo I showed, move onto the next step (excluding ID:COM values).
Now add in the files you downloaded above according to their bracket names. Make sure that you UNCHECK Re-partition once all the files are set.
Click start and wait for the process to finish!
NOTE: If you can't boot up normally, retry the process above but check Re-Partition in Odin instead.
Step 4: You are now on the famous N900W8 "happy" (invulnerable) bootloader!
If you just want to obtain root and custom recovery, move on to Step 5 and finish there.
If you want to flash ROMs, move on to Step 6. (NOTE: Yes you can follow Step 6 after Step 5, but if you plan to flash ROMs at the start, you don't have to root your current ROM.)
Step 5: I'm not going to flash ROMs, I just need root and custom recovery....
Download ChainFire's CF-Auto Root: Direct from Chainfire's Website
Download the latest TWRP for N900W8: Nicholas' Database or TWRP Server (Slower)
Turn off your phone and hold the HOME BUTTON + VOLUME DOWN + POWER BUTTON until you see a warning -> Press Down to Continue.
Extract "CF-Auto-Root-hlte-hltexx-smn9005.zip" to a specified folder and ONLY touch the .md5 file, DO NOT TOUCH ANY OTHER FILES.
In Odin's AP area, select "CF-Auto-Root-hlte-hltexx-smn9005.tar.md5"
Click Start
Once it is complete, let your phone fully boot into the lockscreen, the put it in Download Mode again.
In Odin, press Reset, then In Odin's AP area, select "openrecovery-twrp-2.8.3.0-hltecan-4.4.img.tar"
Click Start
Once it is complete, take a Nandroid backup and you have finished this guide! DO NOT PROGRESS FURTHER UNLESS YOU WANT TO FLASH ROMs.
If you can't write to your SD card, follow this guide by @Khizar: http://forum.xda-developers.com/showthread.php?t=2684384
Step 6: I will flash a custom ROM after this....
NOTE: YOU WILL NEED AN EXTERNAL SD CARD FOR THIS AS MOST ROMS WIPE YOUR INTERNAL, MEANING YOU LOSE YOUR INSTALLER PACKAGE WHILE THE AROMA INSTALLER AUTOWIPES, AND THE INSTALL WILL CORRUPT.
Download the latest TWRP for N900W8: TWRP Server
Turn off your phone and hold the HOME BUTTON + VOLUME DOWN + POWER BUTTON until you see a warning -> Press Up to Continue.
In Odin, press Reset, then In Odin's AP area, select "openrecovery-twrp-2.8.3.0-hltecan-4.4.img.tar"
Click Start
Once it is complete, take a Nandroid backup of your current ROM.
Boot into your current ROM and take the Nandroid backup out of your phone's internal storage, and move it into your external SD. [URGENT]
Put your custom ROM you desire into your external SD, in this guide I will be guiding for an N9005 ROM.
Put your custom Kernel you desire into your external SD, you will need an N900T kernel [IMPORTANT, ANY STOCK N9005 KERNEL WILL BREAK WIFI/NFC FUNCTIONALITY] (If AOSP OR S5 ROM, skip this step)
Put this NFC/Wifi/BT fix into your external SD: N900W8 KK WIFI-NFC Fix (NI1 Source).zip -- Thanks a lot @Oogar for the file. (If AOSP OR S5 ROM, skip this step)
Turn off your phone and hold the HOME BUTTON + VOLUME UP + POWER BUTTON until you see "RECOVERY BOOTING..."
Install the three files in this procedure:
Wipe /system, wipe /data, wipe /cache, wipe /dalvik-cache,
FLASH CUSTOM ROM → FLASH N900T KERNEL (SKIP IF AOSP OR S5) → FLASH NFC/WIFI/BT FIX (SKIP IF AOSP OR S5)
Boot up and enjoy! If you have any problems follow this link: http://forum.xda-developers.com/showthread.php?t=2657214
All of this makes alot of sense.
Yesterday I tried flashing the Mexican files, but I was unable to flash over the bootloader. It kept on giving me an error saying auth fail.
I decided to simply flash the AP file, and then the chainfire root file and of course the recovery.
I am now running Xnote without any issues as of yet. I will mention that I didn't have WIFI after booting up, but I installed lean kernel and all is happy now.
Thank you for your informative post.
B.T.W.... knox says 0x0 but it says custom.
Thanks for the info nicholas.
Sent from my SM-G900T using Tapatalk
Doesn't @polish_pat already have a thread similar to this wrote many months ago? -
radicalisto said:
Doesn't @polish_pat already have a thread similar to this wrote many months ago? -
Click to expand...
Click to collapse
His was like @Oogar's thread, informative instructions to GET 0x0, but it's not an updating thread that tells you which firmwares are KNOX exploitable, through the different Canadian firmwares
My thread is to inform people about the latest firmwares that are affectable/non-affectable by KNOX, not teaching people how to get KNOX 0x0. This means I will update this thread whenever there's a new Canadian firmware so that the Canadians will know whether it is safe to update to the latest iteration of updates.
http://forum.xda-developers.com/showthread.php?t=2618633
radicalisto said:
Doesn't @polish_pat already have a thread similar to this wrote many months ago? -
Click to expand...
Click to collapse
im glad somebody took the lead for you guys, i sold my note 3 back when s5 was released and left this forum to migrate on the new. Please feel nicholaschum to use anything in my thread
I miss the note size in a way, if it's made out of anything else but plastic, i will buy it. Hope to see you guys in note 4 forum!!
is safe flash the TRWP recovery on N900W8UBUCNC1?
many thanks in advance
playermty said:
is safe flash the TRWP recovery on N900W8UBUCNC1?
many thanks in advance
Click to expand...
Click to collapse
NC1 is a Mexico firmware. Meaning you're running on the Mexican version of the N900W8.
If you're running the Mexican N900W8 then sorry, it isn't.
If you're running a Canadian N900W8 with the NC1 firmware, with NA2 or NB7 bootloader, then yes, it is safe.
I'm still alive and well, just no time at all to update. I'm even running stock Rogers right now -_-.
As polish_pat said, feel free to use anything in my thread as I lost track and don't want to update the OP while being uninformed.
Oogar said:
I'm still alive and well, just no time at all to update. I'm even running stock Rogers right now -_-.
As polish_pat said, feel free to use anything in my thread as I lost track and don't want to update the OP while being uninformed.
Click to expand...
Click to collapse
polish_pat said:
im glad somebody took the lead for you guys, i sold my note 3 back when s5 was released and left this forum to migrate on the new. Please feel nicholaschum to use anything in my thread
I miss the note size in a way, if it's made out of anything else but plastic, i will buy it. Hope to see you guys in note 4 forum!!
Click to expand...
Click to collapse
Thanks guys! Hope you all are doing well! I'll keep an updated copy of the guide up asap, with pictures and whatnot
I have NA2 bootloaders. Good to know I should be able to flash away without fear of tripping knox. I have been unable to change my modem tho.
OP updated with my take on the guide to get KNOX 0x0.
durangatang said:
I have NA2 bootloaders. Good to know I should be able to flash away without fear of tripping knox. I have been unable to change my modem tho.
Click to expand...
Click to collapse
You should be able to change your modem. Just flash in Odin. Will not trip KNOX {CONFIRMED BY ME - updated from MJ4 modem to NB7}
Will the Mexican NC1 modem work in Canada, or should I stick with NB7? I'm in a basement, so I'd like to try a different/better/newer modem.
Click thanks if I helped you
Sent from my SM-N900W8 using XDA Premium 4 mobile app
sauron82 said:
Will the Mexican NC1 modem work in Canada, or should I stick with NB7? I'm in a basement, so I'd like to try a different/better/newer modem.
Click thanks if I helped you
Sent from my SM-N900W8 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Always use the latest from your region - my code.There's nothing better than what you're meant to be using on your device made for your region.
nicholaschum said:
You should be able to change your modem. Just flash in Odin. Will not trip KNOX {CONFIRMED BY ME - updated from MJ4 bootloader to NB7}
Click to expand...
Click to collapse
Can confirm. Also got the modem to stick.
nicholaschum: you rock man, wicked write up. :good:
twrp: I installed the hlte version successfully, does it matter?(it is slightly newer) sorry if this has been answered elsewhere
xda1zero said:
nicholaschum: you rock man, wicked write up. :good:
twrp: I installed the hlte version successfully, does it matter?(it is slightly newer) sorry if this has been answered elsewhere
Click to expand...
Click to collapse
Actually it does matter. Strange how you got it working.
As the newer version has specific changes for the international variant, it won't matter to you as the Canadian version won't need the new fixes that the international variant needs.
I would just flash the hltecan version through recovery, like an update.
first time using Odin to root.
If I am already on version 4.4.2 and NB7 do i just use step 5 to root, or will I still need to do step 0?
Bootz1987 said:
If I am already on version 4.4.2 and NB7 do i just use step 5 to root, or will I still need to do step 0?
Click to expand...
Click to collapse
As stated on Step 1, if you're already on NB7 you only need to skip to Step 5
EDIT: Yes, I realized I put the download links on Step 0, I switched it with Step 1 hoping it would stop confusion

Test bootloader 910H - possible reset for Knox Warranty?

Hi, guys!
There is on guy on 4pda that has bootloader with the following in Download mode:
Code:
Odin mode
Product Name: SM-N910H
Current Binary: Samsung official
System Status: Custom
Reactivation Lock (KK): OFF
Secure Download: enabled
Knox warranty void: 0
AP SWAEV: 0 (test devise)
I believe that this is test device, and accordingly to Note 3 story it can give a possibility to reset Knox Warranty counter. Could some one of gurus please advice how we can backup and share his bootloader?
Thanks a lot in adnance!
This may help to backup sboot and param. And maybe other can restore with it. But we must be calm. And wait for advanced help.
Wanam tool
https://play.google.com/store/apps/details?id=ma.wanam.partitions
kadiremrah said:
This may help to backup sboot and param. And maybe other can restore with it. But we must be calm. And wait for advanced help.
Wanam tool
https://play.google.com/store/apps/details?id=ma.wanam.partitions
Click to expand...
Click to collapse
The only problem - it requires root. And I don't know yet if that guy has a root. Flashing root with Odin may change warranty bit. Any other idea?
Re flashing stock ROM will replace original bootloader.
I strongly NOT in favor of making backup of bootloader and restore using anything other than Odin. In world of flashing if anything is RISKY it's only and one bootloader. Also I don't believe any method of restoring bootloader other than Odin will work anymore on newer device. Either it will make no effect OR IT CAN BRICK device.
Also If anyone have boot loader with re engineering which reset knox warranty - I do not recommend to try UNLESS you must required to do it.
Say for example your device have something wrong and you needs to send to service station - still you can flash that bootloader if required isn't? Only condition when you cant flash bootloader is
-Faulty USB pin - Who cares for warranty ? It does cost couple of $ why we should take risk for complete device?
-Hard bricked with unable to boot to download mode - How samsung service station can find your Knox status in this condition?
So Flash such bootloader only you really need it when required with own risk.
Thank you very much for advice.
But on Note 3 there was procedure to restore Knox warranty bit exactly by flashing test bootloader with Odin. I just want not to loose possibility to have a solution... Of course, I will think twice before flashing that BL, but at lease we will have some data to explore! Isn't it?
Obviously it's marvelous thing to have possibility to reset knox but only thing I suggest is to use as only real needy case not for fun /experiment.
Sent from my SM-N910G using xda premium
So - any idea on how to copy bootloader?
I furtunately found this gide:
http://forum.xda-developers.com/note-4-verizon/general/guide-vzw-note-4-backup-developer-t2962911
I hope it will help!
Zer0r said:
So - any idea on how to copy bootloader?
Click to expand...
Click to collapse
But why you need to copy bootloader? You can get it from stock ROM file too. simply unzip stock ROM tar.md5 and you will have it.
BTW exynos version requires only one file for bootloader sboot.bin
dr.ketan said:
But why you need to copy bootloader? You can get it from stock ROM file too. simply unzip stock ROM tar.md5 and you will have it.
BTW exynos version requires only one file for bootloader sboot.bin
Click to expand...
Click to collapse
I need to copy bootloader from Developer Edition phone. That bootloader is unlocked. I have access to one of such phones, that is why all thiss mess
Oh ok got it now.
Sent from my SM-N910G using xda premium
So - here is bootloader with param partition. If anybody wants to explore them - you are welcome!
This bootloader is from Test Devirce. It doesn't locked, so any unoficcial actions wit device doesn't affect on Knox Warranty Void bit, it is checked.
Who is going to test it? :laugh:
Is it possible to reset N910C device? Testers waiting for you??
megatooth said:
Who is going to test it? :laugh:
Click to expand...
Click to collapse
Other file should be used for testing, not that. That file can not be flashed via Odin as a bootloader.
I will not post it, because it is a bit risky. And there some backup preparation should be done before flashing. But anyone who wants to be a volonteer - welcome in PM, please.
Well, unfortunately it does nothing. I tested and flashed it on my own device - bootloader has changed, but not to (test device) status, and the Warranty bit was not resetted to 0... But we tried!
I want to thank a man who helped me a lot - @A.S._id.
On Note 3 prosedure was.
* Flash sboot an param
* Reboot download mode again
* Flash stock rom of your region from odin
* Factory reset on stock recovery
* Boot system
* Again download mode
* Re flash stock rom
* Factory reset and boot
This was working on note 3.
Zer0r said:
Well, unfortunately it does nothing. I tested and flashed it on my own device - bootloader has changed, but not to (test device) status, and the Warranty bit was not resetted to 0... But we tried!
I want to thank a man who helped me a lot - @A.S._id.
Click to expand...
Click to collapse
Any news? Sorry for spamming. @Zer0r Did you tried to reflash stock ROM and as well reset factory as the same procedures with Note 3? Post some images from successfull changing Bootloader please. I'm curious to that bootloader too. Mine is 910C.
tuannghia1985 said:
Any news? Sorry for spamming. @Zer0r Did you tried to reflash stock ROM and as well reset factory as the same procedures with Note 3? Post some images from successfull changing Bootloader please. I'm curious to that bootloader too. Mine is 910C.
Click to expand...
Click to collapse
No news, bootloader from test device, which, as we thought clearing warranty bit, didn't clearing...
Here is bootloaders for flashing via odin, one from test device, and different from realise device, you can to try flash them and make sure...
https://yadi.sk/d/IUpILBpjh2JKW
p.s.
as it turned out - the test device has ceased to be a test, after he flashed stock firmware
http://cs3-3.4pda.to/6337019/%C1%E5...d4b8c000000007ac5697c47447c2fe32cb87a6142b1cb
Any update?

TWRP not working with bph6

I just upgraded to the latest G935FXXU1BPH6 using Odin (v3.12.3). With past firmware releases, I was able to load TWRP twrp-3.0.2-2-hero2lte.img.tar using Odin and then proceed to root the phone.
However, with BPH6, TWRP refuses to boot. I try the volume-up+home+power sequence but TWRP recovery never starts. The phone just sits there on the boot screen.
I'm able to recover by re-flashing the BPH6 firmware but this leaves me thinking that the bootloader has changed in BPH6 and twrp 3.0.2-2 is no longer compatible.
1) Anyone else having this issue?
2) Any solutions or workarounds?
3) Do people think it would be safe to dowgrade the bootloader or entire firmware? I'm willing to try it but I'm a little concerned about bricking the phone.
kociubin said:
I just upgraded to the latest G935FXXU1BPH6 using Odin (v3.12.3). With past firmware releases, I was able to load TWRP twrp-3.0.2-2-hero2lte.img.tar using Odin and then proceed to root the phone.
However, with BPH6, TWRP refuses to boot. I try the volume-up+home+power sequence but TWRP recovery never starts. The phone just sits there on the boot screen.
I'm able to recover by re-flashing the BPH6 firmware but this leaves me thinking that the bootloader has changed in BPH6 and twrp 3.0.2-2 is no longer compatible.
1) Anyone else having this issue?
2) Any solutions or workarounds?
3) Do people think it would be safe to dowgrade the bootloader or entire firmware? I'm willing to try it but I'm a little concerned about bricking the phone.
Click to expand...
Click to collapse
In Odin flash an older firmware then reroot and wait for a root update from Chainfire and the TWRP team
I know a couple people that have done that.
"And on that bombshell!"
Sent from my Echoe powered AEL Driven G935F
When I first upgraded to the new firmware, I found the same thing that you did - I wanted to be able to flash custom roms and didn't know when or if TWRP and ROOT was going to be possible with this new firmware - so I used odin and reflashed July's Firmware and I was able to do so without any Issues - so then I decided to try to upgrade the AP/CSC/CP files from the latest update and replaced the bootloader with the bootloader from july's update and it worked.
Good luck - frankly I am Concerned. It appears that the latest bootloader from Samsung is LOCKED - I only hope someone is able to get root and twrp working - and I hope this is not an indication of future issues for rooting samsung phones....
mocsab said:
Good luck - frankly I am Concerned. It appears that the latest bootloader from Samsung is LOCKED - I only hope someone is able to get root and twrp working - and I hope this is not indication of future issues for rooting samsung phones....
Click to expand...
Click to collapse
No it isn't. Korean models had already been incompatible with official TWRP since firmware APG7 and I confirmed it working again when I replaced the kernel inside TWRP with one built from the latest source released by Samsung. So, someone needs to build a new TWRP recovery with BPH6 kernel source and everything will become fine again.
I didnt know that but it is very good news as far as I am concerned.
I have alwasy been fearful that Samsung was going to eventually lock down their international phones like they did to the US Variants - and when this originally happened to me, I started thinking that maybe my worst fears had come true. Thanks for the information....
I have the same question,but i soved it,i Flash the old BL and TWRP can working
BL version :BL_G935FXXU1APGH_CL8252943_QB10274482_REV00_user
Xlim said:
I have the same question,but i soved it,i Flash the old BL and TWRP can working
BL version :BL_G935FXXU1APGH_CL8252943_QB10274482_REV00_user
Click to expand...
Click to collapse
pls send related boot loader download link
same iussue .. some news??
by the way to use root now i put the old firmwere
FARSHOOD said:
pls send related boot loader download link
Click to expand...
Click to collapse
https://www.androidfilehost.com/?fid=24671318762848807
When flashing bootloader in Odin there is an options tab, there are checkboxes - Auto Reboot which is checked - Re-Partiion which is unchecked - and - F.Reset Time which is checked, I flashed new bootlaoder and modem and now my phone will not restart no matter the key combination I press. So Are those checkboxes suppose to be checked off or unchecked

rooting i9505 with XXUPPI1

Hello to all ..
is there any chance to root my S4 with the i9505XXUPPI1 version installed on it Or is there any other Way to Downgrade it to an earlier version and root it thereafter?
greetingz from Germany
HouseMeischda
You could try cfautoroot or flash TWRP and then flash supersu from TWRP.
CF-Auto-Root is your best option.
Thanks for your help.
For all i9505 Users with the same Problem ..
First i've flashed the original I9505XXUHOJ2 Firmware who listed on chainfire's Page, to be on the safe way =). Then i've flashed the cf-root Kernel from Chainfire. After that i installed the newest TWRP recovery and then the Resurrection Remix Rom 5.5.9.
Now i will test everything but seems to be nice till this moment =)
Thread can be closed .. Thanx
BTW, rooting is not required to install TWRP with Odin.
audit13 said:
BTW, rooting is not required to install TWRP with Odin.
Click to expand...
Click to collapse
True. But some people (including me) have had problems getting TWRP to stick with the Odin install.
I had to use an app to flash it when I took to the custom software world.
A user had the same problem few days ago. Also solved it with the app method.
I've never had a problem with getting TWRP or CWM to stick on the s2, s3, s4, note 1, note 2, or note 3 by unchecking auto reboot in Odin before flashing recovery. Once recovery has been flashed, I remove the battery and immediately boot into recovery. I found that not booting into recovery right after flashing will cause the stock recovery to overwrite the custom recovery when the phone boots normally.
Thats right. But in my case and first of all i wanted to test the stock rom with only root Access. But then i decided to install a custom one very quickly =)
After all i installed latest twrp via twrp-app, backed up everything, perform a full wipe and flashed ResurrectionRemix 5.5.9. Now i went to dirty unicorn rom on Android 6.0 base. Very nice performance, very clear Design and absolutely stable.
One more word to overriding the Recovery. In many other Posts, this Problem seems to be normal, if the S4 was already updatet to an official lollipop rom(with the new knox Bootloader, that verifies signatures of recovery and kernel) in the past. I think this issue was not present with kitkat and oder versions.
But with my little detour, i also was not effected from that override
Hope this can help others with similiar reservations who i had before. Not the fear of loosing warranty(because phone is anyway too old) but fear of tripping the bad eFuse and thus hardbricking the phone. BUT WELL DONE !!!
Many thanks for the support .. And greetingz to all =)
There is no eFuse that will hard-brick the S4.
It only has an eFuse for Knox, which simply prevents you from resetting the Knox counter back to 0x0, but it won't hard-brick anything.

Soft Brick Help? (NC2 or NC4)

Recently decided to try the Bootloader unlock.
Thought everything had gone well, it seemed OK.
Flashed TWRP, and now it won't boot.
I'm stuck at the phone telling me to take it to a Verizon store to fix it.
That being said, I can get into download mode and I get the following :
ODEN MODE
PRODUCT NAME : SM-N900V
CURRENT BINARY: SAMSUNG OFFICIAL
SYSTEM STATUS: Custom
KNOX KERNEL LOCK: 0X0
KNOW WARRANTY VOID: 0X1
QUALCOMM SECUREBOOT: ENABLE (CSB)
AP SMREV: S1, T1, R1, A2, P1
WRITE PROTECTION: Enable
UDC START
SYS REV CHECK FAIL : No Version
SECURE MAGICCODE CHECK FAIL : recovery
From all that, it seems that my recovery is not any good (probably from flashing twrp, duh).
I haven't been able to find a NC2 or NC4 flashable recovery anywhere.
Help?
Or am I barking up the wrong tree and do I need something else?
darkhawkff said:
Recently decided to try the Bootloader unlock.
Thought everything had gone well, it seemed OK.
Flashed TWRP, and now it won't boot.
I'm stuck at the phone telling me to take it to a Verizon store to fix it.
Click to expand...
Click to collapse
That "Verizon" message means that you did NOT unlock the bootloader succesfully.
You would normally see [size=+1]MODE: Developer[/size] in the Odin/Download mode screen if you had successfully unlocked.
As a matter of fact, that condition should always be checked for before trying to flash any recovery.
darkhawkff said:
AP SMREV: S1, T1, R1, A2, P1
Click to expand...
Click to collapse
[size=+1]Whoa! HOLD THE PHONE![/size] (Somebody with an older bootloader - MJE or NC2 at the latest)
If you reflash with Odin, USE EITHER MJE or NC4 at most - nothing later than that!
darkhawkff said:
SYS REV CHECK FAIL : No Version
SECURE MAGICCODE CHECK FAIL : recovery
Click to expand...
Click to collapse
I've never seen those messages before, but it's probably because you flashed something either into the boot partition or the recovery partition and your bootloader is not yet unlocked.
darkhawkff said:
From all that, it seems that my recovery is not any good (probably from flashing twrp, duh).
I haven't been able to find a NC2 or NC4 flashable recovery anywhere.
Help?
Click to expand...
Click to collapse
I will help you out. Please stand by. DO NOT FLASH NJ6 NK1 OB6 or OF1.
darkhawkff said:
Or am I barking up the wrong tree and do I need something else?
Click to expand...
Click to collapse
Stand by for more. posting now (quickly) so you don't do something rash.
bftb0 said:
That "Verizon" message means that you did NOT unlock the bootloader succesfully.
You would normally see [size=+1]MODE: Developer[/size] in the Odin/Download mode screen if you had successfully unlocked.
As a matter of fact, that condition should always be checked for before trying to flash any recovery.
[size=+1]Whoa! HOLD THE PHONE![/size] (Somebody with an older bootloader - MJE or NC2 at the latest)
If you reflash with Odin, USE EITHER MJE or NC4 at most - nothing later than that!
I've never seen those messages before, but it's probably because you flashed something either into the boot partition or the recovery partition and your bootloader is not yet unlocked.
I will help you out. Please stand by. DO NOT FLASH NJ6 NK1 OB6 or OF1.
Stand by for more. posting now (quickly) so you don't do something rash.
Click to expand...
Click to collapse
Thanks for the insight. No worries, I was downloading NC4 ATM, but I would prefer NC2 I think, for now. I got no problems waiting...it isn't my 'main' phone anymore. I got a note 5, but I prefer my note 3 for most usage. It's just....nicer....
I appreciate the help greatly though! Finding older files (like NC2) is damn near impossible. If I was at home, it's probably sitting on my file server somewhere, but I don't have access at the moment. Still at work.
I will also note, I did verify prior to trying to bootloader, to ensure the CID started with 0x15, and it does. Checked like 5 times, just to be sure.
And I figured it would.....since I bought this the day it was released. Anyway.....
Thanks!
OK. First things first. Let's examine the state your phone is currently in before you flash anything.
My educated guesses are that (a) your bootloader is NOT unlocked, and possibly (b) the phone is "stuck" always trying to boot into the recovery - which gives you the Verizon screen, or (c) something worse - for example if you flashed the custom recovery into the wrong partition.
The not-unlocked condition means that whatever is trying to be booted (either the recovery partition or the boot partition) has something non-Samsung in it. Either one would give you the Verizon message about unauthorized software.
When the phone boots from a cold startup, it looks at something in NVRAM called the "BCB" - the Boot Communication Block. If it is "empty" it will do the normal thing - try to boot the phone normally, starting with the "boot" partition. But, the BCB can contain other instructions, such as "boot to recovery", or "boot to Odin mode". And experience seems to indicate that the conditions under which the BCB is cleared (i.e., goes back to the default) is a little bit buggy or quirky - so that the phone can get "stuck" always trying to boot either the recovery or Odin/Download mode.
The "three-finger salute" of Vol-Down + Home + Power - which you normally use to start up Odin - seems to clear the BCB when you choose the "Cancel" option (Vol-Down) from that initial splash screen, and it usually will attempt to boot the normal ("boot") partition if you select "Cancel" ( = Vol-Down ).
So FIRST: Pull your battery. Re-insert. Vol-Down+Home+Power until you get that "do you want to install custom software?" screen. Press Vol-Down to cancel.
===> Does your ROM boot correctly?
If so, then you can attempt to unlock again without any flashing. I suppose you are still rooted if your phone still boots.
===> If your ROM still boots, please report it's exact firmware version. It makes a big difference whether it is a M-series or an N-series. (Note: I am asking about the bootloader firmware, not the ROM version).
If your ROM does not boot, then you are going to have to use Odin in one way or another.
I can help you out with that and point you at the correct custom recovery, depending on which bootloader firmware you want to end up with. (Especially if you have a copy of the NC2 firmware at home (it's the only one I don't have).) DON'T FLASH NJ6 OR ABOVE IN ODIN - yet. (Towelroot V3 is trivially easy on anything from MI9 through NC4, and rooting appears to be a pain in the rear beyond that)
let me know what you find.
darkhawkff said:
I will also note, I did verify prior to trying to bootloader, to ensure the CID started with 0x15, and it does. Checked like 5 times, just to be sure.
And I figured it would.....since I bought this the day it was released.
Click to expand...
Click to collapse
That certainly is a mandatory prerequisite to success. But it doesn't mean that something won't go wrong during the unlock process. To be sure, just boot into Odin mode after you think everything has succeeded and look for that "MODE: Developer" message on the Odin screen to verify that the unlock process succeeded.
There are a couple different versions of the unlocker binary in that Unlock thread, and most of the variations have to do with how the program went about reading the CID value out of the volatile filesystem /sys during initial sanity checks. As that location seemed to change from firmware release to release, there was some dependency between the unlock binary version and the OS release level of the rooted ROM it was used on. So a "safety check" in the code was what was making it non-portable; the actual CID change and binary patching of the "aboot" partition was the same in every version.
I might have used @donc113's original variant (post #218) when I was on MJE. If you are rooting with M* or N* ROM firmware, that version should work.
The other thing that happened was that (I think?) someone released an app that was really just a wrapper around the binary file. That had the unfortunate side effect of hiding the status and error messages the unlock binary produces if someone happened to use it on the wrong OS version. It's possible that someone that is rooted could slip a different version of the "unlock" binary underneath that app (in it's appropriate /data/data/* location), but that's asking a lot from people who gravitate towards using "one click" apps.
You didn't mention whether you were using the app or just the command line. If it was the latter I think that careful inspection of the unlock binary's output would have indicated success or failure.
Anyway, some TWRP custom recovery links:
TWRP for hltevzw
If you have a M* series bootloader use the -4.3.img recoveries, otherwise use -4.4 for N*, O*, or P* firmware
(The AryaMod ROM uses the Aroma installer, which apparently needs the twrp-2.8.7.0-hltevzw version, not the twrp-3.0.2-0-hltevzw. So... grab both of them)
PS I recently "upgraded" my bootloader from MJE to NC4. I did this because the M* series bootloader is incompatible with later kernels (due to technical issues about how the "DTB" (Device Tree Blob) attached to the kernel is parsed and initialized by the bootloader). I probably would have gone with NC2 instead of NC4, but all the links for the NC2 leak firmware were dead. At least NC4 is easy to root with Towelroot v3, and so far I've been able to boot and run not only lolipop roms (e.g. CM13) but a marshmallow rom (AryaMod) without major troubles. So I have an Odin-back-to-stock method for device recovery that is easily rootable (in contrast to NJ6, NK1, or PL1 which have no root method, or OB6/OF1 which have crufty/difficult rooting methods (& perhaps dodgy too)).
.
Any chance of just using Odin and flashing a stock recovery image? Rather than killing the entire os too?
I can't find just a recovery image though.
darkhawkff said:
Any chance of just using Odin and flashing a stock recovery image? Rather than killing the entire os too?
Click to expand...
Click to collapse
That works when the bootloader is unlocked (even with unsigned recoveries such as TWRP). Not sure about the locked case.
Code:
tar -H ustar -c -f my_recovery_only_Odin_bundle.tar recovery.img
md5sum my_recovery_only_Odin_bundle.tar >> my_recovery_only_Odin_bundle.tar
mv my_recovery_only_Odin_bundle.tar my_recovery_only_Odin_bundle.tar.md5
Note that the above technique for preparation of Odin flashables isn't restricted to adding just a single file. For instance, someone that had a bootlooping stock ROM in need of repair could probably create a tar.md5 bundle that only contained "boot.img" and "system.ext4.img"* Note that when Odin does the MD5 checking, it wants the filename to be unchanged (other than the .md5 extension). So don't change the name of the .tar.md5 file to something else or the MD5 check in Odin will fail.
darkhawkff said:
I can't find just a recovery image though.
Click to expand...
Click to collapse
It's inside the stock Odin tar.md5 bundle. Just extract it.
Is it even important at the moment? So long as your phone boots normally, what's in the recovery partition simply doesn't matter
Did you try the Vol-Down+Home+Power startup (followed by Cancel == Vol-down) that I suggested above? What happens?
.
* There is one place where partial firmware flashes would be extremely ill-advised: if you were flashing a bootloader (dear lord why?) ALL five pieces (aboot.mbn, sbl1.mbn, rpm.mbn, tz.mbn, sdi.mbn) need to be flashed as a group all in one go
Yup. Just tried that finally (was busy at work).
Fixed. I'm unlocked bootloader.
Yup, I'm still on NC2 (not that it's a surprise).
Still haven't been able to find the files at home. I thought I might have them saved somewhere, but apparently not. Still have 1 or 2 places to look, but I'm going to guess that I don't have it anywhere.
darkhawkff said:
Yup. Just tried that finally (was busy at work).
Fixed. I'm unlocked bootloader.
Yup, I'm still on NC2 (not that it's a surprise).
Still haven't been able to find the files at home. I thought I might have them saved somewhere, but apparently not. Still have 1 or 2 places to look, but I'm going to guess that I don't have it anywhere.
Click to expand...
Click to collapse
hope I helped.
Make a backup of your current ROM in TWRP and get it off the phone into a safe place. Then you will feel free to experiment with different ROMs as time allows. I would also suggest it is really a good idea to save that "debrick" image on the SD card in case a utter disaster happens (probably you will never use it though).
(before reformatting the SD card to get it back to usefulness)
Code:
dd if=/dev/block/mmcblk1 bs=4096 count=65536 of=/data/local/debrick.img
(or, too-late... get a debrick image with the modded "aboot" partition unlocked bootloader)
Code:
dd if=/dev/block/mmcblk0 bs=4096 count=65536 of=/sdcard/debrick.img
I'll archive the NC2 if you can find it (send me a PM) even though I can't use it any longer as I recently flashed NC4 bootloader. I have all the other firmware releases, just not that one.
The NC2 (leak) engineering bootloader appeared at a time when the kernel DTB blobs were changing structure; hopefully it is able to boot all later kernels. Please drop a note somewhere in these forums if you discover problems booting newer kernels - whether custom or stock. As I mentioned, if NC2 won't work, NC4 seems decent enough so far and it preserves a full-stock Odin recovery/rescue to a ROM version which is easily rooted with Towelroot v3
As to modems, I've done a few pairings of my flashable-stock ROMs with different modem releases (see the flashable stock thread for downloads) and - strangely - the NC4 modem won't work at all with NJ6 or NK1 (no service) kernels/ROMs, but it will work with later kernels/ROMs e.g. OB6-PL1. Just mentioning it because the NC2 modem might behave in a similar strange fashion since it is of the same vintage. I haven't had any troubles flashing modems up-version or down-version.
.
Well, all great!
I got Aryamod installed and going well.
NC2 bootloader yet too! TWRP obviously installed and OK, with 2.8.7 I believe. Installing apps now.
It really makes a difference with this phone too. I'm quite surprised by it to be honest.
All I know, is I might actually switch back to using my note 3 instead of my note 5 as my daily driver again.
Thank you again for the help. I really appreciate it.
darkhawkff said:
Well, all great!
I got Aryamod installed and going well.
NC2 bootloader yet too! TWRP obviously installed and OK, with 2.8.7 I believe. Installing apps now.
It really makes a difference with this phone too. I'm quite surprised by it to be honest.
All I know, is I might actually switch back to using my note 3 instead of my note 5 as my daily driver again.
Thank you again for the help. I really appreciate it.
Click to expand...
Click to collapse
Good deal.
AryaMod is a pretty nice ROM. Marshmallow FTW!
(I'm glad I bought a device with 3GB of RAM.)
Could you please message me at [email protected] I tried to root my sm-n900v note 3 on 5.0 and it's soft bricked. I can't get Odin to flash..keeps failing. I need to talk to someone just bought it week ago man.

Categories

Resources