can anyone who has root access provide me with a dump of the misc partition from their H918 LGV20? I flashed a ROM that apparently included the misc.bin from the KDZ and now mine is wiped. HELP! the command to use would be the following
dd if=/dev/block/bootdevice/by-name/misc of=/external_sd/backup/misc.img
I unpacked the 10K KDZ, surprisingly there was a misc.bin there. It was not on the previous 10J I checked.
Anyway, here you go. I'm bricked so this is all I can give you. I assume it will be fine.
Hmm... I just looked at it, and it's zeroed-out. But it must be supposed to, right? If you flash the KDZ then that is what happens.
Edit: Or maybe it's only included by accident, and isn't actually flashed...hmm I'll leave it here until you respond, if it's not what you need I'll remove it, so not to detract from you request
Edit2: Removed
askermk2000 said:
I unpacked the 10K KDZ, surprisingly there was a misc.bin there. It was not on the previous 10J I checked.
Anyway, here you go. I'm bricked so this is all I can give you. I assume it will be fine.
Hmm... I just looked at it, and it's zeroed-out. But it must be supposed to, right? If you flash the KDZ then that is what happens.
Edit: Or maybe it's only included by accident, and isn't actually flashed...hmm I'll leave it here until you respond, if it's not what you need I'll remove it, so not to detract from you request
Click to expand...
Click to collapse
thanks, however I believe the KDZ was what caused mine to be zeroed out... now my phone's MAC address is no longer fixed and keeps changing as a result of no misc partition
Wow. You flashed this *H91810k.zip* right? I used that one too while my phone was functioning. And yes I noticed that exact problem with the MAC address because I was using FTP server on the phone. DAMN
How do we fix it? Manual edit of misc partition to insert our original MAC?
Ok I see you wrote KDZ. I flashed a TWRP H918 10K rom from the forum. I suppose many will have this problem.
MISC partition. What does it do
China user
andy_zhang said:
MISC partition. What does it do
China user
Click to expand...
Click to collapse
misc partition contains device info like WiFi and BT MAC addresses, device IMEI and serial number... if you want to help me out, it may be best to open up the file in a hex editor after creating it to block out those information.
Your device is 100% usable without a misc partition. i regularly wiped mine because twrp stores its config there.
me2151 said:
Your device is 100% usable without a misc partition. i regularly wiped mine because twrp stores its config there.
Click to expand...
Click to collapse
So you're saying the IP address changing at every reboot is not related to this?
askermk2000 said:
So you're saying the IP address changing at every reboot is not related to this?
Click to expand...
Click to collapse
IP address changing is related to the DHCP server of your network changing your IP. If you mean MAC changing at every boot its a issue with custom roms. Not the Misc Partition.
me2151 said:
IP address changing is related to the DHCP server of your network changing your IP. If you mean MAC changing at every boot its a issue with custom roms. Not the Misc Partition.
Click to expand...
Click to collapse
Yes the MAC address is changing, therefore IP address changes as a consequence. That is what I meant.
We thought this was because the misc partition was wiped. (I was using stock 10k)
askermk2000 said:
Yes the MAC address is changing, therefore IP address changes as a consequence. That is what I meant.
We thought this was because the misc partition was wiped. (I was using stock 10k)
Click to expand...
Click to collapse
There IS a possibility that the MAC is stored in MISC but im pretty sure its stored in the FIRMWARE partition. Regardless. If you use someone elses MISC partition that you mean you would have their MAC address IF its stored in there. You would still not have yours.
me2151 said:
There IS a possibility that the MAC is stored in MISC but im pretty sure its stored in the FIRMWARE partition. Regardless. If you use someone elses MISC partition that you mean you would have their MAC address IF its stored in there. You would still not have yours.
Click to expand...
Click to collapse
Yes, well it was not my idea to get a misc backup from someone. But @dimm0k did bring to my attention the MAC address problem, and it just seemed very logical that it was caused by that botched 10K KDZ file.
askermk2000 said:
Yes, well it was not my idea to get a misc backup from someone. But @dimm0k did bring to my attention the MAC address problem, and it just seemed very logical that it was caused by that botched 10K KDZ file.
Click to expand...
Click to collapse
The MAC address issue is on almost every aosp rom and aosp roms dont touch MISC so its probably not caused but the MISC partition. Yes theres always a possibility but still. There might be other stuff going on.
@me2151 @askermk2000
while I'm a novice to all of this, I can say with 100% certainty that on the LGV20 the MAC address is tied to the misc partition, which looks to be the /dev/block/sda5 partition. as mentioned, the H91810k KDZ contained a misc.bin that I had in my original release of the TWRP flashable 10k zip. because of this my MAC address has been constantly changing after a reboot to that of something beginning with 00:90:4c. I don't know much about AOSP so I can't comment on that, but because I have 2 LGV20s of different variants I was able to get a dump from the US996 variant for the misc partition and compare that to the "damaged" misc partition on the H918. The size is exactly the same, 32MB, with the beginning parts being different between the two dumps. I was able to restore my MAC address by hex editing the "damaged" misc using the same location from the US996 variant's misc partition as a reference. I was also able to restore the BT MAC address and serial number using the same method. prior to these edits my WiFi and BT MAC addresses kept changing and the serial number was actually missing in the Settings > About Phone section. after these edits they have been constant to what I set them as. the only reason I want the misc partition now is so that I can compare to see if there was anything else in the misc partition that I need to restore that's specific to the H918. the misc partition isn't crucial for the device to work, but it is needed to avoid random MAC addresses that I know for sure.
that said, askermk2000, do you happen to have a misc dump for the US996? that would help me confirm what's missing from the H918 as I have a good US996 misc dump.
This was very enlightening. I was with @me2151 as far as the misc partition goes. I have wiped it many times, for various reasons -- just thought it was used by the stock recovery. One being forgetting to turn off auto updates, and getting caught in a boot loop (wiping fota wasn't enough). But I never used my phone as a server, so no need to consistently get the same address from a DHCP server. Once I get my H918, I will definitely go through it and see what else is in there.
Doing some searching, apparently on older phones it was possible to re-lock your boot loader without wiping data if you dumped the misc partition before and after unlocking. Just flash the "locked" version back, and viola, locked boot loader. This may come in handy on the H918 since T-Mobile allows unlocking, and can't use the eng boot loader that claims it is locked when it isn't.
-- Brian
dimm0k said:
misc partition contains device info like WiFi and BT MAC addresses, device IMEI and serial number... if you want to help me out, it may be best to open up the file in a hex editor after creating it to block out those information.
Click to expand...
Click to collapse
I have uploaded two types of files
China user
andy_zhang said:
I have uploaded two types of files
China user
Click to expand...
Click to collapse
two types of files? can you give more details, as well as the location?
dimm0k said:
two types of files? can you give more details, as well as the location?
Click to expand...
Click to collapse
我可以用工具提取手机底层。
996 的TOT,但是刷不进去。lgv20 刷不进tot.
China user
---------- Post added at 03:17 AM ---------- Previous post was at 03:17 AM ----------
andy_zhang said:
我可以用工具提取手机底层。
996 的TOT,但是刷不进去。lgv20 刷不进tot.
China user
Click to expand...
Click to collapse
https://mega.nz/#F!I4IHTQbR!8Pf3kwL-jirY7zrnia3cow
China user
I am pretty sure the MAC address (& IMEI) is stored in the modemst1 & modemst2 partitions.
I was able to easily change them when I wiped those on my H990DS.
Try going to dialpad & type *#546368#*918# (it is *#546368#*990# for my H990DS)-->SVC Menu-->CRCWIZARD Test-->Auto MID-->MID Setting
(should be able to set with wiped modemst1 & modemst2 partitions however option wasn't available when I restored those partitions)
Prowler_gr said:
I am pretty sure the MAC address (& IMEI) is stored in the modemst1 & modemst2 partitions.
I was able to easily change them when I wiped those on my H990DS.
Try going to dialpad & type *#546368#*918# (it is *#546368#*990# for my H990DS)-->SVC Menu-->CRCWIZARD Test-->Auto MID-->MID Setting
(should be able to set with wiped modemst1 & modemst2 partitions however option wasn't available when I restored those partitions)
Click to expand...
Click to collapse
That is not the point. It's just a shadow copy in the misc, probably for easy access by apps. But as a courtesy to the users wanting to help, he mentions it, though I wouldn't sweat about that imei stuff.
Who cares? I've been reading smartphone forums en-mass for a long time now, and there's no shortage of people posting their imei for various reasons. Or go to Ebay and look at almost every phone listing, you will find the IMEI so ppl can check if it's blacklisted.
You can even generate your own imei if you really wanna change it.
Edit: He already said that he fixed his wlan & bt mac address by editing the misc partition.
Related
I need a .img of the original rom, where can i find? Thanks
Aran83 said:
I need a .img of the original rom, where can i find? Thanks
Click to expand...
Click to collapse
You cant, every NST is unique and using an image from another NST will cause trouble for both you and the NST it came from.
Thanks, nook is bricked but I can read the main partition, which .img I install?
Sorry for my english.
Aran83 said:
Thanks, nook is bricked but I can read the main partition, which .img I install?
Sorry for my english.
Click to expand...
Click to collapse
There's no img you can install.
You can try booting n2T-Recovery (v0.2) from a SD card and see if that helps. (Do not write that image to your NST!)
If not, send me a PM and I'll try to help you out
Something else you can try:
1) Flash noogie.img to an sd card.
2) Hook up your nook to a pc via usb once it has booted, and you should see all the partitions exported there.
3) In one of those partitions (recovery maybe? I'm struggling to remember), there's a factory.zip, which you can then install using the "Install from zip" feature of clockwork mod.
If you go this route, you'll have to reflash your sd card with clockwork mod after you've extracted the factory.zip using noogie.
Seems like kind of a pain, but I just recovered my device using this.
Remains in the screen ROOTED FOREVER and i can't do anything
I think, for michaelwill's method, you need to have linux running. I suggest you to try ros87's suggestion.
if I use backup from nook of my friend?
Aran83 said:
if I use backup from nook of my friend?
Click to expand...
Click to collapse
That is not a good idea, since each NookTouch has a unique information to register. If you are thinking of full restore from your friend's image (1.8GB image), it will overwrite your unique information. In that case, you and your friend's devices cannot register to BnN (or just one device). People says the info is stored in /rom. If you want to know more, you need to dig more. Otherwise try factory reset suggested by ros.
herofmm said:
That is not a good idea, since each NookTouch has a unique information to register. If you are thinking of full restore from your friend's image (1.8GB image), it will overwrite your unique information. In that case, you and your friend's devices cannot register to BnN (or just one device). People says the info is stored in /rom. If you want to know more, you need to dig more. Otherwise try factory reset suggested by ros.
Click to expand...
Click to collapse
Correct!
Using a image from another NST is a very very bad idea!
There are a lot of stuff that's unique to your NST stored in /rom and in rombackup.zip on the Factory partition.
This includes:
Serial Number
Main Board Serial
Product ID
Manufacturing date
SHA hash of Private Key
Public Key in modulus form
WiFi Calibration file
Some unique binary file for your eInk screen
MAC Address
Battery Type
Duplicating the serial will make you or your friend unable to register with B&N
Duplicating / Faking the private/public key pair, will most likely make you unable to register with B&N (I'm currently testing this)
Duplicating a WiFi calibration can cause degraded WiFi performance
Duplicating that EPD vcom file (eInk screen).. well who knows
Duplicating the MAC will cause network troubles if used on the same network.
The wrong Battery Type (I've seen three different so far) can cause charging troubles, and will cause incorrect charge indication.
Don't go there!
NookRestore.img
Try writing NookRestore.img to an mSD card. (You can get a copy at my website: NootRoot)
Hard reset
I had issues rooting my NST and got stuck in a boot loop. After digging and digging through forums I finally discovered the secret to a hard reset. The instructions said to hold the power and the two bottom side buttons down together for over 20 seconds. That worked! My NST was back to when I pulled it out of the box. I then proceeded to re rooting. (my mistake was I did not upgrade the OS before rooting). My bad. Hope this helps someone recover from a stuck boot loop.
Good luck.
chucktate said:
My NST was back to when I pulled it out of the box.
Click to expand...
Click to collapse
No it wasn't, Factory Reset doesn't remove root files or system apps installed by root tools, it only clears custom apps and settings.
While you might think it's back to stock, there are still leftover files and changes in /boot and /system
ros87 said:
Correct!
Using a image from another NST is a very very bad idea!
There are a lot of stuff that's unique to your NST stored in /rom and in rombackup.zip on the Factory partition.
Click to expand...
Click to collapse
Hi, I've just found a way around this - it is possible to restore somebody else's .img file, provided you've backup up your rombackup.zip. Then after, using Noogie, you can overwrite rombackup.zip and the contents of it which are on a different partition. The only danger is that you would potentially overwrite battery type config file, as Nook has couple of them. I gave it a try on mine and it seems fine.
sokoow said:
Hi, I've just found a way around this - it is possible to restore somebody else's .img file, provided you've backup up your rombackup.zip. Then after, using Noogie, you can overwrite rombackup.zip and the contents of it which are on a different partition. The only danger is that you would potentially overwrite battery type config file, as Nook has couple of them. I gave it a try on mine and it seems fine.
Click to expand...
Click to collapse
That is correct.
Problem is that most people who end up in a state where Factory Restore doesn't work has usually managed to overwrite their partition tables and part of the /rom partition.
And at this point it is too late to backup rombackup.zip as it's usually fragmented and cannot be recovered by ext2 file recovery tools.
So.. do a full backup before you do anything to your NST
I found if you restore with holding the two lower buttons it will remove all rooted files.
Googie2149 said:
I found if you restore with holding the two lower buttons it will remove all rooted files.
Click to expand...
Click to collapse
Read post 13 by ros87!
ros87 said:
No it wasn't, Factory Reset doesn't remove root files or system apps installed by root tools, it only clears custom apps and settings.
While you might think it's back to stock, there are still leftover files and changes in /boot and /system
Click to expand...
Click to collapse
Go to my website, download nookRestore.img and write it to an mSD card, Erase and De register, Power Off, then insert mSD then power up, then follow on screen instructions!
[OT - Removed]
[OT - Removed]
Torimu.Joji said:
I'll update the website and post links to XDA.
Click to expand...
Click to collapse
Thank you sir!
By posting proper links you help ensure that people get the most recent software and information
Hi,
First off i want to state that i have some knowledge of the legal issues concerning changing of MAC addresses and the sole reason that i want to do this is because privacy is a big issue for me and i have a right to enjoy my right. Therefore, any posts or argument concerning such are requested to be posted elsewhere where the topic expressly states so.
Also, please treat me like a newbie when it comes to developing and programming of any kind. I have a very shallow understanding of kernel and the likes.
I am using a rooted S5 G-900H(Exynos with BCM 4534 chip)
Running on 4.4.2 Kitkat stock ROM and Kernel
So without further ado, here is what i have found so far
The MAC address is reflected in a hidden file called .mac.info in the /efs/wifi/ folder. However, editing the file does not change the actual MAC address in anyway. A phone reboot or even turning the wifi on/off will just change it back to the original.
I dumped partitions from /dev/block/ on to my SD card and copied it to my laptop. I searched through the files and found the MAC address in the efs.img partition.My wifi was turned off and the plane was in airplane mode. I modified it and flashed it back using the dd command from terminal emulator on my phone(this can also be done through adb shell but im guessing if you know what that is then you obviously know how to do it).
I rebooted the phone and everything seemed fine. The Wifi MAC address in the status screen in settings displayed my edited address. The .mac.info file also displayed the same. The problem is that it reverted back to the original as soon as i turned on the wifi. The MAC address values in the .mac.info file, status screen and the efs partition from the /dev/block/, all changed back to the original.
I have read that for most phones the important information unique to that particular phone(like IMEI, wifi/BT MAC address, unlock codes and so on) is stored in the NV_DATA.bin file, but everything is encrypted. Also there are only guides as to searching unlock codes and such, so i tried to search for hash blocks randomly using Hex Editor but there was nothing of the sort and the only hash block i can recognize is the one with AES-Encryption as shown from another forum on this site.Maybe it is another type of encryption, but that was another dead end for me.
Then i tried to search and edit various files and kernels as such, but there are no kernels that directly offer this customization. Tried to edit init.tuna.rc but there was no such file in the root directory. Searched init.goldfish.rc and init.wifi.rc and found nothing, but i did see init.svc.macloader mentioned and since i didnt want to mess with programs in the /system/bin/file i left it as is.
Also tried to search through PARAM partition using Hex Editor but nothing was there. Did the same for RADIO and BOOT but i dont think i did find anything major there.
tried to edit /sys/class/net/wlan0/address but it didnt let me, even though i was mounted as r/w. Flashing through dd command on terminal also resulted in permission denied. I was only able to view or dump it. I thought that may have been the source, but modifying the MAC address through the busybox if config command was reflected on the file. which obviously means that its not.
Looked through the dmesg (kernel) log and found a few interesting things but i dont know how to interpret them and what to do with it either. Ill post it later.
There is no NVRAM.txt the only ones in place of it i have are nvram_mfg.txt, nvram_mfg.txt_wisol, nvram_mfg.txt_semco3rd, nvram_net.txt, nvram_net.txt_semco3rd, nvram_net.txt_wisol.
I did do a bit more searching and editing, but i dont recall them right now.
Now, After all that what i think is this.
There is a source for the original MAC address somewhere either hardcoded in the Broadcom chip or somewhere in the partitions under a layer of encyrption.
The Original MAC address is only accessed when the wifi is turned on and not on reboot. This means it is not in any file, program or script that activates on boot, so only scripts and files accessed and imported during the turning on of wifi
must have it. Also while wifi is on and running, busybox ifconfig command changes the MAC address succesfully albeit temporarily, although the change is not seen on the status screen and but it does on the .mac.info file.
Any help from anyone, especially from developers with knowledge of Android kitkat ROm and kernels would be very much appreciated.
Alpaca_Bandit said:
Hi,
First off i want to state that i have some knowledge of the legal issues concerning changing of MAC addresses and the sole reason that i want to do this is because privacy is a big issue for me and i have a right to enjoy my right. Therefore, any posts or argument concerning such are requested to be posted elsewhere where the topic expressly states so.
Also, please treat me like a newbie when it comes to developing and programming of any kind. I have a very shallow understanding of kernel and the likes.
I am using a rooted S5 G-900H(Exynos with BCM 4534 chip)
Running on 4.4.2 Kitkat stock ROM and Kernel
So without further ado, here is what i have found so far
The MAC address is reflected in a hidden file called .mac.info in the /efs/wifi/ folder. However, editing the file does not change the actual MAC address in anyway. A phone reboot or even turning the wifi on/off will just change it back to the original.
I dumped partitions from /dev/block/ on to my SD card and copied it to my laptop. I searched through the files and found the MAC address in the efs.img partition.My wifi was turned off and the plane was in airplane mode. I modified it and flashed it back using the dd command from terminal emulator on my phone(this can also be done through adb shell but im guessing if you know what that is then you obviously know how to do it).
I rebooted the phone and everything seemed fine. The Wifi MAC address in the status screen in settings displayed my edited address. The .mac.info file also displayed the same. The problem is that it reverted back to the original as soon as i turned on the wifi. The MAC address values in the .mac.info file, status screen and the efs partition from the /dev/block/, all changed back to the original.
I have read that for most phones the important information unique to that particular phone(like IMEI, wifi/BT MAC address, unlock codes and so on) is stored in the NV_DATA.bin file, but everything is encrypted. Also there are only guides as to searching unlock codes and such, so i tried to search for hash blocks randomly using Hex Editor but there was nothing of the sort and the only hash block i can recognize is the one with AES-Encryption as shown from another forum on this site.Maybe it is another type of encryption, but that was another dead end for me.
Then i tried to search and edit various files and kernels as such, but there are no kernels that directly offer this customization. Tried to edit init.tuna.rc but there was no such file in the root directory. Searched init.goldfish.rc and init.wifi.rc and found nothing, but i did see init.svc.macloader mentioned and since i didnt want to mess with programs in the /system/bin/file i left it as is.
Also tried to search through PARAM partition using Hex Editor but nothing was there. Did the same for RADIO and BOOT but i dont think i did find anything major there.
tried to edit /sys/class/net/wlan0/address but it didnt let me, even though i was mounted as r/w. Flashing through dd command on terminal also resulted in permission denied. I was only able to view or dump it. I thought that may have been the source, but modifying the MAC address through the busybox if config command was reflected on the file. which obviously means that its not.
Looked through the dmesg (kernel) log and found a few interesting things but i dont know how to interpret them and what to do with it either. Ill post it later.
There is no NVRAM.txt the only ones in place of it i have are nvram_mfg.txt, nvram_mfg.txt_wisol, nvram_mfg.txt_semco3rd, nvram_net.txt, nvram_net.txt_semco3rd, nvram_net.txt_wisol.
I did do a bit more searching and editing, but i dont recall them right now.
Now, After all that what i think is this.
There is a source for the original MAC address somewhere either hardcoded in the Broadcom chip or somewhere in the partitions under a layer of encyrption.
The Original MAC address is only accessed when the wifi is turned on and not on reboot. This means it is not in any file, program or script that activates on boot, so only scripts and files accessed and imported during the turning on of wifi
must have it. Also while wifi is on and running, busybox ifconfig command changes the MAC address succesfully albeit temporarily, although the change is not seen on the status screen and but it does on the .mac.info file.
Any help from anyone, especially from developers with knowledge of Android kitkat ROm and kernels would be very much appreciated.
Click to expand...
Click to collapse
As you said, ifconfig changes it, there are several apps that do it for you as well, chainfire also released a mac randomizer app. You also noted it's hardwired in, so i would just have a startup script that changes it if i were you, there night be a better way to do it though.
Sent from my Tw5ted SM-G900A using Tapatalk
Yes, I have been using pry-fi as an option but the thing is that when i'm watching videos or downloading large sized files from playstore or other file hosting sites, it starts to turn my wifi on/off several times before becoming stable and logging in to the AP again. I have tried macchanger also and both misbehave after an interval of time. Thats why im trying to search for a more cleaner way to do it.
Running an init script would be nice but i have no idea how to do that. But there should be a script that only runs when turning on the wifi right? Would you know where this file was located and how to modify it? and if so please tell me.
Alpaca_Bandit said:
Yes, I have been using pry-fi as an option but the thing is that when i'm watching videos or downloading large sized files from playstore or other file hosting sites, it starts to turn my wifi on/off several times before becoming stable and logging in to the AP again. I have tried macchanger also and both misbehave after an interval of time. Thats why im trying to search for a more cleaner way to do it.
Running an init script would be nice but i have no idea how to do that. But there should be a script that only runs when turning on the wifi right? Would you know where this file was located and how to modify it? and if so please tell me.
Click to expand...
Click to collapse
You can just use init.d to make the script, shell scripting isnt very hard and i won't give you a tutorial here. Also as noted many places when researchng changing a mac on android, you can't connect to secured APs, or it won't be easy at least. As i said before, there may be a better way to do this, but i do not know it.
Sent from my Tw5ted SM-G900A using Tapatalk
Ok, thanks a lot. Running a script might just be cleaner than anything else I have right now. I'll still be on the lookout for other ways though. Call me hard to please.
Btw, I think the reason most custom MAC addresses(if they do get changed) are too different than the ones registered on the chip. I've found that changing only the 2nd digit out of the 12 in the address, to an even hexadecimal number like 2 or A, works for me on my pc.
Also you need to forget the networks on your pc or android as soon as you change it. Doesnt matter if you have the password or not, it doesnt connect. Must be something to do with the saved info about the ap on the phone that messes it up.
Alpaca_Bandit said:
Ok, thanks a lot. Running a script might just be cleaner than anything else I have right now. I'll still be on the lookout for other ways though. Call me hard to please.
Btw, I think the reason most custom MAC addresses(if they do get changed) are too different than the ones registered on the chip. I've found that changing only the 2nd digit out of the 12 in the address, to an even hexadecimal number like 2 or A, works for me on my pc.
Also you need to forget the networks on your pc or android as soon as you change it. Doesnt matter if you have the password or not, it doesnt connect. Must be something to do with the saved info about the ap on the phone that messes it up.
Click to expand...
Click to collapse
I know on for example ddwrr and even some official router firmwares they allow you to spoof your mac, may be worth looking into how they do it, but i have a suspicion it might be done with a script.
Sent from my Tw5ted SM-G900A using Tapatalk
Hard Wired?
I have been messing with 2 Alcatel Ideal 4060a, (because I bricked the first one i had).
After bricking the first 4060a I had, (wiping all partitions), I bought a second, (so I could install TWRP on it back it up and restore the backup onto the first).
After Restoring the backup of the second onto the first, all was good until I tried to get them online together.
When one connected it knocked the other offline, because they both share the same MAC address.
This is my problem and I wish the Mac Addresses were hard wired, then i wouldn't have this problem.
This is good news for anyone who wants to know if mac addresses are indeed hard wired. They are not, (at least not in the 4060a).
Hope This Helps.
gscripting
MAC for bt and wifi reside in the EEPROM or NVRAM. And that is not editable.
To put it simply you can't change it. Only spoof it. And if you know it's not legal you probably shouldn't be asking.
Reported Is different from original
gscripting said:
I have been messing with 2 Alcatel Ideal 4060a, (because I bricked the first one i had).
After bricking the first 4060a I had, (wiping all partitions), I bought a second, (so I could install TWRP on it back it up and restore the backup onto the first).
After Restoring the backup of the second onto the first, all was good until I tried to get them online together.
When one connected it knocked the other offline, because they both share the same MAC address.
This is my problem and I wish the Mac Addresses were hard wired, then i wouldn't have this problem.
This is good news for anyone who wants to know if mac addresses are indeed hard wired. They are not, (at least not in the 4060a).
Hope This Helps.
gscripting
Click to expand...
Click to collapse
More info relative to these 2 phones
I installed an app called Change my Mac.
It Lists:
Original MAC 12:34:56:78:90:ab
Current MAC ff:ee:dd:cc:bb:aa
They Are Different.
I thought the original MAC address it's showing, was the one written in the EEPROM or NVRAM,
but it turns out, after installing Change My MAC on the other phone also, its lists the same Original and Current MAC addresses as the first phone.
The Current MAC address listed is the one reported in settings and my network.
I Use Change My MAC to set the reported MAC to the original every time the phone boots using Tasker on only one of them.
Using Change My MAC, the change lasts til boot.
Just passing it on for those that might be interested.
When I get link privileges, I'll add a screenshot of Change My MAC.
gscripting
This guide is for those who have lost their IMEI, have corrupted EFS, or erased EFS partition. So, follow these under your own risk, it may or may not work, and if something happens or doesn't happen, then i am not to blame. So, once again i will not take credit for bricked phones or something along those lines, however i will take full credit if this works for you. I will also provide assistance to those who could not restore their EFS following this guide.
Before proceeding with this guide, backup what you have left. Use twrp to backup and in case something goes wrong and your problem escalates, you can restore using twrp backup.
Restore EFS
Change IMEI Number
Restore EFS
Do this if and only if you believe your EFS is corrupted, or you somehow erased it. If you are not sure about it, then simply follow the next guide to change you IMEI number. In most cases people loose their IMEI only and not the whole partition. Again, it may or may not work, so do this on your risk, and i am not to blame if anything bad happens, but if you do succeed, then don't forget to give me credit.
Note:
If your EFS is erased or corrupted, your IMEI and Baseband will be shown as unknown. In this case recover the EFS following this post, and then change the IMEI following the next post. If your IMEI is shown as 0, then you EFS is safe and most probably your IMEI is gone. In that case, no need to recover EFS, only change the IMEI number following my next post.
In TWRP, backup of kate wont show on kenzo and the backup up kenzo wont show on kate. In case no backup is shown even if you are using the right device, then try the dump flashing method or try changing the TWRP recovery.
Flashing this will only restore your EFS partition, but the IMEI will still be gone, so you will have to follow the next guide to change your IMEI.
Even after flashing a new EFS, you Mac and BT address will not recovery. The android system will assign a software generated address to both devices. Dont worry cause even without the EFS partition there will be a Mac and BT address assigned to your device and both the things will work normally.
If your Baseband is still unknown, even after flashing a new EFS, then try flashing latest radio file. It can be found in any firmware update package, either the official or the one from the strix.
1. Download the required files from the link given below.
EFS Backup[Kenzo] - Contact me if someone has backup of this.
EFS Backup[Kate] - Contact me if someone has backup of this.
2. Extract the Dump Backup files and flash them using the following commands.
Code:
fastboot flash modemst1 modemst1
fastboot flash modemst2 modemst2
3. Now reboot and voila you have you a new EFS partition at your disposal.
Change IMEI Number
Requirements:
Root
USB Debugging is turn on
Windows Driver Signature is turned off
ADB and Fastboot Binary Files
Latest MiFlash Installed for the latest drivers
1. Connect your device to pc and open the adb folder. Then open a command promt window.
Code:
>> [B]Shift + Right Click[/B] anywhere in the adb folder
>> Click on [B]Open Command Window Here[/B]
2. Type the following command to enable Diagnostics mode. Allow debugging if asked.
Code:
adb shell
su
setprop sys.usb.config diag,adb
4. Download the IMEI Changer from the link given below.
IMEI Changer [Credit: Archeolot]
5. Now, open the imei changer, and enter imei number in both the fields. And click on start. After a moment it will show as passed. If it fails make sure that you have followed the points i stated.
Note: Make sure that the driver in driver management under ports is listed as "Qualcom HS-USB Android DIAG 901D" and not as "Marshall London HS-USB Android DIAG 901D". If it is listed in any other name, then go to driver management and update driver. Select browse driver, then let me pick driver from a list. Then select "Qualcom HS-USB Android DIAG 901D" and then finish.
WOW.. Thanks mate..
It's gonna very Helpful for me & other ppl.. ??
Sent from my Redmi Note 3 using Tapatalk
didn't work..
showing error as no diag even after typing those commands
kindly help me
nuk.nama said:
showing error as no diag even after typing those commands
kindly help me
Click to expand...
Click to collapse
At what part, the imei change or flashing.
The simplest, and the fastest guide to restoring EFS and IMEI! I haven't backed up my EFS and this revived my phone! Much apprecieated!
Broski32 said:
The simplest, and the fastest guide to restoring EFS and IMEI! I haven't backed up my EFS and this revived my phone! Much apprecieated!
Click to expand...
Click to collapse
Glad i could help mate. Can you confirm your mac address and bluetooth address, whether it is same or changed.
archit.bajpai.ab said:
Glad i could help mate. Can you confirm your mac address and bluetooth address, whether it is same or changed.
Click to expand...
Click to collapse
Can't confirm. My EFS partition was so corrupted from trying other tutorials to restore my IMEI that I didn't even bother backing it up because I thought that it could have been changed already (tried writing to NVRAM with QPST). Since I don't have my original mac and bluetooth addresses written down anywhere (I haven't written them down myself and I don't think they are to be found anywhere on the box or on the phone) I think the only way to check it would be to compare my current addresses on the phone to the addresses contained in your EFS backup. Can you extract them so I can check if they match or not?
Broski32 said:
Can't confirm. My EFS partition was so corrupted from trying other tutorials to restore my IMEI that I didn't even bother backing it up because I thought that it could have been changed already (tried writing to NVRAM with QPST). Since I don't have my original mac and bluetooth addresses written down anywhere (I haven't written them down myself and I don't think they are to be found anywhere on the box or on the phone) I think the only way to check it would be to compare my current addresses on the phone to the addresses contained in your EFS backup. Can you extract them so I can check if they match or not?
Click to expand...
Click to collapse
The mac address and bluetooth address in the efs are my own. I only changed the imei so that no one else can copy it, i didnt know anyway to change mac address. Besides the mac address doesnt matter that much, and i dont think that we will ever be on the same wifi network.
If you dont know then i can explain, that the mac address is required to maintain switches and broadcast in the router, so it technically does not matter.
You can change it later with some apps or use it like that if you wish, if i find any way to restore you mac i will post it too. In the mean time just post a snapshot of wifi mac and bluetooth address so that i can compare them with my own.
So, using this way, one can change the IMEI no. also?
mGforCe said:
So, using this way, one can change the IMEI no. also?
Click to expand...
Click to collapse
Yes, just use the imei changer in the rar file to change your imei. But make sure to backup or atleast note down your imei before doing so.
archit.bajpai.ab said:
The mac address and bluetooth address in the efs are my own. I only changed the imei so that no one else can copy it, i didnt know anyway to change mac address. Besides the mac address doesnt matter that much, and i dont think that we will ever be on the same wifi network.
If you dont know then i can explain, that the mac address is required to maintain switches and broadcast in the router, so it technically does not matter.
You can change it later with some apps or use it like that if you wish, if i find any way to restore you mac i will post it too. In the mean time just post a snapshot of wifi mac and bluetooth address so that i can compare them with my own.
Click to expand...
Click to collapse
Current addresses on my phone:
MAC - 00:0a:f5:a9:XX:XX
Bluetooth - 7C:7F:F0:82:XX:XX
Left out some numbers just in case they are mine. For the purpose of checking that will still be enough
Broski32 said:
Current addresses on my phone:
MAC - 00:0a:f5:a9:XX:XX
Bluetooth - 7C:7F:F0:82:XX:XX
Left out some numbers just in case they are mine. For the purpose of checking that will still be enough
Click to expand...
Click to collapse
Yup, they are not mine. Mine start with 64:cc and so on for both mac and bluetooth. They may be software generated or may be your own, technically i am not sure.
Edit: did you use imei changer to change imei no. Or are you using the default values. If you are using the default values, pls post them too. If you change them, then give your review, ie was it hard or easy, did you encointer any problem, stuff like that.
archit.bajpai.ab said:
Yup, they are not mine. Mine start with 64:cc and so on for both mac and bluetooth. They may be software generated or may be your own, technically i am not sure.
Edit: did you use imei changer to change imei no. Or are you using the default values. If you are using the default values, pls post them too. If you change them, then give your review, ie was it hard or easy, did you encointer any problem, stuff like that.
Click to expand...
Click to collapse
After flashing your EFS backup both IMEI values were set to "0". On the default values I don't think the phone would be able to register on any network with the sim inside, but I haven't tried that. Then I flashed my IMEI with the app you provided in the .rar. Set my IMEI same for both slots because I've got only one written down on the box so I think it is set how it should be out of the box. After that I've rebooted to EDL and flashed global developer rom. And it's all working, I'm able to make calls from both sim slots, however didn't try having 2 sims inside.
All in all the process is very easy, definitely the easiest out there. I haven't encountered any problems, however I think others may have a problem with drivers to get "Qualcom HS-USB Android DIAG 901D" working. Mine was working already because I tried this tutorial before. Thank you for this guide, and providing your backup
Broski32 said:
After flashing your EFS backup both IMEI values were set to "0". On the default values I don't think the phone would be able to register on any network with the sim inside, but I haven't tried that. Then I flashed my IMEI with the app you provided in the .rar. Set my IMEI same for both slots because I've got only one written down on the box so I think it is set how it should be out of the box. After that I've rebooted to EDL and flashed global developer rom. And it's all working, I'm able to make calls from both sim slots, however didn't try having 2 sims inside.
All in all the process is very easy, definitely the easiest out there. I haven't encountered any problems, however I think others may have a problem with drivers to get "Qualcom HS-USB Android DIAG 901D" working. Mine was working already because I tried this tutorial before. Thank you for this guide, and providing your backup
Click to expand...
Click to collapse
Enjoy your revived phone buddy.
Thanks buddy!!!!! you saved my phone
pandyajoe said:
Thanks buddy!!!!! you saved my phone
Click to expand...
Click to collapse
It do what i can do buddy...
Guys. I messed up my phone by restoring a nandroid backup from a different one.
I was able to restore my IMEI using some qualcomm tools. My problem now is that fingerprint scanner won't work on any rom, even official.
Any idea what else I have messed Up? I don't think restoring this efs will fix my fingerprint scanner. Is fingerprint scanner info in a different partition?
chr0m said:
Guys. I messed up my phone by restoring a nandroid backup from a different one.
I was able to restore my IMEI using some qualcomm tools. My problem now is that fingerprint scanner won't work on any rom, even official.
Any idea what else I have messed Up? I don't think restoring this efs will fix my fingerprint scanner. Is fingerprint scanner info in a different partition?
Click to expand...
Click to collapse
Have you checked with miui7 stock rom. As far as i know there are three sensor modules for fingerprint, on of them is goodfix which is currently not supported by many roms. If your is goodfix then it will not be supported too. You can flash miui rom to check whether the fingerprint works or not...
If it doesnot work, then try to resotre your nandroid backup agaian. This tym simply untick efs.
OK, so I had a good idea, and did it badly...
I have a many-years old Nook Simple Touch (NST1 hereafter), which I had partitioned for more space to sideload. I decided a while back to simply load everything on a micro-SD card, which I did. I started having issues with NST1, so I purchased another (refurbed) Nook Simple Touch (NST2 hereatfer). I started looking for the info to undo the partitioning change, and came across info to backup and restore that involved deleting the partitions, and thus the restore process would rewrite them.
AH HAH! So, I figured I could backup the NST2, which was fresh, and restore it to NST1. Worked like a charm, too.
Now we come to the problem... It also overwrote both the serial number, which I have no way to get back that I can find, and overwrote the MAC address of NST1. The original MAC address I do have, if I knew where to put it. And, if there's a way to find the original serial number, that too would be good to put back.
So, there you have it. Anybody got any ideas? I'm sure someone, probably many someones here, know where this data is recorded on the NST, and the easiest way to modify the data so it reflects the original information. I'm also hoping that someone can give me ideas on how to find the original serial number again. (Yes, I know it is written on the case where the micro-SD card goes in, but over the years that has become mostly unreadable, so that's out.)
Thanks muchly for any help you can offer,
MildBill
MildBill said:
OK, so I had a good idea, and did it badly...
I have a many-years old Nook Simple Touch (NST1 hereafter), which I had partitioned for more space to sideload. I decided a while back to simply load everything on a micro-SD card, which I did. I started having issues with NST1, so I purchased another (refurbed) Nook Simple Touch (NST2 hereatfer). I started looking for the info to undo the partitioning change, and came across info to backup and restore that involved deleting the partitions, and thus the restore process would rewrite them.
AH HAH! So, I figured I could backup the NST2, which was fresh, and restore it to NST1. Worked like a charm, too.
Now we come to the problem... It also overwrote both the serial number, which I have no way to get back that I can find, and overwrote the MAC address of NST1. The original MAC address I do have, if I knew where to put it. And, if there's a way to find the original serial number, that too would be good to put back.
So, there you have it. Anybody got any ideas? I'm sure someone, probably many someones here, know where this data is recorded on the NST, and the easiest way to modify the data so it reflects the original information. I'm also hoping that someone can give me ideas on how to find the original serial number again. (Yes, I know it is written on the case where the micro-SD card goes in, but over the years that has become mostly unreadable, so that's out.)
Thanks muchly for any help you can offer,
MildBill
Click to expand...
Click to collapse
You can find the serial number on the edge of the NST, hidden behind the SD card "door".
As to the rest, you may be SOL. There are places on the device where the S/N and MAC address are stored as strings, but I think the actual information is stored more deeply and may be encrypted with keys. Still, can't hurt to scour the forum. I could be wrong.
nmyshkin said:
You can find the serial number on the edge of the NST, hidden behind the SD card "door".
Click to expand...
Click to collapse
As I stated in the OP, that data is no longer readable, after many years of use. I have the MAC address (did you *read* the post??) I need to know where to put it!
MildBill said:
As I stated in the OP, that data is no longer readable, after many years of use. I have the MAC address (did you *read* the post??) I need to know where to put it!
Click to expand...
Click to collapse
Yeah, I missed that last part. Search on "serial number" and you'll find a dev discussion about this. Unless you have a copy of the original ROM partition I don't think you can do anything.
nmyshkin said:
Yeah, I missed that last part. Search on "serial number" and you'll find a dev discussion about this. Unless you have a copy of the original ROM partition I don't think you can do anything.
Click to expand...
Click to collapse
Surely there is some way to insert/change the existing data to reflect the original. And, no, sadly, stupidly, I did not back up that data, I had forgotten it was coded in flash, and knew I was going to overwrite the entire device.
It's been a while since I worked on NSTs.
On the iMX6 (Glows), the serial number is in two places:
In mmcblk0 at offset 200 it says "SN-12345667890123456", I believe purely as informational.
In mmcblk0 at offset 80400 is an XML structure with the SN used by Android.
On the OMAP3 (NST), the serial number is in two places:
/rom/devconf/DeviceID (16 bytes ASCII)
/rom/devconf/SerialNumber (16 bytes ASCII)
/rom is normally mounted r/w so you can just write these and reboot.
Renate NST said:
It's been a while since I worked on NSTs.
On the OMAP3 (NST), the serial number is in two places:
/rom/devconf/DeviceID (16 bytes ASCII)
/rom/devconf/SerialNumber (16 bytes ASCII)
/rom is normally mounted r/w so you can just write these and reboot.
Click to expand...
Click to collapse
Bless you Renate, I knew you would know! How about the location of the MAC address?? This appears to also be software coded somewhere, as when I was finished with the process outlined above, both devices have the same MAC address.
MildBill said:
How about the location of the MAC address?
Click to expand...
Click to collapse
Code:
# cd /rom/devconf
# echo -n 1234567890123456 > DeviceID
# echo -n 1234567890123456 > SerialNumber
# echo -n 123456789012 > MACAddress
Renate NST said:
Code:
# cd /rom/devconf
# echo -n 1234567890123456 > DeviceID
# echo -n 1234567890123456 > SerialNumber
# echo -n 123456789012 > MACAddress
Click to expand...
Click to collapse
Renate,
Yes, I have successfully deciphered (mostly) the serial number/device ID printed on the case near the micro-SD slot. I had to guess a couple of numbers but I think I got them right.
And, I saw the MAC address file as pointed out, BUT, I changed that as well, maintaining the format involved, and when restarted the device info said 'Unavailable' for the MAC address, until I turned WiFi on, and then that reverted to the wrong address, as written from the other device. I'm assuming that there is some other place where it is stored in some form. Any ideas on that?
MildBill
P.S. Actually, I edited the files with a Windows editor, the serial/device ID change worked fine as far as I can see.
P.P.S. On further check, while the Device Info:About Your Nook shows the 'cloned' MAC address after turning WiFi on, the MAC Address file still reflects the original address (obtained from a separate source from prior to the whole business.
Read this thread
https://forum.xda-developers.com/showthread.php?t=1480974
Yeah, the initialization of the WiFi adapter is in /rom/devconf/WiFiBackupCalibration.
It's a series of register addresses/counts and data.
The MAC is in reverse order in hex, not ASCII.
Code:
0x00 - 0x01
0x01 - 0x6d
0x02 - 0x54
0x03 - 6th byte MAC
0x04 - 5th byte MAC
0x05 - 4th byte MAC
0x06 - 3rd byte MAC
0x07 - 0x01
0x08 - 0x71
0x09 - 0x54
0x0a - 2nd byte MAC
0x0b - 1st byte MAC
OK, I have decided to change directions...
After getting all the data changed, I tried to erase and deregister, then register again, and it gives me errors.
All the data, by the way, as well as the Main Board SN are on a sticker ON the motherboard, so I know I got them right. There are, however other bits of data not there, which no doubt need to all match up, and don't. So, I have decided this can be a test device for some of the various rooted ROMs, and other goodies out there, to see if any of them are worthwhile to use. If not, I will simple restore the NST2 backup to it, and simply make sure I don't have both of them powered up and online at the same time.
Thanks to all for trying to help, even if it didn't work out. The new (to me) device will last me for many more years I'm sure.
MildBill
MildBill said:
OK, I have decided to change directions...
After getting all the data changed, I tried to erase and deregister, then register again, and it gives me errors.
All the data, by the way, as well as the Main Board SN are on a sticker ON the motherboard, so I know I got them right. There are, however other bits of data not there, which no doubt need to all match up, and don't. So, I have decided this can be a test device for some of the various rooted ROMs, and other goodies out there, to see if any of them are worthwhile to use. If not, I will simple restore the NST2 backup to it, and simply make sure I don't have both of them powered up and online at the same time.
Thanks to all for trying to help, even if it didn't work out. The new (to me) device will last me for many more years I'm sure.
MildBill
Click to expand...
Click to collapse
Yes, I'm sure you noticed in the link I posted above that you will not be able to register the device. The original info is stored and processed with keys and these are used when communicating with B&N.
You may have missed the link within the link: http://forum.xda-developers.com/showthread.php?t=892426
This may allow you to fix the MAC address issue. Seems to have worked for others.
So the really big issue is then how to overcome the rapid battery drain of an unregistered NST. I tried many things when I got my second NST but was never able to find something that didn't just make things worse. A truly B&N-free NST is a really worthy goal, but only if the battery issue can be solved. It seems like every attempt to disable/delete parts of the B&N system sets up a constantly running panic in the system background. The same appears to be true if you skip OOBE.
Advice: do a reset, try the MAC fix. If it works, do a backup. That's your baseline.
Good luck.
Edit: I can confirm that the method described in the link above does seem to successfully spoof the MAC address, as least as far as my router is concerned. I used an online hex editor to make the changes on a copy of the /rom/devconf/WiFiBackupCalibration file and then copied it back to my NST and rebooted. Initially in my Nook Settings app the MAC address shows up as "unknown", but this seems to be true at every reboot. Once a WiFi connection is made, the spoofed address is shown by the router and it even shows up in the Settings app thereafter without any additional changes.
I done ****ed up.
I was attempting to wipe modemst1 and modemst2 because I had flashed a good five different radio firmware packages, and I was rather concerned that there was some conflicting... stuff happening. I thought I had taken successful backups, just in case. However, it turns out these backups failed to write properly, and instead created blank files.
Lo and behold, when my IMEI decided it didn't want to IMEI anymore (it currently reports as 0), I had no recourse. However, all is not lost! I can edit a restored modemst1/2 and write these into position... I think. However, I need help - I don't have another Axon 7 to fetch from. So, if someone here would be so kind as to provide some, that would be extraordinarily good of them.
If you're wondering, this is the command to make a copy:
Bash:
dd if=/dev/block/bootdevice/by-name/modemst1 of=/storage/0000-0000/modemst1backup
dd if=/dev/block/bootdevice/by-name/modemst2 of=/storage/0000-0000/modemst2backup
These commands should place the files modemst1backup and modemst2backup on your SD card. If you have no SD card at hand, replace 0000-0000 with self/primary to save on to your phone's internal storage.
It's probably a requirement for your handset to also be a European A2017G - a US or CN model might not be compatible, but I honestly don't know whether or not that is a load of horse-****e. Thankyou in advance!
That sucks man, I have no idea what to say so I'll just leave this here:
F
I fixed it! Turns out it's actually not that hard to write an IMEI to a Snapdragon device. I'll make a guid post on this in a moment.
Edit: guide up: https://forum.xda-developers.com/t/guide-imei-fix-for-zero-value-imei-strings.4402835/
Edit 2: Turns out I didn't fix it. Looks like I still have some issues. I could still use a copy of modemst1 and modemst1, if anyone could be so kind.