Hi, time progressed.... is there any noob/the easiest way at this moment to gain S-OFF (and back to S-ON)???
Any one click program etc....?
Found HTC Supertool v3, but not tried this and not sure that is functional on WFS.
THX for your reply!!!
So far just XTC clip can get you a S-Off.
So it makes me disappointed
I thought, that there is much more possibilities -> downgrade hboot and then use some S-OFF apps etc etc etc (Although more complicated, but at least something). But it seems not really.
Realy ONLY XTC clip?
So what is major disadvantage when i have only unlocked hboot + s-on? Can someone explain it to me?
Nikishek said:
So it makes me disappointed
I thought, that there is much more possibilities -> downgrade hboot and then use some S-OFF apps etc etc etc (Although more complicated, but at least something). But it seems not really.
Realy ONLY XTC clip?
So what is major disadvantage when i have only unlocked hboot + s-on? Can someone explain it to me?
Click to expand...
Click to collapse
yup only XTC Clip.
The disadvantage is that we can't change system partition size.
But it doesnt bother me much.
Related
I have had a few pm's from users asking for help rooting their phone.
The reason your device may not bee rooted is because your phone is not S-off
Gingerbreak only works for S-off devices and as mine is S-off it allows me to root my phone.
So remember people if you want root at the moment you need S-off and the only way is by using the xtc clip.
Hi imlgl, and thanks for these news.
I am new with Android Stuff, and I am just wonder about "S". I own a Wildfire S.
But what does it mean to have an "S" phone, and what are the advantage and disadvantage to make one S-off?
thanks
Hi.
The S just stands for the new version of the Wildfire. The same as the Incredible S and Desire S.
S-off allows you to have full root accesss to the phone with no limitations. And it also allows rooting as the new phones have the encrypted bootloader. There are many advantages to S-off some of which I don't even know.
hi,
thanks, and do you think it will never work without this xtc clip?
bye
Andy
Not for the time being. There could be an exploit which allows no hardware, or HTC could unlock the bootloader for the Wildfire S
Folks,
Just wondered if Revolutionary is working on a Wildfire S (My Son's phone) solution for S-OFF'ing ?
gol_n_dal said:
Folks,
Just wondered if Revolutionary is working on a Wildfire S (My Son's phone) solution for S-OFF'ing ?
Click to expand...
Click to collapse
Had you used the search function, you wouldn't be wondering anymore...
OK!!!!I Know many S-ON users might be itching to s-off there devices and desparately waiting for it to come..to be frank I'm with you guys
So after some looking and thinking I have theorised a few things that I want to share as we wait.....These might not be true 'cause its just a theory
1-Our WFS' currently weren't able to get s-offed because of goldcard problems.
2-The XTC-Clip makes goldcards in some different manner which is why our goldcards don't work
3- The model A510C(CDMA) can be s-offed easily without an XTC-Clip because it doesn't have a sim card slot(correct me if I'm wrong).And also the XTC-Clip couldn't s-off this model....so good for them
4-We need some dev's help in finding out how the XTC-Clip makes goldcards(reverse engineering maybe??)
5-The current goldcard tools won't do any good for WFS' other than the A510C
6-Dont ask me anything just now because I'm on my bed typing this post on my S-ON WFS and its about 1 A.M. here
XTC clip makes the goldcard like any other program, or how you do it manually. It's the actual xtc clip which does all the unlocking. You could make your own goldcard and use the xtc clip and it will still S-off
Yeah, but it's in the hardware mate not in the software, i.e. not the goldcard. It's something that the clip actually does.
As I said It's just a theory......I actually don't know how the XTC-Clip works cuz I don't have it and I'm unable to buy one(not available easily here and too damn expensive for 1 time use)
why have to keep making useless new threads in regards to this?? can't just post this in one of already 3-4 s-ff without xtc clip threads????
Anyways you need xtc clip to s-off... has nothing to do with gold card being made with xtc clip.
I heard that NOOK is permanently rooted without unlocking the bootloader by a XDA Dev.....why dont we request to XDA DEVS to root this thing.......a moderater can help.....
Sorry for asking this but I come from Desire HD and things seem more straight forward there in regards to root and custom roms.
I see that WFS is rootable but then S-OFF has not been broken yet. What's the difference with XTC-Clip then?
From what I understood, the only way to root WFS is XTC-CLIP which allows you to have root access, install custom ROM and recovery but it will not allow you to install radio and kernel? Please correct me if I'm wrong.
My main requirement is to be able to install apps on sd and use apps like titanium backup to freeze/remove bloatware. What do I need for this?
I see that I can upgrade to latest 2.3.5 since it's not available for my region. If I do so, will it still be rootable or I will lose this and then need to downgrade like with DHD?
Again I apologise for asking all these but you see I follow a complete forum on DesireHD and I don't have time reading here as well. I want to complete this as fast as possible for my wife.
EDIT: Oh now I see, XTC-Clip is hardware. So apart from using this, WFS is non-rootable unless S-Off is achieved?
andreasy said:
Sorry for asking this but I come from Desire HD and things seem more straight forward there in regards to root and custom roms.
I see that WFS is rootable but then S-OFF has not been broken yet. What's the difference with XTC-Clip then?
From what I understood, the only way to root WFS is XTC-CLIP which allows you to have root access, install custom ROM and recovery but it will not allow you to install radio and kernel? Please correct me if I'm wrong.
My main requirement is to be able to install apps on sd and use apps like titanium backup to freeze/remove bloatware. What do I need for this?
I see that I can upgrade to latest 2.3.5 since it's not available for my region. If I do so, will it still be rootable or I will lose this and then need to downgrade like with DHD?
Again I apologise for asking all these but you see I follow a complete forum on DesireHD and I don't have time reading here as well. I want to complete this as fast as possible for my wife.
EDIT: Oh now I see, XTC-Clip is hardware. So apart from using this, WFS is non-rootable unless S-Off is achieved?
Click to expand...
Click to collapse
If you make your phone s-off with the XTC clip you can root your phone or flash anything you want..
You have to be s-off to remove bloatware by HTC.
You can upgrade to 2.3.5 and it will still be rootable if you s-off it..
Thanks. However, I'll need to buy that clip which I don't intend to right now so for me, it's not rootable until S-OFF is managed. Correct?
But there's a temproot http://forum.xda-developers.com/showthread.php?t=1296916 here..
You can find a shop near you that has the clip and unlock it.
1. How S-ON after XTC-CLIP ? Riff Box help ?
2. How send command [email protected]=7,1 ?
Kamil1987 said:
1. How S-ON after XTC-CLIP ? Riff Box help ?
2. How send command [email protected]=7,1 ?
Click to expand...
Click to collapse
sorry to burst your bubbly man but xtc clip is NOT reversible. end of. it doesn't save any backups of what it changes at all so your stuck like.
no program will give you s-on, or return you to your orginal simlock or cid as xtc clip changes the secure-flag and deletes the rest....
Yesterday i turned on S-ON after XTC-CLIP in HTC Wildfire and HTC Legend, in HTC Desire S still does not work. In the evening I'll check on HTC Wildfire S
Kamil1987 said:
Yesterday i turned on S-ON after XTC-CLIP in HTC Wildfire and HTC Legend, in HTC Desire S still does not work. In the evening I'll check on HTC Wildfire S
Click to expand...
Click to collapse
what? how? just so we are clear you have managed to take a s-offed htc wildfire by xtc clip and make it s-on again?!?!
Secret On HTC Wildfire S also working but HTC Desire S not working.
On HTC Desire Z not working.
Kamil1987 said:
Secret On HTC Wildfire S also working but HTC Desire S not working.
Click to expand...
Click to collapse
What is the point in posting if your not going to share. I have no need for this but it pissed me off when people come on glory and money hunting,cos if you didn't intend making any money from this then you would share.
For me you can just jog on.
UTID
slymobi said:
What is the point in posting if your not going to share. I have no need for this but it pissed me off when people come on glory and money hunting,cos if you didn't intend making any money from this then you would share.
For me you can just jog on.
UTID
Click to expand...
Click to collapse
+1 this is a community based on helping and sharing information and ideas. what is the point of trying to come off with comments like that? are you just trying to get a kick out of it are you generally trying to piss people off?? i bet your just some kid somewhere trying to get jollys from people who took the plunge with the xtc clip as rev. wasnt about.
come back when you ACTUALLY have something of use or you grow up. and i dont expect either soon.
heavy_metal_man said:
+1 this is a community based on helping and sharing information and ideas. what is the point of trying to come off with comments like that? are you just trying to get a kick out of it are you generally trying to piss people off?? i bet your just some kid somewhere trying to get jollys from people who took the plunge with the xtc clip as rev. wasnt about.
come back when you ACTUALLY have something of use or you grow up. and i dont expect either soon.
Click to expand...
Click to collapse
sorry to bump a old thread he lie's it is NOT possible on ANY device. as all data is wiped when secure flag is wiped NO WAY BACK. as you cannot write that deleted data back to the phone. even if you got hold of the needed data you still wouldnt be able to flash it. and did u notice how quick he was between his posts saying desire z works or watever then wildfire s worked its lie's the guys a fool.
I'm also interested in putting back S-ON after having used the XTC clip to make it S-OFF. But what interests me is a general method that would work on any device (compatible with the XTC clip of course).
I think it is possible because I managed to make it work on the Desire Z with the following method:
1) use XTC clip to make the device S-OFF.
2) use gfree to make it back S-ON. (https://github.com/tmzt/g2root-kmod/tree/master/scotty2/gfree)
But the thing is: gfree is using a vulnerability only available on the HTC Desire Z so it does not work on all devices.
Any ideas?
well, once you have s-off you can map the all of the nand via fastboot kernal commands, but like the wildfire s we would need to work out the size of all the partitions and "write in" the information for the radio. if we did that and then xtc clipped a buzz on the revolutionary hboot it may show you where the the s-0n s-0ff "bit" is. then, in theory you could write to the nand and overwrite the bit to change it. in theory this would also work to properly s-0ff the device so all hboots could be flashed. but that would imply that the s-0ff s0n bit is actually in the unmapped partition of the nand. i would like to try this idea just to see how far we could get, as i may be getting another s-on buzz in july but we would have to get the mappings for the mtd partitions. oh, and gfree only works on emcc devices i think, thats why it wont work for us as it is mtd.
gfree only works on devices that use emmc and have this vulnerability, that is to say only the HTC Desire Z...but it does not matter.
Be careful with what is below, it may brick your device so do it at your own risk.
I managed to set the S-ON flag back on the HTC Desire Z with the following command: [email protected]?7,1. This can be sent to the device by first putting the device in HBOOT mode, then issuing "rtask C" and then talking to the radio with AT commands (see http://tjworld.net/wiki/Android/HTC/Vision/RadioAnalysis#TalkingtotheRadio).
But it did not work on a HTC Desire S.
heavy_metal_man said:
well, once you have s-off you can map the all of the nand via fastboot kernal commands, but like the wildfire s we would need to work out the size of all the partitions and "write in" the information for the radio. if we did that and then xtc clipped a buzz on the revolutionary hboot it may show you where the the s-0n s-0ff "bit" is. then, in theory you could write to the nand and overwrite the bit to change it. in theory this would also work to properly s-0ff the device so all hboots could be flashed. but that would imply that the s-0ff s0n bit is actually in the unmapped partition of the nand. i would like to try this idea just to see how far we could get, as i may be getting another s-on buzz in july but we would have to get the mappings for the mtd partitions. oh, and gfree only works on emcc devices i think, thats why it wont work for us as it is mtd.
Click to expand...
Click to collapse
1) Could you develop on your "fastboot kernal" commands ? How do you do what you are talking about ?
2) I know where the security flag is for the HTC Desire Z but not for the Desire S, I would need to backup all the partitions, S-OFF it and then make a diff to identify it.
saidelike said:
gfree only works on devices that use emmc and have this vulnerability, that is to say only the HTC Desire Z...but it does not matter.
Be careful with what is below, it may brick your device so do it at your own risk.
I managed to set the S-ON flag back on the HTC Desire Z with the following command: [email protected]?7,1. This can be sent to the device by first putting the device in HBOOT mode, then issuing "rtask C" and then talking to the radio with AT commands (see http://tjworld.net/wiki/Android/HTC/Vision/RadioAnalysis#TalkingtotheRadio).
But it did not work on a HTC Desire S.
1) Could you develop on your "fastboot kernal" commands ? How do you do what you are talking about ?
2) I know where the security flag is for the HTC Desire Z but not for the Desire S, I would need to backup all the partitions, S-OFF it and then make a diff to identify it.
Click to expand...
Click to collapse
Well, this idea actually belongs to the guys over at the wildfire s s-off campaign( had to be said )
The way it works is that you issue a kernal, or clockworkmod recovery for that matter, with new paramiters for the mtd partitions via fastboot and when that new kernal is loaded the "unmaped areas will then be mapped. Then as you said for point 2 you would dump both before and after the xtc clip and !hopefully! It would show the location of the s-off. The partition information will be device specific, so each device and hboot would need to be accounted for. But, the theory is solid. The only issue the wfs guys are having is trying to write to the nand. But with an s-off device I hope this wouldn't be an issue. If you head over to there s-off campaign you will find out alot more on this idea.
Sent from my HTC Sensation XE with Beats Audio using xda premium
heavy_metal_man said:
Well, this idea actually belongs to the guys over at the wildfire s s-off campaign( had to be said )
The way it works is that you issue a kernal, or clockworkmod recovery for that matter, with new paramiters for the mtd partitions via fastboot and when that new kernal is loaded the "unmaped areas will then be mapped. Then as you said for point 2 you would dump both before and after the xtc clip and !hopefully! It would show the location of the s-off. The partition information will be device specific, so each device and hboot would need to be accounted for. But, the theory is solid. The only issue the wfs guys are having is trying to write to the nand. But with an s-off device I hope this wouldn't be an issue. If you head over to there s-off campaign you will find out alot more on this idea.
Sent from my HTC Sensation XE with Beats Audio using xda premium
Click to expand...
Click to collapse
Great. Thanks for pointing me to [WFSdev][THE S-OFF CAMPAIGN] Kernal experts needed - exploit is being developed!. Even if they "only" want to get HBOOT S-OFF (different from radio S-OFF that we get with the XTC Clip), the idea behind consisting in using "fastboot boot" to boot a kernel and mapping the usually unallowed partitions differently is an idea that needs to be look at deeply.
The magic is with the following command:
Code:
./fastboot -c "mtdparts=msm_nand:[email protected](misc),[email protected](recovery),[email protected](boot),[email protected](system),[email protected](cache),[email protected](userdata),[email protected](devlog),[email protected](hboot)" boot recovery-clockwork-5.0.2.8-marvel.img
So today I got Desire Z. It's nice, I really love Sense 2.1 (or mostly it's LockScreen), but KK (with it ) would be better.
Now, as it's old phone and old forum, cannot find what and how to do.
I found this:
https://forum.xda-developers.com/htc-desire-z/help/complete-guide-to-root-downgrade-t3332619
Is that would I need to do or there is something easier?
Right now I have stock 2.42.405.3 and available update (6,55Mb so probably .4) and HBOOT-0.85.0013 with S-OFF (so previous user probably was playing with this device).
What I should do now?
ch3mn3y said:
So today I got Desire Z. It's nice, I really love Sense 2.1 (or mostly it's LockScreen), but KK (with it ) would be better.
Now, as it's old phone and old forum, cannot find what and how to do.
I found this:
https://forum.xda-developers.com/htc-desire-z/help/complete-guide-to-root-downgrade-t3332619
Is that would I need to do or there is something easier?
Right now I have stock 2.42.405.3 and available update (6,55Mb so probably .4) and HBOOT-0.85.0013 with S-OFF (so previous user probably was playing with this device).
What I should do now?
Click to expand...
Click to collapse
Hey buddy,
Take a look through the first few posts here
http://forum.xda-developers.com/showthread.php?t=2348266&page=16
It may seem like a lot but it will be worth it
So it seems that for fastboot I need this Engineering HBoot or after S-OFF I have full access?
Coz all guides for Eng HBoot are for downgraded devices and all the guides for downgrading are for S-ON devices...
However I've also found that Eng HBoot was used when S-OFF was not possible and now it's not recommended, what can mean that S-OFF gives access to Fastboot same way the Eng HBoot?
If ti is true, than flashing Recovery will be easy and than I can check Roms
I know I'm missing something, but cannot find it...
ch3mn3y said:
So it seems that for fastboot I need this Engineering HBoot or after S-OFF I have full access?
Coz all guides for Eng HBoot are for downgraded devices and all the guides for downgrading are for S-ON devices...
However I've also found that Eng HBoot was used when S-OFF was not possible and now it's not recommended, what can mean that S-OFF gives access to Fastboot same way the Eng HBoot?
If ti is true, than flashing Recovery will be easy and than I can check Roms
I know I'm missing something, but cannot find it...
Click to expand...
Click to collapse
Correct, you have what we call fake s-off and only gives you a bit of help flashing your phone, to get true s-off the preferred method is to go back to stock and then downgrade and root with gfree
Relatively easy but a few steps needed first
If you have a chance to go to g2root on freenode iirc there is a good likelihood that guhl is there and will walk you through it all
If not then feel free to ask again and i can lay out some instructions for you hete
demkantor said:
If not then feel free to ask again and i can lay out some instructions for you hete
Click to expand...
Click to collapse
If You have time I would be grateful for advices how ro get from GB fake S-OFF to Recovery..
If not I will try tonight or tomorrow with this channel You wrote
Sent using XT1562 - Resurrection Remix/Optimus Kernel
EDIT: It seems I have more time that I thought, so I'm checkin this g2root irc and waiting for someones answer
However if somebody could answer me one thing: With this fake S-OFF is it safe to downgrade using this method: https://forum.xda-developers.com/showthread.php?t=1178912
Is it needed?
And what exactly S-OFF gives? Fastboot access like this Eng HBoot (at the beginning thought that it's HBoot from UK DZ/G2 )? Coz thats what I need : to flash CWM and than KK.
Downgraded, flashed Eng HBoot and CWM and KK is here. But I dont like it [emoji14] GB is coming...
Sent using XT1562 - Resurrection Remix/Optimus Kernel