Develop Bugs

Unlock your Omnia!

OMG!! At last it's working!!
Tried it for several times but now this method works.
For people who couldn't manage the unlock methode try to enter 6 instead of 5 digits after step 1.
Go to the registry, HKCU\System\State\PHONE, and wrote down the first 6 digits of the value of the IMSI entry.
1. type *7465625*638*# to set
2. type the first 6 digits of the value of the IMSI entry here.
3. type your new NCK (12345678), then OK
3. type *#7465625# to check your lock (network lock still enabled)
4. type #7465625*638*# and type your NCK (12345678)
5. enjoy.

old news was posted a few days ago

joeblack2k said:
old news was posted a few days ago
Click to expand...
Click to collapse
Yes but for many people/roms it didn't work. When you do that registry search you'll have the right code immediately.

Samsung M8800
hubo2000 said:
Yes but for many people/roms it didn't work. When you do that registry search you'll have the right code immediately.
Click to expand...
Click to collapse
Hi, guys I can see u had lots of work done on unlocking the Omnia but i did the mistake of buying the M8800 for my girlfriend and cant find the way to unlock it so she can put her simcard...since these codes work for the Omnia, is there a way to adapt them to work on my phone?many thanks and great work u ve done

BICKLARS said:
Hi, guys I can see u had lots of work done on unlocking the Omnia but i did the mistake of buying the M8800 for my girlfriend and cant find the way to unlock it so she can put her simcard...since these codes work for the Omnia, is there a way to adapt them to work on my phone?many thanks and great work u ve done
Click to expand...
Click to collapse
I found this method by searching the forums and googling. I'm not a big geek in this sorry.

this does not work on t*omnia
i have the device running on mobily is saudi arabia. if i input 420032 i get "inncorrect mcc/mnc"

can you use this on vzw omnia i910?

yes, PLEASE, is there a method for the i910

1,000,000 Thx to hubo!
I always had the message "failed to set....". With our describtion i entered 6 numbers and it worked!!!! - lol
Happy ))))
Thx a lot
Neutronsis
P.S.: sorry for worse english, its not my favorite language

help please
Hi guys, i need some help please
it's kind of funny and i'm sure u'll laugh hhhhh
i tried that code *7465625*638*00000000*00000000# on a samsung SGH E250 that was already unlocked... and it was locked on the carrier that was already inside "SFR France", i use that phone when i visit my workers to not make them seem less richer than me so that we can be on the same level at work "u see what i mean" and i have a lot of contacts there.
i tried the #7465625*638*00000000# but it tells me wrong password!! hhh Could you help me to unlock it please??
thank you very much

Unlock your Omnia
I have installed Total Commander - but cannot find the registry. Can someone help me out, please. Not ever used Total Commander before.

I tried on my omnia, and it worked, the network lock disabled (I tried the second description).
But my simlock is still enabled, how can I disable it??

hubo2000 said:
OMG!! At last it's working!!
Tried it for several times but now this method works.
For people who couldn't manage the unlock methode try to enter 6 instead of 5 digits after step 1.
Go to the registry, HKCU\System\State\PHONE, and wrote down the first 6 digits of the value of the IMSI entry.
1. type *7465625*638*# to set
2. type the first 6 digits of the value of the IMSI entry here.
3. type your new NCK (12345678), then OK
3. type *#7465625# to check your lock (network lock still enabled)
4. type #7465625*638*# and type your NCK (12345678)
5. enjoy.
Click to expand...
Click to collapse
I dont have any entry like this in my reg. My phone is not currently active. I want to re-program my omnia i910 from verizon service to GCI wireless in alaska, any ideas?

thanks for code
first time here and would like to thank hubo 2000 after stage 2 of ur method i still got cannot set message so i ignored that and typed in stage 3 code wow got the lock status then followed the rest of ur method and im'e now the proud owner of unlocked omnia i900 ,thanks again

Unlock it using code.

[Q] i have msg error when i unlock bootloader

Failed remote : oem unlock failed
plz help

I suppose that You have ability to unlock your BL...
If yes:
1. Make sure that You have a proper unlock code and you didn't misstyped
If that not working:
2. Instal Arc in another USB port
3. Disable Antivirus software
4. Try again
That worked for me.
If still nothing ... I really don't know
I hope it helps.
BR

Did not work
When I enter the site
unlockbootloader sonyericsson com
And I put in the code * 06 # seems to me their number serial number 15 categories and required only 14 at the beginning and at the end the number 0 0 What Delete
Thanks

bakry3d said:
Did not work
When I enter the site
unlockbootloader sonyericsson com
And I put in the code * 06 # seems to me their number serial number 15 categories and required only 14 at the beginning and at the end the number 0 0 What Delete
Thanks
Click to expand...
Click to collapse
Skip last digit.

yes yes yes yes
thaaaaaaaaaaaaaaaaaaaaaaaaaaaaank uuuuuuuuuuuuuuuuuuuuuuu Thanks Meter 2

bakry3d said:
thaaaaaaaaaaaaaaaaaaaaaaaaaaaaank uuuuuuuuuuuuuuuuuuuuuuu Thanks Meter 2
Click to expand...
Click to collapse
ooo maaaann...
You just made my day...

save remove simlock galaxy gio s5660

hello people,
i've found finaly a save way to unlock a samsung galaxy gio simlock.
i worked 9 day's ,3 hours every day and 2 broken gio's to vind the save way.
first your gio needs to be rooted.
i run 2.3.3 so i root my gio by a update.zip (Just Search on xda how you get it)
also you need the adb files on your pc (Just Search on xda how you get it)
oke, lets start.
your phone must be turned on.
1, first, you go to the commandline of your pc.(win xp "start->run->cmd" win vista/7 "start->cmd"
and type "cd\", now you are in the root of your hard drive
2, second, you type "adb shell".
3, after that, you type "su", now you have super user rights.
4, than, type "cat /dev/bml5>/sdcard/bml5.img"
5, now type twice "exit". you're disconnected with your gio.
6, than, type "adb pull /sdcard/bml5.img"
now you can find the file(bml5.img) in c:\
7, open the file with a hex editor ( i used HxD)
8, than search for "FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 30 30 30 30 30 30 30 30"
and set datatype to "hex"
now you can find the key's several times when you pres F3.
you can find there two versions of 8 digits.
note that somewhere .
now shutdown your phone and put a not accepted sim card in and start it.
Now you can enter the password to unlock the phone sim.
i'm sorry for my bad english, I have havy dyslexia, if there is someone that can take out the spelling errors than send me a message.
if there are problems or something like that , send me a message,
good luck,
beun92

Can any1 confirm this?

I successfully unlocked two Bell Canada S5660M phones with this method. The bml5.img for the two phones were of different lengths and the unlock codes in different locations within the file.
Note: I had no sim card in the phone during the procedure and it was in airplane mode.
I killed an m550 a couple of weeks back trying to do the stl5 method.

I would like to know if anyone can post the update.zip file on here. I am having so much trouble with this right now. I have even replaced the update script and nothing works.
Thanks in advanced!

Badgerness said:
I would like to know if anyone can post the update.zip file on here. I am having so much trouble with this right now. I have even replaced the update script and nothing works.
Thanks in advanced!
Click to expand...
Click to collapse
If you are looking for the update.zip you can find it here : Samsung Galaxy Gio update.zip for rooting
If is not working in recovery mode the zip file try to flash your phone with odin and choose one package.

Huh? You worked 9+ days to find a save way? Don't thinks so. This is my work.
Please mention your source next time. My post is here:
http://forum.xda-developers.com/showpost.php?p=17148825&postcount=334
And I think you know that
Cheers

beun92 said:
hello people,
i've found finaly a save way to unlock a samsung galaxy gio simlock.
i worked 9 day's ,3 hours every day and 2 broken gio's to vind the save way.
first your gio needs to be rooted.
i run 2.3.3 so i root my gio by a update.zip (Just Search on xda how you get it)
also you need the adb files on your pc (Just Search on xda how you get it)
oke, lets start.
your phone must be turned on.
1, first, you go to the commandline of your pc.(win xp "start->run->cmd" win vista/7 "start->cmd"
and type "cd\", now you are in the root of your hard drive
2, second, you type "adb shell".
3, after that, you type "su", now you have super user rights.
4, than, type "cat /dev/bml5>/sdcard/bml5.img"
5, now type twice "exit". you're disconnected with your gio.
6, than, type "adb pull /sdcard/bml5.img"
now you can find the file(bml5.img) in c:\
7, open the file with a hex editor ( i used HxD)
8, than search for "FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 30 30 30 30 30 30 30 30"
and set datatype to "hex"
now you can find the key's several times when you pres F3.
you can find there two versions of 8 digits.
note that somewhere .
now shutdown your phone and put a not accepted sim card in and start it.
Now you can enter the password to unlock the phone sim.
i'm sorry for my bad english, I have havy dyslexia, if there is someone that can take out the spelling errors than send me a message.
if there are problems or something like that , send me a message,
good luck,
beun92
Click to expand...
Click to collapse
failed at step #4 it says read only file system 'about bml5.img', my s5660m is rooted and granted access when superuser popup did I missed some thing.
Many Thx

tweakradje said:
Huh? You worked 9+ days to find a save way? Don't thinks so. This is my work.
Please mention your source next time. My post is here:
http://forum.xda-developers.com/showpost.php?p=17148825&postcount=334
And I think you know that
Cheers
Click to expand...
Click to collapse
i'm sorry but i didn't see your post and yes i,ve work 9+ days to find it out by myself.
but I do not want to fight, its better that everyone does what he can and i'm sorry if i hurt you.

Geen probleem
Only from my post you can see it was posted one day earlier.
So I was surpised.
Cheers

mobilis2009 said:
failed at step #4 it says read only file system 'about bml5.img', my s5660m is rooted and granted access when superuser popup did I missed some thing.
Click to expand...
Click to collapse
I have the same problem, error message "cannot create /sdcard/bml5.img: read-only file system". Do I need to type"chmod 777 sdcard" or this command is not right? I already bricked one phone by stl5 and changing perso.txt, this time I just don't want to take any chance. Anybody can help?
Thank you very much.

Samsung Gio: Network Lock Control Key
I was successful unlock SIM after enter 8 digits number (using safe method from forum) and another message come up asking for "Enter Network Lock Control Key". what should I do to get the key for network lock. Please help
Thanks

Nope. Don't use " and after cat, leave a space before writing the rest of the command, so it will be: cat(space)/dev/bml5>/sdcard/bml5.img
Then work as told.
In step 6, is the same, leave a space after adb shell.
It worked on my I5500-L "Europa"

Thanks a lot for the bml5 method!!
It works on my Samsung DART T-499, bought from Target U.S.

happy because thanks to this method will unlock a T499 dart to tmobile or I could give the code unlock thanks to the entire team and who possible this.!!

Need help with this ....
Hi guys ! Great job are You doing here !!! Congratulations and good luck!
...I have an Galaxy GIO and I try, using tutorial from post #1 to unlock him. Unfortunately, I could not ...this is the message : "permission denied"
I follow the steps, with temporary rooting of phone ....
Please help ! What else can do ?!
Thanks in advance !
=====
I try even SuperOneClick v2.3.3 , but without succes ...My phone dont want to be rooted !!!
LE : Gingerbread 2.3.6 ; S5660XXKT6

I try even SuperOneClick v2.3.3 , but without succes ...My phone dont want to be rooted !!!

Bruteforce rooting no longer works on 2.3.6 (RageagainstTheCage, SuperOneClick etc)
Search for AceGingerRoot.zip, put it on sdcard, use adb from dos box to do "adb reboot recovery", apply AceGingerRoot.zip from recovery. Ready.
Cheers

preconcep lyfates
Thank You so much ! Best regards !
===
L.E. : I DID IT !!! Thank you all so much !!!
First : I rooted my phone using this : http://forum.xda-developers.com/showpost.php?p=24937460&postcount=1
Second : I apply the metod (safe !) with dev/bml5, like here : http://forum.xda-developers.com/showpost.php?p=17148825&postcount=334
Third : I search the unlock code using "FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 30 30 30 30 30 30 30 30" , like here : http://forum.xda-developers.com/showpost.php?p=17179138&postcount=1. I found one code, several times when pressing F3.
Fourth : I start my GIO with locked sim inside and I type the code.
Now I have an rooted phone with unblocked network ! You, guys, are fantastic ! Keep it so ! Thanks again !

ME TO
SPnewb said:
I have the same problem, error message "cannot create /sdcard/bml5.img: read-only file system". Do I need to type"chmod 777 sdcard" or this command is not right? I already bricked one phone by stl5 and changing perso.txt, this time I just don't want to take any chance. Anybody can help?
Thank you very much.
Click to expand...
Click to collapse
Same problem here
|cannot create /sdcard/bml5.img: read-only file system
SOLVED just turn off Kies

beun92 said:
hello people,
i've found finaly a save way to unlock a samsung galaxy gio simlock.
i worked 9 day's ,3 hours every day and 2 broken gio's to vind the save way.
first your gio needs to be rooted.
i run 2.3.3 so i root my gio by a update.zip (Just Search on xda how you get it)
also you need the adb files on your pc (Just Search on xda how you get it)
oke, lets start.
your phone must be turned on.
1, first, you go to the commandline of your pc.(win xp "start->run->cmd" win vista/7 "start->cmd"
and type "cd\", now you are in the root of your hard drive
2, second, you type "adb shell".
3, after that, you type "su", now you have super user rights.
4, than, type "cat /dev/bml5>/sdcard/bml5.img"
5, now type twice "exit". you're disconnected with your gio.
6, than, type "adb pull /sdcard/bml5.img"
now you can find the file(bml5.img) in c:\
7, open the file with a hex editor ( i used HxD)
8, than search for "FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 30 30 30 30 30 30 30 30"
and set datatype to "hex"
now you can find the key's several times when you pres F3.
you can find there two versions of 8 digits.
note that somewhere .
now shutdown your phone and put a not accepted sim card in and start it.
Now you can enter the password to unlock the phone sim.
i'm sorry for my bad english, I have havy dyslexia, if there is someone that can take out the spelling errors than send me a message.
if there are problems or something like that , send me a message,
good luck,
beun92
Click to expand...
Click to collapse
Thank you !!!!
It worked after following your indications - a bit tricky finding the right adb software and validating in the phone after su command (you have to watch your phone screen while doing all the steps). For all the difficult steps a simple google search solved the problem.
All happened after replacing the old battery with a new one - the unblocked phone became all of the sudden blocked with network code.
Thanks again for sharing this and avoiding me spending some money and waisting time !

Unlock all galaxy phones free no bs sites or apps and its free and easy for anyone

Alright let me guess you want to unlock your galaxy right.so you went to the play store and downloaded an app that did not work.if you want to unlock your galaxy phone this is how no bs.
1.download super one click on your computer.newest fw works best.hook your phone to comeputer make sure debuging mode is on wait for it to insall the drivers and crap.when its done doing all that open super one click and click root wait for it to finish.super one click puts superuser on for you.
2.dissconnet your phone go to play store down load hex editer.open it.
3.ok your almost done.now this is the vary inporent part so read it all ok.
?
4.in hex editer go to /efs click it then go to /root then /afs then /settings then /nv_data.bin
DO NOT MESS WITH ANY HEX CODE OTHER THEN WHAT I TELL YOU
5. Go all the way down till you see on the left hand side in white 1468 thats the line you must edit to unlock.
6. It will say ff then 01 click on 01 change it to 00 push save.also push save at the bottem.exit the app.turn off phone put in any sim card.it will not ask for unlock code.
NOW YOUR GALAXY IS UNLOCKED HAVE FUN? ANY QUESTIONS POST BELOW? my psn is stellarock 420 email [email protected] twitter.jamesolaney19

Redmi note 8 pro, begonia 12 global, Mi locked, bootloader locked

Hi there
I bought a Mi locked Xiaomi Redmi 8 pro from a legal source (can explain and proof via pm if you want,).
I was aware that its locked but I like the challenge
Till now I was able to flash official stock Rom with Sp Flash and also to format the partition with the Mi account authentication files. After that I am able to go through the setup but the moment I connect it to the internet, it will lock again, After you skip the w-lan connection setup the setup will somewhen give out something like "you did not set up a google account, so you have to do the setup again" - so no way so far to start without connecting to internet, no chance to get root access..
Tried this without any internet connection or sim card inserted.
Next thing I thought about was to install a custom Rom with Sp Flash, but could not find a Rom with scatter file yet. No clue if that would help either to avoid the Mi Account request.
I was also thinking to install TRWP to make flashing and so on a bit easier. Can't unlock bootloader, nor root the phone and I am pretty much a noob. Is it even possible (maybe with Bluestacks and Sp Flash ? Yet I wasn't even able to read out the IMEI ...
Would be happy for any help or even solutions. I'd be fine if it would run on somewhat working Linux or custom rom. Keen to try whats possible
Thanks in advance for youre help.

Thought to myself it might be possible to flash a Chinese Rom (without Gapps) and setup without internet connection just to get root access

M1k3.7 said:
Thought to myself it might be possible to flash a Chinese Rom (without Gapps) and setup without internet connection just to get root access
Click to expand...
Click to collapse
It appears I'm talking to myself here ;D
I managed to flash the Chinese stock ROM on the phone. Was same as flashing the global one. After the flash it started up but prompted the same screen where it says the device is Mi account locked. At least i guess it said the same as it was in Chinese
I have to do what i did before - format the partition with the Mi Account on the phone with Sp Flash.
Unfortunately for some reason Sp Flash doesn't want to work anymore. It gives out an error code which apparently says that the USB output power is too low, although i haven't connected the phone nor anything else via USB on the laptop... . Downloaded Sp Flash again, tried the scatter file from the global version, different download manager files and authentication files from different sources.
Every time i get the same error message within a couple seconds after i press "start" after i copy in the start partition and length of the authentication files . Did look up if its the same partition in the Chinese ROM scatter file and it is. Did also try to connect the phone within the time but doesn't work either.
Yeah, that's it for today. Surely a problem with Sp Flash or Windows or the hardware around and not with the phone. Might try it with the other Linux laptop I have but I'm not really good with Linux.
I'm on it and I think if i could just delete the Mi Account partition once more, I could root the phone and install TWRP bootloader to make it a bit easier.

Yeah !
I did use a different windows laptop. Installed Sp Flash, downloaded the Chinese Stock Rom again, libusb devel driver, Python, ...
It worked ! I was able to format the partition wit the Mi Authentication code and setup the phone. As the Chinese Version comes without Gapps (but with english language package) I was able to finish the setup.
Opened developer options, USB debugging mode on, Bootloader unlocked (that's what it says in the settings, buy it's not) ! Way to go
In fact I could install a VPN App via USB right know and trick the Mi Account verification. Could install Gapps (no, I tried and could not) and that's it if the phone is not Google locked as well.
But I will try to install TWRP and a custom ROM first as I don't like bloatware. Still got no answer if custom Rom's do come with Mi Account request
Any help would still be well appreciated

Hi again in my "only me" thread
Had no luck so far to unlock the bootloader. Did install a VPN via usb to use the imternet. Works fine.
Tried to install Google Apps Installer from the Chinese App Store. Hangs on 3% without message.
Right now I'm downloading an older Chinese Stock Rom and will try to downgrade the phone with it. Might help or not, who knows
Would be interesting if it's Google locked as well.
Anyway, I'm not giving up yet. If I'm not able to bring it further, I will use the phone like it is with drony anyway. Won't resell it.
I'll keep trying

M1k3.7 said:
Hi again in my "only me" thread
Had no luck so far to unlock the bootloader. Did install a VPN via usb to use the imternet. Works fine.
Tried to install Google Apps Installer from the Chinese App Store. Hangs on 3% without message.
Right know I'm downloading an older Chinese Stock Rom and will try to downgrade the phone with it. Might help or not, who knows
Would be interesting if it's Google locked as well.
Anyway, I'm not giving up yet. If I'm not able to bring it further, I will use the phone like it is with drony anyway. Won't resell it.
I'll keep trying
Click to expand...
Click to collapse
Update:
After downloading the older Stock Rom (from 2019) I chose the scatter file and connected the phone via bypass tool as usual. Sp Flash won't find the phone ...
Did install the phone with USB devel driver to another USB Port, bypass works --> SP Flash still won't find it.
It seems SP Flash saves Scatter (or ROM) files somehow linked to the driver. When I loaded the old scatter file, SP Flash could find the Phone again. That was probably the problem on the other Laptop too.
I do have a third laptop (kids in school and "bring you're own device ) but that's the Linux one. I also have a Windows PC ...
That would allow me to do the same procedure with two other Rom's, I guess
Don't really wanna try that as it's most likely one or two nasty rules in the windows registry. Again, I'd really appreciate help
That means I will try to solve the problem with what I have now. The working Phone with latest Chinese Stock Rom and Drony but without Gapps.

Will try to block the connection to Mi Cloud and updates on my wifi router.
This should allow me to install a gloabl Stock Rom again which comes with Google Apps. If the device is no Google locked, I could have at least a working phone with Drony always on

Success !
I was able to block the Mi Account checkups in the router and flash my phone back to the newest global Rom !
First i added Url Filters in my Router. I checked the blocked URL's in the Drony App on my Chinese Rom phone. My Router blocks the following Url's:
find.api.micloud.xiaomi.net
data.mistat.xiaomi.com
update.miui.com
i.mi.com
After that i tried to flash the latest Global Stock Rom from the official Xiaomi page and failed first. Got the same error message as i got when i wanted to flash the older Chinese Rom. I figured out that you have to deactivate "Tracing" in the Sp Flash Settings.
It would be probably enough to delete every saved folder in the log file path which is "C:\ProgramData\SP_FT_Logs". ProgramData is hidden, so i choose to try just deactivate tracing at all and it worked for me.
After the flash I had still a couple Chinese and other (Drony, Miracle, UC Browcer, ... ) apps with setings installed. Somehow it saved the Apps and Settings. Most of the Chinese apps where gone though and i was able to go through the Setup with giving it a Gmail account and so on. Google Apps working fine.
After couple minutes I got a message that an android app doesnt work. Couldn't stop it.
At this point I did a "random" factory reset --> with no sim card (mobile data) installed.
This deleted all settings and again, the setup worked just fine.
Right after the Setup i installed the Drony App again and blocked the necessary Apps. Use YouTube or Google to find the right Drony Settings. When Drony is running you can insert you're SIM card and use mobile data
Thats it so far. I have a phone with up to date Firmware but disabled firmware updates, can install practically every App from Google App Store and connect to the Internet with Drony App in between. Activated Developer Mode and USB Debugging (nor necessary).
In fact, with mobile Data off and connected to my home Wifi i could use the phone without VPN App (Drony}.
-------------+++++++++------------
What would I try if I would buy another phone like this ?
I'm just a random guy who bought a locked phone. If you try any of the following on your phone I do not take any responsibility !
1) block the URL's which you can find above
2) https://forum.xda-developers.com/t/...d-flash-in-edl-with-no-auth-for-free.4229679/
At point 9 it says: "Connect powered off phone with volume- button to boot in EDL mode"
You are probably not even able to power off youre phone and you DO NOT need to open your phone to disconnect the battery.
When the phone is on (your'e phone is locked screen or so), press and hold the power button and volume up button, until the phone shuts off. At this very second let the power button go and just keep the volume up button pressed and connect the USB C cable to your phone . That's it.
The libusb filter driver window should find the mtk device. Klick on it quickly and install. It should prompt driver successful installed. No problem if you're not fast enough. Just try again. Even if your device disappears from the list meanwhile - it is installed after this message.
Keep the buttons and the procedure in mind as you will need it later on when you do the bootloader bypass itself with the bypass.bat. Try it again and again till it says "driver installed" when it comes to the "how to install" message at #10 --- and the "protection disabled" at "how to bypass" #3 part.
------------------------------------------------------------
Furthermore you probably don't need to flash (Sp Flash -> download) your device at all. It might be enough if you choose the scatter file of your downloaded Rom , the mtk all in one Download agent and the auth_sv5.auth authentication file.
Then go to "Format" in Sp Flash Tool. Tick "manual format flash" and give begin address
0xe188000 and format length 0x4678000 . After this your phone will boot into setup mode.
DO NOT DO THIS IF YOU ARE NOT SURE YOU HAVE THE RIGHT PHONE, SCATTER FILE, STOCK ROM AND THE RIGHT FIRMWARE ON YOUR PHONE !

The phone is working fine so far. I still want to unlock the bootloader and finally install TWRP and a custom ROM.
Can't say when this will happen, as it's my daughter's phone now
I might also try to deactivate or manipulate the apps which took up the IMEI on the MI account servers. Given that I have developer settings and USB debugging activated I can practically delete or change every single file on the phone but the bootloader.
Maybe I can get rid of the Drony App this way.

It's fun to read your journal.
But unfortunately, unlocking bootloader needs to bind your phone to a mi account. And you have an account lock problem. I guess it won't happen until you solve that.
There is mi account unblocking service out there if you will to spare bucks, but I haven't tried any of it, and as promoting such service is against xda rule, I can't tell you any name here.
Personally, I will keep my hands away from something with account problem. My best experience is buying a bricked phones (redmi note 5 pro, redmi note 8 pro).

kekesed97 said:
It's fun to read your journal.
But unfortunately, unlocking bootloader needs to bind your phone to a mi account. And you have an account lock problem. I guess it won't happen until you solve that.
There is mi account unblocking service out there if you will to spare bucks, but I haven't tried any of it, and as promoting such service is against xda rule, I can't tell you any name here.
Personally, I will keep my hands away from something with account problem. My best experience is buying a bricked phones (redmi note 5 pro, redmi note 8 pro).
Click to expand...
Click to collapse
Thank you for you're reply.
When I bought the phone I actually wasn't aware that the bootloader could be locked. As I said I've not much of an idea and thought I could at least flash a custom ROM on that phone. I know nothing and knew even less a couple weeks ago
I'm aware that there are unlocking services you can pay for. Did not really look into that yet.
I have still a couple options. The guy I bought the phone from does know the name and email of the other guy who but in the mi Account in the first place. That guy is willing to remove the Mi lock if I'd bring the phone to him. He's rather far away though and a flight-ticket is not really worth it
The other option is to pay for it - as you said - but I doubt there is a store nearby me and I don't want to pay a random online based service from I-don't-know-where as the phone works fine like it is now and my daughter is happy.
Another option would probably be to buy another phone with broken screen (but not locked) or so or maybe just the motherboard. I'm not sure though if it's enough to exchange the motherboard or not
Or I could just leave it for now and wait if someone programs a working bootloader key generator or unlocking tool for the phone. That's maybe already out somewhere or it will be next week or in 5 years - who knows
If nothing works, it's fine too as long as it runs like it does now with the VPN.

M1k3.7 said:
Thank you for you're reply.
When I bought the phone I actually wasn't aware that the bootloader could be locked. As I said I've not much of an idea and thought I could at least flash a custom ROM on that phone. I know nothing and knew even less a couple weeks ago
I'm aware that there are unlocking services you can pay for. Did not really look into that yet.
I have still a couple options. The guy I bought the phone from does know the name and email of the other guy who but in the mi Account in the first place. That guy is willing to remove the Mi lock if I'd bring the phone to him. He's rather far away though and a flight-ticket is not really worth it
The other option is to pay for it - as you said - but I doubt there is a store nearby me and I don't want to pay a random online based service from I-don't-know-where as the phone works fine like it is now and my daughter is happy.
Another option would probably be to buy another phone with broken screen (but not locked) or so or maybe just the motherboard. I'm not sure though if it's enough to exchange the motherboard or not
Or I could just leave it for now and wait if someone programs a working bootloader key generator or unlocking tool for the phone. That's maybe already out somewhere or it will be next week or in 5 years - who knows
If nothing works, it's fine too as long as it runs like it does now with the VPN.
Click to expand...
Click to collapse
You can ask him to unregister your phone from his account. It's the best bet.
Wait, I will test it to my old redmi note 5.

Just tested with my redmi note 5 pro. Apparently you can unlock it if you have access to your mi account. I'm sure you don't have google frp lock there so I logged out from my google account before testing.
How did I do that?
1. I did a backup on /data partition using OrangeFox
2. I erased my google account and leaving mi account intact
3. I did a factory reset by le old 3 wipe (data, cache, dalvik-cache), leaving emulated storage intact
4. I rebooted my phone
5. Upon welcome screen, I connected to mobile data and welcomed by "Login to your MI account" screen. I connect to a wifi network here
6. I went to i.mi.com, and login to my account.
7. I clicked on "Find device", and deactivated find device there
8. I clicked on my profile logo -> Devices and storage
9. I clicked on my test device
10. I clicked on "Erase device" and agreed to the next dialog box
11. My device was removed from my account
12. I restarted my device and that annoying lockout screen is gone
13. I skipped everything on welcome screen and checked wether my files are intact or not. It is
14. Test finished. Now restoring my old data

Hello
The seccfg partition unlocks the device.
You must initially unlock the bootloader through the MiUnlock application, then recover (save) the seccfg partition (which contains the bootloader unlock information). But, it is easier to get rid of the requirement of the MiUnlock app.
1) Recover your "seccfg" partition:
* the phone in normal mode =
- We launch the command prompt and we write
adb shell
ls -al /dev/block/by-name
or
adb shell
ls -al /dev/block/platform/bootdevice/by-name
- Output (looking for "seccfg") =
lrwxrwxrwx 1 root root 16 2021-03-06 23:25 seccfg -> /dev/block/sdc13
- We get "seccfg" on the internal memory =
dd if =/dev/block/sdc13 of =/sdcard/Partition_seccfg
(I named "Partition_seccfg", but you give the name you want)
- You save "Partition_seccfg" on your PC
* We can recover the "seccfg" partition by SPFlashTool
- Edit your "MT6785_Android_scatter.txt" from a stock ROM (with Notepad or other)
- We are looking for "seccfg" =
partition_index: SYS14
partition_name: seccfg
file_name: NONE
is_download: false
type: NORMAL_ROM
linear_start_addr: 0x13800000
physical_start_addr: 0x13800000
partition_size: 0x800000
- We turn off the phone
- we switch to EDL mode with the python script "bypass_utility-v.1.4.2" (see on the web for installation and other information, among other things to unbrick the phone)
- we do a "readback of the" seccfg "partition with SPFlashTool using linear_start_addr: 0x13800000 and partition_size: 0x800000 (check the location on the PC, where the "seccfg" partition will be saved with the name you have chosen)
2) Modify your "seccfg" partition:
* We edit the "seccfg" partition with a hexadecimal editor (Notepad or other)
- Total size 000000000 to 007ffff0 (000000040 to 007ffff0 : zero bytes = 00)
- Address 000000000 to 00000003f, we find :
0000000 to 000000f
4d 4d 4d 4d 04 00 00 00 3c 00 00 00 02 00 00 00
0000010 to 000001f
00 00 00 00 00 00 00 00 45 45 45 45 3d aa 79 3b
0000020 to 000002f
eb b0 56 bd 53 48 d3 6e 7d 54 a0 41 0c 2d 1a 90
0000030 to 000003f
58 1a 9c 5f ab 90 cc 0f 5c 11 63 a2 00 00 00 00
(The bootloader is locked!)
- We modify with our hexadecimal editor (Address 000000000 to 000000030) :
0000000 to 000000f
4d 4d 4d 4d 04 00 00 00 3c 00 00 00 03 00 00 00
0000010 to 000001f
00 00 00 00 00 00 00 00 45 45 45 45 57 b3 59 5d
0000020 to 000002f
9e bc 3d 02 33 91 84 9a 42 59 54 8e 07 aa 0f 34
0000030 to 000003f
f1 bb 1e 47 ea 8e cf 76 fb de 79 7b 00 00 00 00
(The bootloader is unlocked!)
- We save our changes
3) Write your "seccfg" partition on the phone:
* We flash the "seccfg" partition
- fastboot flash seccfg "path on your PC"\"name of your saved seccfg partition" (E:\MyFolder\Partition_seccfg for example), in fastboot mode,
- SPFlashTool using EDL mode with the python script "bypass_utility-v.1.4.2 "and by flashing your rom by not checking that the partition "seccfg",
- in adb mode, with the opposite operation, after having copied your partion "seccfg" on the internal memory of the telephone (name "Partition_seccfg" that I gave and that you choose) :
adb shell dd if=/sdcard/Partition_seccfg of=/dev/block/sdc13
- We restart the phone and the bootloader is unlocked without intervention from Xiaomi or other!
4) Warning :
Once all this information is published, subsequent MIUI updates may destroy our efforts by scheduling the bootloader release in a more complicated way!
If I manage to re-enable telephony after changing the IMEIs and serial number of the phone, I will let you know. If anyone knows how to reactivate telephony after making these changes, let us know.
Hi. See you soon.