My HOX was in this rom & kernell tripndroid_endeavoru-ota-eng.noeri_002.zip
http://forum.xda-developers.com/showthread.php?t=1784185
after install tripndroid_endeavoru-ota-eng.noeri_003.zip and flash thats kernel([email protected] #2)
my device do not allow me to flash other kernel(in bootloader allow and flashing successful but in phone os show [email protected] #2) OR do not allow to lock boot loader AND in TWRP recovery all operation same as format system, data, install new rom and other operations doing successful but after reboot phone i see nothing happen, and see last rom with last kernel last and last user data;
Who know anyway to go out from read only HOX?
How did you install that rom? Because that download link was deleted i think a month ago?
the v003 noeri kernel is the culprit of that hard bug.
Basically, you are now in apx mode. you can't do anything about it, even trip whacked his phone cause of numerous failed attempt to fix it.
Sorry dude but your phone was bricked. no other option but to send it to service center. hope you are still under warranty and your provider accept the repair for free:angel:
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
if i am of any help, please hit the thanks button:good:
Sorry to say this mate but you're totally bricked.
Only a new motherboard will help...
Its best to search on how to brick your bootloader properly .....when the service center can't read/boot your bootloader anymore they don't know if it was actually unlocked before. This way you have more chance of a free repair. Because when they see the tripnraver stuff they are unlikely going to fix it under warranty/hardware defects.
but my HOX not have waranty or garanti!
i think wait to s-off to solve read only problem...
I hope you get it sorted when we get s-off !
I also have one in read-only, and I've done some investigations.
I'd rather say it's the emmc controller that's busted, in which case we won't be able to do anything as long it's not functional (I don't think even the official s-off methods will work). On the other hand, while bricking, the write protection went off and I could write some partitions, until it settled to read-only (my goal, back then, was apx). I find this interesting because this might be an short (but dangerous) way to s-off. Still, we need to identify the exact commit that holds the guild.
PS: if you don't have warranty, try changing the emmc chip, might be cheaper.
Related
Apologies if this has been covered before- searched a couple of times with no joy...
Waiting for delivery of my Defy and still not sure what mods to do...Having read about a lot of UK models having the dreaded ear-piece fault, I'm just wondering:
1. what I can do that can be undone if my phone develops this fault?
i.e. Is it possible to root the phone, remove some of the Motoblur bloatware, overclock and scale, and still be able to return it to it's original state if the earpiece goes? (or at least make any mods undetectable!)
2. From what I've read it is possible to skip the Motoblur registration. Would I still be able to use the phone portal- what apps require the Motoblur registration?
Basically I'd love to tweak the phone but am paranoid about voiding the waranty!
Thanks in advance!
Once you are rooted and have recovery installed backup your system before doing anything else. If something happens restore the backup and unroot. Only problem might be if you have some type of hardware issue and can no longer boot the phone.
There is always risk, but that will help.
rbeier1221 said:
Once you are rooted and have recovery installed backup your system before doing anything else. If something happens restore the backup and unroot. Only problem might be if you have some type of hardware issue and can no longer boot the phone.
There is always risk, but that will help.
Click to expand...
Click to collapse
Thanks. Is it the case that you can mod the phone any way you like as long as you backup, restore and unroot before returning the phone for any possible warranty claim? Would a Mototola tech be able to tell that the phone had been modded and then reset to it's original state? Just wondering if I'd be better to wait a couple of months for any possible fault to appear...Thanks again.
cwhiggs said:
...am paranoid about voiding the waranty!
Click to expand...
Click to collapse
If that's your primary concern, tweaking isn't really an option.
As soon as you start fiddling with the software, you technically void your warranty.
That said, most fiddling can be undone and if the phone were to end up in a state that you couldn't boot it to fix your fiddling, there's a fairly good chance that the engineers wouldn't be able to boot it to discover what you've done.
Not to mention, from past personal experience, a lot of front-line engineers that actually deal with faulty handsets that are sent away for repair don't really care or may not be bright enough to be able to tell that you've messed with your phone.
Thanks. Think I'll go ahead and mod it. Been reading the relevent posts/stickies and from what I can see as long as I'm carefull and follow the various steps closely and in order, I'll be unlucky to brick it. Think I'd get pissed off waiting several months for any fault to show- just wary of the earpiece going and then being told I'm screwed coz I've played with the software! Thanks again.
http://forum.xda-developers.com/general/rooting-roms/cnc-bootloader-bootloader-access-phone-t3169432
could something like this help with the unlocking of our bootloader ? or am i not getting how it works all together ?
well if you brave enough to test it ...
it states "unless you softbrick there is no bl mode" which assumes you have a bl mode if you softbrick it. If it's true it's cool and unlock via fastboot might work. if it's not true, you've just softbricked your phone without any way to recover.
Someone brave with Equipement protection plan may want ot backup his phone and try the method and if it softbricks just file a claim with assurion and wait 3 days for a replacement living without phone.
Another problem is - the thread in the link mentions the cnc-bootloader without actual link to it or any other way to download, otherwise maybe I'd try it
there was a user in the root development thread who backed up/deleted laf.img in order to boot to fastboot, which worked but i think it didnt respond to any commands. i bricked my first g4 trying the same but i didnt enter the right command and deleted aboot by accident oops.
found that post
http://forum.xda-developers.com/showthread.php?p=62085237
just wanted to share what seemed like a possibility at helping with the current bootloader status...
as much as id love to try, i have no idea how to but would gladly work with someone that could go with me step by step...
if **** hits the fan , warranty should cover the damage and i could roll back to my trusty G2 till i get the phone back
Hey guys, I got a friends M9 here with some issues and could need some help to fix them..
The phone started bootlooping for apparently no reason, there was no rooting or flashing done, so my guess is that it's either hardware related like LGs bootloop issues, or maybe it made an (automatic?) update.
The problem now is that I can't even reset the phone, when I try to enter recovery mode I get this:
Code:
Failed to boot to recovery mode
......
This
build is for development
purposes only etc etc....
My biggest problem is not knowing anything about this device, I don't know the android version, I don't know which version of the M9 it is (if there are more than one), I only know the following things:
-Phone was provided by german carrier Vodafone
-it is locked
-S-On
-Software Status: Modified
- Security Warning (when I go into recovery or download mode)
-If you need any more information tell me where I can find them (there are some in download mode but I don't think they are necessary)
Should I try flashing a custom recovery via fastboot, if yes which one? Or should I flash a RUU somehow (I did the last time with my HTC OneX+)?
Thx in advance if you can help me out, I was actually vusy with searching a new device for myself, and now I "have" to deal with this..
That seems to be a dead nand. In 99% of the cases it results from heat damages caused by the infamous SD810 processor.
Only HTC can repair the phone by replacing the motherboard.
Flippy498 said:
That seems to be a dead nand. In 99% of the cases it results from heat damages caused by the infamous SD810 processor.
Only HTC can repair the phone by replacing the motherboard.
Click to expand...
Click to collapse
Hello again!
My friend asked me whether the phone memory was still accessible and I told him that dead nand means more or less dead memory. Am I right? If not, can I flash a custom recovery under these conditions? That way I could atleast get back his data.
Edit: After some googling I found a reply from you in another thread regarding that issue, I guess theres no hope for this device.
Correct. The data is unrecoverably lost.
Sent from my HTC One M9 using XDA Labs
i have an option of buying a soft bricked m8, that says tampered relocked, unknown history of what was done to it, but im thinking have a go at trying to get it running again, i cannot get past any of the screens it's s-on as well, cannot go into phone settings, so i cannot do anything there.
http://img.photobucket.com/albums/v476/charvel_375/htc m8 broke.jpg?t=1515544191
So what is the question? Do you want to know if it's worth the risk/effort of buying? If we think it can be recovered? Or what exactly to do to recover it?
sorry i should have been more specific, answer.. can it be fixed, if so how, as i said i cannot get into the phone settings, i dont know if USB debugging is checked.
bluefender said:
can it be fixed, if so how, as i said i cannot get into the phone settings, i dont know if USB debugging is checked.
Click to expand...
Click to collapse
You typically don't need debugging enabled, to get the phone running. You don't need debugging to use fastboot, and it's fastboot that is critical to get the phone running.
Whether or not the phone can be fixed, is not definite with the information provided so far. A lot of times, no boot just means the ROM is corrupt or otherwise damaged, which is fairly easy to fix by a tool called RUU. Or alternately by unlocking the bootloader, putting custom recovery TWRP on the phone, and using that to flash a stock ROM or custom ROM.
"Tampered" and "relocked" (versus "locked") means that the previous owner did at least try to do some mods (unlocked bootloader, custom recovery, custom ROM and/or root). Whether those attempted mods resulted in the current condition is another question we can't answer (only the previous owner can answer). It could be as simple as a botched root attempt, such as wrong version TWRP or wrong version SuperSU (also easily fixed). Or it could be the simple act of the previous owner locking the bootloader, which by definition renders the phone unable to boot (again, RUU is one possible solution) and the person just didn't know that.
On the other hand, it's possible that the current condition is caused by a hardware failure, such as emmc failure, and you won't be able to flash a ROM, and the phone is pretty much shot (needs new motherboard, etc.). But there is really no way of determining hardware vs. software failure without trying to recover it. Although my gut tells me, this is a pretty easy software fix, and that the current condition is mostly a matter of the previous owner lacking the proper knowledge.
What are the conditions of the sale? Are you buying it "as is" whether you can fix it or not? Or is the person going to let you mess with it, before decided whether to buy it? If you fix it easily, is there a possibility they change their mind, and going to want to keep it?
thanks for the info, buying as is, owner puts his arms up and says no idea, buy as is no returns, possible guilt of not rooting correctly ? who knows.
bluefender said:
buying as is, owner puts his arms up and says no idea, buy as is no returns, possible guilt of not rooting correctly ? who knows.
Click to expand...
Click to collapse
That would be my guess, not rooted correctly, or tried to return to stock, and botched it.
The bet, if I had to make one, would be that it can be recovered (software issue). But as I said, no sure bet there. Might be worth a chance, depending on how much he is charging, and how much that amount of money means to you.
in the end i passed on it, as found out the phone has been doing the rounds, internal chip was dead iv been told.
Hi
I'm new to the forum but have been doing a fair amount of research. I am stuck now though and would like a bit of help.
My situation is that I have a Xperia XA1 ultra (I know I should post in that device specific forum but not much seems to be happening there) I have a very specific problem that I have treated like a forensics problem.
The phone is locked by a pattern which has been guessed by another person so many times that the gatekeeper only allows one entry per day provided the phone is charged otherwise the timer resets.
It has not been rooted and ADB is disabled.
I have connected to it through fastboot and what I can gather is that it is running Android Oreo.
The system details are as follows:
Product: XA1 Ultra G3221
Build Number: 48.1.A.0.129
Chipset: Mediatek MT6757 Helio P20
Bootloader: Locked
My research has led me to the possibility of loading a recovery image into the RAM of the phone and accessing ADB that way. I tried this with a TWRP image but obviously it didn't work. There is a company called Cellebrite that claims to be able to load it's own boot/recovery image into the bootloader and gain entry that way, however the license is something like £10,000. I'm definitely not a commercial customer.
The final option for me would be to dump the memory via JTAG or chipoff, the contents would be encrypted but I found a blog where somebody had managed to find the location of the gesture.key file while the system was encrypted. I can't remember what the site was called though, it took me ages to find last time.
My main questions are does Sony sign the boot image with it's own keys or does it use the standard Android Verified Boot?
Does Sony reuse the same keys for signing across devices? Likely not but maybe
Is there a way to send specific instructions to the RAM via fastboot?
Does anybody know of an exploit that could be used?
Is there a way to extract the boot.img and recover the Sony keys?
If there any other docs, resources or ways to get the data that could help, I will gladly read and/or try them. I think this forum is probably the biggest resource one though but after a while the specific information needed gets harder to find.
The main thing is that I don't unlock the bootloader and flash anything. It's all got to be live and non data damaging.
I tried MTPwn on the off chance that it would work but nope, it was a no go.
If there was a way to utilise the mediatek exploit to gain entry from fastboot that would be excellent, or to use fastboot to dump the memory.
Thanks for reading, I hope someone can help.
Your thread was quite confusing at first as I wasn't sure what to look for exactly :/
That being said, you have your phone locked and you want to unlock it. However you don't want to flash or reset your device, you don't have root permission, you don't have debugger mode on and you don't want to unlock the bootloader, correct?
Basically you're asking for the impossible...
All I can think of is FROST attack. See article for details and source code.
You can also send your device to your nearest Sony service center and they can probably fix it with no memory loss.
Other than that, you MUST hard reset your phone if you want it back.
However should you come to your mind and realize the reality of the situation where you shouldn't be picky about it then you can start with flashing custom recovery. Or using third-party programs like dr.fone.
XDHx86 said:
Your thread was quite confusing at first as I wasn't sure what to look for exactly :/
That being said, you have your phone locked and you want to unlock it. However you don't want to flash or reset your device, you don't have root permission, you don't have debugger mode on and you don't want to unlock the bootloader, correct?
Basically you're asking for the impossible...
All I can think of is FROST attack. See article for details and source code.
You can also send your device to your nearest Sony service center and they can probably fix it with no memory loss.
Other than that, you MUST hard reset your phone if you want it back.
However should you come to your mind and realize the reality of the situation where you shouldn't be picky about it then you can start with flashing custom recovery. Or using third-party programs like dr.fone.
Click to expand...
Click to collapse
Thanks for getting back to me, yes I realise it is asking for the impossible. I'll have a research around that article and see if I can find some information on how to write the program to dump the contents over USB. I tried Dr Fone but that only gave me the option of a hard reset.
My current line of attack is an exploit over USB called OATmeal, whereby a Raspberry Pi is used over OTG with a filesystem label of "../../data", it allows the filesystem of the phone to be mounted and data written off. It is a little complex and so I am struggling a bit with getting it to work. The team over at Project Zero have a good write-up of it so I'm following that and the POC at exploit-db to guide me through it.
I think I will be able to get the USB part to work but I'm not sure if I have to write a Java file to automatically run when /data is mounted, or if that's even possible.
Forenzo said:
My current line of attack is an exploit over USB called OATmeal
Click to expand...
Click to collapse
Not to make you frustrated, but this is an old exploit and I highly doubt it'd work on your device, unless your device security patch is older than 9-2018.
And you can't rollback on your security patch.
You should really consider flashing TWRP or other custom recovery. You have no other option.
XDHx86 said:
Not to make you frustrated, but this is an old exploit and I highly doubt it'd work on your device, unless your device security patch is older than 9-2018.
And you can't rollback on your security patch.
You should really consider flashing TWRP or other custom recovery. You have no other option.
Click to expand...
Click to collapse
Fortunately the device hasn't been updated since around 2-2018 or 3-2018 so any exploit I can find from then onwards that I can use will be great. I really do get that the only realistic option is to unlock the bootloader and flash the recovery but the data needs to be recovered and I absolutely don't want to wipe it.
If I can't do it then it will gather dust until the end of time...
It seems that no matter what I say you won't realize the situation you are in.
I can only suggest to NEVER mess with the phone circuits or the motherboard. No matter which stupid yoututbe tutorial you saw. Those guys are douchebags who only know how to get views and don't care for whatever you/they do to your device.
Needless to say messing with the circuits or the motherboard require dexterity and experience which I'm positive you don't have.
As I said before if you send it to an authorized service center, then they can help you with it without memory loss.
Sending you device to a service center isn't an insult or an act of low self esteem. Service centers exist for a reason, and they're basically geeks who are too passionate about electronics and decided to make a living out of it.
Or maybe you can somehow use the EDL mode on the phone.
In Qualcomm devices the EDL mode is locked and can only be accessed by an authorized person who have the security code of your device. I don't know if it even exist in MTK devices.
Should you actually manage to boot into EDL mode - Assuming it exists and is unlocked - then BEWARE: EDL mode is very low level and any command can directly affect the kernel or compromise the system. Don't use commands you're not sure what do they do.
You can use EDL mode to recover the data from the phone then wipe it clean, then restore the data.
You cannot access memory with EDL mode, but you can access the current image on your device. And from which you can get the key file.
EDL mode is a very very powerful tool (Much more powerful than debugging, fastboot, or anything you may know of) as it doesn't need unlocked bootloader to use it and through which you can do anything to your device including flashing other ROMs.
Good luck on your impossible quest. Make sure to post updates should you find yourself stuck.