Related
*this thread is for m7. it will not work on m8,m9, or any other newer devices! search m8 general for the thread there(same name)
this thread will let you unlock your bootloader without htcdev,or let you change your hboot watermark from relocked or locked back to stock.
originally,we used a zip file flashable in recovery. i have found it to work on gsm devices with 1.44 hboot and CW recovery. it did not work with twrp. if the following is too scary,feel free to test the zip files. that thread,info,and downloads can be found here. since not all recoverys are working,these values can be changed with simple adb commands.
advantages
-no hassle with htcdev,tokens,or unlock codes
-no submitting your phones personal info to htc
-the ability to get back to 100% stock without any visual traces or records of having been s off or unlocking your bootloader.
you do NOT need to downgrade your hboot. this simple adb command works without any scary hboot downgrades.
*you must be s off.
*you must have superuser installed(seethis post] if you need help installing a recovery so you can install superuser)
read this:
this will not work if your s on. its not a way to magically unlock
the usual disclaimers:
use this info at your own risk. if it melts your phone into a little pile of aluminum goo,its not my fault.
credits
-beaups for giving me the echo comand,so yall didnt need to dump,edit with a hex editor,and copy back
-strace for originally discovering the location of the lock status flag(check out this thread for more info)
-kdj67f for fearlessly testing on vzw m7_wlv and putting up some screenshots in post 2. thanks!
-matthew0776 for fearlessly testing for sprint m7_wls
IF you are an advanced user with adb/fastboot set up and some basic knowlede of the cmd window,you can skip to #2
1)set up adb
-download this file
-install drivers: if you have htc sync installed,you should allready have drivers. if not,you can install htc sync,or install these modified htc drivers from revolutionary (driver mirror)
-unzip your miniadb_v1031.zip file. this is native funtionality in windows 7. you otherwise may need a utility such as "7-zip" to extract,or unzip it. place the unzipped folder onto the root of your C drive on your PC. root means the top level,not inside any folders. so just copy and paste,or drag and drop the folder onto C with everything else that is there. you may want to rename it to "miniadb_m7" since youll be putting some device specific files in here.
-open a command window. on windows 7,click the start bubble in the lower left and type "command" in the search box. xp i believe is similar or the same. doing this should open a small black command window.
-change to your miniadb_m7 directory. type the following at the prompt in your cmd window:
cd c:\miniadb_m7
your command promt should change to "c:miniadb_m7>" provided you: 1)unzipped the miniadb_v1031 zip file,and 2)put the folder on your c drive,and 3)entered the name of the folder correctly ("miniadb_m7" in this case)
-now make sure usb debugging is checked in developer options(you will need to turn it on first),and plug your phone into your PC with a usb cable
-make sure your phone is being recognized- type:
adb devices
if your drivers are installed correctly,this should return your phones serial number. you should hear the "found device" noises when you plug your phone in. if it starts installing drivers,wait for it to finish before typing the adb devices command.
if you get your serial number back,then enter this command:
adb reboot bootloader
this should take your phone to the "fastboot" screen,wich is white with colored letters. this is one mode of your bootloaders interactive modes. at the top youll see fastboot devices as confirmation youre in fastboot.
now enter:
fastboot devices
again,this should return your phones serial number. you should hear the "found device" noises when you plug your phone in. if it starts installing drivers,wait for it to finish before typing the adb devices command.
if you get your serial number back,you can enter the following to boot back to the phones OS:
fastboot reboot
and now,youve installed adb/fastboot and tested youre phones drivers. if at either spot,you have trouble and dont get your serial number back,there is some sort of connection issue. use these steps to troubleshoot:
troubleshooting connectivity issues:
-try a reboot of the PC
-try different usb cables and ports
-dont use a usb hub
-dont use usb 3.0
-make sure nothing capable of comunicating with the phone is enabled and running. htc sync,pdanet,easy tether,and even itunes have all been known to cause issues.
-windows 8 has been known to have issues. try a windows 7 or older machine
failing the above,
-i use these drivers for fastboot and adb(donwload and run as admin): http://downloads.unrevoked.com/HTCDriver3.0.0.007.exe (mirror)
failing that,try manually updating the drivers in the following manner:
-put the phone in fastboot mode(select fastboot from the hboot menu)
-open device manager on the PC
-plug in phone,watch for it to pop up in device manager.
-update drivers with device manager,pointing the wizard to the extracted
driver download folder from above
note that you can check the connectivity of the phone,and make sure drivers are working by in the following manner:
-open cmd window. change to directory containing adb/fastboot utilities
-adb with the phone in the booted OS,usb debug enabled,enter:
adb devices in a cmd window
-fastboot with phone in fastboot,enter:
fastboot devices in cmd window
in either case,a properly connected phone with working drivers installed should report back the phones serial number.
Click to expand...
Click to collapse
this process,in your cmd window,should look something like this:
Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Scott>[COLOR="red"]cd c:\miniadb_m7[/COLOR]
c:\miniadb_m7>adb devices
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
List of devices attached
FAxxxxxxxxxx device
c:\miniadb_m7>[COLOR="red"]adb reboot bootloader[/COLOR]
c:\miniadb_m7>[COLOR="red"]fastboot devices[/COLOR]
FAxxxxxxxxxx fastboot
c:\miniadb_m7>[COLOR="red"]fastboot reboot[/COLOR]
rebooting...
finished. total time: 0.037s
c:\miniadb_m7>
2)reset your "lock status flag"
to LOCK your bootloader,enter the following:
adb devices
adb shell
su (if needed to get a # prompt)
echo -ne '\x00\x00\x00\x00' | dd of=/dev/block/mmcblk0p3 bs=1 seek=33796
(i would very strongly recomend you copy/paste this)
exit
(exit a second time if you need to to get back to a normal > prompt)
adb reboot bootloader
verify you are now locked
_____________________________________________________________________________________________
to UNLOCK your bootloader,enter the following:
adb devices
adb shell
su (if needed to get a # prompt)
echo -ne "HTCU" | dd of=/dev/block/mmcblk0p3 bs=1 seek=33796
(i would very strongly recomend you copy/paste this)
exit
(exit a second time if you need to to get back to a normal > prompt)
adb reboot bootloader
verify you are now unlocked
*i have tested this on my gsm htc one. if someone wants to test on vzw,ill add you to the credits
99% is good enough for me haha! Phone just hut 50% charged, give me a minute. Will post back with pictures.
Sent from my HTC6500LVW using XDA Premium 4 mobile app
---------- Post added at 08:56 PM ---------- Previous post was at 08:41 PM ----------
Confirmed, code working. Flags set/reset. Phone even reboots and works will upload pics/screenshots.
Thanks!
Starting out unlocked:
Locking:
Locked:
Unlocking:
Re-unlocked:
Very good work!
Any idea how you would get rid of the tampered flag?
Sent from my HTC One using xda app-developers app
akuma24 said:
Any idea how you would get rid of the tampered flag?
Sent from my HTC One using xda app-developers app
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?t=2477792
Is this intended for people who got S-OFF and didn't use revone to unlock their bootloader at the same time? What would be the motivation for people doing that (not unlocking)?
will this also remove the "Tampered" flag once S-on has been returned?
deeevan said:
Is this intended for people who got S-OFF and didn't use revone to unlock their bootloader at the same time? What would be the motivation for people doing that (not unlocking)?
Click to expand...
Click to collapse
it can be used for that,with the advantage of being able to unlock without having to submit ones perosnal phone info to htcdev for an unlock code(i.e. no record of having unlocked)
however,it is moreso intended for folks who are unlocked to get back to 100% stock locked. fastboot oem lock gets you relocked and before anyone can suggest it,using the bootloader modifier to just change the banner is IMO fraud.
if you need to return a phone for a legitimate warranty claim,its easy to make it 100% correct in case it makes it back out into the public
broli-zn said:
will this also remove the "Tampered" flag once S-on has been returned?
Click to expand...
Click to collapse
once s on,youll have to run an ruu. prior to s on,you can use the link mentioned above(this one) to reset the tampered flag and remove that banner
scotty1223 said:
it can be used for that,with the advantage of being able to unlock without having to submit ones perosnal phone info to htcdev for an unlock code(i.e. no record of having unlocked)
Click to expand...
Click to collapse
My question is, Can't both of these be achieved with revone -u and revone -l? I unlocked using revone, I never requested an unlock code from htcdev. If you need to be S-OFF ie, use revone, why wouldn't someone just add the extra -u parameter and unlock bootloader at the same time?
The lock command is definitely useful for those on a revone incompatible hboot (most).
Just tried this and it worked just fine, thanks very much.:good:
Cool
Much better than using revone to do this, as it leaves no tracks. Kudos 2 u.
i never claimed this was a major breakthru. this is just anotehr way to skin the cat. if revone is still working and your more comfortable using that,by all means do so.
thanks for all the comments,im glad some are finding it useful
Could you tell me if this method to lock/unlock bootloader wipes phone data like the method via htcdev?
Simple and easy guide much obliged Scotty ?
Skickat från min HTC One med Tapatalk
Can I relock It this way if I unlocked it through htc dev, and get the status locked instead of relocked?
Sent from my HTC One using xda premium
piterk said:
Could you tell me if this method to lock/unlock bootloader wipes phone data like the method via htcdev?
Click to expand...
Click to collapse
no,it does not erase data.
the flashing of unlock code,and relock command initiate hboot to factory reset. this is only changing the flag that hboot checks.
jaypeg123 said:
Can I relock It this way if I unlocked it through htc dev, and get the status locked instead of relocked?
Sent from my HTC One using xda premium
Click to expand...
Click to collapse
yes. thats the whole point- no relocked watermark
Yes this is outstanding. Thank you :thumbup::thumbup::thumbup::thumbup:
Sent from my HTC One using xda premium
if we have installed a modified hboot to remove the red text, can we use this method to lock or it will brick it?
Nikos2k said:
if we have installed a modified hboot to remove the red text, can we use this method to lock or it will brick it?
Click to expand...
Click to collapse
you are fine. this mod has nothing to do with hboot.
@scotty1223
I tried to copy mmcblk0p3 from /dev/block/ to /data/local/tmp and verify that all is done OK..
However, after command
Code:
echo -ne '\x00\x00\x00\x00' | dd of=/data/local/tmp/mmcblk0p3 bs=1 seek=33796
I noticed that size of mmcblk0p3 in /data/local/tmp instead of 127 Mb changed to 33800 b (ie 33796 + 4 b).
Where is mistake? I have or have you? Check your mmcblk0p3 in /dev/block/
There are should be no all 00 after offset 0x8408.
Thank you!!!
Golv said:
@scotty1223
I tried to copy mmcblk0p3 from /dev/block/ to /data/local/tmp and verify that all is done OK..
However, after command
Code:
echo -ne '\x00\x00\x00\x00' | dd of=/data/local/tmp/mmcblk0p3 bs=1 seek=33796
I noticed that size of mmcblk0p3 in /data/local/tmp instead of 127 Mb changed to 33800 b (ie 33796 + 4 b).
Where is mistake? I have or have you? Check your mmcblk0p3 in /dev/block/
There are should be no all 00 after offset 0x8408.
Thank you!!!
Click to expand...
Click to collapse
im not sure what youve got going on with the filesize,but he 33796 is an address,not a size.
the command is writing only 4 bytes,at 8404,8405,8406,8407. if you wish to verify your HTCU or HTCL has been overwritten,dump it to your sd card: dd if=/dev/block/mmcblk0p3 of=/sdcard/mmcblk0p3 then pull it,and open it with a hex editor.
if youre working with a different device,pull mmcblk0p3 first,before issueing any commands,open with a hex editor,and verify the location of the lock flag.
the rest of 8400 is in fact all nulls, or 00
hope that answers your questions. i think youve just found some funky data becasue of the way youre attempting to verify it.
If you have successfully unlocked your HTC One M7 Bootloader, you will see the following text at the top of your Bootloader screen:
Code:
*** UNLOCKED ***
And, if you installed a custom recovery, it will change to the following:
Code:
*** TAMPERED ***
*** UNLOCKED ***
You can get rid of your TAMPERED text and/or change your LOCKED, RELOCKED or UNLOCKED status. This guide applies to all HTC One M7 Hboot versions.
Minimum requirements:
1. Your HTC One must be S-OFF.
2. Your device must be rooted.
There are different ways of achieving the same results, but this is the easiest (and safest) method using a tool called revone: http://forum.xda-developers.com/showthread.php?t=2314582. Note that revone is primarily intended to be used to S-OFF but it also has some very useful additional features, which are exactly what we're going to use here. You will find all the commands in the original revone thread but if you're having difficulties, then this guide for "noobs" should be helpful.
Stepwise procedure:
1. You need adb and fastboot. Download both in a single package: http://goo.gl/T6InE - credits to mike1986. Extract the folder "mini-sdk" and place it at C:/
2. Download revone: http://revolutionary.io/revone. Place it in your adb and fastboot folder, for example, C:/mini-sdk/
3. Connect your HTC One to your PC via USB cable. Boot up your HTC One and leave it on its homescreen. Test if the USB connection is working by clicking on the Start button > Run > type "CMD". This will open the Command Prompt window. From there, type:
Code:
cd c:\
cd mini-sdk
adb devices
You should see the serial number of your phone to confirm successful adb connection. This is what i get:
Code:
C:\Documents and Settings\Administrator>cd c:\
C:\>cd mini-sdk
C:\mini-sdk>adb devices
List of devices attached
FA36******** device
4. Now, you need to copy revone to your phone. In the same Command Prompt window, type:
Code:
adb push revone /data/local/tmp/
Here is my log to confirm that revone has been successfully copied:
Code:
C:\mini-sdk>adb push revone /data/local/tmp/
2893 KB/s (648208 bytes in 0.218s)
5. Now, open an adb shell by simply typing:
Code:
adb shell
You should see the following:
Code:
C:\mini-sdk>adb shell
[email protected]:/ #
If you see the $ symbol instead of the # symbol, type su (your HTC One needs to be rooted otherwise this won't work).
6. Use the Command Prompt to move to the folder where you placed revone on your phone and and set new permissions:
Code:
cd /data/local/tmp
chmod 755 revone
Here is what it looks like on my Command Prompt window:
Code:
[email protected]:/ # cd /data/local/tmp
cd /data/local/tmp
[email protected]:/data/local/tmp # chmod 755 revone
chmod 755 revone
7. Now, you can finally remove the TAMPERED text and switch between LOCKED, RELOCKED or UNLOCKED. Following from above, if you want to get rid of the TAMPERED text, type:
Code:
./revone -t
If you want to set the Bootloader as LOCKED, type:
Code:
./revone -l
If you want to set the Bootloader as RELOCKED, type:
Code:
./revone -r
If you want to set the Bootloader as UNLOCKED, type:
Code:
./revone -u
After you've made the changes according to what you want, you can now reboot the device and check if the changes have been applied. Type:
Code:
exit
exit
adb reboot bootloader
You should now be in the Bootloader menu and you can confirm the changes.
If this was useful, just click on the THANKS button!
tried it but stuck here
c:\sdk>adb push revone /data/local/tmp/
then it just sits there any ideas?
nathlynn22 said:
tried it but stuck here
c:\sdk>adb push revone /data/local/tmp/
then it just sits there any ideas?
Click to expand...
Click to collapse
Make sure your phone is on its homescreen (not bootloader or fastboot). Did you follow step 2 and 3? Did you see your serial no. after typing adb devices?
electronical said:
Make sure your phone is on its homescreen (not bootloader or fastboot). Did you follow step 2 and 3? Did you see your serial no. after typing adb devices?
Click to expand...
Click to collapse
yeah mate followed it all just in the end tried couple more times as revone thread said it can crash ETC SO ALL SORTED NOW THANKS. sorry about useless post
Hi, I havev a problem during the procedure :
"You should see the following:
Code:
C:\mini-sdk>adb shell
[email protected]:/ #
If you see the $ symbol instead of the # symbol, type su (your HTC One needs to be rooted otherwise this won't work)."
I see the $ symbol, but when I type su, nothing happend, error " "su"is not recognized as an internal or external command"
I need to reflash a modded recovery to root device ?
I want to return 100% stock
EDIT : the response was : YES ! thanks for your work !
@electronical
thanks for this very easy to understand tutorial buddy
... Note that revone is primarily intended to be used to S-OFF (applicable only if you have Hboot 1.44)...
Click to expand...
Click to collapse
So does that apply only to S-OFF'ing or to everything?
EDIT: I found another method and I successfully reset the TAMPERED flag
worked perfectly. thanks for the great guide :highfive:
commencal661 said:
So does that apply only to S-OFF'ing or to everything?
EDIT: I found another method and I successfully reset the TAMPERED flag
Click to expand...
Click to collapse
By "... Note that revone is primarily intended to be used to S-OFF (applicable only if you have Hboot 1.44)..." what i meant is that you can use revone to S-OFF only if the device has Hboot 1.44, otherwise Rumrunner is required in order to S-OFF.
It's simple enough, but to avoid the remote possibility of anyone else having the same confusion, i have edited that bit of info out. However, it's important to keep in mind that you can't S-OFF with revone if your device has Hboot 1.54 or above. But if your device is already S-OFF, you can use revone to remove the tampered flag and lock/relock/unlock, irrespective of your Hboot version.
Perfect!! Great and simple to follow tutorial.
Thanks!
electronical said:
If you have successfully unlocked your HTC One M7 Bootloader, you will see the following text at the top of your Bootloader:
Code:
*** UNLOCKED ***
And, if you installed a custom recovery, it will change to the following:
Code:
*** TAMPERED ***
*** UNLOCKED ***
You can get rid of your TAMPERED text and/or change your LOCKED, RELOCKED or UNLOCKED status. This guide applies to all HTC One M7 Hboot versions.
Minimum requirements:
1. Your HTC One must be S-OFF.
2. Your device must be rooted.
There are different ways of achieving the same results, but this is the easiest method using a tool called revone: http://forum.xda-developers.com/showthread.php?t=2314582. Note that revone is primarily intended to be used to S-OFF but it also has some very useful additional features, which are exactly what we're going to use here. You will find all the commands in the original revone thread but if you're having difficulties, then this guide for "noobs" should be helpful.
Stepwise procedure:
1. You need adb and fastboot. Download both in a single package: http://goo.gl/T6InE - credits to mike1986. Extract the folder "mini-sdk" and place it at C:/
2. Download revone: http://revolutionary.io/revone. Place it in your adb and fastboot folder, for example, C:/mini-sdk/
3. Connect your HTC One to your PC via USB cable. Boot up your HTC One and leave it on its homescreen. Test if the USB connection is working by clicking on the Start button > Run > type "CMD". This will open the Command Prompt window. From there, type:
Code:
cd c:\
cd mini-sdk
adb devices
You should get the serial number of your phone. This is what i get:
Code:
C:\Documents and Settings\Administrator>cd c:\
C:\>cd mini-sdk
C:\mini-sdk>adb devices
List of devices attached
FA36******** device
4. Now, you need to copy revone to your phone. In the same Command Prompt window, type:
Code:
adb push revone /data/local/tmp/
Here is my log to confirm that revone has been successfully copied:
Code:
C:\mini-sdk>adb push revone /data/local/tmp/
2893 KB/s (648208 bytes in 0.218s)
5. Now, open an adb shell by simply typing:
Code:
adb shell
You should see the following:
Code:
C:\mini-sdk>adb shell
[email protected]:/ #
If you see the $ symbol instead of the # symbol, type su (your HTC One needs to be rooted otherwise this won't work).
6. Use the Command Prompt to move to the folder where you placed revone on your phone and and set new permissions:
Code:
cd /data/local/tmp
chmod 755 revone
Here is what it looks like on my Command Prompt window:
Code:
[email protected]:/ # cd /data/local/tmp
cd /data/local/tmp
[email protected]:/data/local/tmp # chmod 755 revone
chmod 755 revone
7. Now, you can finally remove the TAMPERED text and switch between LOCKED, RELOCKED or UNLOCKED. Following from above, if you want to get rid of the TAMPERED text, type:
Code:
./revone -t
If you want to set the Bootloader as LOCKED, type:
Code:
./revone -l
If you want to set the Bootloader as RELOCKED, type:
Code:
./revone -r
If you want to set the Bootloader as UNLOCKED, type:
Code:
./revone -u
After you've made the changes according to what you want, you can now reboot the device and check to see if the changes have been applied. Type:
Code:
exit
exit
adb reboot bootloader
You should now be in the Bootloader and you can confirm the changes.
If this was useful, just click on the THANKS button!
Click to expand...
Click to collapse
This is very useful and it works. I am able to S-OFF (Windows 8, 32Bits) and removed the "tempered" and change "unlocked" to "locked" just like original. Crushalot, thanks for this, but can you point out how I can remove the "red descriptions (the development purpose...)" on boot screen and the Tell HTC, please?
Wait to hear from you
Hi there, first of all amazing guide, I've been trying to remove all flags but seemed way too hard to do it , but as easy as it may be I'm kinda stuck here. When I run the adb device command I don't get anything, it doesn't find any device :S any idea what's going on? Also, I'm trying to get my phone to stock for warranty purpose after I've done this if I have available the 4.2 or 4.3 update (I don't remember which one) and I run it through TWRP will this unroot the phone?
THANX http://forum.xda-developers.com/images/smilies/laugh.gif
Ricky-Lim said:
This is very useful and it works. I am able to S-OFF (Windows 8, 32Bits) and removed the "tempered" and change "unlocked" to "locked" just like original. Crushalot, thanks for this, but can you point out how I can remove the "red descriptions (the development purpose...)" on boot screen and the Tell HTC, please?
Wait to hear from you
Click to expand...
Click to collapse
Removing the red banner: http://rumrunner.us/hboots/
Tamiis said:
Hi there, first of all amazing guide, I've been trying to remove all flags but seemed way too hard to do it , but as easy as it may be I'm kinda stuck here. When I run the adb device command I don't get anything, it doesn't find any device :S any idea what's going on? Also, I'm trying to get my phone to stock for warranty purpose after I've done this if I have available the 4.2 or 4.3 update (I don't remember which one) and I run it through TWRP will this unroot the phone?
Click to expand...
Click to collapse
See link above for removing red banner. To go back to 100% stock: http://forum.xda-developers.com/showthread.php?t=2358738
electronical said:
Removing the red banner: http://rumrunner.us/hboots/
See link above for removing red banner. To go back to 100% stock: http://forum.xda-developers.com/showthread.php?t=2358738
Click to expand...
Click to collapse
Hi, I used the rumrunner hboot. Red banner removed. OK
I want to go back to 100% stock but I don't want to brick my device!!
I'm in 3.62.401.1 stock rom with the rumrunner hboot.
thanks
Thanks mate!
The "-s 0 -t" from revones description really had me disoriented, didn't seem to work, but your commands worked perfectly! Thanks a lot!!
Hi i followed the commands, I can get rid of the tampered flag but I get an error when I try ./revone -l
[email protected]:/data/local/tmp # ./revone -l
./revone -l
revone v0.2.1
revone failed (error code = -1)
Any idea?
If I am s-off with rumrunner... Can I use this guide to remove tampered? Or is only for renove s-off phones?
Sent from my HTC One using Tapatalk 4
Can this be done in Terminal Emulator?
Sent from my Nexus 7 using xda app-developers app
I s-offed a while ago with revone. I need to send in for warranty. Just looking to get unlocked removed. I already flashed stock recovery. Do I need to have a custom recovery to run -l command?
If so, can I still flash stock recovery after I relock the device?
what is it?
commencal661 said:
So does that apply only to S-OFF'ing or to everything?
EDIT: I found another method and I successfully reset the TAMPERED flag
Click to expand...
Click to collapse
what is the another method bro? thanks
READ THIIS!
*this thread is for m9. it will NOT work on m7,or any older device. please check the general forum for your particular device for a similar thread.
this thread will let you unlock your bootloader without htcdev,or let you change your hboot watermark from relocked or locked back to stock.
advantages
-no hassle with htcdev,tokens,or unlock codes
-no submitting your phones personal info to htc
-the ability to get back to 100% stock without any visual traces or records of having been s off or unlocking your bootloader.
you do NOT need to downgrade your hboot. this simple adb command works without any scary hboot downgrades.
*you must be s off.
*you must have superuser installed
read this:
this will not work if your s on. its not a way to magically unlock
the usual disclaimers:
use this info at your own risk. if it melts your phone into a little pile of aluminum goo,its not my fault.
credits
-beaups for schooling me on echo comand protocol
-strace for originally discovering the location of the lock status flag(check out this thread for more info)
- @Mutasek24 for fearlessly testing all commands
IF you are an advanced user with adb/fastboot set up and some basic knowlede of the cmd window,you can skip to #2
1)set up adb(windows 7 and older)
-download this file
-install drivers: if you have htc sync installed,you should allready have drivers. if not,you can install htc sync,or install these modified htc drivers from revolutionary (driver mirror)
-unzip your miniadb_v1031.zip file. this is native funtionality in windows 7. you otherwise may need a utility such as "7-zip" to extract,or unzip it. place the unzipped folder onto the root of your C drive on your PC. root means the top level,not inside any folders. so just copy and paste,or drag and drop the folder onto C with everything else that is there. you may want to rename it to "miniadb_m7" since youll be putting some device specific files in here.
-open a command window. on windows 7,click the start bubble in the lower left and type "command" in the search box. xp i believe is similar or the same. doing this should open a small black command window.
-change to your miniadb_m7 directory. type the following at the prompt in your cmd window:
cd c:\miniadb_m7
your command promt should change to "c:miniadb_m7>" provided you: 1)unzipped the miniadb_v1031 zip file,and 2)put the folder on your c drive,and 3)entered the name of the folder correctly ("miniadb_m7" in this case)
-now make sure usb debugging is checked in developer options(you will need to turn it on first),and plug your phone into your PC with a usb cable
-make sure your phone is being recognized- type:
adb devices
if your drivers are installed correctly,this should return your phones serial number. you should hear the "found device" noises when you plug your phone in. if it starts installing drivers,wait for it to finish before typing the adb devices command.
if you get your serial number back,then enter this command:
adb reboot bootloader
this should take your phone to the "fastboot" screen,wich is white with colored letters. this is one mode of your bootloaders interactive modes. at the top youll see fastboot devices as confirmation youre in fastboot.
now enter:
fastboot devices
again,this should return your phones serial number. you should hear the "found device" noises when you plug your phone in. if it starts installing drivers,wait for it to finish before typing the adb devices command.
if you get your serial number back,you can enter the following to boot back to the phones OS:
fastboot reboot
and now,youve installed adb/fastboot and tested youre phones drivers. if at either spot,you have trouble and dont get your serial number back,there is some sort of connection issue. use these steps to troubleshoot:
troubleshooting connectivity issues:
-try a reboot of the PC
-try different usb cables and ports
-dont use a usb hub
-dont use usb 3.0
-make sure nothing capable of comunicating with the phone is enabled and running. htc sync,pdanet,easy tether,and even itunes have all been known to cause issues.
-windows 8 has been known to have issues. try a windows 7 or older machine
failing the above,
-i use these drivers for fastboot and adb(donwload and run as admin): http://downloads.unrevoked.com/HTCDriver3.0.0.007.exe (mirror)
failing that,try manually updating the drivers in the following manner:
-put the phone in fastboot mode(select fastboot from the hboot menu)
-open device manager on the PC
-plug in phone,watch for it to pop up in device manager.
-update drivers with device manager,pointing the wizard to the extracted
driver download folder from above
note that you can check the connectivity of the phone,and make sure drivers are working by in the following manner:
-open cmd window. change to directory containing adb/fastboot utilities
-adb with the phone in the booted OS,usb debug enabled,enter:
adb devices in a cmd window
-fastboot with phone in fastboot,enter:
fastboot devices in cmd window
in either case,a properly connected phone with working drivers installed should report back the phones serial number.
Click to expand...
Click to collapse
this process,in your cmd window,should look something like this:
Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Scott>[COLOR="red"]cd c:\miniadb_m7[/COLOR]
c:\miniadb_m7>adb devices
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
List of devices attached
FAxxxxxxxxxx device
c:\miniadb_m7>[COLOR="red"]adb reboot bootloader[/COLOR]
c:\miniadb_m7>[COLOR="red"]fastboot devices[/COLOR]
FAxxxxxxxxxx fastboot
c:\miniadb_m7>[COLOR="red"]fastboot reboot[/COLOR]
rebooting...
finished. total time: 0.037s
c:\miniadb_m7>
2)reset your "lock status flag"
to LOCK your bootloader,enter the following:
adb devices
adb shell
su (if needed to get a # prompt)
echo -ne '\x00\x00\x00\x00' | dd of=/dev/block/mmcblk0p2 bs=1 seek=33796
(i would very strongly recomend you copy/paste this)
exit
(exit a second time if you need to to get back to a normal > prompt)
adb reboot bootloader
verify you are now locked
_____________________________________________________________________________________________
to UNLOCK your bootloader,enter the following:
adb devices
adb shell
su (if needed to get a # prompt)
echo -ne "HTCU" | dd of=/dev/block/mmcblk0p2 bs=1 seek=33796
(i would very strongly recomend you copy/paste this)
exit
(exit a second time if you need to to get back to a normal > prompt)
adb reboot bootloader
verify you are now unlocked
other useful threads:
restore software status: original banner: http://forum.xda-developers.com/one-m9/general/how-to-restore-software-status-original-t3092882
change mid: fastbooot oem writemid xxxxxxxxx
change cid: fastboot oem writecid xxxxxxxx
mine
scotty1223 said:
mine
Click to expand...
Click to collapse
Thanks a lot for your very useful information. I have 2 questions??
1) When I am s-on and need to get s-off, then I need to be unlocked and rooted, so to do these still I need to use HTC-dev to unlock and root.
2) Does this method wipe data like when we use HTC-dev?
Nima78600 said:
Thanks a lot for your very useful information. I have 2 questions??
1) When I am s-on and need to get s-off, then I need to be unlocked and rooted, so to do these still I need to use HTC-dev to unlock and root.
2) Does this method wipe data like when we use HTC-dev?
Click to expand...
Click to collapse
1)yes. the first time you root,you will need to use htcdev to unlock the bootloader. the biggest benefit of this is the ability to return to a locked status for warranty. while s on,the best youll be able to do is relocked.
2)no,it will not wipe your data. it just changes the flag that hboot checks in order to decide if its locked,or not.
scotty1223 said:
1)yes. the first time you root,you will need to use htcdev to unlock the bootloader. the biggest benefit of this is the ability to return to a locked status for warranty. while s on,the best youll be able to do is relocked.
2)no,it will not wipe your data. it just changes the flag that hboot checks in order to decide if its locked,or not.
Click to expand...
Click to collapse
Thanks a lot mate. Appreciate for your replying
anyway to get "modified" back to "official" in boot loader?
Thanks @scotty1223. Used your threads for the m7 and m8. Happy to see this here too.
an0ther said:
anyway to get "modified" back to "official" in boot loader?
Click to expand...
Click to collapse
Flash your device RUU.
I am a little confused. How do I unlock my boot loader without root? I have s-off and i'm just messing around with trying to get rid of modified status but how does the "su" work without root?
an0ther said:
I am a little confused. How do I unlock my boot loader without root? I have s-off and i'm just messing around with trying to get rid of modified status but how does the "su" work without root?
Click to expand...
Click to collapse
You don't. This method requires s-off and root. It does say that in the OP BTW.
Behold_this said:
Thanks @scotty1223. Used your threads for the m7 and m8. Happy to see this here too.
Flash your device RUU.
Click to expand...
Click to collapse
I did, it still says modified in boot loader. Do I need to lock boot loader first?
an0ther said:
I did, it still says modified in boot loader
Click to expand...
Click to collapse
Use Sdcard method
Behold_this said:
Use Sdcard method
Click to expand...
Click to collapse
Mine is 64 gig, guess i'll have to get a 32 gig to make it fat32. Dang. Thanks for your help
Thanks for your very important knowledge.This question is not related to this thread, do you know which adb commands we can use to remove tampered flag as such in M7 and M8? I wonder mmcblk0p blocks might be different.
Thanks!
Enviado desde mi HTC One M9
coolberry said:
Thanks for your very important knowledge.This question is not related to this thread, do you know which adb commands we can use to remove tampered flag as such in M7 and M8? I wonder mmcblk0p blocks might be different.
Click to expand...
Click to collapse
The block where the tampered flag is write protected,so it cannot be written to with adb and have the change "stick". We know the command,it just doesn't work.
An ruu won't be available for all variants,so there will still be a work around,it will just be a bit more complicated. I just need to make sure it works and try to make it as user friendly as possible.
an0ther said:
Mine is 64 gig, guess i'll have to get a 32 gig to make it fat32. Dang. Thanks for your help
Click to expand...
Click to collapse
What does 64gb have to do with anything? Just back it up and reformat
scotty1223 said:
What does 64gb have to do with anything? Just back it up and reformat
Click to expand...
Click to collapse
Not possible. Only cards up to 32gb can be formatted as fat32, it's because above 32gb cards are not SDHC anymore but SDXC and this doesn't work..
devatxda said:
Not possible. Only cards up to 32gb can be formatted as fat32, it's because above 32gb cards are not SDHC anymore but SDXC and this doesn't work..
Click to expand...
Click to collapse
Did a little bit of searching and found a couple references to this:
http://mympx.org/Downloads/p13_sectionid/2/p13_fileid/13
And
http://m.download.cnet.com/EaseUS-Partition-Master-Home-Edition/3000-2248_4-10863346.html
Have you tried either?
Sent from my HTC One max
Behold_this said:
Use Sdcard method
Click to expand...
Click to collapse
im a little confused on what methods reset the flag,and which dont
could someone clarify the results of
-flash 0PJAIMG.zip via download mode from sd card
-flash 0PJAIMG.zip via RUU mode from pc
-run .exe from windows machine
-any other methods??
thanks
scotty1223 said:
im a little confused on what methods reset the flag,and which dont
could someone clarify the results of
-flash 0PJAIMG.zip via download mode from sd card
-flash 0PJAIMG.zip via RUU mode from pc
-run .exe from windows machine
-any other methods??
thanks
Click to expand...
Click to collapse
Ruu.exe worked for me.
Sdcard worked for @Mutasek24, but download mode manual flash did not (as reported in your other thread).
Because all methods are flashing the exact same SIGNED zip, and exe flashes through RUU mode, it's likely that flashing zip manually from RUU mode would reset the flag while using download mode does not. That needs to be tested tho.
A public service announcement.
A new tool (mtk-su) by @diplomatic (link) is able to achieve a temporary yet full featured root shell on any OS version for the original BLU R1 (and most likely, on BLU R1 PLUS), see this post for proof. Use mtk-su_r11.zip, version in armv7-kernel folder, and you will get a rooted shell. To install permanent root, you will need to unlock your bootloader.
Perhaps, @mrmazak would be kind enough to update his R1 bootloader unlock tool to all OS versions It should be possible to update bootloader unlock for R1 PLUS up to the latest OS version (@lopestom), given that there is now a full featured root shell with rw system access.
bibikalka said:
A public service announcement.
A new tool (mtk-su) by @diplomatic (link) is able to achieve a temporary yet full featured root shell on any OS version for the original BLU R1 (and most likely, on BLU R1 PLUS), see this post for proof. Use mtk-su_r11.zip, version in armv7-kernel folder, and you will get a rooted shell. To install permanent root, you will need to unlock your bootloader.
Perhaps, @mrmazak would be kind enough to update his R1 bootloader unlock tool to all OS versions It might also be possible to accomplish bootloader unlock for R1 PLUS, given that there is now full featured root shell.
Click to expand...
Click to collapse
since you have your R1 powered up already, can you let me know if that temp root shell gives access to /dev/block.
as in can you test if a dd command to /dev/block is allowed. if it is then this will make a nice replacement to dirty-cow method..
mrmazak said:
since you have your R1 powered up already, can you let me know if that temp root shell gives access to /dev/block.
as in can you test if a dd command to /dev/block is allowed. if it is then this will make a nice replacement to dirty-cow method..
Click to expand...
Click to collapse
Yep, seems to work OK:
Code:
[email protected]_HD:/data/local/tmp $ ./mtk-su_arm7 -v
armv7l machine
param1: 0x1000, param2: 0x8040, type: 7
Building symbol table
...
New UID/GID: 0/0
starting /system/bin/sh
[email protected]_HD:/data/local/tmp # dd if=/dev/block/mmcblk0p7 of=/sdcard/p7t.bin
32768+0 records in
32768+0 records out
16777216 bytes transferred in 3.630 secs (4621822 bytes/sec)
This is way better than DirtyCow !
bibikalka said:
Yep, seems to work OK:
Code:
[email protected]_HD:/data/local/tmp $ ./mtk-su_arm7 -v
armv7l machine
param1: 0x1000, param2: 0x8040, type: 7
Building symbol table
...
New UID/GID: 0/0
starting /system/bin/sh
s[email protected]_HD:/data/local/tmp # dd if=/dev/block/mmcblk0p7 of=/sdcard/p7t.bin
32768+0 records in
32768+0 records out
16777216 bytes transferred in 3.630 secs (4621822 bytes/sec)
This is way better than DirtyCow !
Click to expand...
Click to collapse
that seems soo simple.
changed the dirty-cow section of the tool to use this mtk-su
and based on the read-me says, this command should work, as an all in one.
Code:
example based on file name used in tool
adb shell "/data/local/tmp/mtk-su -c dd if=/data/local/tmp/unlock of=/dev/block/mmcblk0p17"
can you test it?
Code:
adb push mtk-su /data/local/tmp/mtk-su
adb shell chmod 0777 /data/local/tmp/mtk-su
adb shell "/data/local/tmp/mtk-su -c dd if=/dev/block/mmcblk0p7 of=/sdcard/p7t.bin"
mrmazak said:
that seems soo simple.
changed the dirty-cow section of the tool to use this mtk-su
and based on the read-me says, this command should work, as an all in one.
Code:
example based on file name used in tool
adb shell "/data/local/tmp/mtk-su -c dd if=/data/local/tmp/unlock of=/dev/block/mmcblk0p17"
can you test it?
Code:
adb push mtk-su /data/local/tmp/mtk-su
adb shell chmod 0777 /data/local/tmp/mtk-su
adb shell "/data/local/tmp/mtk-su -c dd if=/dev/block/mmcblk0p7 of=/sdcard/p7t.bin"
Click to expand...
Click to collapse
Just tested the last bit of code, all worked properly! Ended up reading mmcblk0p7 as expected! So please proceed
bibikalka said:
Just tested the last bit of code, all worked properly! Ended up reading mmcblk0p7 as expected! So please proceed
Click to expand...
Click to collapse
I think it is ready.
Biggest unknown part is, weather it works on V9.x
We assume the only change made was the kernel patch that blocked dirty-cow. what if bootloader has unlock codes removed.
Any how I put it up on the unlock thread, And it needs a tester.
mrmazak said:
I think it is ready.
Biggest unknown part is, weather it works on V9.x
We assume the only change made was the kernel patch that blocked dirty-cow. what if bootloader has unlock codes removed.
Any how I put it up on the unlock thread, And it needs a tester.
Click to expand...
Click to collapse
Well - it's not like the bootloader is set in stone You can overwrite any /dev/block, so if there are issues, why not return all stuff - preloader & bootloaders to the V6.6 ? Then even the MTK tool would work. I don't recall there was anti-rollback protection implemented. I guess your tool tries to be the least invasive, but the full featured root gives options for a total downgrade.
bibikalka said:
Well - it's not like the bootloader is set in stone You can overwrite any /dev/block, so if there are issues, why not return all stuff - preloader & bootloaders to the V6.6 ? Then even the MTK tool would work. I don't recall there was anti-rollback protection implemented. I guess your tool tries to be the least invasive, but the full featured root gives options for a total downgrade.
Click to expand...
Click to collapse
one of the options in the tool , is to roll-back the pre-loader.
did that long ago.
didn't try with shell , only with twrp. Similar to the way the OTA changed it. and it requires you to unlock again. but it has been repeatable process.
Would this work with r1 hd from Amazon?
Hey guys, looking for little bit f help.
Actually I hardbricked by R1 plus accidentanly. Unable to find it's firmware anywhere on the internet. Xepirifirm didn't had this model in it previously. Could you please let me know where could I find it ROM and also how to boot up my phone again?
DO NOT FOLLOW THIS GUIDE IF YOU HAVE ANDROID 12
Visit this thread for more information
________________________________________________________
CAVEAT
I've only tested this on my device running Android 11 (KB2005 / KB05AA), but it should be universally helpful as it's using your own boot.img so there's no need to find a matching package for your variant and os version.
CREDIT
The steps were buried across a few threads, I'm posting this so it'll be easier for others to find the information. All credit goes to xb360, FullOfHell, and TheUnkn0wn.
INFOThe basic rundown is:
Use the semi-broken TWRP package to give yourself temporary su access through adb.
Extract the boot.img your phone is currently using to your pc.
Reboot to OxygenOS, copy over the boot.img you just extracted and then use Magisk to patch it.
Copy the boot.img back to your pc and use adb to temporarily boot your phone with it, giving you root access until reboot.
Use your temporary root access to allow Magisk to patch your internal as-yet unmodified boot.img to give you permanent root.
There seems to be some confusion in the thread, I'll try to clear up what's happening and why:
The primary issue at hand is that you can't root your device without already having root privileges, for security reasons. Without a custom recovery like TWRP, there are a few more steps than usual (but mostly simple stuff).
Because we don't flash anything with this guide, it shouldn't cause any permanent bootloops if you use the wrong boot.img, if you get stuck in one just power cycle your phone.
Updating with OTAs should be the same process as the other guides here.
Because of changes in Android, devices that launched with Android 10 and above will not allow you to modify the system partition, even with root. This is not a fault of this rooting method.
Prerequisites:
ADB and Fastboot installed.
An unlocked bootloader and USB debugging enabled.
Android 11. (Android 12 introduced problems with this method, per other users. See link at top of page)
________________________________________________________
STEPS:
1. Connect your phone to your pc and boot it into fastboot mode. You can leave it connected throughout this guide.
2. On your computer open a terminal/cmd prompt. Set the directory (on your pc) you want to work from, I'm using the desktop:
for Windows, type cd C:\Users\Yourname\Desktopfor Mac, type cd desktop or cd /Users/yourname/Desktop
Spoiler: How to set up adb and fastboot properly
To usb adb and fastboot commands outside of the folder those programs are located in, you'll need to add their location to the PATH list so your terminal can still find them when it's pointing to a different folder. If you want to skip this step, set the directory to the folder that contains adb instead of the desktop.
3. Next, use the terminal to check which A/B partition is active on your phone:
Code:
fastboot getvar all
a. You'll find it on this line: (bootloader) current-slot:a/bb. For simplicity I'll be referring to boot_a.img throughout the guide, make sure to use boot_b.img if that's the one marked as active on your device.
4. Download the semi-broken TWRP package to your desktop. We'll be using it to extract a copy of your active boot_a.img. It will give you temporary su access via adb, but there won't be a gui. Only boot from it, DO NOT FLASH IT:
Code:
fastboot boot recovery.img
adb shell
dd if=/dev/block/by-name/boot_a of=/sdcard/boot_a.img
exit
adb pull /sdcard/boot_a.img boot_a.img
adb reboot
5. Copy the extracted boot_a.img file to a user accessible area of your phone, like your downloads folder.
6. Install the latest Magisk Canary apk on your phone. Open it and:
a. Select the Install option.b. Use Select and Patch a File on boot_a.img
7. Copy the patched magisk_patched_a.img file back to your computer. In terminal, type adb reboot bootloader to get back to fastboot mode.
8. Temporarily boot with the patched image that corresponds to the active partition, DO NOT FLASH IT:
Code:
fastboot boot magisk_patched_a.img
Spoiler: Why we're booting and not flashing.
You could flash this boot.img, but it's safer to temporarily boot from it without overwriting your existing image in case anything went wrong along the way. The effect is that you still get root access without modifying your device, and then you can use the much safer Magisk direct install option, which has some safeguards in place.
9. By booting with the patched image, you now have temporary root access. To make it permanent open Magisk:
a. Select the Install option.b. Use Direct Install (Recommended) to root your internal boot.img
10. Reboot and verify it worked.
Forgot to tag it... if an admin is able to do so I'd appreciate it.
Just applied for a bootloader unlock today. When i get approved ill attempt this guide.
I am currently on T-Mobile 11.0.5.7.KB09CB.
Unlike other methods prvoided here for the 8T I got this method to work. Thank you very much!
clarification update: I own the t-mobile kb2007 model of phone
a couple of notes for any either newBs or old OPO users rejoining the party with a new onplus phone..
Some prework I had to do for my OnePlus 8T KB2005
-ensure you have the correct ADB driver installed, I installed the "15sec adb installer 1.4.2" found here on xda, watch the videos provided.
-ensure to unlock your bootloader first (*this will wipe your device.. didn't think about that..no pain no gain...)
-With device in bootloader/fastboot, run: fastboot flashing unlock
-verify with your phone to accept
-phone will reboot, just through the setup, I just skipped it all and opted for offline setup..
-renable OEM lock and USB debug
-restart back into bootloader/fastboot
-now you are ready to root
Just came here to say that this is the most genius way to go about it and thanks OP for this solution. To add your screen would flicker in TWRP but you just want to type adb reboot bootloader after you are done copying off the boot files from your phone. Thanks OP!
After performing this, I am unable to write to /system even with root?
Unable to get through with es explorer, root explorer pro, or even use a app like Titanium to move a user app to system,unable to get r/w access.
Thanks in advance
lordxcom said:
After performing this, I am unable to write to /system even with root?
Unable to get through with es explorer, root explorer pro, or even use a app like Titanium to move a user app to system,unable to get r/w access.
Thanks in advance
Click to expand...
Click to collapse
I'm having the same issue although its more tied in with removing youtube as a system app for vanced
lordxcom said:
After performing this, I am unable to write to /system even with root?
Unable to get through with es explorer, root explorer pro, or even use a app like Titanium to move a user app to system,unable to get r/w access.
Thanks in advance
Click to expand...
Click to collapse
Actually Is not possible on devices borned with android 10 or above.
giacomowrc said:
Actually Is not possible on devices borned with android 10 or above.
Click to expand...
Click to collapse
To be clear, you're saying this isn't a fault with this root method and is just a security measure since Android 10?
Mpolo87 said:
To be clear, you're saying this isn't a fault with this root method and is just a security measure since Android 10?
Click to expand...
Click to collapse
Yes of course.
Mpolo87 said:
CAVEAT
I've only tested this on my device (KB2005 / KB05AA), but it should be universally helpful as it's using your own boot.img so there's no need to find a matching package for your variant.
CREDIT
The steps were buried across a few threads, I'm posting this so it'll be easier for others to find the information. All credit goes to xb360, FullOfHell, and TheUnkn0wn.
INFOThe basic rundown is:
Use the semi-broken TWRP package to give temporary su access through adb.
Extract boot_a.img and boot_b.img to your computer.
Reboot into OxygenOS and copy boot_a.img and boot_b.img back to your phone.
Use Magisk to patch both images.
Copy the patched images back to your computer.
Use fastboot to temporarily boot using the patched image, giving you temporary root.
Use Magisk to direct install for permanent root.
Prerequisites:
ADB and Fastboot installed.
An unlocked bootloader and USB debugging enabled.
________________________________________________________
STEPS:
1. Get the semi-broken TWRP .img. This won't give you a gui but will give you su access over adb. You DON'T want to flash this, we're just booting with it temporarily.
2. Restart your phone into fastboot mode.
3. On your computer open a terminal/cmd prompt and set the directory where you want to dump the files (ex: cd /your/path/here). Run the following:
Code:
fastboot boot recovery.img
adb shell
dd if=/dev/block/by-name/boot_a of=/sdcard/boot_a.img
dd if=/dev/block/by-name/boot_b of=/sdcard/boot_b.img
exit
adb pull /sdcard/boot_a.img boot_a.img
adb pull /sdcard/boot_b.img boot_b.img
4. Copy the extracted files to a user accessible area of your phone.
5. Install the latest Magisk Canary release to your phone.
a. Select the Install option.b. Use Select and Patch a File on both boot_a.img and boot_b.imgc. You should rename them or make note of the new names given by Magisk. You'll need to use one or the other depending on which partition is active.
6. Copy the patched .img files back to your computer.
7. Restart your phone back into fastboot mode.
8. On your computer, run:
Code:
fastboot getvar all
9. Find which A/B partition is active on this line: (bootloader) current-slot:a/b
10. Temporarily boot with the patched image that corresponds to the active partition, DO NOT FLASH IT:
Code:
fastboot boot patched-boot-a/b.img
11. You now have temporary root access, to make it permanent open Magisk:
a. Select the Install option.b. Use Direct Install (Recommended) to root your internal boot.img
12. Reboot and verify it worked.
Click to expand...
Click to collapse
hey there! I was just about to try this method but confused with this syntax -- don't mind the quotes
"On your computer open a terminal/cmd prompt and set the directory where you want to dump the files (ex: cd /your/path/here)"
I'm painfully confused about this: cd /your/path/here. is this done during fastboot? I know fastboot commands but adb is where my brain doesn't get it. Please elaborate further and thanks.
sameog said:
hey there! I was just about to try this method but confused with this syntax -- don't mind the quotes
"On your computer open a terminal/cmd prompt and set the directory where you want to dump the files (ex: cd /your/path/here)"
I'm painfully confused about this: cd /your/path/here. is this done during fastboot? I know fastboot commands but adb is where my brain doesn't get it. Please elaborate further and thanks.
Click to expand...
Click to collapse
When you open a terminal or command prompt on your computer it is, by default, 'pointing' to a certain folder. Since we're pulling files from the phone to pc it'll dump there, so it's easiest to set the location in advance, for your own convenience. You can just make a folder on your desktop and drag it onto the terminal window to automatically input that path after typing cd, which just means 'change directory'. This isn't a fastboot or adb thing, just a feature of terminals, so you'd do this in advance.
Mpolo87 said:
When you open a terminal or command prompt on your computer it is, by default, 'pointing' to a certain folder. Since we're pulling files from the phone to pc it'll dump there, so it's easiest to set the location in advance, for your own convenience. You can just make a folder on your desktop and drag it onto the terminal window to automatically input that path after typing cd, which just means 'change directory'. This isn't a fastboot or adb thing, just a feature of terminals, so you'd do this in advance.
Click to expand...
Click to collapse
Attached are 2 photos -- the 1st photo is the "before" I dragged my intended folder into command prompt. the 2nd photo is the "after" I dragged my intended folder into command prompt. Still hella confused.
Please note: I love this guide. It's cohesive and well-written. I just need pictures to "see" on what and where to do. I'm visual.
UPDATE: I followed the tuturial to the best of my ability and I got nothing. I'm giving up and taking a step back.
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./fastboot boot recovery.img
Sending 'boot.img' (64964 KB) OKAY [ 1.660s]
Booting OKAY [ 0.084s]
Finished. Total time: 1.939s
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./adb shell
* daemon not running; starting now at tcp:5037
* daemon started successfully
OnePlus8T:/ # dd if=/dev/block/by-name/boot_a of=/sdcard/boot_a.img
196608+0 records in
196608+0 records out
100663296 bytes (96 M) copied, 0.194981 s, 492 M/s
OnePlus8T:/ # dd if=/dev/block/by-name/boot_b of=/sdcard/boot_b.img
196608+0 records in
196608+0 records out
100663296 bytes (96 M) copied, 0.185497 s, 518 M/s
OnePlus8T:/ # exit
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./adb pull /sdcard/boot_a.img boot_a.img
/sdcard/boot_a.img: 1 file pulled, 0 skipped. 27.7 MB/s (100663296 bytes in 3.470s)
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./adb pull /sdcard/boot_b.img boot_b.img
/sdcard/boot_b.img: 1 file pulled, 0 skipped. 32.0 MB/s (100663296 bytes in 2.997s)
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./adb reboot
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows>
sameog said:
Attached are 2 photos -- the 1st photo is the "before" I dragged my intended folder into command prompt. the 2nd photo is the "after" I dragged my intended folder into command prompt. Still hella confused.
Click to expand...
Click to collapse
You're missing the command "cd" before the path to change the directory to the new one. It should be cd C:\Users\Mr. Lew\Desktop\oneplus 8t boot image then press enter. Now you can reference any file in that folder by just the name without its entire path as a prefix being required.
A difficult method
zengin said:
Diğer yöntemden hiç de kolay değil.
Click to expand...
Click to collapse
huh?
Honestly, if there's a kind of soul out there who can share their unpatched kb2007 boot image (tmobile version), I would greatly appreciate it. I'm been banging my head on the wall with this for about 2 months with no help. I've received TONS of half-baked one liner answers but no "full-scale" tutorial. I'm giving up on this.
NOTE: I'm just frustrated guys. Not bashing the OP. It shouldn't be this hard but it became this way.
sameog said:
Honestly, if there's a kind of soul out there who can share their unpatched kb2007 boot image (tmobile version), I would greatly appreciate it. I'm been banging my head on the wall with this for about 2 months with no help. I've received TONS of half-baked one liner answers but no "full-scale" tutorial. I'm giving up on this.
NOTE: I'm just frustrated guys. Not bashing the OP. It shouldn't be this hard but it became this way.
Click to expand...
Click to collapse
While this is a temporary solution, it is also a bad solution because you can land with not being able to boot your phone every time an incremental update comes along.