Introduction
Heimdall One-Click is a open-source stack of software intended to eliminate our dependence on Odin and provide an unrivaled safe method to perform a complete flash of a device. Heimdall One-Click will work on any device which Heimdall covers. Heimdall One-click and Heimdall One-Click Packager can be used to distribute custom or stock firmware upgrades or downgrades currently on most Samsung devices. Each of the sections in this post could be an entire post on its own. I want to consolodate this information into a single area here on XDA.
Heimdall One-Click is a project which I have been perfecting for months. After 147 revisions I feel it is time to release. It is my hope that the use of this software will enable users to safely flash and understand what is going on while they are flashing firmware. Heimdall One-Click is based on Heimdall by Benjamin Dobell.
The basic outline goes like this...
Obtain firmware
Use Heimdall frontend to package a tar.gz
Select your tar.gz file with Heimdall One-Click. Your final package will be a executable cross-platform JAR file for redistribution which will deploy everything needed to flash your ROM.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
It's really that simple. See the Downloads and Source section. I will now discuss how everything works in depth.
Warning
You have the power to damage your device and others! Several times during the development cycle I had asked myself if it was ethical to release a packager. A lack of skill can easily brick a device. Building a flashable package is a skill and I do not want to see any One-Click Nukes released into the public. So I want to set some rules-of-thumb:
1. If you are unsure, do not package bootloaders into a distribution.
2. If you are going to package bootloaders, include boot.bin, Params.lfs, Sbl.bin and repartitioning option should be checked.
3. Always flash the firmware from Heimdall-Frontend before creating a one-click. Never assume it will work.
4. Please watch this video in its entirety before attempting to package a one-click.
Heimdall & Heimdall Frontend
Heimdall is a cross-platform open-source tool suite used to flash firmware (aka ROMs) onto Samsung devices. Heimdall is an "upstream package" contained within Heimdall One-Click. Heimdall is Maintained by Benjamin Dobell http://forum.xda-developers.com/member.php?u=2710388 from Glass Echidna. Heimdall has its own discussion thread here: http://forum.xda-developers.com/archive/index.php/t-1104826.html
Heimdall Frontend allows a graphical user interface for flashing firmware, packaging and deploying Heimdall tar.gz files. It also provides several additional tools. Heimdall Frontend has its own discussion thread here: http://forum.xda-developers.com/archive/index.php/t-1104826.html
Heimdall One-Click Packager
Heimdall One-Click packager is a tool which will take a Heimdall tar.gz file and package it into a Heimdall One-Click. Heimdall One-Click Packager is an open-source cross-platform(win/linux/mac) program with no dependencies. After execution, the user selects a tar.gz package for one-click and the program:
1. Decompresses firmware.xml from tar.gz
2. Deploys an empty one-click java jar.
3. Writes the Tar.gz and firmware.xml into the one-click jar thereby creating a new one-click executable firmware package.
Heimdall One-Click
Heimdall One-Click's job is simple; it deploys firmware with one click while keeping the user informed. Heimdall One-Click is an open-source cross-platform(win/linux/mac), dependency installing, easy-to-use, automation tool which can install firmware onto a device in download mode. Heimdall One-Click's operation is very simple from the outside, but the operation is very complex inside. See source code for more information. Heimdall One-Click has several safety features built in which make it the safest method of deploying firmware to any compatible device.
Why use Heimdall One-Click over Odin or other methods of software distribution?
Heimdall is Open-Source software. Without Open-Source software we would not have android or custom ROMs. Open-Source developers should support and expand the work of other Open-Source developers.
Odin is closed source and propritary. Not only is the application proprietary, but the drivers are also proprietary. Open-Source developers do not support Closed-Source work as it is a hindrance to development.
Heimdall supports Open-Source Tar.GZ compression which ensures file integrity and provides higher compression than zip formats. A 500 megabyte ROM can compress to less than 200 megabytes.
Heimdall can restore operation to a device which does not even have access to recovery mode. Heimdall does not require the kernel to be operational, it works at a higher level in the Secondary Bootloader.
A Heimdall One-Click is a single executable file which contains everything needed to flash a ROM.
A Heimdall One-Click works on Windows, Linux or Mac OS-X.
A Heimdall One-Click is not a final output format. Once you make a One-Click, the contents are not lost forever. The ROM package contained within can be unzipped using your favorite archive program, modified and redistributed.
Easiest, most portable, and foolproof method of flashing
Heimdall One-Click has been designed to be the easiest, most portable and foolproof method of flashing. The requirements are that the user knows how to put their device into "Download Mode" and that the user has Java installed on their computer.
Heimdall One-Click contains:
A deployable and unpackable firmware located in /com/adamoutler/heimdalloneclick/
Installer routines
Windows Drivers
Windows C++ Redistributable Package
Windows Heimdall binary
Linux32 Debian package
Linux64 Debian package
Mac OS-X Installation package
You can find a repository of prepackaged ROMs here at the Team Komin website: http://files.teamkomin.com/ Please note, some of these were packaged during beta testing so not all of them are high quality builds.
Obtaining firmware
Before you can package a ROM for distribution, you must have firmware to package. Here are two methods of obtaining firmware.
Obtaining firmware from a live device
The following commands can be used on most Samsung Android devices to make a backup of everything but bootloaders. Bootloaders must be obtained from official builds and cannot be pulled off a working device after you have finished developing. This may not work on devices designed for RFS filesystems if the filesystems have been converted
Open a terminal to your device (terminal emulator or QuickSSHD, or adb shell)
Enter the following commands into the terminal
Code:
su
#Remove the target folder if it is present
rm -r -f /sdcard/firmwarepackage
#Write all zeros to data partition to zero flash memory until the partition is full
dd if=/dev/zero of=/data/big_zero bs=1048576
#Remove the zerod out dummy file
rm -r -f /data/big_zero
#Mount The /system folder as RW so we can read and write to it
mount -o remount,rw /system /system
#Drop all zeros into a file on the /system partition until it is full
dd if=/dev/zero of=/system/big_zero bs=1048576
#Remove the zerod out dummy file
rm /system/big_zero
#Make our folder to write the firmware package onto the SDCard
mkdir /sdcard/firmwarepackage
#Begin transfer of all relevant blocks to sdcard
dd if=/dev/block/stl9 of=/sdcard/firmwarepackage/factoryfs.img bs=4096
dd if=/dev/block/bml7 of=/sdcard/firmwarepackage/zImage bs=4096
dd if=/dev/block/stl10 of=/sdcard/firmwarepackage/dbdata.img bs=4096
dd if=/dev/block/stl11 of=/sdcard/firmwarepackage/cache.img bs=4096
dd if=/dev/block/bml12 of=/sdcard/firmwarepackage/modem.bin bs=4096
#Done
echo done
copy the files from your sdcard in the firmwarepackage folder to your desktop/laptop computer.
Never mount an RFS filesystem to your computer Your computer is not equipped to handle the RFS filesystem. All permissions data will be lost and the filesystem will be rendered useless.
Using Heimdall Frontend, you can download the part.pit from the options tab to obtain the partition tables for custom ROM use.
Use Heimdall frontend to package a tar.gz
Use Heimdall One-Click Packager to make a One-Click
Obtaining firmware from Odin packages
You will need a base firmware package to obtain bootloaders for your device. Firmware can be obtained from several sites. Some of the more common are:
http://Xda-developers.com developer forums
http://rootzwiki.com
http://sammobile.com
http://samfirmware.com
http://sampro.pl
It is important that these firmwares be verified on your own device before distribution.
Totally decompress the entire firmware package down to its individual files
Use heimdall-frontend to create a package
Use One-Click Packager to generate a one-click.
Recommended Distribution Instructions
Once you have verified that your package has been made correctly, you will want to distribute it. Here is a recommended blurb which I have found to be effective from multiple tests. Replace "MY ROM" with your ROM name and MYROM.COM with your download link.
You will need Java installed on your computer Do you have java?
right click and open with Java
Put your device in "Download Mode" and click the flash button
Problems? Enter "Recovery Mode" and select "factory reset"
Download MY ROM!
Code:
[ list=1]
[ *]You will need Java installed on your computer [url=http://www.java.com/en/download/installed.jsp?detect=jre&try=1]Do you have java?[/url]
[ *]right click and open with Java
[ *]Put your device in "Download Mode" and click the flash button
[ *]Problems? Enter "Recovery Mode" and select "factory reset"
[/list]
[ size=4][ url=MYROM.COM]Click here to Download My ROM![/url][/size]
Downloads and Source
Heimdall One-Click Packager: http://code.google.com/p/heimdall-one-click/downloads/list
Heimdall Frontend: http://www.glassechidna.com.au/products/heimdall/
Heimdall One-Click Source Code:http://heimdall-one-click.googlecode.com/svn/trunk/
Heimdall one-Click Change Log:Change Log: http://code.google.com/p/heimdall-one-click/source/list
Heimdall Source Code: https://github.com/Benjamin-Dobell/Heimdall
Conclusion and Disclaimer
The source and applications are released under the MIT License. I have provided these resources at no cost to you without warranty. I will not be held liable. It is up to you to use these programs responsibly.
History
Heimdall One-Click saw its first appearance as "One-Click UnBrick http://forum.xda-developers.com/showthread.php?t=1153310". Since then, it has been tested and distributed as part of UnBrickable Mod, restoration back to stock, and upgrading firmware in the following threads:
http://forum.xda-developers.com/showthread.php?t=1191924 http://forum.xda-developers.com/showthread.php?t=1331381 http://forum.xda-developers.com/showthread.php?t=1330491 http://forum.xda-developers.com/showthread.php?t=1341666 http://forum.xda-developers.com/showthread.php?t=1312391 http://forum.xda-developers.com/showthread.php?t=1333423 http://forum.xda-developers.com/showthread.php?t=1333424 http://forum.xda-developers.com/showthread.php?t=1238093 http://forum.xda-developers.com/showthread.php?t=1266172
http://forum.xda-developers.com/showthread.php?t=1323527 http://forum.xda-developers.com/showthread.php?t=1288130 http://forum.xda-developers.com/showthread.php?t=1216790 http://forum.xda-developers.com/showthread.php?t=1221491
Forward
We are looking to expand Heimdall to work on more devices. We need devices to work with. Please see http://www.glassechidna.com.au/open for more information
RFS is full of bugs, you cannot read/write RFS filesystems on any computer.
RFS is prone to corruption (in many more ways you can expect)
RFS doesn't have a "packer" that zeroes empty portions in order to get filesystem images with good compressibility (IE: free space will be by default full of junk)
Also, compared to the well established update.zip format: this method doesn't provide a clean method to execute post-flashing scripts.
Why I advice not using the method described here to distribute custom ROMs as RFS.
However, distributing official firmwares in this format could be nice, but I'm not sure it's worth the hassle of re-packaging.
Note: for Ext4 based ROMs and devices like Galaxy S II or Galaxy Tab 10.1, this tool can make sense (ext4 fs packing tools are available in AOSP)
Yay!!! Thanks again
Sent from my SGH-I897 using xda premium
Supercurio, your notes on RFS are appreciated, but irrelevant if the guide I've provided is followed.
As a precaution, never mount an RFS Filesystem to your computer directly. It will corrupt the filesystem and Voodoo Lagfix will fail and bootloop. Apply Voodoo Lagfix after pulling the partitions. Flash a kernel, reboot, then pull partitions. This way you can mount it on your computer.
why to use this? using this method you will be able to ensure what is on your device is on your user's device. Rather than expecting that they are running a certain version of a certain firmware prior to applying an update.zip Heimdall One-Click also provides the easiest method to installing a custom kernel in order to get ClockWork Mod on a stock device.
As Supercurio mentioned, repackaging an odin file as a Heimdall One-Click may be a hassel, but Heimdall One-Clicks work on Linux, Windows or Mac OS-X.
I'm not going to go through all methods of development nor the functions of each file. However, if you wish to perform a factory reset, use a params.lfs from an official firmware package. If not, use the params from an active device.
There's downfalls to each method of distribution.
Update.zip requires that the user have a specific version of a specific firmware on their device. Heimdall One-Click does not require this.
Update.zip allows modification of firmware on a device. Heimdall One-Click will obliterate all firmware.
Update.zip is exactly as it says, it is an update. Heimdall One-Click is an entire firmware package.
Update.zip requires knowledge of a proprietery scripting format. Heimdall One-Click requires knowledge of Android filesystems only.
For this reason, packaging as a Heimdall One-Click makes your firmware package immortal rather than having a lifespan/dependency. A properly packaged Heimdall One-Click will always work without any expectation of the firmware on a user's device. It's a very clean way to distribute firmware.
Awesome piece of software, incredibly easy to use, and extremely useful. Thanks for releasing this to the community!
Thank you!
I have a 1007 Captivate and Odin / Keis were unreliable at best.
I'd love to see some Odin 1-Click repackaging for this. I could use them!!!
Downloads / upgrades with the Heimdall method have been easy to monitor and and
part that failed could easily be retried.
Without the Odin 1-click to stock being available (or failing, leaving me in an unknown state), I found the ability to use PIT, and target each section of the ROM to be critical in booting a new ROM if there is any reason the upgrade went awry from within Android.
Stock ROMs repackaged will help Odinphobes!
Erbid
Adam,
Does Heimdall frontend know which cache and dbdata file to use from a stock package, or do i need to manually select them? I've noticed that in a full package, there is a cache and dbdata file in two different places, but I do not know which one should be used. Also, should the param.lfs file be used only if flashing bootloaders, or should it always be included?
Edit
I am using stock firmware for a Captivate.
mrhaley30705 said:
Adam,
Does Heimdall frontend know which cache and dbdata file to use from a stock package, or do i need to manually select them? I've noticed that in a full package, there is a cache and dbdata file in two different places, but I do not know which one should be used. Also, should the param.lfs file be used only if flashing bootloaders, or should it always be included?
Edit
I am using stock firmware for a Captivate.
Click to expand...
Click to collapse
Dbdata goes in dbdata. Cache goes in cache. Paramaribo is a bootloaders. Watch the video.
Ok, I watched the video (great tutorial,btw), but I still don't know what to do about my problem. In a stock captivate package, there is a dbdata and cache file in the pda package, and another dbdata and cache file in the csc package. Which one gets used and which one gets tossed?
mrhaley30705 said:
Ok, I watched the video (great tutorial,btw), but I still don't know what to do about my problem. In a stock captivate package, there is a dbdata and cache file in the pda package, and another dbdata and cache file in the csc package. Which one gets used and which one gets tossed?
Click to expand...
Click to collapse
Just use one or the other.
Ok, thanks.
Just so I know, what does the dbdata and cache files do? What is in them?
mrhaley30705 said:
Ok, thanks.
Just so I know, what does the dbdata and cache files do? What is in them?
Click to expand...
Click to collapse
The database data and cache. Dbdata is where things like contacts are stored. Cache is where application preloading data is stored.
Ok, thanks again.
Any chance you are going to attempt a mobile Heimdall, similar to Mobile Odin I've been hearing about?
mrhaley30705 said:
Ok, thanks again.
Any chance you are going to attempt a mobile Heimdall, similar to Mobile Odin I've been hearing about?
Click to expand...
Click to collapse
No. ThaT method requires the device to be running and be rooted. This is way more valuable. I had considered it... until we figure out how to flash a PBL, that wont happen. Like, the software on the device, modifies the PBL as it is written.
I finally had a chance to try this. It is so easy. Your video is spot on (love the Spider Man reference ) This is so much easier than making a tar.md5 file for Odin.
One question, in your video, I noticed your terminal screen was transparent. How did you do that? It looks cool.
this seems to be a very valuable tool for developers and I am very glad you posted it,,watched the video,,sounds like a good thing,, could not see what you were doing,,read the post repeatedly,,yep this will be useful to the devs,, truly had hoped it would be useful to those of us on here that have figured out how to follow instructions and flash roms but really do not understand what we are doing,,now I understand why odin is so useful,,it allows people to do the job without knowing how to make the tools to do the job ( although I would like to learn that) unfortunately this seems to be a common "open source" mindset,,thats why apple sells so many overpriced machines,, they expect people to know nothing and intend to keep them that way,,so their machines are simplified and locked,, but they work without having to know how to program them,,without having to understand the whole command line BS,,yes I am guilty of being uneducated,,I am not guilty of being stupid,, I do not use tools or equipment that assumes I do not know,, I do not use tools or equipment that assumes I know more than I do,,I will continue to follow this because I still have hopes it will become useful,,to the common run of the mill user,,thanks for your work,, it is impressive,,now to get it useable to those of us that do not have years of programming experience,,that went to school when punch cards were still in existance
stayintwisted said:
this seems to be a very valuable tool for developers and I am very glad you posted it,,watched the video,,sounds like a good thing,, could not see what you were doing,,read the post repeatedly,,yep this will be useful to the devs,, truly had hoped it would be useful to those of us on here that have figured out how to follow instructions and flash roms but really do not understand what we are doing,,now I understand why odin is so useful,,it allows people to do the job without knowing how to make the tools to do the job ( although I would like to learn that) unfortunately this seems to be a common "open source" mindset,,thats why apple sells so many overpriced machines,, they expect people to know nothing and intend to keep them that way,,so their machines are simplified and locked,, but they work without having to know how to program them,,without having to understand the whole command line BS,,yes I am guilty of being uneducated,,I am not guilty of being stupid,, I do not use tools or equipment that assumes I do not know,, I do not use tools or equipment that assumes I know more than I do,,I will continue to follow this because I still have hopes it will become useful,,to the common run of the mill user,,thanks for your work,, it is impressive,,now to get it useable to those of us that do not have years of programming experience,,that went to school when punch cards were still in existance
Click to expand...
Click to collapse
what?
get some firmware, make a heimdall package, run the one-click maker. No matter what level you're at, this is as easy as it gets. It does not get easier.
ok sorry to have bothered you,, I will try to find someplace to learn enough to understand what you consider stupidly simple,,I will just stick to odin and cwm they just work,,was my error for thinking that you would be able to write at a level I would understand,, but it is still going to be a very useful tool for those who can use it and I thank you for the work you have put into it
stayintwisted said:
ok sorry to have bothered you,, I will try to find someplace to learn enough to understand what you consider stupidly simple,,I will just stick to odin and cwm they just work,,was my error for thinking that you would be able to write at a level I would understand,, but it is still going to be a very useful tool for those who can use it and I thank you for the work you have put into it
Click to expand...
Click to collapse
If you're not a developer, you don't have anything to package and this thread does not apply to you. The end result is a one-click and probly is what you are looking for. This tool is for packaging your work. You must have something to package.
This IS super simple. I did it. On2 different operating systems. It's literally point and click, but a minimal amount of typing involved. And i am no good at command line. I also don't claim to be a developer, or even an advanced user.
HI,
I have looked at various tutorials and can't seem to find one specific to what i am looking for. Apologies if it's out there and i just haven't found it.
I have a bunch (like 250) of brand new Samsung Note 3's (Canadian N900W8 build) that have stock 4.4.2. I am required to get them all configured with a specific set of apps installed and various shortcuts on the home screen along with some custom settings (APN, data limits etc). so far i have been doing this manually and it is very time consuming and tedious. If there a way to take a phone i have already configured and make a file that i can flash in odin to each of the new phones that will mirror all of the changes i need to the new phones? Or some other tool to automate the process of deploying that many devices. If anyone can point me to a tool or tutorial i would be eternally grateful and may manage to retain my sanity.
I haven't seen anything like this yet in my browsing, most of the tutorials i have seen are for compiling/building a full rom.
Thanks
bugleboy said:
HI,
I have looked at various tutorials and can't seem to find one specific to what i am looking for. Apologies if it's out there and i just haven't found it.
I have a bunch (like 250) of brand new Samsung Note 3's (Canadian N900W8 build) that have stock 4.4.2. I am required to get them all configured with a specific set of apps installed and various shortcuts on the home screen along with some custom settings (APN, data limits etc). so far i have been doing this manually and it is very time consuming and tedious. If there a way to take a phone i have already configured and make a file that i can flash in odin to each of the new phones that will mirror all of the changes i need to the new phones? Or some other tool to automate the process of deploying that many devices. If anyone can point me to a tool or tutorial i would be eternally grateful and may manage to retain my sanity.
I haven't seen anything like this yet in my browsing, most of the tutorials i have seen are for compiling/building a full rom.
Thanks
Click to expand...
Click to collapse
This might not work for reasons I don't know about, but why not make a nandroid backup of the completed ROM and Apps etc, and copy it to multiple extSDCards then run a Restore on each phone? Although I guess you'd need to flash a custom recovery first... hm...
Maybe someone who knows ADB ins and outs could suggest something - connect phone, push SW out etc.
So i found a tutorial that described how to dump an img file for various partitions using ADB commands. I used the following to dump the system partition
Code:
dd if=/dev/block/mmcblk0p23 of=/mnt/extSdCard/backup/system.img bs=4096
I then coppied the system.img to computer and used a tool i found on here to convert it to system.tar.md5. I put a new phone into download mode and open odin load the system.tar.md5 into the PDA section it verifies the file ok, but when i try to flash it it fails instantly and a message appears on the phone saying "Unsupport dev_type"
I have seen a couple different versions of this tutorial out there, and i even tried booting to a ubuntu live CD to try to use the linux commands i saw on a different tutorial to convert the .img to a .tar.md5 but the result is the same.
Does anyone have any experience getting this method to work? any suggestions?
Thanks
bugleboy said:
So i found a tutorial that described how to dump an img file for various partitions using ADB commands. I used the following to dump the system partition
Code:
dd if=/dev/block/mmcblk0p23 of=/mnt/extSdCard/backup/system.img bs=4096
I then coppied the system.img to computer and used a tool i found on here to convert it to system.tar.md5. I put a new phone into download mode and open odin load the system.tar.md5 into the PDA section it verifies the file ok, but when i try to flash it it fails instantly and a message appears on the phone saying "Unsupport dev_type"
I have seen a couple different versions of this tutorial out there, and i even tried booting to a ubuntu live CD to try to use the linux commands i saw on a different tutorial to convert the .img to a .tar.md5 but the result is the same.
Does anyone have any experience getting this method to work? any suggestions?
Thanks
Click to expand...
Click to collapse
Maybe check adb setting in Developer menu? There's an ADB over network setting in there. Not sure if it will help, after looking at it it says it is reset on boot...
I ended up using a nandroid backup as suggested earlier. However i initially had issues doing that i think because i was using TWRP recovery and it requires the backups to be in a folder named uniquely per device id or something which requires you to make a backup on that device before you can copy the backup files . TWRP also write protected the backup folders requiring root to be able to copy a backup onto it.
I changed to CWM and it works much better, all i have to do is flash CWM recovery to a new device and then boot it to copy the backup files and then reboot to recovery and restore the backup.
bugleboy said:
I ended up using a nandroid backup as suggested earlier. However i initially had issues doing that i think because i was using TWRP recovery and it requires the backups to be in a folder named uniquely per device id or something which requires you to make a backup on that device before you can copy the backup files . TWRP also write protected the backup folders requiring root to be able to copy a backup onto it.
I changed to CWM and it works much better, all i have to do is flash CWM recovery to a new device and then boot it to copy the backup files and then reboot to recovery and restore the backup.
Click to expand...
Click to collapse
Make sure all the devices have the same bootloader and modem. What Firmware version are you using as a base?
Sent from my SM-N9005 using Tapatalk
celderic said:
Make sure all the devices have the same bootloader and modem. What Firmware version are you using as a base?
Sent from my SM-N9005 using Tapatalk
Click to expand...
Click to collapse
They're all using the same 4.4.2 base image, the only change i made was flashing a custom recovery to be able to create the initial backup of the configured phone and to restore the backup to the stock phones saving me having to maunally configure each device.
First, to clarify, the last time I rooted anything was a Galaxy S3 back in the day. I'm by no means an expert, I just figured I'd help out folks like me that haven't touched all these new tools, well, ever.
Just did this myself earlier today attempted to get Magisk root, but alas, I got stuck in a boot loop. Luckily I had muddled through getting the image first, otherwise I'd still be stuck in said boot loop. I figured I'd post this for anyone else trying to root these things just to make sure you have a backup you can trust (I generally don't trust rando images that folks post online). All of the instructions below are assuming you're on Windows 10 and using PowerShell just because that's the default these days. Without further adieu.
Download ADB/fastboot (on your Windows machine)
I downloaded adb/fastboot from google directly: https://developer.android.com/studio/releases/platform-tools
Just extract and browse to the platform-tools directory in Windows Explorer until you can see adb.exe and a bunch of other tools
Download the latest SP Flash Tool
I just grabbed it from here: https://spflashtools.com/
Please let me know if there's an "official" place to find SP Flash Tool, cause everything surrounding all the download sites seems a bit sus...
Enable USB Debugging (on the tablet)
Go to settings -> About tablet
Tap the Build number 10 times (until debugging mode unlocks)
Hit back and go to System
Click Advanced and then Developer Options
Enable USB Debugger
I also enabled OEM unlocking because the whole point of this is for me to run either AOSP or Lineage someday. I honestly don't know if unlocking the bootloader is needed for dumping your own images, but I highly suspect it's not.
Plug the tablet into your computer
You'll likely see a prompt on your tablet about allowing your computer to debug your tablet. I just checked the box and hit accept so I wouldn't see it again.
Get your scatter file (on your Windows machine)
I tried several things to get the scatter file (I guess this is like a partition table based on the contents I saw) but in the end, by far the easiest way was to just download the scatter file from the file system.
In the Windows Explorer window from before (platform-tools), hold down shift while left clicking and click on Open PowerShell window here
Now type the following to get a shell on your:
.\adb.exe shell
This will get you into the shell environment. Now type the following to verify your scatter file is there:
ls -al /system/data/misc/
In here you should see something like:
-rw-r--r-- 1 root root 13893 2008-12-31 19:00 MT8168_Android_scatter.txt
Now that we have the name, just type exit to get out of the shell
Download the scatter file
.\adb.exe pull /system/data/misc/MT8168_Android_scatter.txt
Open up the scatter file in your favorite text editor (for me, Notepad++)
Now you can see the partition layout, offsets, etc, etc
Dump your image(s) (on your Windows machine)
Now open SP Flash Tool (flash_tool.exe)
On the Download tab, make sure the Download-Agent is MTK_AllInOne_DA.bin
Now click Choose for the Scatter-loading file and browse to the scatter file you just downloaded
This should be in your platform-tools folder unless you moved it
Once the scatter file is loaded, the partition table should fill up with a bunch of partitions
Click on the Readback tab
Click Add
Double-click on the new entry
Navigate to where you want to save your image, and give it a name (in this case I'm starting with boot.img)
Remember how you opened the scatter file in a text editor? Search in the scatter file for boot.img
Make sure the region matches (should be EMMC_USER) between the scatter file and SP Flash Tool
Copy/paste the value for start_addr in the scatter file to Start Address in SP Flash Tool
Copy/paste the value for partition_size in the scatter file to Length in SP Flash Tool
Now do the same thing for recovery.img and any other images you'd like
If you want a full ROM backup, name the file something like ROM_0, then use Start Address of 0x0 and length as the start_addr for the second-to-last entry in the scatter file (in my case, it was 0xc1a80000, just make sure it doesn't start with f's)
Note: I don't know for sure if this is accurate or not, I'm still playing with it, but so far it appears to be. Probably?
Poking around in WwR MTK 2.51, it looks like for this particular device (100011885) I wanted a total dump of 0x73A000000. It looks like this number is derived from the first 8Mb of the EMMC_USER dump, so I'm not sure of an easier way than throwing WwR MTK at it for the moment.
Once you've got all the entries for what you'd like to dump, make sure to disconnect the tablet from your computer and power it off
Now click on Download in SP Flash tool
Once things grey out, then plug the tablet in. After a few seconds, you'll see the images start dumping.
Congrats, you have a boot.img (and whatever other images you wanted). Like I said, from here I tried using Magisk to patch the boot file, but when I flashed it in fastboot, after enabling OEM unlocking in Developer Options, it just kept popping up the initial Onn graphic along with the Orange State warning without getting to the "fancy" Onn graphic and the rest of the boot process. I was able to flash the original boot.img back and it once again booted properly again.
Also, for anyone interested, I've posted my dumped files for the 100011885 in my google drive: https://drive.google.com/drive/folders/17LtLtjKg4JJU9EJdIXPsyNjen0H-ilMX?usp=sharing
Maybe someone will have pity on me and figure out why Magisk isn't working?
Whenever I get a moment, I'll dump my 100003562 as well.
First, thanks a ton for this. I have been trying to pull a full system dump since I bought the tablet and had resorted to single pulls by name(very long and involved) I don't know if this will work for you, but on both of my 7 inch Gen 2 tablets, I just sideloaded Magisk Manager and then opened it (this was after unlocking the tablet) When I first opened MM it just said it needed to download some additional files for my environment. I clicked okay, it downloaded and installed the additional files. Once it rebooted, I open MM again and clicked install Magisk. On the next screen, I clicked direct install and let it do it's thing. After rebooting, root checker showed I had root, but I still can't get it to pass safetyNet. Root access does work as I have installed a few modules and busy box.