Related
There is a modem for the optimus G here:
http://downloads.codefi.re/houstonn/lgog/modem/E975_E977_E976
but it is from firmware 10b. You may want to try if it works better than your firmware. In this case, it is better if you make a backup of your current modem firmware, so you can go back to your version. Here I will write instructions to backup your modem, so you can restore it if you need.
Probably some of you know this already and feel like these are old news, but maybe we can build a modem firmware library.
You need root and a way to make an adb connection to your phone. If you cannot use adb, you can always use a terminal emulator on your phone, but this makes it a bit harder to type the commands. Also, this is for people who understand what they are doing. If after reading the tutorial you don't understand what the commands do, please don't try it. Or at least don't make me responsible if your phone bricks. Here we go.
NON NEEDED STEPS: This steps are here to show why this works.
1-Connect to your phone by adb.
2- On the terminal type :
Code:
mount
You'll see the following (amongst other things):
Code:
/dev/block/platform/msm_sdcc.1/by-name/modem /firmware vfat ro,context=u:object_r:radio_efs_file:s0,relatime,uid=1000,gid=1000,fmask=0337,dmask=0227,codepage=cp437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro 0 0
This means that the partition containing the firmware is /dev/block/platform/msm_sdcc.1/by-name/modem and it is mounted at /firmware.
NEEDED STEPS
1- Connect by adb
2- On the terminal type
Code:
su
Check if confirmation is needed on the phone screen. If needed, accept.
3-
On the terminal type:
Code:
dd if=/dev/block/platform/msm_sdcc.1/by-name/modem of=/sdcard/modem.img
4-You will receive the following after some seconds:
Code:
131072+0 records in
131072+0 records out
67108864 bytes transferred in 29.959 secs (2240023 bytes/sec)
5-Type
Code:
exit
exit
adb pull /sdcard/modem.img
6-Now you have your backup.
HOW TO PACK THIS BACKUP FOR FLASH:
1-Download the file: cwm-lgog_e975-europe-10b_modem.zip from http://downloads.codefi.re/houstonn/lgog/modem/E975_E977_E976
2-Open the zip file and replace the existing modem.img with your file
3-Rename the file to something meaningful, like cwm-lgog_e975-europe-10f_modem.zip
After these steps, you should be able to flash any modem, knowing that you can go back to your old version.
You can upload the packed files here, so we can have a library. I will upload the modem from european 10f version here. I tested it and it works correctly, but I won't take any responsibility for what you do with this file.
Good luck.
All this info is obtained from examining the houstonn LGOG modem flasher from team codefire, so all thanks go to them. Thanks.
Very nice tutorial man. It will help newbies like me to back up and restore our modem.img, especially those who have F180* phones that wants or being converted to E975. Nice job. :good:
Nice,i'll add this to the Freaking Annoying Questions.
Sent from Asylum via LG E975/smart phones,dumb people.
Nice job.. Its work in e977 with 10a firmware?
Thx.
Sent from my LG-E975 using xda app-developers app
You should be able to backup your e977 modem following this tutorial.
renatonolo said:
Nice job.. Its work in e977 with 10a firmware?
Thx.
Sent from my LG-E975 using xda app-developers app
Click to expand...
Click to collapse
could you please do the same thing for the misc partition and upload it somewhere?
I saw that freegee is touching this one so please mention if your phone was opened with freegee.
sonty said:
could you please do the same thing for the misc partition and upload it somewhere?
I saw that freegee is touching this one so please mention if your phone was opened with freegee.
Click to expand...
Click to collapse
I am sorry, I am not going to upload my misc partition, as this partition contains my IMEI.
I can, however, tell you how to backup it:
Code:
dd if=/dev/block/platform/msm_sdcc.1/by-name/misc of=/sdcard/misc.img
Can I ask why you need that?
dapaua said:
I am sorry, I am not going to upload my misc partition, as this partition contains my IMEI.
Can I ask why you need that?
Click to expand...
Click to collapse
I had no idea the IMEI is also there. I asked for it because the baseband version is also stored there and it's kind of odd to know I'm flashing the modem from EU-10f and the displayed version is TW-10a. I'm still hoping to solve that issue.
Ah, OK. Tomorrow I'll check if the misc partition can be mounted, this would make editing it much easier.
dapaua said:
Ah, OK. Tomorrow I'll check if the misc partition can be mounted, this would make editing it much easier.
Click to expand...
Click to collapse
I think it is not possible to mount the misc partition.
“In any case, the misc partition isn't a "filesystem" partition as you are familiar with. It is actually just a simple data structure. In fact, only the system, cache, and userdata partitions are actually filesystem partitions, and the cache partition is only a filesystem partition part of the time -- during radio and spl updates, it also is used as a simple data structure with a header field and a payload field...”
http://forum.xda-developers.com/showpost.php?p=7254425&postcount=3
I was trying to find some additional info about this structure but without success so far.
On may F180K the misc partition has 16 777 216 Bytes. Some interesting offset:
0x8000 – 0x800E IMEI (15Bytes)
0x8800 – 0x8824 Baseband version (37Bytes)
0x9000 – 0x9024 Baseband version (37Bytes)
CyanogenMod display the last one data on the Settings->About phone->Baseband version
jumper8 said:
I think it is not possible to mount the misc partition.
“In any case, the misc partition isn't a "filesystem" partition as you are familiar with. It is actually just a simple data structure. In fact, only the system, cache, and userdata partitions are actually filesystem partitions, and the cache partition is only a filesystem partition part of the time -- during radio and spl updates, it also is used as a simple data structure with a header field and a payload field...”
http://forum.xda-developers.com/showpost.php?p=7254425&postcount=3
I was trying to find some additional info about this structure but without success so far.
On may F180K the misc partition has 16 777 216 Bytes. Some interesting offset:
0x8000 – 0x800E IMEI (15Bytes)
0x8800 – 0x8824 Baseband version (37Bytes)
0x9000 – 0x9024 Baseband version (37Bytes)
CyanogenMod display the last one data on the Settings->About phone->Baseband version
Click to expand...
Click to collapse
Thanks.
You are totally right, this partition is not a filesystem. And it is mostly empty, it's all zeros except for some bytes. Most of it are text strings, but there are some small binary parts.
I think the 0x8800 - 0x8824 part is the original firmware version.
I wouldn't touch that partition, seems too dangerous .
dapaua said:
I wouldn't touch that partition, seems too dangerous .
Click to expand...
Click to collapse
freegee touches it. I see it made a backup and the difference is that it changed some bytes to 0 (offsets 0x40-0x52), then wrote ANDROID-BOOT at offset 0x4000. the rest is the same. it seems there's nothing like a crc so basically I could write whatever I want in that version field. the bad part is that as an user you'll never know what modem version you have since its version is not stored on the modem partition. I wonder who came up with this system and what was he thinking.
thanks for the clarification. offtopic over .
sonty said:
I had no idea the IMEI is also there. I asked for it because the baseband version is also stored there and it's kind of odd to know I'm flashing the modem from EU-10f and the displayed version is TW-10a. I'm still hoping to solve that issue.
Click to expand...
Click to collapse
Some time ago I had the same issue. I solved it by modifying binary data on the misc partition. I was done this only on CM10.1 (F180K). I don’t know if it will work on other custom rom especially stock one.
Today I’ve done this one more time for preparation the following procedure. Maybe some one will use it on the future.
STEPS:
0. Backup the misc partition with your recovery. I was used CWM Advance Edition PhilZ Touch 5:
Backup and Restore-> Custom Backup and Restore->Custom Backup Job->Backup misc (*)
I’m not sure if all CWMs version support misc partition backup. TWRP not support it right now.
1. Dump the misc partition to /sdcard.
Code:
adb wait-for-device
adb root
adb shell "dd if=/dev/block/platform/msm_sdcc.1/by-name/misc of=/sdcard/misc_orig.img"
OUTPUT:
32768+0 records in
32768+0 records out
16777216 bytes transferred in 6.539 secs (2565715 bytes/sec)
2. Pull the image to your PC
Code:
adb pull /sdcard/misc_orig.img misc_orig.img
3. Edit downloaded image file by your favorite hex editor (e.g. Notepad++ with Hex-Editor plugin)
Find both baseband name strings (mine were on offset 0x8800 and 0x9000) and change them (CM10.1 use the last one to set gsm.version.baseband in file /system/bin/fetch-swv).
REMEMBER:
- Do not use regular text editor (like Notepad or vi) – they can add some extra characters to the file.
- If possible try to modify only bytes responsible for original baseband name. If the new name is shorter, simply put spaces char (0x20) to clear unwanted chars. If you need to put the longer name, be careful. I don’t know the max size for this string. There are dozens of zeros behind the baseband name on my image file. So, for testing I added extra 20 Bytes text. The new baseband name was shown without problem.
4. Push the modified image file to your phone
Code:
adb push misc_orig.img /sdcard/misc_mod.img
Check if size of the original and modified files are equal.
5. Write the modified image to the misc partition
Code:
adb shell "dd if=/sdcard/misc_mod.img of=/dev/block/platform/msm_sdcc.1/by-name/misc "
OUTPUT:
32768+0 records in
32768+0 records out
16777216 bytes transferred in 4.183 secs (4010809 bytes/sec)
6. Reboot your phone
DONE.
Hi all,
I just create a .zip to backup your modem / baseband / radio with your recovery (CWM / TWRP...)
ok as a newbie i cant figure out how to back up modem using adb... but after reading stuff what i did :
downloaded "Android Terminal Emulator" from playstore
open emulator in phone wrote as u mentioned :
su
dd if=/dev/block/platform/msm_sdcc.1/by-name/modem of=/sdcard/modem.img
after some seconds this came out :
131072+0 records in
131072+0 records out
67108864 bytes transferred in 15.229 secs
then :
exit
exit
after that i checked sdcard but there was no img file...
then i open file manager from the phone and there it was my precious :laugh:
size = 64mb... is it normal?
anyway .. made a new folder "modem" copied the img file into modem folder (using file manger) again connected the phone to pc copied the modem folder on my desktop...
hope it will help new guys here like me :good:
after installing the European kitkat I lost my LGOG E977 modem, anyone have some backup there to help me?
how to fix this?
:crying::crying::crying::crying::crying::crying::crying::crying::crying:
pedro5148 said:
after installing the European kitkat I lost my LGOG E977 modem, anyone have some backup there to help me?
how to fix this?
:crying::crying::crying::crying::crying::crying::crying::crying::crying:
Click to expand...
Click to collapse
root using towelroot. unlock and install custom recovery using freegee and flash the modem in this post via recovery: http://forum.xda-developers.com/showpost.php?p=54016773&postcount=4
akahroba said:
root using towelroot. unlock and install custom recovery using freegee and flash the modem in this post via recovery: http://forum.xda-developers.com/showpost.php?p=54016773&postcount=4
Click to expand...
Click to collapse
I already did that, did not work out ...
any more solution?
pedro5148 said:
I already did that, did not work out ...
any more solution?
Click to expand...
Click to collapse
Get back to JB and wait for your midel update
Back to JB I recovered the IMEI, but I have no carrier signal.
So do the root with towelroot, unlock custom recovery with FreeGee, do I back up EFS, and when I restart the machine it loses the IMEI.
So I install the modem and E97710b.kdz for E97710b model recover EFS and nothing happens, still no sign of the operator ...
---------- Post added at 02:22 PM ---------- Previous post was at 02:22 PM ----------
akahroba said:
Get back to JB and wait for your midel update
Click to expand...
Click to collapse
even going back to JB, I continued without the modem
I understand it is currently not possible to unlock a Razr M with 98.18.94 or 98.30.1 OTA. Never the less, I had been trying to restore a previous VooDoo root that I deleted before the last OTA. Through the experimenting, I screwed up the flash on my phone, and recovering it, I found something that might be interesting.
As others pointed out, downgrading does not work. Flashboot gives various errors. When I screwed up my file system, I was able to flash from 98.18.94 (which I had) to 98.30.1 (which was the only download I could find) using RSD Lite. I was lucky it worked. And since I have been able to experiment and keep flashing 98.30.1 over and over.
I would like to report that in my experiments, I noticed an interesting fact about the recovery.img:
I am able to flash stock 98.18.78 recovery to my phone running 98.30.1.
I have verified the recovery.img contents are not the same, according to a WinMerge file compare, they are ~10% the same
When I try to flash twrp or cwm recovery, the only fastboot error is to the effect "wrong partition size".
The size of .78 and 98.30.1 recovery are the same, 10,485,760 bytes
On the other hand, if I try to flash the .78 system.img fastboot, or use RSD lite to flash .78, I see different security related errors on the phone's fastboot screen- none of which mention partition size. Of course, this is related to the Locked Bootloader I have.
What I wonder is, since the error for the recovery.img is not a security related one, but one of size, and the fact that it took recovery from .78- I wonder if a cwm or twrp made to be the same size as stock Moto recovery, would it be able to sneak in?
Right now my Razr M has gone from 98.18.94 to 98.30.1 with a 98.18.78 recovery. And I'm working ok.
I am not a professional Android Dev. But I am going to do the research and try to modify a cwm type recovery to match the size of a Moto recovery, and see what happens.
I invite anyone with real experience to contribute.
Bryan
bryanwieg said:
What did you say?
Click to expand...
Click to collapse
Well I hope you have something here!
We need someone like jbaumert or Phil3759 to chime in here.
aviwdoowks said:
Well I hope you have something here!
We need someone like jbaumert or Phil3759 to chime in here.
Click to expand...
Click to collapse
I have already found that if I take the OTA recovery and unpackbootimg and then mkbootimg without changing anything.. it recompiles down to aprox 5mb, which is different than the size it started from Moto.
So I am looking at if the size is set in how the img is compiled.
30.1 and .94 are the same updates, just different system versions. As for the other stuff, I'm not even sure what to say. I'm with Avi on this, I definitely would like to see what a dev has to say.
New Philz coming BTW.
http://forum.xda-developers.com/showpost.php?p=48881182&postcount=2003
Others could ask for the padded up Philz or at least Quote my post.
http://forum.xda-developers.com/showpost.php?p=48886733&postcount=2004
aviwdoowks said:
New Philz coming BTW.
http://forum.xda-developers.com/showpost.php?p=48881182&postcount=2003
Others could ask for the padded up Philz or at least Quote my post.
http://forum.xda-developers.com/showpost.php?p=48886733&postcount=2004
Click to expand...
Click to collapse
I found out via a hex editor, both files have empty data insert after the same point, with certificate data at the end, and it winds up making each file the same size. The data before the 'empty data' in each file is mostly different bits.
My current problem is that when I decompile an img, and recompile it, it's bigger, meaning that I cannot insert the 'empty data' at the same point they did.
bryanwieg said:
I found out via a hex editor, both files have empty data insert after the same point, with certificate data at the end, and it winds up making each file the same size. The data before the 'empty data' in each file is mostly different bits.
My current problem is that when I decompile an img, and recompile it, it's bigger, meaning that I cannot insert the 'empty data' at the same point they did.
Click to expand...
Click to collapse
They are both signed with the 128, or more, bit code. Which is what makes this a such a Loooooong shot.
aviwdoowks said:
They are both signed with the 128, or more, bit code. Which is what makes this a such a Loooooong shot.
Click to expand...
Click to collapse
Well, you'r right on the money. I appended data to a CWM recovery the same as Moto did to thiers, including the certificate at the end.
I didn't get a partition size error this time, but I did get a 'Failed to hab check for recovery'.
Granted, I didn't manage to place the 'empty data' at the same point in the file as the stock roms did. Other than that, it must be the certificate.
bryanwieg said:
What I wonder is, since the error for the recovery.img is not a security related one, but one of size, and the fact that it took recovery from .78- I wonder if a cwm or twrp made to be the same size as stock Moto recovery, would it be able to sneak in?
Click to expand...
Click to collapse
No, because it first checks the size (or whether it's a valid image at all) and if the size is correct, it checks the signature.
I found that I can put recovery all the way back to 98.15.66. I haven't tried further back due to kernel version.
I tried to then apply an update ZIP to something pre 98.30.1, and it passed validation (woohoo), but if failed an assert that checked the version in the props. (cry)
I wish there was something in the older recoveies we could exploit.
Really glad to see someone is still trying to find some sort of exploit for this device in it's updated state, it seemed like everyone had completely given up on it. My girlfriend recently grabbed a used Razr M to use for a while but it's fully updated, and I would love to be able to root it for her. I'll be following this thread to see if anything comes of this recovery downgrading
I'm pretty sure you can edit the props from what I can remember.
Sent from my XT907 using xda app-developers app
bryanwieg said:
I found that I can put recovery all the way back to 98.15.66. I haven't tried further back due to kernel version.
I tried to then apply an update ZIP to something pre 98.30.1, and it passed validation (woohoo), but if failed an assert that checked the version in the props. (cry)
I wish there was something in the older recoveies we could exploit.
Click to expand...
Click to collapse
You can use root eplorer free to extract the single img from the 404 or 411 xml.zips
---------- Post added at 10:44 AM ---------- Previous post was at 10:39 AM ----------
Here http://sbf.droid-developers.org/phone.php?device=8
---------- Post added at 10:48 AM ---------- Previous post was at 10:44 AM ----------
The razr hd (2), atrix hd, photon Q all use a recovery w/ same key. Git to work man!
Re:
So, it is RSD that is keeping it from flashing, would the bootloader(locked) boot a recovery partition that isn't signed? Has anybody tried to dd the recovery partition? I will grab a TWRP dd recovery image if you guys have an interest in trying that.
It would still require root and either a terminal emulator or adb shell.
815turbo said:
So, it is RSD that is keeping it from flashing, would the bootloader(locked) boot a recovery partition that isn't signed? Has anybody tried to dd the recovery partition? I will grab a TWRP dd recovery image if you guys have an interest in trying that.
It would still require root and either a terminal emulator or adb shell.
Click to expand...
Click to collapse
Am I alone here now?
Does anyone with a locked boot loader want to try this? I could create a windows shell script to make it easier if that's the worry.
I am willing to try it out. Win 7 64bit... pass me needed staf to flash it
Sent from my XT907 using xda app-developers app
please do
815turbo said:
Am I alone here now?
Does anyone with a locked boot loader want to try this? I could create a windows shell script to make it easier if that's the worry.
Click to expand...
Click to collapse
sure do, i'm on win8, but also had win xp, how can i do it? what to download, what to execute? i can adb shell i think. i've survived from bricked before the screen said "flash failure".
benya274 said:
sure do, i'm on win8, but also had win xp, how can i do it? what to download, what to execute? i can adb shell i think. i've survived from bricked before the screen said "flash failure".
Click to expand...
Click to collapse
I'll post it in just a few minutes. I will also post the required commands and we'll be backing up current recovery. If it fails, it should be no problem to restore your backed up recovery.
Download TWRP image on your phone from: titanroms.com/upload/rec.img
Please get to an adb prompt and run these commands:
su
cd /sdcard
dd if=/dev/block/platform/msm_sdcc.1/by-name/recovery of=/sdcard/recbak1.img
dd if=/dev/block/platform/msm_sdcc.1/by-name/recovery of=/sdcard/recbak2.img
Please ensure that both copies are 10MB. The dd command should end by saying "10485760 Bytes Copied" on all of the "dd" commands.
Now, you should have two backups of the recovery partition and the TWRP Image you downloaded from here all on your sdcard.
You can follow with these commands AFTER your backup has completed.
cp /sdcard/Download/rec.img /sdcard/rec.img
dd if=/sdcard/rec.img of=/dev/block/platform/msm_sdcc.1/by-name/recovery
dd if=/dev/block/platform/msm_sdcc.1/by-name/recovery of=twrprecbak.img
mount -o remount,rw /system
mv /system/etc/install-recovery.sh /system/etc/install-recovery.bak
mv /system/recovery-from-boot.p /system/recovery-from-boot.bak
reboot recovery
In the event of a failed attempt at this you can run the following from adb:
su
cd /sdcard/
dd if=/sdcard/recbak1.img of=/dev/block/platform/msm_sdcc.1/by-name/recovery
Give me a holler if you don't understand this well. Good luck, guys.
I am gonna try it out tomorrow,i dont have time to do it tonight cause i need to go to work. My pc on work does not have internet connection I will keep u guys posted on any progress.
Sent from my XT907 using xda app-developers app
Just wanted to say I flashed the old ICS recovery to mine using fastboot commands but it didn't get me very far though.if I then try and flash the corresponding blur zip from recovery it just says invalid signature. Was trying to find a way to downgrade so I could get rooted..
Sent from my XT907 using Tapatalk
My I467 because I wanted ROOT. I was in a state with ODIN 4.4.2 NI2 4.1.2MF1 firmware upgrade
Now the plate could not be activated ..
I find all posts
Only find NI2 the boot.img file .. Is there NI2 official reocvery file?
If there is an official RECOVERY .... flat NI2 should be able to seek to live together!
Posts NI2 boot file in the http://forum.xda-developers.com/showpost.php?p=57025810&postcount=18
Request @muniz_ri help! PLZ !!!!!
!!nobody?!
lovehuiping said:
!!nobody?!
Click to expand...
Click to collapse
How would one pull a Recovery/img? I'll gladly help in any way
K1979C20 said:
How would one pull a Recovery/img? I'll gladly help in any way
Click to expand...
Click to collapse
Need root to pull image. We ain't got no root.
TMartin said:
Need root to pull image. We ain't got no root.
Click to expand...
Click to collapse
Well crap. If we need root in order to pull those, how would we give chainfire the recovery.img so he can make a root?
---------- Post added at 05:12 PM ---------- Previous post was at 04:54 PM ----------
Sorry to double post, but I believe using adb in ubuntu I can pull the recovery.img. Just need to know where to look/file name. Searching "recovery" pulls up quite a number of files. any suggestions?
Recovery partition is located on this block "/dev/block/mmcblk0p10" so if u can pull the block and convert into an img format your good!!! Plus you might wanna pull "/system/etc/recovery-resource.dat" and rename it "recovery-resource.zip
RootSuperSU said:
Recovery partition is located on this block "/dev/block/mmcblk0p10" so if u can pull the block and convert into an img format your good!!! Plus you might wanna pull "/system/etc/recovery-resource.dat" and rename it "recovery-resource.zip
Click to expand...
Click to collapse
I literally had just discovered that mmcblk0p10 is the recovery. Although adb pull of that file fails, it will allow me to adb backup that file. But when it says backup complete on my tablet, the file is nowhere to be found on my computer. not sure where to go from here. Maybe I'm not doing adb backup correctly? Here is the script I entered:
adb backup /dev/block/platform/dw_mmc/mmcblk0p10 C:\backup.ab
But no dice. Backup.ab does not exist in C:/
Edit: found backup.ab after a very long search of my C:\.
Now I just need to find a way to "decrypt" it and convert it.
K1979C20 said:
I literally had just discovered that mmcblk0p10 is the recovery. Although adb pull of that file fails, it will allow me to adb backup that file. But when it says backup complete on my tablet, the file is nowhere to be found on my computer. not sure where to go from here. Maybe I'm not doing adb backup correctly? Here is the script I entered:
adb backup /dev/block/platform/dw_mmc/mmcblk0p10 C:\backup.ab
But no dice. Backup.ab does not exist in C:/
Edit: found backup.ab after a very long search of my C:\.
Now I just need to find a way to "decrypt" it and convert it.
Click to expand...
Click to collapse
Thank every reply, and now can only wait for it?
lovehuiping said:
Thank every reply, and now can only wait for it?
Click to expand...
Click to collapse
Sorry, not sure I understand your question.
Update on my back up file....
I managed to soft brick my laptop while installing Ubuntu. Cant boot into ubuntu, or windows. Also, the power supply on my PC took a dirt nap. So im at a stand still until I can get one of these machines up.and running again.
K1979C20 said:
Sorry, not sure I understand your question.
Update on my back up file....
I managed to soft brick my laptop while installing Ubuntu. Cant boot into ubuntu, or windows. Also, the power supply on my PC took a dirt nap. So im at a stand still until I can get one of these machines up.and running again.
Click to expand...
Click to collapse
thank you,,,PLZ give me links..
TMartin said:
Need root to pull image. We ain't got no root.
Click to expand...
Click to collapse
You can use KingoRoot to root the Note 8.0 i467.
[OBSOLETE THREAD]
This thread is obsolete. A solution was found, which is posted here:
http://forum.xda-developers.com/g4/help/method-to-root-lg-g4s-model-h735-lg-g4-t3248030
Please use the new thread for discussions.
------------------------
Original thread:
------------------------
Hi,
I have been trying to root the LG G4S (H735), also known as "LG G4 Beat".
I tried two things:
Approach 1
I tried the method posted by konsolen in this thread:
http://forum.xda-developers.com/g4/general/lg-g4s-world-root-lg-devices-t3231759
but it didn't work for me. I tried several times with varying approaches, but the boot process always gets stuck on the LG logo.
Approach 2
I also tried to inject the root as suggested in this thread for the G4:
http://forum.xda-developers.com/g4/help/rooting-lg-h735-g4-beat-t3192491
I've used the Inject_Root_G4.zip from this link, which I believe is the same shared elsewhere:
https://mega.nz/#!BIxUzbqI!nt2YnGnGQlSiBQ-Ar-c-q7oDMIEsg6xd0Kmek-q0clg
And I get the same problem - stuck on the LG logo when booting.
For anyone who wants to reproduce Approach 2 to maybe find a solution:
1. Start up LGFlashTool2014. You can follow instructions in thread by konsolen (see Approach 1 above). You can use his .kdz file as well. Important: Pull out your USB cable as soon as the green letters COMX (with a number instead of X) appear on the phone. My flashtool actually didn't display the progress percentage, but apparently this at 9%. It doesn't matter if you don't see the percentage though, I've verified with this KDZ image that if you pull the cable at the very moment the green letters appear, nothing is corrupted. The phone will still display 0%. Leave it as it is after you unplugged the cable.
2. Kill your flash tool with the windows task manager. After it closed, you can plug the phone back in and open a windows command line in the folder where your Send_Command.exe is (you can download the package in konsolen's instructions which contains Send_Command.exe as well).
3. Open the console to your phone with
Code:
Send_Command.exe \\.\COMX.
(with your number instead of X)
You will have to do steps 1-3 every time you want to get this console, for example to run all the dd commands below.
4. Calculate the dd parameters and backup your system partition into a .img file. There is an excellent guide by dominik-p for how to determine your individual dd parameters:
http://forum.xda-developers.com/g4/help/how-to-determine-dd-parameters-lg-g4-t3184867
5. Keep a copy of your system.img somewhere safe, you can use it to restore your system if something goes wrong. So don't use this original in the next steps!
6. Copy the .img file to a linux system and mount it. I'm guessing who is trying this knows how to do this. Anything you change in the folder you mounted the image on, will be saved in the image. You can then use this updated image to overwrite your original system partition, again with dd (as described in the thread by dominik-p) using your parameters. So here's the crucial bit: You get root access to your system files via linux. When you know the right things to mess with, you can root your phone with the updated image. Injecting the root as done in step 8 is one way to change the system on the G4 in order to root it.
7. [Optional] If you are new to this, you may want to do a simple test before you continue.
Create a testfile (test.txt) on the mounted system partition. Then copy the .img file back to your phone and try to "dd" it back over your system partition.
Then, check if you see the test file on your system partition -- you may have to reboot the phone after the dd command (and log back in with Send_Command.exe) in order to see the updates.
8. Inject root with the Inject_Root_G4.zip on the mounted folder of the image on your linux system. You can follow instructions (Step 2) here:
http://forum.xda-developers.com/g4/general/lg-g4-100-root-success-directives-root-t3180586
9. Copy the new img file to your phone and "dd" it over your system partition, using your own dd parameters.
10. Reboot the phone (you can also just type LEAVE in the Send_Command.exe console).
Now, it should be rooted - if it worked for you!
If it worked for you, that's great. It didn't for me, it got stuck on the LG logo in the boot process again. So I had to write my original system.img back onto my system partition to get the phone back.
I did get the following errors in Step 8 above, though I did try anyway to use the resulting image. The errors may have something to do with my problem, but it may also be because the inject root is for the G4, not the G4s.
Code:
sudo ./autoroot.sh
cp: cannot create regular file ‘operatingtable/lib64/libsupol.so’: No such file or directory
chmod: cannot access ‘operatingtable/lib64/libsupol.so’: No such file or directory
chcon: cannot access ‘operatingtable/lib64/libsupol.so’: No such file or directory
chmod: cannot access ‘operatingtable/bin/app_process64_original’: No such file or directory
chcon: cannot access ‘operatingtable/bin/app_process64_original’: No such file or directory
chmod: cannot access ‘operatingtable/bin/app_process_init’: No such file or directory
chcon: cannot access ‘operatingtable/bin/app_process_init’: No such file or directory
If anyone finds a solution to this, or has any ideas what could be tried, I would be very interested to hear it. I'm new to rooting phones and don't have much experience beyond what I did in the last days.
Cheers
Jennifer
jen.magnolis said:
4. Calculate the dd parameters and backup your system partition into a .img file. There is an excellent guide by @dominik-p for how to determine your individual dd parameters:
http://forum.xda-developers.com/g4/help/how-to-determine-dd-parameters-lg-g4-t3184867
Click to expand...
Click to collapse
Happy that my guide has helped you
As I said here:
http://forum.xda-developers.com/g4/help/rooting-lg-h735-g4-beat-t3192491/page5
Everyone who is interested to inject root must edit the autoroot.sh from the inject.zip and use the correct files from SuperSU
More information about the files:
https://su.chainfire.eu
Maybe you have to use other files. Not the files from the inject.zip
Download the Update-SuperSU zip from http://download.chainfire.eu/supersu
Copy the files you need to the "su" folder of the extracted inject.zip
For information which files are needed read the "update-binary" file from the SuperSU zip.
(located here META-INF/com/google/android/update-binary)
Good luck everyone :good:
Thanks again for the links! I'll try again soon, when I get time for it, and report the results here
By the way, here's the ls -lR of my system.
Ok, no problem, take your time.
I've got also lot of other work to do...
I just read your system.txt (thanks)
According to these lines:
Code:
lrwxr-xr-x. 1 root 2000 13 Aug 24 02:05 app_process -> app_process32
-rwxr-xr-x. 1 root 2000 13588 Aug 24 02:05 app_process32
It seems that the firmware is 32 bit.
More info about your firmware is in /system/build.prop
So you have to take the right lines from update-binary and copy them and edit the autoroot.sh
Please don't ask me which lines. It's a bit difficult... (you have to understand the logic in update-binary)
Then copy the files from the right folder (arm?) to the "su" folder.
Sorry. I'm out now here for the next time. I have a H815 and happy with it.
I think you will find the solution. :good:
Custom Recoverys
Hi All
Are there any custom recovery's for the G4 beat/G4s
Thanks
Thanks dominik-p for your help. Good luck with your other work, don't worry I won't distract you with asking questions You already helped a lot.
benji5688, you can check for official firmware (.kdz file) on this link, pasting your IMEI instead of YOUR-IMEI in the link below.
http://csmg.lgmobile.com:9002/csmg/b2c/client/auth_model_check2.jsp?esn=YOUR-IMEI
I did not find any for mine there, but I did find it on
http://devtester.ro/projects/lg-firmwares/
Which brought me to this link where I could find mine:
http://pkg02.azure.gdms.lge.com/dn/downloader.dev?fileKey=FW703UV132GQAUP7A0ED99N/H73510c_00.kdz
but you should look for your specific model.
jen.magnolis said:
Hi,
I have been trying to root the LG G4S (H735), also known as "LG G4 Beat".
I tried two things:
Click to expand...
Click to collapse
LOL
I did the exact same thing as you, and really the EXACT, I also contacted dominik-p for the same problem you got with the bs. LOL
Was about to do the same thing you did here too just told that to dominik-p lol.
You post is great, well detailled. Hope someone found something
But got something different. my phone is the LGH731 LG G4 Vigor from Videotron in Canada.
If someone need files or system.img LINK
That's not the exact same thing as the post owner but i'm pretty sure the root method will be. (DON'T use this system.img to inject in you H735) it's from a H731 and they don't have the same partition size.
Ha, that's funny, and you got the same problem of course (frozen logo boot).
We will find a solution. It's just a matter of time. I'm a bit pressed for work in the next days but I'll get back into it around mid week. I think the main problem was, as I suspected and also as dominik-p pointed out, we've been using the wrong inject files. And the G4s is 32 bit so obviously it won't work with 64 bit libs.
First thing I'll try is using the other files from the link dominik-p shared. I'll also read the guide and try to understand which files need to be changed to gain root access in general, i.e. learn the basics of how to root. Then I think/hope I'll be able to fix this. And finally get to move all my stuff onto SD and get my storage back
Meanwhile, if you get any new results, let me know.
Cheers
jen.magnolis said:
Ha, that's funny, and you got the same problem of course (frozen logo boot).
We will find a solution. It's just a matter of time. I'm a bit pressed for work in the next days but I'll get back into it around mid week. I think the main problem was, as I suspected and also as dominik-p pointed out, we've been using the wrong inject files. And the G4s is 32 bit so obviously it won't work with 64 bit libs.
First thing I'll try is using the other files from the link dominik-p shared. I'll also read the guide and try to understand which files need to be changed to gain root access in general, i.e. learn the basics of how to root. Then I think/hope I'll be able to fix this. And finally get to move all my stuff onto SD and get my storage back
Meanwhile, if you get any new results, let me know.
Cheers
Click to expand...
Click to collapse
Yes i'm trying this today (the 32-64 bits thing)
Custom recovery
What does this file do though?
Is it a custom recovery or is it the stock rom?
Thanks Benji
benji5688 said:
What does this file do though?
Is it a custom recovery or is it the stock rom?
Thanks Benji
Click to expand...
Click to collapse
It's the stock ROM. It can be used for recovery, depending what your problem is. If you destroyed your ROM by trying to root, you can recover with this.
If you mess with something in your system partition (where the Android OS is installed), you'd need a copy of your individual system partition (like a "backup") to restore. This highly depends on your phone/version, so you have to do this backup yourself. You can follow the instructions with the dd parameters, linked to from the main thread.
Are there any custom recoverys
Hi
Are there any custom recovery available, I want to get Xposed.
Can anyone make one?
Thanks for all the help
benji5688 said:
Hi
Are there any custom recovery available, I want to get Xposed.
Can anyone make one?
Thanks for all the help
Click to expand...
Click to collapse
I far as I know to get Xposed you need to be rooted... Well there is no root method availaible, well you can try the methods that Jen explained here but I doubt they will work... if yes, you lucky ****
Is the g4s running marshmallow? Is so you would need to use a compatible su install.
Sent from my VS986 using XDA Free mobile app
larsdennert said:
Is the g4s running marshmallow? Is so you would need to use a compatible su install.
Sent from my VS986 using XDA Free mobile app
Click to expand...
Click to collapse
No the problem is really just changing the 64 bits command to make then use the 32 bits ones
I manage everything except this one
Code:
chcon --reference=operatingtable/bin/app_process32 operatingtable/bin/app_process64_original
I agree with xsteacy, this will most likely not work, that's why we opened this discussion
We just have to find the right files to use (instead of the 64 bit ones).
I will get back onto the subject by Wednesday when I have time.
I solved it! My phone is rooted
I asked someone to test my script before I post the results. Hang on there, tomorrow I'll post the solution.
Good times!
jen.magnolis said:
I solved it! My phone is rooted
I asked someone to test my script before I post the results. Hang on there, tomorrow I'll post the solution.
Good times!
Click to expand...
Click to collapse
0.0 OH!?
Ok I'm putting it out there for others to test as well.
Please report if it worked so I can take this into account before updating the main thread instructions.
In the attached .zip file there is a README with instructions.
Note: Thanks goes to @konsolen who shared instructions on how to open the COM port on the H735.
The script in konsolens post is essentially the upater-binary script of the SuperSU package, but with a few modifications.
That may have been necessary on konsolens phone, but it didn't work on mine. For me, using the original script worked.
However, the zip file has to be extracted manually with busybox before the updater-binary script is started. I am not
sure if busybox absolutely needs to be in the /sbin folder, but that's where I saw elsewhere that it belonged, so
I moved it over there in my script. I haven't tested this with busybox being elsewhere.
Thanks goes also to @dominik-p for sharing the link to excellent documentation and for his instructions on how
to make a backup (with dd) of your system, in case anything goes wrong.
UPDATE: I did all commands in root_lgh375.sh manually when I found it already worked, so please report if all is good with the script, but I think it should be, it only does what I did manually.
Congratulations @jen.magnolis
Well done
Already extracted mmcblk0 can be found on the following thread here
Can someone with a rooted stock rom please pull the following partition and upload it here
Requirements
Rooted moto g5
TWRP recovery
Blank micro sd card (at least 32gb)
make sure adb debugging in enabled in dev options
enter TWRP recovery
Follow instructions from here but amend the extract command with the values given below
https://forum.xda-developers.com/showpost.php?p=76795590&postcount=1
If you have a 32gb varient use
dd if=/dev/block/mmcblk0 of=/storage/<STORAGE-ID>/mmcblk0.img bs=1048576 count=29820
and if you have a 16gb varient use
dd if=/dev/block/mmcblk0 of=/storage/<STORAGE-ID>/mmcblk0.img bs=1048576 count=14910
Please note this partition will be very large so compress it in a zip file as best you can and you will obviously need good internet connection and file storage to upload it
Please also enclude what varient the mmcblk0 was taken from with your upload
How to here
https://forum.xda-developers.com/showpost.php?p=76795590&postcount=1
but what we need is someone who has a motorola g5 cedric xt1671 that has root and twrp and can provide us with that file to be able to revive our cell phones
I don't have the stock ROM will it be fine
abhimanyuk said:
I don't have the stock ROM will it be fine
Click to expand...
Click to collapse
Prefer stock but it should work if you have a custom rom too
TheFixItMan said:
Prefer stock but it should work if you have a custom rom too
Click to expand...
Click to collapse
But it will include my device all info like imei serial number etc.
Will it be safe.
abhimanyuk said:
But it will include my device all info like imei serial number etc.
Will it be safe.
Click to expand...
Click to collapse
I'm asking for the bootloader block - I believe imei is on another partition
Either way it's up to you if you want to provide files
Google and research
TheFixItMan said:
I'm asking for the bootloader block - I believe imei is on another partition
Either way it's up to you if you want to provide files
Google and research
Click to expand...
Click to collapse
I was getting an error with that command so I have listed out all the partitions you can let me know which partition you need.
Device : XT1677
Variant: Amazon
ROM: Custom
abhimanyuk said:
I was getting an error with that command so I have listed out all the partitions you can let me know which partition you need.
Device : XT1677
Variant: Amazon
ROM: Custom
Click to expand...
Click to collapse
Try using the instructions here
With my method you probably have to mount the partition & I can't remember the commands
https://forum.xda-developers.com/showpost.php?p=76795590&postcount=1
If you don't have Linux/Ubuntu I presume you can use the terminal window in twrp - as long as it can get root access but better using Linux/Ubuntu either as stand alone or a virtual machine
TheFixItMan said:
Try using the instructions here
With my method you probably have to mount the partition & I can't remember the commands
https://forum.xda-developers.com/showpost.php?p=76795590&postcount=1
If you don't have Linux/Ubuntu I presume you can use the terminal window in twrp - as long as it can get root access but better using Linux/Ubuntu either as stand alone or a virtual machine
Click to expand...
Click to collapse
I have Linux installed. I will do that tomorrow Hope we will get the desired result.
Can anyone create a link for me to download this mmcdlk0 for the bike g5 xt 1672? because I need to put in a micro, so I recover my defective device in the bootloader. Thank you!
I'm still waiting for someone to provide the mmcblk0 partition
If you have a working rooted moto g5 see the first post
what's new, nobody could get the mmcblk0 file or esque do not want to help, this is the last straw.
just because I do not have another motorcycle g5 but towards the attempt, but good.
but it will be necessary to take it with a technician to the end that already came out a method to revive it through a box precisely Medussa pro, but we see light in that help us in this I think it will be the only alternative so far, or wait for the blank to come out flash that as I see it will take time.
what's new, nobody could get the mmcblk0 file or esque do not want to help, this is the last straw.
just because I do not have another motorcycle g5 but towards the attempt, but good.
but it will be necessary to take it with a technician to the end that already came out a method to revive it through a box precisely Medussa pro, but we see light in that help us in this I think it will be the only alternative so far, or wait for the blank to come out flash that as I see it will take time.
---------- Post added at 03:15 AM ---------- Previous post was at 03:11 AM ----------
https://www.youtube.com/watch?v=rJGsZuWkboo
You did it ?
gugsta said:
Can anyone create a link for me to download this mmcdlk0 for the bike g5 xt 1672? because I need to put in a micro, so I recover my defective device in the bootloader. Thank you!
Click to expand...
Click to collapse
You did it ? I'm having the same problem with the bike g5 xt1672 could you help me
dalissonetcaf said:
You did it ? I'm having the same problem with the bike g5 xt1672 could you help me
Click to expand...
Click to collapse
We are awaiting someone to upload the mmcblk0 partition for this device
Until that happens there is currently no known solutionn (other than motherboard replacement or specialist flash boxes) to revive a moto g5 with no access to the bootloader
Hi, I'm trying to make the mmcblk0.img but with the bs and count that says in the g5 forum, it only weighs 4GB.
can you give me the data
I think it has to do with the ram, the G5S is 3.
Happiness777 said:
Hi, I'm trying to make the mmcblk0.img but with the bs and count that says in the g5 forum, it only weighs 4GB.
can you give me the data
I think it has to do with the ram, the G5S is 3.
Click to expand...
Click to collapse
It's because of the file system. Fat32 can only handle files up to 4GB. Best way to get around this, is to first format the sdcard in exFAT or ext4 on your computer (sdcard reader).
Here is a mmcblk0 image someone sent me
Unzip it
Use an sd card boot image tool to create a bootable sdcard with the image (one that can handle a dd image)
You may need to format the sd card to ext4
If it works it may take a long time before it does boot from sd card
mmcblk0.zip
See below for how to write image
https://www.embeddedarm.com/blog/how-to-write-an-sd-card-image-linux-windows-mac-osx/
my mmcblk0 weighs 27.9 Gb (30,000,000,000)
Is it the right size?
Happiness777 said:
Friend and created the mmcblk0 but I am in doubt if the size is accurate
Click to expand...
Click to collapse
Either that link doesn't work or it's not accessible to me
Make sure the sd card is formatted to ext4 when you create the image
The image I posted is 15gb (once unzipped) but since I don't have this device I can't check it