Sorry if this is the wrong section..
But I need help from you guys on how to dump my moto q9h rom and bypass the security for me to recover my important files from it..
My daughter accidentyly wronly entered the unlock pin 3x and the phone locks-up..
Is the any other way I can recover my files?
REALLY NEED HELP...or at least point me where can i get he info..
THANKS
I just want to give a BIG THANK YOU to Koush and everyone else that may have been involved !!!
Since my post count isn't high enough at this point to post in the development forum (sorry) I'm going to ask here....
I noticed during the unlock procedure under the "acknowledge portion" it stated if I wanted to relock the bootloader to set "secure enabled" what would be the reverse procedure to do this?, when/if I decide to send it back to Moto for 4g upgrade. Also If I just do a factory reset will it unroot the device or will I have to manually uninstall superuser?
While I am an advocate for device customization and modifications, I also believe there is an inherent need for locked bootloaders. When we unlock a BL and leave it that way so we can run custom ROMs, root etc, we sacrafice the security it provides allowing our devices to be tampered with or redistributed after a theft. I've seen the PSA advising people not relock their bootloaders on anything except stock. That is entirely true for Verizon and EE pixels that were never intended to be unlocked in first place. However I believe its entirely possible to boot properly self signed images on unlockable devices after re-locking.
Now, I'm not saying we should go around re-locking bootloaders with custom firmware installed there's a process. I've done a bit of reading on verified boot. I am interested in utilizing the "YELLOW STATE" so we can run self signed boot images using an "embedded certificate" along with dm-verity disabled. The problem is how can we self sign our boot images allowing boot to continue without compiling from source?
https://source.android.com/security/verifiedboot/verified-boot.html
https://mjg59.dreamwidth.org/31765.html
I found some information & maybe a more experienced DEV can shed some light on if its possible with our Pixel devices. That's really the goal of this thread, to start a discussion which I think is extremely important & hopefully turn into a guide or tool. We shouldn't completely sacrafice security to utilize root or custom ROMs. On my N5X I have a locked bootloader and modified boot/system with Allow OEM unlock disabled. Difference with our Pixels and Nougat BLs is verified boot is strictly enforced.
Please excuse me if this thread seems jumbled or all over the place. I really do want help with this idea tho to help inform and keep us secure. Any input is appreciated.
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
I still wouldn't do this. What's the point? You will still pass safety net with custom kernel.
As for security you, your device still needs to be decrypted to use TWRP. It should still be as secure. I guess someone can wipe your device if they get ahold of it but that's not really a security risk.
Risk is still huge locking your device with a custom OS.
Sent from my Pixel using Tapatalk
milan187 said:
I still wouldn't do this. What's the point? You will still pass safety net with custom kernel.
As for security you, your device still needs to be decrypted to use TWRP. It should still be as secure. I guess someone can wipe your device if they get ahold of it but that's not really a security risk.
Risk is still huge locking your device with a custom OS.
Sent from my Pixel using Tapatalk
Click to expand...
Click to collapse
It has nothing to do with passing safety net. TWRP can only access the data after the pin is input, true, but leaving a device with an unlocked boot loader leaves the ability to flash modified boot images (a huge attack vector). This is to keep your device yours if it falls into a theives hands. You can not have device protection features on a unlocked Allow OEM unlock device. You're right there is risk but being careful can alleviate the risk. I do this because I want my phone to be a trackable paper weight if somebody takes it. I have established my own chain of trust outside of googles. I have even modified my TWRP side of boot.img to only start with my PC using adb-keys.
Which risk is greater. The risk of losing an unlocked device and it falling into the hands of someone that knows what to do or bricking it relocking it.
I vote the latter.
Its not re-locking that bricks... Its disabling the allow OEM unlock in dev options & screwing with stuff afterwards that may cause a bootloop. As long as you have a signed boot image in place with TWRP or stock recovery that uses your own keys the risk is minimal.
Simple rule... With a locked boot loader on a device where verification is strictly enforced always leave that option ticked if modifying anything.
I'm sorry but people are misinformed. Locking the boot loader doesn't brick if you have a custom ROM in place any more than a stock ROM. Its screwing with things or using a poorly dev'd ROM. If you are like me and can set something up the way you like once and not screw with it you'll be fine. If you do wanna screw with something remember to check allow OEM unlock in dev opts. Don't uncheck until you're 100% sure. It really is that simple.
If you are leaving the toggle open what have you accomplished when it gets stolen? They just issue the fastboot command to unlock it. Yea, it wipes data at that point. But I honestly can't think of anything on my phone that is confidential.
When I'm out n about and using my phone normally (i.e. not modding, flashing etc) I put the toggle to off. If I'm planning on changing anything I toggle it back on & if something causes a bootloop (most probably user error) I can recover. I don't think most people who steal phones care about data either but I keep a lot of keys, passwords etc to networks in my devices storage. I admit its not for everybody, just a way to be more secure and protect a $700+ investment. My phones bootloader isn't just locked, its locked with a persistent root ssh backdoor integrated into system so I can maintain control in the event.
want to re-lock my boot loader ?
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
hey,
I as well as plenty of others thought I was clever unlocking it as I mainly wanted to unlock it from EE UK network , its not been touched since ,no custom rooms or root but after reading people are trying to Re-lock it and getting bricked im too scared too try lol its only phone ive got ? Appreciate any help please x
---------- Post added at 10:57 AM ---------- Previous post was at 10:21 AM ----------
sally76 said:
hey,
I as well as plenty of others thought I was clever unlocking it as I mainly wanted to unlock it from EE UK network , its not been touched since ,no custom rooms or root but after reading people are trying to Re-lock it and getting bricked im too scared too try lol its only phone ive got ? Appreciate any help please x
Click to expand...
Click to collapse
Sorry Duhhhh !! Custom u said lol
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
Geofferey, Do you happen to know if these commands are still right with LOS 17.1 / Android 10?
(Or does anyone else know?)
PS: Sorry everyone for pumping such an old thread
nullstring2 said:
Geofferey, Do you happen to know if these commands are still right with LOS 17.1 / Android 10
Click to expand...
Click to collapse
Unfortunately no. Now there is avbtool and the process is actually a bit more complicated. Somebody wrote a guide on how to use it externally for another device but I couldn't even follow. I actually find it easier to get the sources for whatever ROM it is I'm trying to sign and set the signing params in config before build.
Here is the guy who did it usually avbtool externally
https://forum.hovatek.com/thread-32664.html
Many instructions here
https://android.googlesource.com/platform/external/avb/+/master/README.md
Geofferey said:
...but I couldn't even follow. /QUOTE]
Well, thats an intimidating introduction, but I'll take look.
That guide appears to be talking about mediatek CPUs which makes it a little confusing.
Any hint on how to get the vbmeta signing key for the google pixel?
Click to expand...
Click to collapse
nullstring2 said:
Any hint on how to get the vbmeta signing key for the google pixel?
Click to expand...
Click to collapse
If you mean how to make your own key to perform signing then
Code:
openssl genrsa -des3 -out avb.pem 2048
If you're asking how to get the same key that Google used to sign vbmeta, it ain't ever gonna happen.
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
Is there ANY way to do this on Xperias or LGs?
Geofferey said:
It has nothing to do with passing safety net. TWRP can only access the data after the pin is input, true, but leaving a device with an unlocked boot loader leaves the ability to flash modified boot images (a huge attack vector). This is to keep your device yours if it falls into a theives hands. You can not have device protection features on a unlocked Allow OEM unlock device. You're right there is risk but being careful can alleviate the risk. I do this because I want my phone to be a trackable paper weight if somebody takes it. I have established my own chain of trust outside of googles. I have even modified my TWRP side of boot.img to only start with my PC using adb-keys.
Click to expand...
Click to collapse
It has ALL to do with safetynet/play integrity.
I wouldn't care to leave my bootloader unlocked otherwise.
But I want a rom that passes all security standards without "tricks".
Ok so i hope people don't get me wrong.
Someone has sold this device (OPPO CPH 1723) to my brother and he asked me to help him with the screenlock,I tried to enter the recovery to do the wipe but its locked,(Enter Your Screenlock Password) i do not know if this device is stolen or what it may be but my brother claimed that he buy from a 'friend'.Well i hope anyone here could help to get rid or bypass this lock.
Please don't ask me anything abt the device or whatever it is.I'm here only asking for a help,NOT to be investigated.
If anyone had a screenlock password tool etc,Please do direct me with the links.I have google it earlier but many of 'em asking for a money.
Thank you
UPDATE: Device unlocked.MOD may lock or delete this thread.
Eddicts said:
Ok so i hope people don't get me wrong.
Someone has sold this device (OPPO CPH 1723) to my brother and he asked me to help him with the screenlock,I tried to enter the recovery to do the wipe but its locked,(Enter Your Screenlock Password) i do not know if this device is stolen or what it may be but my brother claimed that he buy from a 'friend'.Well i hope anyone here could help to get rid or bypass this lock.
Please don't ask me anything abt the device or whatever it is.I'm here only asking for a help,NOT to be investigated.
If anyone had a screenlock password tool etc,Please do direct me with the links.I have google it earlier but many of 'em asking for a money.
Thank you
UPDATE: Device unlocked.MOD may lock or delete this thread.
Click to expand...
Click to collapse
How did you unlock?
It is valid for Oneplus 5 also
https://forum.xda-developers.com/oneplus-5t/help/remove-unlocked-bootloader-warning-t3841712
Post #12
You argued in the topic that you are mentioning, why do you make a new topic?
Remove unlocked bootloader message, by locking the bootloader
yusuo said:
Remove unlocked bootloader message, by locking the bootloader
Click to expand...
Click to collapse
Go lock your bootloader with a custom ROM installed, I beg you. And please don't forget to let me know how that turns out for you and your device.
This was posted in 6T too and pissed off a lot there as well.
Mods CLOSE THIS THREAD!
[GUIDE] Remove unlocked bootloader warning
^- We are talking about this annoying warning Someone asked for that on this forum, someone told this is impossible - so I did that. It replaces aboot with the one that doesn't display this annoying warning, enjoy :) Download flashable zip...
forum.xda-developers.com
could this work for op6
-- accidental post, wrong forum --