Related
Hello. My name is Poise, and I'm a victim of EFS Corruption.
I know, laugh it up.
Anyways, you're either here because you don't know what the EFS is and you wanna know, you ruined your EFS and you're looking for redemption, or you just wanna see me ramble. Whichever the case, I figured I'd write this so nobody else has to deal with the looming fear of your 300 dollar phone with infamously-bad customer support becoming a worthless, barely functioning phone, if not a big 300 dollar brick.
Before I go on, I wanna mention that this guide applies for most if not all phones, not necessarily just the OPO. So if anyone is losing their mind over a corrupted or lost EFS partition, this should get them on the right track to at least understanding the problem.
BACKGROUND: AKA "WHAT IS THE EFS AND WHY DO I EVEN CARE"
EFS stands for Encrypted File System. Imagine the EFS as a big folder containing all of the important stuff that makes the "phone" part of your phone (i.e. what lets you communicate from one person with a phone to another) tick. It contains your IMEI, lots of files revolving around your SIM card and Wifi/Bluetooth (this includes your MAC address for all the radios of your phone), and lots of other things that should never ever under any circumstance be deleted or touched. It's sensitive, it's devastatingly important, and it's a huge pain. If you lose your EFS folder, you lose pretty much any chance of your phone being able to use data, Wifi, Bluetooth, and (in my case) your phone will just not wanna respond and reboot quite a lot.
CHAPTER 1: AKA "THAT SOUNDS LIKE GARBAGE HOW CAN I FIX THIS"
So, like all nice and important things that we have on Android, we can back this folder up, assuming you're rooted and with a custom recovery (though quite frankly if you're not rooted/installing ROMs I have zero idea how you'd corrupt your EFS). I'd recommend doing it through a nandroid backup (TWRP usually has the option to backup EFS, if not there's an unofficial version for bacon that can), but there are other apps that do the job quite nicely. Backing up your EFS is just as essential as backing up your previous ROM; in fact, backing up your EFS is MILES MORE ESSENTIAL because you can just flash a ROM over a corrupted system to get it working. There is no "flashable EFS"; if it were that easy, it wouldn't be so sensitive, and I wouldn't be writing this guide.
CHAPTER 2: AKA "I'M SUPER CAREFUL BRO I'LL NEVER MESS UP MY EFS PARTITION, WHY BOTHER"
Do it anyways.
I installed a ROM, realized my gapps package was screwed up, restored a CM13 backup, and realized my SIM card wasn't being detected. My phone would lag like hell, and after a while it'd just crash and reboot. I had no IMEI, I had no SIM card detection. I knew exactly what it meant. It wasn't fun to restore it.
If ROM installations were perfect, we wouldn't really have to backup anything. But, sometimes a hiccup will occur, something will touch something else that it shouldn't, and chaos ensues. So, if you don't wanna take 4 hours out of your day to hope to Christ that you didn't royally ruin your phone and the restoring method worked, just back it up. It's like, 3MB and it'll save so much frustration. Honestly.
CHAPTER 3: AKA "YEAH ABOUT THAT MY EFS IS ALREADY CORRUPTED, PLS HELP"
Congrats, you did it! Don't feel too bad, it happens to the best of us. :crying:
Fixing an EFS on the Oneplus One is pretty easy, but really time consuming and riveting because it might not 100% of the time work. You'll need the following:
Some sort of ADB/fastboot program. I use Minimal ADB and Fastboot, which rarely has any problems, but you can use whatever as long as it'll talk to your device.
Your near-dead Oneplus One.
A few hours of your time.
Some sort of backup of your data, you'll be factory resetting.
OxygenOS. Preferrably, a package that can be flashed in TWRP. I won't find that for you.
An unlocked bootloader. I cannot stress how important this is. If you don't know what this is, do some research before trying to fix your ruined EFS. Again, how you'd have even ruined it with a locked bootloader is beyond me...
TWRP 2.8.6.0. Yes, it has to be this version; this is the only one that can install firmware correctly. The unofficial modified 2.8.7.0 might be able to, but I'm not about to try it.
Competence and good reading skills. Do everything exactly as I wrote it.
Some knowledge on how flashing a ROM works.
A modified persist.img file that we'll be flashing. You can find it in this thread. Download the Never Settle package and take out the persist.img file; we don't care about the rest. Whether this is mandatory or not, I don't know, but I used it and it worked fine so I'll include it. If anyone tries this without the persist file and it works, let me know. Thanks a ton to markbensze for making this, he saved my skin.
Now for how it's done:
To start, we gotta put your phone into fastboot mode. Do this by holding the power button and the up volume button as you're turning your phone on. You'll know it worked when the phone very dimly says "Fastboot Mode".
Plug your phone into your computer. Let it do any driver stuff it has to, then open your ADB/Fastboot program. Type "fastboot devices", if you see a bunch of letters/numbers with the word "fastboot" a few spaces away, you're set.
Seriously, if your bootloader isn't unlocked, you gotta do that. This will wipe EVERTHING from your phone, including any backups. I won't cover that mess, there's trillions of guides for that.
Type the following commands:
Code:
fastboot erase modemst1
fastboot erase modemst2
fastboot erase persist
This erases a bunch of partitions that have to do with the EFS. They all regenerate themselves, but as an added precaution we're gonna flash that persist.img you got from the thread in the "what you need" list. In order to do this, enter the following command:
Code:
fastboot flash persist [location to your persist.img on your computer]
If all goes well, you'll get a handy success message and you can get out of fastboot mode by holding down the power button until it turns off.
Now, reboot to recovery; do this by holding the power button and holding the down volume button as you turn your phone on, until you see the TWRP splash screen.
How you do this next step is up to you; you can use the built-in MTP to transfer the Oxygen OS file over from your computer to your phone, or you can use ADB sideload. If you don't know how sideload works, just transfer it over.
Factory reset as you would installing a normal ROM, and flash Oxygen OS through the install menu/sideload/however you wanna. Let it fully install.
Reboot. Let it boot, pray to the EFS gods that they'll give you their blessing, and check if your SIM card gets detected.
If it did, congradulations! Your EFS is working. Now, go make a backup while you can.
Very glad that you made a guide about it. I didn't f*** up my phone though, but I truly got the importance of backing up the EFS. Also, got to know about it a bit more.
Thanks!
I have a feeling this is going to come in handy with my project OPO... good stuff man thanks
It worked. After I did this I kept getting boot Loops what was progress on this phone. I did the factory reset in recovery. Let it bootloop some more. Went back to recovery and fixed selinux permissions. Boot Loops again, went back to recovery wipe the dalvik. now it freaking works.
First off, great guide.
But after following this, despite having my IMEI shown previously, my baseband and my imei are now gone. I was told to use this guide to try and fix my data connection problems as it seemed something was wrong with my EFS partition, but it seems following this has left me worse off.
Any suggestions to what else I could do?
Is there a stock oxygen OS file kicking around somewhere? I tried searching for them, but most are modified by other people. One of them hardbricked my phone (the ported Oneplus X oxygen os), so I'd rather not further experiment with other modified ones. I used another OxygenOs file, but despite booting, it didn't fix the baseband or IMEI problem.
I tried doing this but using stock CM13.1.2 instead of OxygenOS, but it didn't fix the problem either. So any other suggestions?
Edit: Nvm, found the official from the OnePlus website, I'm an idiot, going to try doing this with Oxygen to see what happens.
FAILED (remote: Partition flashing is not allowed)
OnePlus 3t with TWRP BlueSpark 3.2.1 recovery.
I am open to flash Roms with TWRP with no problem but I am not able to flash persist.zip (TWRP version) it says it flash but folder doesn't appear and your instructions via fast boot I get the following error.
C:\Program Files (x86)\Minimal ADB and Fastboot>fastboot flash persist c:\android\persist.zip
target reported max download size of 435159040 bytes
sending 'persist' (344 KB)...
OKAY [ 0.036s]
writing 'persist'...
FAILED (remote: Partition flashing is not allowed) <------ Problem here or or is my partition on my phone messed up?
finished. total time: 0.057s
I any suggestions for fixing my WiFi/Bluetooth problem?
Fastboot commands not working, ADB way of doing it?
PlayingPoise said:
Hello. My name is Poise, and I'm a victim of EFS Corruption.
I know, laugh it up.
Anyways, you're either here because you don't know what the EFS is and you wanna know, you ruined your EFS and you're looking for redemption, or you just wanna see me ramble. Whichever the case, I figured I'd write this so nobody else has to deal with the looming fear of your 300 dollar phone with infamously-bad customer support becoming a worthless, barely functioning phone, if not a big 300 dollar brick.
Before I go on, I wanna mention that this guide applies for most if not all phones, not necessarily just the OPO. So if anyone is losing their mind over a corrupted or lost EFS partition, this should get them on the right track to at least understanding the problem.
BACKGROUND: AKA "WHAT IS THE EFS AND WHY DO I EVEN CARE"
EFS stands for Encrypted File System. Imagine the EFS as a big folder containing all of the important stuff that makes the "phone" part of your phone (i.e. what lets you communicate from one person with a phone to another) tick. It contains your IMEI, lots of files revolving around your SIM card and Wifi/Bluetooth (this includes your MAC address for all the radios of your phone), and lots of other things that should never ever under any circumstance be deleted or touched. It's sensitive, it's devastatingly important, and it's a huge pain. If you lose your EFS folder, you lose pretty much any chance of your phone being able to use data, Wifi, Bluetooth, and (in my case) your phone will just not wanna respond and reboot quite a lot.
CHAPTER 1: AKA "THAT SOUNDS LIKE GARBAGE HOW CAN I FIX THIS"
So, like all nice and important things that we have on Android, we can back this folder up, assuming you're rooted and with a custom recovery (though quite frankly if you're not rooted/installing ROMs I have zero idea how you'd corrupt your EFS). I'd recommend doing it through a nandroid backup (TWRP usually has the option to backup EFS, if not there's an unofficial version for bacon that can), but there are other apps that do the job quite nicely. Backing up your EFS is just as essential as backing up your previous ROM; in fact, backing up your EFS is MILES MORE ESSENTIAL because you can just flash a ROM over a corrupted system to get it working. There is no "flashable EFS"; if it were that easy, it wouldn't be so sensitive, and I wouldn't be writing this guide.
CHAPTER 2: AKA "I'M SUPER CAREFUL BRO I'LL NEVER MESS UP MY EFS PARTITION, WHY BOTHER"
Do it anyways.
I installed a ROM, realized my gapps package was screwed up, restored a CM13 backup, and realized my SIM card wasn't being detected. My phone would lag like hell, and after a while it'd just crash and reboot. I had no IMEI, I had no SIM card detection. I knew exactly what it meant. It wasn't fun to restore it.
If ROM installations were perfect, we wouldn't really have to backup anything. But, sometimes a hiccup will occur, something will touch something else that it shouldn't, and chaos ensues. So, if you don't wanna take 4 hours out of your day to hope to Christ that you didn't royally ruin your phone and the restoring method worked, just back it up. It's like, 3MB and it'll save so much frustration. Honestly.
CHAPTER 3: AKA "YEAH ABOUT THAT MY EFS IS ALREADY CORRUPTED, PLS HELP"
Congrats, you did it! Don't feel too bad, it happens to the best of us. :crying:
Fixing an EFS on the Oneplus One is pretty easy, but really time consuming and riveting because it might not 100% of the time work. You'll need the following:
Some sort of ADB/fastboot program. I use Minimal ADB and Fastboot, which rarely has any problems, but you can use whatever as long as it'll talk to your device.
Your near-dead Oneplus One.
A few hours of your time.
Some sort of backup of your data, you'll be factory resetting.
OxygenOS. Preferrably, a package that can be flashed in TWRP. I won't find that for you.
An unlocked bootloader. I cannot stress how important this is. If you don't know what this is, do some research before trying to fix your ruined EFS. Again, how you'd have even ruined it with a locked bootloader is beyond me...
TWRP 2.8.6.0. Yes, it has to be this version; this is the only one that can install firmware correctly. The unofficial modified 2.8.7.0 might be able to, but I'm not about to try it.
Competence and good reading skills. Do everything exactly as I wrote it.
Some knowledge on how flashing a ROM works.
A modified persist.img file that we'll be flashing. You can find it in this thread. Download the Never Settle package and take out the persist.img file; we don't care about the rest. Whether this is mandatory or not, I don't know, but I used it and it worked fine so I'll include it. If anyone tries this without the persist file and it works, let me know. Thanks a ton to markbensze for making this, he saved my skin.
Now for how it's done:
To start, we gotta put your phone into fastboot mode. Do this by holding the power button and the up volume button as you're turning your phone on. You'll know it worked when the phone very dimly says "Fastboot Mode".
Plug your phone into your computer. Let it do any driver stuff it has to, then open your ADB/Fastboot program. Type "fastboot devices", if you see a bunch of letters/numbers with the word "fastboot" a few spaces away, you're set.
Seriously, if your bootloader isn't unlocked, you gotta do that. This will wipe EVERTHING from your phone, including any backups. I won't cover that mess, there's trillions of guides for that.
Type the following commands:
Code:
fastboot erase modemst1
fastboot erase modemst2
fastboot erase persist
This erases a bunch of partitions that have to do with the EFS. They all regenerate themselves, but as an added precaution we're gonna flash that persist.img you got from the thread in the "what you need" list. In order to do this, enter the following command:
Code:
fastboot flash persist [location to your persist.img on your computer]
If all goes well, you'll get a handy success message and you can get out of fastboot mode by holding down the power button until it turns off.
Now, reboot to recovery; do this by holding the power button and holding the down volume button as you turn your phone on, until you see the TWRP splash screen.
How you do this next step is up to you; you can use the built-in MTP to transfer the Oxygen OS file over from your computer to your phone, or you can use ADB sideload. If you don't know how sideload works, just transfer it over.
Factory reset as you would installing a normal ROM, and flash Oxygen OS through the install menu/sideload/however you wanna. Let it fully install.
Reboot. Let it boot, pray to the EFS gods that they'll give you their blessing, and check if your SIM card gets detected.
If it did, congradulations! Your EFS is working. Now, go make a backup while you can.
Click to expand...
Click to collapse
Is there a way to replicate your 3 fastboot commands, using ADB? My bootloader is unlocked and running the latest TWRP recovery 3.2.2
My results via fastboot
"
fastboot erase modemst1
erasing 'modemst1'...
FAILED (remote: Partition flashing is not allowed)
finished. total time: 0.024s
"
I have a Samsung Galaxy Note 2 phone with a broken logic board. I need to replace, but I may need to change the IMEI of the replacement board with my old phone's IMEI if I buy the replacement board from China.
Does the IMEI number pass to the other phone if I restore my Twrp backup which contains all partitions (more specifically the EFS partition), over this motherboard? Does it solve my problem.
Any chance to get an upload of the file needed??
Same EFS partition over time ? after updating Android ?
Thx a lot, this has saved me a lot of troubles ^^
Was just wondering, is the EFS partition always the same over time ? modemst1 & modemst2 files are the same for all Android/OxygenOS version ?
I've backed up mine under OxygenOS 3.2.8 and I was wondering if i could still use it to restore the EFS partition if anything goes wrong ?
PS : Sorry for my bad english, it's not my native language ^^
---------- Post added at 09:28 PM ---------- Previous post was at 09:26 PM ----------
crenshaw1979 said:
Is there a way to replicate your 3 fastboot commands, using ADB? My bootloader is unlocked and running the latest TWRP recovery 3.2.2
My results via fastboot
"
fastboot erase modemst1
erasing 'modemst1'...
FAILED (remote: Partition flashing is not allowed)
finished. total time: 0.024s
"
Click to expand...
Click to collapse
You can find how to do it on this thread : https://www.theandroidsoul.com/fix-...d-wifibluetooth-issues-restoring-twrp-backup/
EFS / Modem backup option gone?
hey there :]
I want to backup my phone. In TWRP I had the option to backup EFS and modem partitions. I decided to upgrade TWRP, since my version (3.2.x) was older than the most recent (3.4). After flashing the .img from inside TWRP, everything function as expected... however, the option to backup EFS and Modem is gone.
I downgraded to older version of TWRP, but TWRP still does not show the option for EFS and modem backups.
recovery.log, that was created when I made the TWRP backup lists "Unable to locate '/modem_st1' partition for backup calculations."
What did I do wrong? Does bacon require some extra step to unlock EFS and modem access for TWRP?
Does this method work with lgv60 snapdragon 865 unlocked bootloader ?
Whenever I get a new device , on day number one I always backup my efs partitions.. I use termux app from my device and type:
su (push enter)
Then I type these in one by one in termux and grab the two files off my device's sdcard and upload them to a cloud and transfer them both to my PC and/or a thumb drive.
dd if=/dev/block/sdf2 of=/sdcard/modemst1.bin bs=2048
(push enter)
dd if=/dev/block/sdf3 of=/sdcard/modemst2.bin bs=2048
(enter)
If ever I lose my IMEI these can be fastboot flashed back and restored that way. This info I first came across over on Funk Wizard's XDA guide thread for OnePlus 6t. Works great. Only thing is now I'm a retired crack flasher so my days/years of installing everything available for my device are most definitely over and that's how I always lost mine back in the Nexus days... During an installation of only God knows what back then. Still much better to be safe than sorry and have an expensive paper weight for a phone if ever something does happen.
I have created a set of Windows scripts (.cmd files) to backup/restore selected partitions via emmcdl utility (a part of android-host-knife project).
Tested on RN3P but may be used with other Qualcomm-based devices.
emmcdl uses "firehose" module to interact with device's eMMC in 9008/EDL mode. With prog_emmc_firehose_8976_ddr.mbn from the "fastboot" firmware, can read/write partition table and any partition (including non-volatile ones, like modemst1/2, fsg etc.).
With this selected partition list, successfully restored phone's IMEI, MAC addresses and bootloader unlock status after accidental damaging the memory.
Can be used to create rawprogram0.xml file to flash images via MiFlash (recommended) or another Qualcomm utility.
!!! Not for beginners! If you don't know what is a "partition", "image" etc., please don't use this toolset until learning about that.
Do create a basic guide.
Will help a lot of em
Sent from my Redmi Note 3 using Tapatalk
Navi44 said:
Do create a basic guide.
Click to expand...
Click to collapse
Don't want to create a guide for beginners, like "click here and have fun". Since this process is dangerous, a user should have some knowledge, experience, and be careful.
emuzychenko said:
Don't want to create a guide for beginners, like "click here and have fun". Since this process is dangerous, a user should have some knowledge, experience, and be careful.
Click to expand...
Click to collapse
Some are ready to learn and take risks.
Anyways, it's all your choice.
Sent from my Redmi Note 3 using Tapatalk
I'm just trying to restore all partitions on my kate variant, i wiped every partition described in this thread:
https://forum.xda-developers.com/redmi-note-3/how-to/partition-layout-snapdragon-t3530412
It was an atempt to solve a weird bug after tons of flashes, i wiped them again and tried to flash the firmware using miflash in edl mode and nothing happens, it says flash successful but the phone is stuck booting in the MI logo part with the 3 dots.
My phone has locked bootloader, also i wiped those partitions performing an unofficial unlock.
I have the qcn file for the IMEIs.
The question... how to use the file from the OP's post?
If anybody can help me it will be appreciated.
Thank you for your time.
avercros said:
I'm just trying to restore all partitions on my kate variant, i wiped every partition described in this thread:
https://forum.xda-developers.com/redmi-note-3/how-to/partition-layout-snapdragon-t3530412
It was an atempt to solve a weird bug after tons of flashes, i wiped them again and tried to flash the firmware using miflash in edl mode and nothing happens, it says flash successful but the phone is stuck booting in the MI logo part with the 3 dots.
My phone has locked bootloader, also i wiped those partitions performing an unofficial unlock.
I have the qcn file for the IMEIs.
The question... how to use the file from the OP's post?
If anybody can help me it will be appreciated.
Thank you for your time.
Click to expand...
Click to collapse
It can take 10-15 minutes on first boot from miflash. if the dots are animated just go make some food and wait.
also make sure you do it like this : flash global stable FASTBOOT rom in edl mode with miflash, make sure you replace bootloader before you flash with unlocked one (emmc_appsboot.mbn) then reboot to fastboot when you see "successful" msg(hold vol down and power until you see fastboot), then "fastboot flash recovery recovery_zcx.img" then "fastboot boot recovery_zcx.img" i recommend zcx because it will automatically patch dm-verity... when zcx recovery boots, reboot to system. after you boot once into miui you can flash whatever recovery you want through twrp
the names are generic make sure to name your recovery image properly...
fastboot-edl to enter edl from fastboot mode - https://drive.google.com/open?id=0B2w-p-CP_G3FM1pCcG1JT0lfRUk
fastboot rom list - http://en.miui.com/a-234.html
zcx 917 - https://drive.google.com/file/d/0B2w-p-CP_G3FcHJRVTZHSjlNU3M/view?usp=drivesdk
unlocked emmc_appsboot.mbn - https://drive.google.com/file/d/0B2w-p-CP_G3FaXVFdWp1ODJOQm8/view?usp=drivesdk
miflash 64 bit with miphone drivers - https://drive.google.com/open?id=0B2w-p-CP_G3FRHR5UEp5TUMwemM
pabloa2 said:
It can take 10-15 minutes on first boot from miflash. if the dots are animated just go make some food and wait.
also make sure you do it like this : flash global stable FASTBOOT rom in edl mode with miflash, make sure you replace bootloader before you flash with unlocked one (emmc_appsboot.mbn) then reboot to fastboot when you see "successful" msg(hold vol down and power until you see fastboot), then "fastboot flash recovery recovery_zcx.img" then "fastboot boot recovery_zcx.img" i recommend zcx because it will automatically patch dm-verity... when zcx recovery boots, reboot to system. after you boot once into miui you can flash whatever recovery you want through twrp
fastboot rom list - http://en.miui.com/a-234.html
zcx 917 - https://drive.google.com/file/d/0B2w-p-CP_G3FcHJRVTZHSjlNU3M/view?usp=drivesdk
unlocked emmc_appsboot.mbn - https://drive.google.com/file/d/0B2w-p-CP_G3FaXVFdWp1ODJOQm8/view?usp=drivesdk
Click to expand...
Click to collapse
I tried this and the phone keeps stuck in booting.
I think that the last hope for this is a full partition repair or sell it for spare parts :/
avercros said:
I tried this and the phone keeps stuck in booting.
I think that the last hope for this is a full partition repair or sell it for spare parts :/
Click to expand...
Click to collapse
one final thing even though i mentioned it already, you must make sure your phone has dm-verity patched before you boot if you plan on using custom recovery. if you don't use zcx to automatically patch it then you need to install something like lazy patcher before you boot miui the first time. make sure you follow directions carefully. if your phone still isnt booting after 15 minutes (yes it can take that long) then you're out of luck, but i have a strong suspicion that your phone is not bricked.... a hard bricked phone will show no signs of life whatsoever, no leds, no screen, nothing. you must use testpoint method to enter qdloader mode at that point but your phone is not hard-bricked.
pabloa2 said:
one final thing even though i mentioned it already, you must make sure your phone has dm-verity patched before you boot if you plan on using custom recovery. if you don't use zcx to automatically patch it then you need to install something like lazy patcher before you boot miui the first time. make sure you follow directions carefully. if your phone still isnt booting after 15 minutes (yes it can take that long) then you're out of luck, but i have a strong suspicion that your phone is not bricked.... a hard bricked phone will show no signs of life whatsoever, no leds, no screen, nothing. you must use testpoint method to enter qdloader mode at that point but your phone is not hard-bricked.
Click to expand...
Click to collapse
Not working, i've done everything following your post, my phone only shows the MI logo and now it's blinking, it does not boot.
This is in the wrong section.
emuzychenko said:
I have created a set of Windows scripts (.cmd files) to backup/restore selected partitions via emmcdl utility (a part of android-host-knife project).
Tested on RN3P but may be used with other Qualcomm-based devices.
emmcdl uses "firehose" module to interact with device's eMMC in 9008/EDL mode. With prog_emmc_firehose_8976_ddr.mbn from the "fastboot" firmware, can read/write partition table and any partition (including non-volatile ones, like modemst1/2, fsg etc.).
With this selected partition list, successfully restored phone's IMEI, MAC addresses and bootloader unlock status after accidental damaging the memory.
Can be used to create rawprogram0.xml file to flash images via MiFlash (recommended) or another Qualcomm utility.
!!! Not for beginners! If you don't know what is a "partition", "image" etc., please don't use this toolset until learning about that.
Click to expand...
Click to collapse
Thanks for the thread..
Is there some insight to create "rawprogram0.xml" from this tool? I've try to execute it to see if there's any command list but only have "parttable.txt not found" message.
emuzychenko said:
I have created a set of Windows scripts (.cmd files) to backup/restore selected partitions via emmcdl utility (a part of android-host-knife project).
Tested on RN3P but may be used with other Qualcomm-based devices.
emmcdl uses "firehose" module to interact with device's eMMC in 9008/EDL mode. With prog_emmc_firehose_8976_ddr.mbn from the "fastboot" firmware, can read/write partition table and any partition (including non-volatile ones, like modemst1/2, fsg etc.).
With this selected partition list, successfully restored phone's IMEI, MAC addresses and bootloader unlock status after accidental damaging the memory.
Can be used to create rawprogram0.xml file to flash images via MiFlash (recommended) or another Qualcomm utility.
!!! Not for beginners! If you don't know what is a "partition", "image" etc., please don't use this toolset until learning about that.
Click to expand...
Click to collapse
Thanks man !
This tool was a big help for my other device (LYF) based on qualcomm.
it's one of a kind..couldn't find anything similar & easy on internet.
don't know why this thread is not popular given that lot of people want the things this tool can easily do, may be they are reluctant to go over edge and try on own.
Anyway thanks a lot again & Keep good work
Qullcomm device
Hello sir I have erased perist on my device accidentally and my device is Redmi 4x I have tried to restore my persist partion on my device via emmcdl utility when I enter first command emmcdl -1
It's show my device port com 5 and when I entered second command
emmcdl -p COM5 -f prog_emmc_firehose_8937_ddr.mbn -e persist -o persist.img it's showing error failed to write hello response back to device and didn't receive Sahara hello packet from the device and some thing like that. the error also show when I disconnected my device from pc. Please anyone help me.thankyou
Dbdbsss said:
Hello sir I have erased perist on my device accidentally and my device is Redmi 4x I have tried to restore my persist partion on my device via emmcdl utility when I enter first command emmcdl -1
It's show my device port com 5 and when I entered second command
emmcdl -p COM5 -f prog_emmc_firehose_8937_ddr.mbn -e persist -o persist.img it's showing error failed to write hello response back to device and didn't receive Sahara hello packet from the device and some thing like that. the error also show when I disconnected my device from pc. Please anyone help me.thankyou
Click to expand...
Click to collapse
Have u unlocked ur bootloader.
If yes then
Put phone in fastboot mode.
Flash persist img using fastboot command
fastboot flash persist persist.img
Or use advance twrp and flash persist.img in persist partition.
rawprogram0.xml
how to create a rawprogram0.xml which contains all partitions?
i am much willing to learn more about this,
feel free to message me in fb
facebook.com/samuel.tajuda
When I tried to Restore a Backup Userdata.img to my Zenfone, It requires me a Startup Password that I've not currently set on. (I only used Lockscreen and Google's Default Password but nothing happens)
Does somebody know the Encrypted Password made by QCPart or How to Unpack the Disk Image File that only shows Unallocated on Linux Reader for Windows?
I have some important files that I need to retrieve from the Bricked Phone that I backup with it before I Flashed the Android ROM with Clean Firmware
Hello guys,
after testing around for days i thought it might be helpfull to post the honestly pretty easy procedure to install stock Oreo, root it and remove encryption if needed.
Disclaimer:
I am not responsible for bricked devices, dead SD-cards, lost data, etc.
Back up your data, app settings, be sure you remember your passwords, your device will be empty!
Edit: It seems, theres a bug that, if you read this post on XDA labs, won't show you everything, it seems like it randomly skips some parts.
What you need:
Unlocked Bootloader
Motorola USB drivers
15 sec adb and fastboot uploaded by myself since the original links aren't working anymore https://multifilemirror.com/hgxxyrfyd7rx.
I originally got them from here (you may have to go into your device manager and select the adb drivers for your phone f.e. when you want to use adb push in recovery, see original xda site).
This will also install the google drivers.
TWRP 32bit (v.3.2.3-0)
TWRP 64bit (v.3.2.1-0)
Disable Dm-Verity & ForceEncrypt from here
Magisk and MagiskManager. Newest should probably work, i used Magisk-18.0 and MagiskManager-6.1.0
Most recent Oreo firmware (edit 08.19)
(I used this Oreo firmware found in this post)
Steps:
Be sure you backed up your data and app settings, your pictures, downloads, etc. It will all be lost!
Please read all steps before you begin.
Extract the firmware into your adb folder (where you installed adb, should contain 4 files), copy both twrp (32 & 64 bit) in there, too.
Boot into bootloader (hold power+vol down) and open a terminal inside your adb folder (shift+rightclick) and type in
Code:
fastboot flash recovery name_of_twrp64bit_file.img
Boot into recovery (select recovery with vol buttons, then press power) and make a backup of EFS partition and persist folder (use file manager under advanced) and make another backup of system, boot and data and save both backups and persist to your SD-card or better your computer, too.
reboot into bootloader and check if your bootloader version is B.8.31 or above.
If it is B.8.31 or above DON'T FLASH BOOTLOADER!!! Because if you flash bootloader of the same version or below, it would hardbrick your device!
That also means if you f.e. want to downgrade to Nougat, just ignore following lines:
Code:
fastboot flash partition gpt.bin
fastboot flash bootloader bootloader.img
Also, unless youre sure your persist is absolutly ok (check here), please also omit the following lines:
Code:
fastboot erase modemst1
fastboot erase modemst2
They would reset your IMEI and usually it gets restored from your persist, but only if its not buggy.
Even if your persist is fine, as far as i know theres no harm in not using this commands (my persist is fine and i didnt use them).
Now paste following commands in your command promt in adb, in case you are BELOW B.8.31, add the bootloader commands from above between the first and second line:
Code:
fastboot oem fb_mode_set
fastboot flash logo logo.bin
fastboot flash boot boot.img
fastboot flash recovery recovery.img
fastboot flash dsp adspso.bin
fastboot flash oem oem.img
fastboot flash system system.img_sparsechunk.0
fastboot flash system system.img_sparsechunk.1
fastboot flash system system.img_sparsechunk.2
fastboot flash system system.img_sparsechunk.3
fastboot flash system system.img_sparsechunk.4
fastboot flash system system.img_sparsechunk.5
fastboot flash system system.img_sparsechunk.6
fastboot flash system system.img_sparsechunk.7
fastboot flash system system.img_sparsechunk.8
fastboot flash modem NON-HLOS.bin
fastboot flash fsg fsg.mbn
fastboot erase cache
fastboot erase userdata
fastboot erase customize
fastboot erase clogo
fastboot oem fb_mode_clear
fastboot reboot
Please make sure that it really flashed all sparsechunk 0-8.
Let your phone reboot itself after installation is done, then return to bootloader and flash twrp 64bit:
Code:
fastboot flash recovery name_of_twrp64bit_file.img
Boot into recovery, since your device is encrypted it will ask for a password, click cancel, then go to WIPE and click on FORMAT DATA and confirm with yes.
This will remove the encryption of your data partition.
Go back to twrp main page and click on REBOOT then RECOVERY.
Once back in twrp, either copy Disable Disable_Dm-Verity_ForceEncrypt.zip and Magisk-18.zip and MagiskManager-6.1.apk to your SD-card or use
Code:
adb push name_of_file /external_sd
or
adb push name_of_file /sdcard
to copy the files to your SD-card (external_sd) or Internal-Storage (sdcard). For this you may have to manually configure your adb drivers in device manager, see here under Notes.
In twrp go now to INSTALL and flash "disable-dm-verity&encrypt" an then REBOOT and SYSTEM.
Return to recovery and flash "Magisk-18.0.zip", wipe Cache/Dalvik at the end and reboot System
Once System has rebooted, install MagiskManager-6.1.0.apk from your SD-card.
MagiskManager should say that Magisk is installed and in settings under security, your phone should be decrypted.
Note: MagiskManager will only show full information when it has internet access, all you see without is if Magisk is installed.
If you want to encrypt your device again, do it but flash twrp 32bit, too, if it asks for a password, it should be your usual password which you also have to enter on every boot.
Some explanation:
Why twrp 64bit?
Because twrp 32bit is able to bypass encryption, however, it causes some problems:
In fact, probably every twrp without the bypass encryption feature would work f.e. older 32bit version 3.1.0. but 64bit offers some features as EFS backup.
If you flash 32bit directly it can bypass the standard encryption but formatting data fails every time when you booted System previously.
When you reboot recovery and format data again it works, but it needs to fail first, just rebooting into recovery 2 times doesnt work.
I dont know what would happen if you (after using your phone normally) reboot recovery and f.e. want to do a backup from data, though im sure i testet it out, but i probably forgot.
You need it later when you want to encrypt your phone again, for me it didnt decrypt data after i reencrypted my phone using my password.
Why reboot System between flashing Disable-encryption and Magisk?
If you do not, you get heavy lags in the first 2 minutes after rebooting System, MagiskManager will say that Magisk isnt installed and then your phone will crash and reboot. But after that 2. reboot everything works fine again, Magisk is back, no lags.
I remembered this post from Johny Cipeli, between flashing no-verity and magisk he wrote to reboot, so i tried and it worked without lags and crash.
You don't need to remove encryption:
You can root your phone without flashing Disable_dm-verity_and_force-encrypt, use then twrp 32bit, dont format data, just flash magisk.
I can say that it should work, because that was one of my first attempts (and it worked for me), however i didnt write down what i was doing so i cant tell you step by step.
Additional:
In case you're searching Viper4Arise for Oreo, the Aroma installer won't work, use the Magisk module and install in MagiskManager. You can download it here from Zackptg5
If youre also annoyed by that One-Nav vibration, you can try using ExKernelManager app and activate the powersave mode. Although i think its officially not for G5, the app works, maybe that only refers to the Kernel and not to the app.
I tried Flyhigh Kernel, it didnt boot after flashing it, if you know a working Kernel for G5 which can disable One-Nav vibration, please write an answer.
My device:
Rooted Stock Oreo 8.1.0: OPP28.85-16
Bootloader: B.8.31
Model: XT1676 reteu
Stock Kernel
Thanks to:
Snoop05 for 15 sec adb and fastboot.
TheFixItMan for twrp.
Zackptg5 for "Universal DM-Verity, ForceEncrypt, Disk Quota Disablers".
topjohnwu for Magisk.
freeZbies for Official Oreo 8.1.0 OPP28.85-16 Fastboot Firmware.
Wolfcity, woozie.2007 and TheFixItMan for answering many of my questions!
- reserved -
ok friend, thank you for this. I think you dont need to flash twrp 64, i only flash official twrp 32, which indeed doesnt have the option for backup persist, but only efs. Maybe is someone else that will try your method to decrypt, I will try next time when I flash the stock, maybe to the next patch update. Good luck and A happy new year !!!
---------- Post added at 01:31 AM ---------- Previous post was at 01:26 AM ----------
LE: You cant root without format data partition, because flashing twrp, when twrp decrypt data you cant see anything on data partition, so you need to format it even if dont need to decrypt the phone
Nice guide @G5-User7080 .
For me everything seems to be correct, I can´t say anything device specific as I own a potter but there shouldn´t be big differences.
There´s one sentence I´m not sure about:
G5-User7080 said:
Because if you flash bootloader of the same version or below, it would hardbrick your device!
That also means if you f.e. want to downgrade to Nougat, just ignore following lines.....
Click to expand...
Click to collapse
It´s clear that downgrading the bootloader can hardbrick your device but why should there be any risk in flashing the same bootloader?
If I flash the fastboot firmware I´m on shouldn´t it be ok? Where did you get that information from?
I´m about to do that on a device of a friend of mine , he is rooted on 7.0 and wants to go the way to flash the firmware he´s on and after that take the OTA up to Oreo.
He could flash the Oreo firmware directly but he prefers to use the firmware from which he knows it´s working and is the correct one.
Very careful guy.
Edit: I just recognized that the part you called steps incl.the part I quoted isn't visible in XDA Labs, I'm only able to see it in mobile browser. Also some download links aren't there, on XDA Labs there is only the one for the 64bit recovery visible, not the one for 32bit. Maybe it's some kind of format problem, bb codes or else.
Some screenshots from XDA Labs and Chrome mobile to show the differences.
Wolfcity said:
It´s clear that downgrading the bootloader can hardbrick your device but why should there be any risk in flashing the same bootloader?
If I flash the fastboot firmware I´m on shouldn´t it be ok? Where did you get that information from?
Click to expand...
Click to collapse
I read this more then one time, although i could just find one source for now: "Flashing bootloader of equal or minor version will hardbrick your device" from Oreo Fastboot firmware.
I dont know why flashing bootloader of the same version would do lead to a hardbrick, but didnt want to try it out myself, also i see no problem in not flashing the bootloader when you already have the same version.
Wolfcity said:
Edit: I just recognized that the part you called steps incl.the part I quoted isn't visible in XDA Labs, I'm only able to see it in mobile browser. Also some download links aren't there, on XDA Labs there is only the one for the 64bit recovery visible, not the one for 32bit. Maybe it's some kind of format problem, bb codes or else.
Click to expand...
Click to collapse
Thats weird, i dont have XDA labs (thats the mobile app, right?), i wrote it on XDA desktop version and only used the size, code, color and list tags, hmm maybe it has problems with the sorted list, for every other part i used the unsorted ones with dots instead of numbers.
Quick test:
Test One:
this is made
in an unordered
list, using
list tags
Test Two:
this is now made
in an ordered list
counting from one to four
using list=1 tags
Can you read both lists with each four points?
And thanks for mentioning the bootloader thing,.. i realized i forgot to paste the lines in to flash bootloader in case you are below b8.31 ehee..
Wolfcity said:
Some screenshots from XDA Labs and Chrome mobile to show the differences.
Click to expand...
Click to collapse
wtf, it just skips random parts ?!!!
I have no idea what could cause this.. ill better add a note at the beginning of the post...wow
To flash the same vers of bootloader is not a problem, only the below one will hardbrick the phone
G5-User7080 said:
wtf, it just skips random parts ?!!!
I have no idea what could cause this.. ill better add a note at the beginning of the post...wow
Click to expand...
Click to collapse
Your lists are both readable.
I took a look at the BB codes as it's known that some of them are not working on XDA Labs like SIZE or HIGHLIGHT. In that case the BB codes are shown in the text but there's nothing missing.
Maybe it has something to do with the use of
[*] in your text?
Edit: Have you changed something in your text now? It seems to be complete on XDA Labs now too...
Wolfcity said:
Your lists are both readable.
I took a look at the BB codes as it's known that some of them are not working on XDA Labs like SIZE or HIGHLIGHT. In that case the BB codes are shown in the text but there's nothing missing.
Maybe it has something to do with the use of
[*] in your text?
Edit: Have you changed something in your text now? It seems to be complete on XDA Labs now too...
Click to expand...
Click to collapse
the [*] just create new lines for a list, and yes, i edited it two times, first, i added that one should use the bootloader commands in case of being below b831 and then i added the info about missing things on xda labs, but i didnt change anything on the lists itself,...
First of all, thanks for all the people here provide very useful message.
Acutally I encouter a lot of similar issues across the posts.
Please refer to the posts here:
Unbrick guide Z00l Ze550kl
Need QCN file for ZE550KL/Z00L (2GB Ram) Please.
[Solved]Stuck on logo when booting into custom ROM( Zenfone 2 laser ZE550KL Z00LD)
My model is ZE550KL 2GB/16GB version.
What need to be prepared (please look around from google)
1. CSCImage for recovery
2. QPST 2.7
3. Workable QCN, if you have no backup please make one from the other post. (you will need imei coverter and HxD)
4. Retail image WW_ZE550KL_1.17.40.1234-rel-user-20160304185904-secured-releaseAFT_QC
5. Offical latest image
6. TWRP
7. Minitool Partition Manager (I tried diskpart but not working, so please use this one)
8. Qualcomm Driver
Here are the procedures for reference (I do this for over 10 times and 3 nights)
Please make sure you have working QCN...otherwise you cannot recover the calling feature.
1. Erase aboot
fastboot_8916 erase aboot
use above command to erase the partition
you can unplug the battery and cable and replug them.
or simply use fastboot reboot command.
Result: Device enter into 9006 mode
2. Open Minitool Partition manager
Right click and Delete all partition.
Create one single partition using ext4 format
Once done, remove the battery and cable, replug them.
Result: Device enter into 9008 mode
3. If you installed QPST, you should have a program called QFIL
Please use it and extract the firmware from CSCImage, it should have all the items except emmc MBN, just copy it from the root folder.
If you do this correct (follow other post for more detail)
Replug the device will give you a fastboot screen
Result: Device with workable fastboot
4. Now you have a clean bootloader, but no other thing
Go to CSCImage and click flashall
Once it is done, all the partitions will be ok (sometimes I got /factory not mount, let's fix this later)
Result: you will have a engineering OS and bootloader unlocked, diag mode natively enabled.
5. Open Software Downloader from QPST, and recover the QCN, it will reboot the phone.
If you are not doing this correctly (and many issues here), you will get bootloop.
And you have to start over again.
My suggestion is do not touch any of the bootloader setting. (so do not try to use unofficial bootloader unlock guide)
Even you give a command like "fastboot oem adb_enable" it will cause a bootloop and have to start over.
So my suggestion is not touch any bootloader setting
Result: The phone calling and data should be recovered. You can test by making some call.
6. If you want to keep your bootloader unlocked, the retail image flashall you can search there is a "oem lock"
change to unlock and run it in fastboot mode.
Result: You will have a bootloader unlocked phone, with WW firmware.
You can start from here to do TWRP.
to fix /factory partition. you can install busybox and in adb shell, use mkfs.vfat for the partition.
What is CSCImage, I tried your method but got stuck on missing partitions. (Boot, Recovery, System, etc..)
christian.arvin said:
What is CSCImage, I tried your method but got stuck on missing partitions. (Boot, Recovery, System, etc..)
Click to expand...
Click to collapse
This means you didn't unlock your bootloader.
bootloader needs to be unlocked to flash the partition file, and then the partition will be recovered without data.
My bootloader was unlock.
I digged deeper in your method. And this is what i understand and let it be an information for those who will try.
Back up all partition before you delete all partitions. (Your serial and other sensitive data are stored in some of this partition)
Your method only restore 5 partition table that is inside the main0 gpt mbn.
Note: the whole partition table is listed in the both0 gpt mbn.
In my stupidity I renamed the both0 gpt to main0 gpt thinking that it would work. Instead I run into an unstoppable bootloader bootloop.
In an ending note my ZF2 Laser's only hope is a full eMMC reflash that requires external methods. Or let the official professionals handle it.
Before I get started on messing around with my OP7TProME, I'd like to extract my image files (boot, persist, reserve, recovery, etc.) for backup. I've been doing a lot of reading and it appears that the reserve.img file and the data partition will be wiped if I unlock the bootloader. However unlocking the bootloader is a required step to be able to extract the image files either with payload dumper, with adb shell (as root is required to access those areas of the storage, and I think root requires TWRP+Magisk), or with TWRP terminal (cannot even boot to TWRP without unlocking the BL because "boot is not allowed in Lock State").
Is there a way to extract the phone's image files without actually changing the phone? I need a way to get back to how it is right now in case I make a mistake/something breaks.
SidneyD said:
Before I get started on messing around with my OP7TProME, I'd like to extract my image files (boot, persist, reserve, recovery, etc.) for backup. I've been doing a lot of reading and it appears that the reserve.img file and the data partition will be wiped if I unlock the bootloader. However unlocking the bootloader is a required step to be able to extract the image files either with payload dumper, with adb shell (as root is required to access those areas of the storage, and I think root requires TWRP+Magisk), or with TWRP terminal (cannot even boot to TWRP without unlocking the BL because "boot is not allowed in Lock State").
Is there a way to extract the phone's image files without actually changing the phone? I need a way to get back to how it is right now in case I make a mistake/something breaks.
Click to expand...
Click to collapse
What's the model number of your phone? and is it the 5G T-Mobile edition?
SidneyD said:
Is there a way to extract the phone's image files without actually changing the phone? I need a way to get back to how it is right now in case I make a mistake/something breaks.
Click to expand...
Click to collapse
Yes, by using the MSM tool when putting the phone in EDL mode. You can find detailed instructions on the first page of most of the custom ROM threads in our subforum.