So I followed step by step 3 times now on trying to get s-off on my G2. Did visionary temp root, downloaded s-off rooting files, copied .ko and .img files to sdcard, downloaded terminal emulator and entered in these:
su
cd /sdcard
insmod /sdcard/wpthis.ko
then i see an error which in every step by step says is correct then from there i...
dd if=/sdcard/hboot.eng.img of=/dev/block/mmcblk0p18
after that finishes i type
sync and hit enter
When i go into hboot it still says s-on
Any ideas? thanks.
2.2
Kernel - 2.6.32.17-g814e0a1
[email protected] #1
dvno said:
So I followed step by step 3 times now on trying to get s-off on my G2. Did visionary temp root, downloaded s-off rooting files, copied .ko and .img files to sdcard, downloaded terminal emulator and entered in these:
su
cd /sdcard
insmod /sdcard/wpthis.ko
then i see an error which in every step by step says is correct then from there i...
dd if=/sdcard/hboot.eng.img of=/dev/block/mmcblk0p18
after that finishes i type
sync and hit enter
When i go into hboot it still says s-on
Any ideas? thanks.
2.2
Kernel - 2.6.32.17-g814e0a1
[email protected] #1
Click to expand...
Click to collapse
my idea: don't use visionary.
http://forum.xda-developers.com/wik...sion#Rooting_the_Vision_.28G2.2FDZ.29_and_DHD
^^^gfree/rage. much easier, much less likely to cause problems. since you're on a G2, you don't need to worry about downgrading from 1.72, you should just be good to go
Thanks man, i'll try that.
Related
Hi guys I have 2.02 s-off and I cant downgrade to the one i need in order to get cm6. I used to have an earlier version with s-off as well but then i ran sprint's ruu and got 2.02, it still says s-off but i can't downgrade it, i tried both flashable zips and PC36IMG, any idea how to fix it?
Cm6 RC1 doesn't need a certain h-boot anymore.
gave up on 8pening from my supersonic on the xda app.
Try Flashing your misc partition with toast's mtd-eng.img. Then flash the pc36img.zip. The code is
(with flash_image in your tools folder and the mtd-eng.img on the root of your sd already)
Adb push flash_image /data/local/
Adb shell
Su
Chmod 755 /data/local/flash_image
Cd /data/local/
./flash_image misc /sdcard/mtd-eng.img
Done. Hope this helps.
First thanks to everybody who made it possible to root our great devices.
THIS WILL WIPE YOUR DEVICE, BACKUP EVERYTHING BEFORE DOING THIS!
Polish translation by trzype
If you don't know how to use adb/fastboot don't do this. Use the search function and google and learn how to use them. If you know everything about them come back. I made a pretty nice tutorial, many people used it already with success. But I won't add anything like "go to startmenu and type..."
If your INFOCID is NOT one of these you need to make a goldcard to downgrade!
HTC__001
HTC__032
HTC__E11
HTC__203
HTC__Y13
HTC__102
HTC__405
HTC__304
HTC__A07
HTC__N34
HTC__J15
check with:
Code:
adb reboot bootloader
fastboot oem boot
Here is a great guide how to make a goldcard, follow the first part and come back here then.
Get theses 3 files:
https://github.com/tmzt/g2root-kmod/raw/scotty2/scotty2/psneuter/psneuter (right click > save as...)
https://rapidshare.com/files/1884723844/PC10IMG.zip
https://rapidshare.com/files/948281832/root.zip
Since this uses some security holes to gain root privileges on your phone some antivirus programs on your pc might warn you that this contains a virus. Thats not the case!
MikeChannon said:
It might be worth saying in the thread that android/Exploit.ragecage.A is the exploit being used to gain root and Users should not worry about the warning some software will give.
Click to expand...
Click to collapse
Extract misc_version_01.zip (only misc_version is needed)
Get the PC10IMG.zip from here or download the full RUU from here.
If you already downloaded the 1.34 RUU somewhere else you can skip this step.
Code:
adb push psneuter /data/local/tmp
adb push misc_version /data/local/tmp
adb shell chmod 777 /data/local/tmp/psneuter
adb shell chmod 777 /data/local/tmp/misc_version
adb shell /data/local/tmp/psneuter
adb shell
Check if you have the '#' sign instead of the '$'
If you see the '#' sign you got root!
Code:
/data/local/tmp/misc_version -s 1.33.405.5
exit
If you have downloaded the 1.34.405.5_PC10IMG.zip copy it to you SD-Card and rename it to PC10IMG.zip.
If you downloaded the full RUU or had it already execute the exe file (mine is called RUU_Vision_HTC_WWE_1.34.405.5_Radio_12.28b.60.140e_26.03.02.26_M_release_155556_signed.exe), start explorer and type %temp% in the adress bar.
Look in all the folders starting with a { sign and also in the sub directories if it also starts with a { sign, in one of the subdirectories there should be a rom.zip file with 298.442.206 bytes and the MD5 sum 2ff42897cd27e0db425a2cf36c8bd078.
Copy this rom.zip to your SD-Card on the phone and rename it to PC10IMG.zip
Code:
adb reboot bootloader
(or turn your phone of and on again while holding the trackbad).
Wait till the phone is in bootloader mode (white screen should look like this but with other infos http://www.brutzelstube.de/wp-content/uploads/2010/09/hboot.jpg)
Select bootloader (vol +/- buttons for navigation and power button for select).
Wait for the phone to scan the sdcard, once it's done it will ask you if you want to start the update. Confirm it and wait till it's done. Reboot with powerbutton when asked.
After the reboot check for version informations, it should show this:
Enable USB-Debugging on your phone
Extract root.zip
Code:
adb install AndroidTerm.apk
adb push busybox /data/local/tmp/
adb push gfree /data/local/tmp/
adb push rage /data/local/tmp
adb push root /data/local/tmp/
adb shell chmod 0755 /data/local/tmp/*
adb push su /sdcard/
adb push Superuser.apk /sdcard/
Start the Terminal app on your phone and type:
Code:
/data/local/tmp/rage
Wait until you see the message "Forked #### childs.", reset Terminal (menu > Reset Term). The Terminal app will close, launch it again. It will force close, launch it again.
You should see the magic '#' sign again.
Next type in the terminal
Code:
/data/local/tmp/gfree -f
, this will turn Security off (S-OFF), remove SIM Lock and set CID to 11111111.
Last step in terminal app on your phone is to execute these commands.
Code:
/data/local/tmp/root
sync
This will root your phone. It's possible that you get an error message "mkdir: /system/xbin already exists", don't worry everything should be ok.
After that restart your phone.
Now get ROM Manager and install the recovery image from there. If you are happy with the 1.34 software everything is done here, if not you can flash anything you want now.
Nice work! We allways need more people using the magic of root
Sent from my HTC Vision using XDA App
Thanks a lot for your effort!
Just bought a Desire Z and accidentally upgraded OTA.
Will try it now and report back.
I get the following Error when trying to run misc version
Code:
# /data/local/tmp/misc_version -s 1.33.405.5
/data/local/tmp/misc_version -s 1.33.405.5
--set_version set. VERSION will be changed to: 1.33.405.5
Patching and backing up partition 17...
Error opening backup file.
#
Any ideas mate?
Edit: Sorry, forgot to unmount phone from windows when i copied the img over.
VERY IMPORTANT
The OP made a small mistake in the instructions:
Code:
/data/local/tmp/misc[COLOR="Red"][B]-[/B][/COLOR]version -s 1.33.405.5
exit
the dash (-) should be an underline (_)
Code:
/data/local/tmp/misc[COLOR="Red"][B]_[/B][/COLOR]version -s 1.33.405.5
exit
Please update the first post
Darkyy said:
VERY IMPORTANT
The OP made a small mistake in the instructions:
Code:
/data/local/tmp/misc[COLOR="Red"][B]-[/B][/COLOR]version -s 1.33.405.5
exit
the dash (-) should be an underline (_)
Code:
/data/local/tmp/misc[COLOR="Red"][B]_[/B][/COLOR]version -s 1.33.405.5
exit
Please update the first post
Click to expand...
Click to collapse
Thanks, fixed it.
Question:
Should the psneuter -file be without a suffix?
Or should it be like psneuter.txt?
Gnurf said:
Question:
Should the psneuter -file be without a suffix?
Or should it be like psneuter.txt?
Click to expand...
Click to collapse
Without the extension... .txt is added by your browser presumably so you'll have to rename it
Another error:
When I reboot into the bootloader, the phone scans PC10IMG.ZIP and then says "CID incorrect! Update Fail! Press <POWER> to reboot."
paw3lk said:
Without the extension... .txt is added by your browser presumably so you'll have to rename it
Click to expand...
Click to collapse
Thats what I thought aswell, but seeing there has been a post about it previously... (in the other tread)
Thanks.
worked as described, big thx
waqypaqy said:
Another error:
When I reboot into the bootloader, the phone scans PC10IMG.ZIP and then says "CID incorrect! Update Fail! Press <POWER> to reboot."
Click to expand...
Click to collapse
What phone and software version do you have?
It seems like you use a wrong PC10IMG.zip for your phone. Did you download the zip from here or got it yourself from the full ruu?
Another error:
Step 15: Extract root.zip
and then do the commands:
Code:
adb chmod 0755 /data/local/tmp/*
should be
Code:
adb [B][COLOR="Red"]shell [/COLOR][/B]chmod 0755 /data/local/tmp/*
g4rb4g3 said:
What phone and software version do you have?
It seems like you use a wrong PC10IMG.zip for your phone. Did you download the zip from here or got it yourself from the full ruu?
Click to expand...
Click to collapse
I've got the Desire Z running 1.72. I first tried downloading the PC10IMG.zip from the 1st link in part 3 which didnt work. I then tried the RUU file, found the rom.zip in Temp, renamed it and copied it to SD card, which didnt work either
What am I doing wrong?
Software number: 1.72.161.1
Darkyy said:
Another error:
Step 15: Extract root.zip
and then do the commands:
Code:
adb chmod 0755 /data/local/tmp/*
should be
Code:
adb [B][COLOR="Red"]shell [/COLOR][/B]chmod 0755 /data/local/tmp/*
Click to expand...
Click to collapse
Thanks, fixed it.
Sent from my HTC Vision using XDA App
waqypaqy said:
I've got the Desire Z running 1.72. I first tried downloading the PC10IMG.zip from the 1st link in part 3 which didnt work. I then tried the RUU file, found the rom.zip in Temp, renamed it and copied it to SD card, which didnt work either
What am I doing wrong?
Software number: 1.72.161.1
Click to expand...
Click to collapse
Did you root your phone before the ota update?
Sent from my HTC Vision using XDA App
g4rb4g3 said:
Did you root your phone before the ota update?
Sent from my HTC Vision using XDA App
Click to expand...
Click to collapse
Yes I had rooted it with Visionary before I updated it. Please tell me I still have some hope for getting root back
waqypaqy said:
Yes I had rooted it with Visionary before I updated it. Please tell me I still have some hope for getting root back
Click to expand...
Click to collapse
Did you set s-off too while rooting?
Sent from my HTC Vision using XDA App
g4rb4g3 said:
Did you set s-off too while rooting?
Sent from my HTC Vision using XDA App
Click to expand...
Click to collapse
Nope Im screwed arent I?
waqypaqy said:
Nope Im screwed arent I?
Click to expand...
Click to collapse
adb reboot bootloader
fastboot oem boot
Post the result of the 2nd command (dont know if it works... but it wont harm anything)
Sent from my HTC Vision using XDA App
here are my phone specs
pvt ship s-off
hboot 0.82.0000
microp-0425
radio 26.03.02.26m
emmc-boot
sep 2 2010, 17:59:38
is there anything i should change?
only reason i ask is cause i have bricked a phone before and i think it was due to wrong hboot/radio combo (mt3g 1.0)
btw i rooted via rage root temp and gfree method
all help/tips is appreciated!
8. Install the engineering hboot (if you really want to)
8.1. download engineering hboot
Download the appropriate HBOOT for your phone:
T-Mobile G2: vision.hboot-0.76.2000.zip (md5sum 7669AE12DC2FAA10AE555A164980EFD0)
HTC Desire Z: vision.hboot-0.84.2000.zip (md5sum 2CE1BDD5E4C1119CCFCECB938710D742)
HTC Desire HD: ace_glacier.hboot-0.85.2007.zip (md5sum df4fd77f44993eb05a4732210d2eddc6)
Note that the md5sums are for the actual hboot img contained within the zip file, not the for the zip file itself. Note also that the dz, g2, and dhd each use their own version of the engineering boot, as the phones are partitioned differently. (If you have previously installed the wrong HBOOT for your phone, you may need to reflash everything after partition 18)
8.2. Copy the files to the phone
Connect the phone to the USB of your PC. The phone will stay connected during the complete procedure.
Make sure that you do NOT turn on USB storage. There has to be a sdcard in the phone and it has to be mounted to the phone!
Unpack the engineering hboot zip files to a directory on your PC.
Open a terminal (or command window) on your PC and change the current directory to where the file is on your PC and execute these commands:
$ adb push hboot-eng.img /data/local/tmp/
8.3. Install the engineering hboot
Please make sure that you type or better copy/paste the following commands exactly, and in exactly this order. Especially the dd-command is very critical!
In the terminal (or command window) on your PC execute these commands:
$ adb shell
$ su
# dd if=/data/local/tmp/hboot-eng.img of=/dev/block/mmcblk0p18
# sync
8.3.1. Check the md5sums of the installed hboot
As it is very important that the hboot was installed correctly we recommend to check the md5sums of the partition. In the root shell (indicated by the #) that you got in the Temporary root section execute the following commands:
# /system/xbin/busybox md5sum /data/local/tmp/hboot-eng.img
# /system/xbin/busybox md5sum /dev/block/mmcblk0p18
We call these two md5_1 and md5_2 in the next section
If md5_2 does not match md5_1: First DON'T REBOOT and second run for help at the #G2ROOT IRC channel on freenode.
If md5_2 matches md5_1: You are fine, Reboot your phone by executing the following command in the root shell (indicated by the #):
# reboot
thats relavent section of wiki for you follow it .... although putting eng hboot puts you at risk of bricking your phone while flashing radio . stock hboot atleast doesnt let you to flash wrong radio
You don't need eng hboot to change the radio. Read this http://forum.xda-developers.com/showthread.php?t=970809
Is this method safe, or are there many problems with md5?
Dear all,
I'm trying to root my G2. I was following the instructions described in the Strewmetal's PDF file. It went very smoothly until I hit this issue. I was in the section of "[OPTIONAL] TEMP-ROOTING TO BACKUP". It went fine until the last command which is:
adb shell /data/local/tmp/fixsu.sh
I had the following error:
/data/local/tmp/fixsu.sh: cannot create /system/etc/passwd: I/O error
Unable to chmod /system/etc/passwd: I/O error
/data/local/tmp/fixsu.sh: cannot create /system/etc/group: I/O error
Unable to chmod /system/etc/Group: I/O error
cp: can't create '/system/bin/su": Invalid argument
I tried the previous commands a few times just in case, but it seems there are no issues with the previous commands.
It would be great if someone can shed some light here.
Thank you very much!
- kazs
well for the most part you will probably never need your back up so you can definitely skip this part if youd like
but if you must id go to freenode #g2root
youll get real time help from people who have seen it all - when your done make sure you post the problem and the fix so the next person who reads this will learn
demkantor, thank you very much for the reply. I actually skipped the section and went ahead. Then, I just completed the entire process according to the PDF file. It went fine everything. But, I think I had an issue after I enter:
# reboot
My G2 automatically started the reboot process with the white screen with green "htc" logo, but it stuck there. I waited 10 minutes, but it doesn't change.
Did I screw up?
well not necessarily, if you have a g2 and flashed the dz hboot then your emmc partitions are different and your current rom wont start up. same thing if you have a dz and flashed the g2 hboot.
if you followed either the xda wiki or the cyanogen wiki then everything should be just fine.
pull battery and wait a few seconds... reinstall
boot while holding volume down and write down everything you see here
(you may have to take out sdcard or at least remove the pc10img.zip from your card at this point)
you should see something very similar to this:
VISION PVT ENG S-OFF
HBOOT-0.76.200 (PC1010000)
MICROP-0425
RADIO-26.02.01.15_M2
eMMC-boot
Aug 20 2010, 16:15:01
then some options,
write down your screen and well see if your good
Thanks again for the quick reply. I really appreciate it.
It says:
VISION PVT ENG S-OFF
HBOOT-0.84.2000 (PC1010000)
MICROP-0425
RADIO-26.02.01.15_M2
eMMC-boot
Sep 8 2010,15:56:38
Is it good? If so, what should I do next?
Thanks!
you should be just fine, looks like you have the dz hboot.
next step would be to pick your rom, do something simple and known stable at first to make sure all is well and then move on and try a bunch
recommend elitemod cm7 (youll find this and many many others in the dev section, look for a compilation in the 2nd or 3rd post
boot into hboot holding volume and down
wait a second or two after image check completes (no pc10img.zip on sd card!)
now hit volume down and select recovery with the power button
(the guide you followed should have brought you to clockworkmod recovery)
in here toggle (with volume keys but select with trackpad) to mounts>usb mount
put your rom on sdcard ---- unmount
toggle to wipe options (wipe everything you can)
toggle to apply update from sd card (recommend to flash a superwipe script here)
flash rom
now reboot
in the future look into updating radio (lots of threads on this)
update to 4et touch recovery (my opinion way better)
try some roms
do full wipes and superwipes between flashes
always do a nandroid backup before you flash or wipe anything
most importantly have fun!
rooting a friends g2 as i am writing this (got it down to about 15mins!)
time to do all i recommend for myself now! - we are in the same boat!
Thank YOU very much! I just installed EliteMod & Kernel CM7 according to your recommendation and it's working just fine so far. I really appreciate your big help!
I will check for the radio update tomorrow (it's getting very late here...) and I will try other ROMs as well.
May I ask the last question at this time? So, my G2 is not rooted. Does it mean the phone is unlocked as well? I mean I have a plan to go to Asia in August and I would like to buy and use another SIM instead of my T-Mobile SIM over there. I'm sorry for the novice questions though...
Thanks!!!
i think you mean now that you are rooted...
anyway here is the best way to check your work:
5. Verify the success of gfree
You can verify the success of gfree by using gfree_verify.
Download gfree_verify.zip from gfree_verify_v01.zip (md5sum 8e3535fd720d19fa0aec4eb711b897c4)
Unzip gfree_verify_v01.zip to a place on your PC.
Open a terminal (or command window) on your PC and change the current directory to where the files are on your PC and execute these commands:
$ adb push gfree_verify /data/local/tmp
$ adb shell chmod 755 /data/local/tmp/gfree_verify
$ adb shell
In this shell:
Remark: When you run su for the first time in the adb shell make sure the the screen of the phone is unlocked. Because when you enter the command the Superuser app will show up and ask you if you want to grant superuser access to app Unknown (2000).
Check the Remember check box and click allow.
$ su
# cd /data/local/tmp
# stop ril-daemon
# ./gfree_verify
You should see the following output:
gfree verify_cid returned:
@CID: 11111111
OK
gfree verify_secu_flag returned:
@secu_flag: 0
OK
gfree verify_simlock returned:
@SIMLOCK= 00
OK
Start the interface layer again (IN THE ADB SHELL ON YOUR PC):
# start ril-daemon
Did it work? Here's what you're looking for:
@CID: 11111111 <--- this response means you have superCID!
@SIMLOCK= 00 <--- this means your simlock is off.
@secu_flag: 0 <--- this means your radio is S-OFF.
if simlock =00 then you can put in any simcard and use anywhere that supports the proper cellular bands
Thank you very much! I have confirmed that the simlock is off on my phone.
PS Sorry for the typo and that I confused you. I wanted to type "now", but typed "not"...
Hi Everybody,
I know, that there are a lot of threats about this fact in the forum. But nothing will work for me, aspessially important links will not work anymore. Could anybody help me?
If I go to the bootloader (noise - and Power-On) there are the following informations written:
VISION PVT SHIP S-ON
HBOOT-0.85.0013
MICROP-0425
RADIO-26.10.04.03_MeMMC-boot
Apr 11 2ß11,23:36:27
HBOOT
OK, on my cell is working a Android 2.3.3, so I have to root my cell and downgrade.
I tryed to do this with the following threat: http://forum.xda-developers.com/showthread.php?t=905261
1. I Tryed to create a GOLDCARD. I read this threat, got the CID of my cell with the the code
Code:
adb shell cat /sys/class/mmc_host/mmc2/mmc2:*/cid
. Now I should type this CID in a webformular at this link to reverse it. This formular is still working, but there is also a Excel-Tool on this page for downloading, which should do the same. So my CID like "035344534d49202010000073b900d494" was reversed to "00d400b9730000102020494d53445303".
This code I should input to this formular for creating a GOLDCARD, but it doesn't work anymore.
So I looked around and found this threat, where a goldcardcreator is downloadable.
In this zip-file is included a program named "SimpleGoldCard", which read a reversed CID from the cell. On a command-Line I typed in
Code:
gcard -c 00d400b9730000102020494d53445303 -r -o "GoldCard.img"
Than I putted in the sd-Card into the Card-Reader of my Desktop, formatted it, used the tool "HeX Editor", copyed (line) 00000000 to offset (line) 00000170 (including the 00000170 line) and pasted it to the SD-Card.
After that I hope to created a correct GoldCard.
2. After that I downloaded the files psneuter, PC10IMG.zip and root. But in this threat is written, that I have to extract "misc_version_01.zip". Where is this file? I searched in this forum and downloaded a file named like this. Are there Differences or is a special version needed? I copyed the PC10IMG.zip to the SD-Card and put this to the cell.
3. then I booted the cell again, connected it to the desktop and used the following commands to put the downloaded files to the cell
Code:
adb push psneuter /data/local/tmp
adb push misc_version /data/local/tmp
adb shell chmod 777 /data/local/tmp/psneuter
adb shell chmod 777 /data/local/tmp/misc_version
adb shell /data/local/tmp/psneuter
adb shell
After that I should get the # - symbol instead of the $ - symbol which means, that I rooted the phone. But here is my first problem, I didn't get the # - symbol, so I don't have the permission to start the next programms.
4. Normally I would do next the following commands and then to reboot and flash the older Firmware.
Code:
/data/local/tmp/misc_version -s 1.33.405.5
exit
adb reboot bootloader
But when I reboot, the bootloader is looking for the PC10IMG.zip, is loading and checking this ... and gives me the information
CID incorrect!
Update Fail!
Press <POWER> to reboot.
Well, this is the next big problem.
Cold anybody tell me, where my mistakes are? I read 2 days in the forum, tryed a lot to get the final result, but now I don't have the time anymore to continue in this way.
THanks a lot. with best regards, Speedy8
Mods please move to q&a
Always check the stickies
http://forum.xda-developers.com/showthread.php?p=43195539
Follow the threads linked here, don't use any other to root your phone, they will either be outdated or cause you trouble.
After following these threads if you still have issues post back and I'll try to help ya
Best of luck!
Sent from my Nexus 4 using xda premium
well ... I searched again today ... and found the following threat, which was working on my cell-phone.
And also at the cyanogenmod-page you can find the relevant things to root the Desire Z. You can find it here.
Now I will first install the latest cyanogenmod, which is for the Desire Z not the Android 4, but at the moment newer than 2.3.3.
Thanks for answering, my Questions are answered.
With best regards.