UPDATE:
Just thougth I'd update this for anyone who stumbles on this thread in the future.
While everything about the phone from the outside and most of the stuff shown by Device Info indicated it was in fact a T999, apparently it did have an SGH-i747 bootloader. I overwrote that bootloader with an SGH-T999 bootloader, and hardbricked it.
So don't do that.
Talked to a JTAG-er who said that if the download screen says SGH-i747, it has an i747 motherboard.
Word of caution to others who end up with a refurb frankenphone.
I need some help understanding some things here. I'm a bit of a noob when it comes to this android stuff, though I have rooted my Nook once (then unrooted it) and I made an SD card for it with CM7 on it. And I have worked in IT since 1988 and have been a SysAdmin for at least half that time. So I do get most computer-related concepts and I've flashed firmware on everything from disk subsytems to my DSLR.
So here's my story:
I ordered an unlocked, refurbished Galaxy S3 off of Amazon. It's an SGH-T999 from T-Mobile, and T-Mobile is my carrier.
I noted something was awry when it wouldn't register to update. I also notice it doesn't have the wifi calling feature under settings, which it should have if it were stock. And that's a feature I used with my old HTC G2 a lot.
So I've been pouring over this forum for a few days trying to figure out what's up and what I should do to make it do what I want it to.
It has SuperSU on it, and the phone's status is "Modified". It's running 4.1.2, and the build is T999UVMD5-chag-multi-vT (it also lists a baseband version of T999UVDMD5 ... I'm guessing that's the modem version)
I assumed it was rooted because it has SuperSU on it, so I bought Mobile Odin to see if it would even run. It says it wants root (no shock there, but I thought I had it).
SuperSU says the binaries need updating, but it won't update them (it tries and says it failed). There's no SuperUser under "Settings", so I can't enable it.... so I'm starting to think it was rooted, flashed, then unrooted. Though the RootValidator app says I "might" have root since it was denied access. But SuperSu doesn't work right so I can't grant it SU permissions.
So first, I need help with a theory of the state of the phone. Frankly, it works great the way it is except I don't have the T-Mobile WiFi calling feature, which I'd really like. It DOES let me use the hotspot without an extra hotspot plan. Which is very cool (I don't use it much, but I like the option).
I've seen there's a 4.3 build out there based on the T999 that doesn't have Knox ... which I'm assuming is good from what I've read as far as being able to and keep root and control the hotspot feature. But I don't really know.
I've considered going back to an earlier stock version and letting it update OTA or via Kies, but then I'm afraid it might get certain things (like hotspot) disabled by the carrier. I'd really like to keep that feature.
But first ... how do I figure out if I have root on the phone already? I'm getting conflicting info.
Perhaps there is some kind knowledgeable soul who can help me find my way.
Much appreciated if anyone can help.
It was probably rooted and then the root was lost somehow.
Just flash it with the non knox 4.3 rom from mrrobinson.
you can revert back to the latest stock firmware with only root injected\implemented into it. you'll have all the stock features(and bloat, which you can remove, since you'll have root access, using an app like titaniumbackup.
download the firmware in this thread:
http://forum.xda-developers.com/showthread.php?t=1949687
you want the latest official pre-rooted firmware(listed below), where it says T999. make sure it's for T999, and NOT T999L!
T999_UVUEMJC
Official JB Firmware - Latest JB 4.3 Firmware
and you'll need Odin for PC, to flash the firmware:
http://www.androidfilehost.com/?fid=9390275921635705049
follow these instructions on how to flash, starting from "Second"
http://forum.xda-developers.com/showthread.php?t=1771687
Thanks guys.
Got Odin. Watched a good root video. Now to download the ROM I want. 4.3 sounds intriguing, as long as it still has WiFi calling.
I'll go read that thread. I can be taught, but sometimes I need help finding where to start.
flipster64 said:
Thanks guys.
Got Odin. Watched a good root video. Now to download the ROM I want. 4.3 sounds intriguing, as long as it still has WiFi calling.
I'll go read that thread. I can be taught, but sometimes I need help finding where to start.
Click to expand...
Click to collapse
4.3 absolutely has WiFi calling. that's a T-Mobile feature that will always remain on the OTA(over the air) updates, unless they decide to do away with that technology. there were many changes made from 4.1.x to 4.3. by the way, to disable the wi-fi from always scanning in 4.3, you have to turn off\uncheck the option in Settings > Wi-Fi > press "Menu" > Advanced > "Always allow scanning", when you do the update.
4.3 features, as per wiki;
Bluetooth low energy support.[112]
Bluetooth Audio/Video Remote Control Profile (AVRCP) 1.3 support
OpenGL ES 3.0 support, allowing for improved game graphics[112]
Restricted access mode for new user profiles[112]
Filesystem write performance improvement by running fstrim command while device is idle[113]
Dial pad auto-complete in the Phone application[112]
Improvements to Photo Sphere[114]
Reworked camera UI, previously introduced on Google Play edition phones[115]
Addition of "App Ops", a fine-grained application permissions control system (hidden by default)[116]
4K resolution support[117]
Many security enhancements, performance enhancements, and bug fixes[118]
System-level support for geofencing and Wi-Fi scanning APIs
Background Wi-Fi location still runs even when Wi-Fi is turned off
Developer logging and analyzing enhancements
Added support for five more languages
Improved digital rights management (DRM) APIs
Right-to-left (RTL) languages now supported[112]
Clock in the status bar disappears if clock is selected as lockscreen widget
http://en.wikipedia.org/wiki/Jelly_Bean_(operating_system)#Jelly-Bean
Ok, there's one thing holding me back now. I've read a few things about different modem (baseband) flashes, and that I might have to flash a different modem onto my Galaxy S3 SGH-T999 for this to work. I note that my current baseband is T999UVDMD5 which matches the stock image name for 4.1.2 (which is also my current OS version) but the name of the stock image for 4.3 is T999UVUEMJC ... which would suggest to me that this is different modem firmware. Or do I not need to worry because the modem is included in the 4.3 firmware tar file? I have a hunch the latter is the case because it isn't mentioned on that HOWTO page but I really want all my ducks in a row to minimize my chances of bricking or losing data.
T-Mobile Image
November 2013 - 4.3 JellyBean - New!
Note: This is based off of the stock image TMO T999UVUEMJC
Do not flash a prior release after flashing this, it has been reported to cause bricks, read the thread for more information.
Perm Mirror: Download - root66_TMO_T999UVUEMJC_2.7z
April 2013 - 4.1.2 JellyBean
Note: This is based off of the stock image TMO T999UVDMD5
Perm Mirror: Download - root66_TMO_T999UVDMD5.7z
Incidentally, I've been looking for a good primer page like this ... this is excellent.
Ok... modem is basically firmware, from what I'm reading.
I've tried to download the root66_TMO_T999UVUEMJC.tar to the phone using Odin, but I'm getting a secure check fail sbl2 error when I do. Not finding any information on why that might be.
It is a bit strange to me that when I boot into the recovery mode it's telling me it's an i747, though the sticker and the "about" in the os say SGH-T999... but they may be the same thing for all intents and purposes.
I CAN transfer the file to the SD card using Kies, and I have, but it doesn't show up as an option to load from external storage, and I'm guessing the Odin connection and settings do something special to cause the flash to be available and work in the first place.
So ... have we seen a secure check fail sbl2 before, and do we know what it means? I'm going to keep looking but I've had no luck so far.
Well no good luck anyway.
Here's what Odin is telling me on the PC side
<ID:0/009> Added!!
<ID:0/009> Odin v.3 engine (ID:9)..
<ID:0/009> File analysis..
<ID:0/009> SetupConnection..
<ID:0/009> Initialzation..
<ID:0/009> Get PIT for mapping..
<ID:0/009> Firmware update start..
<ID:0/009> sbl2.mbn
<ID:0/009> NAND Write Start!!
<ID:0/009>
<ID:0/009> Complete(Write) operation failed.
<OSM> All threads completed. (succeed 0 / failed 1)
Yeah ... this is where I'm stuck. Odin won't flash that de-knoxed 4.3 tar from DocHoliday. It did let me flash Clockwork Mod and I can get into that and back things up, and I was able to add the SuperSU zip (but I don't see the SU program after it boots so I don't think I actually have root.) It's weird.
I read on one forum I might have to flash an alternate recovery onto it to get it to work. I have it downloaded but I'm a little leery of that until I understand the possible implications. I noticed last time I looked at the recovery console it says the counter's up to 3 (after CM... it was at 2 when I bought the thing) and then there's something about Qualcomm Secureboot being set to Enable, but I can't tell if that's good or bad from reading posts on it. My phone didn't come with a warranty so I'm not terribly concerned with tripping the counter (though it would be cool to reset it at some point, it's not a priority at all).
Anyway, I'm still trying to learn more about what all this means before I proceed.
I have visions of bootloaders and img files and tar files and zip files flying around my head. Meantime I'm still on 4.1.2, apparently a de-bloated T-Mobile build with no wifi calling.
It sounds like Odin might be falling due to your phone having an att build.prop. If you are sure it is an sgh-t999, want to keep root, and have the know how, you can make this process a lot easier by updating your firmware to the last one before the 4.3 update (otherwise you will be stuck with Knox). Afterward update your recovery and flash a more current touchwiz ROM.
Make sure to read the entire OP of these threads and flash in recovery.
To update your firmware without having to use Odin, read the following thread:
http://forum.xda-developers.com/showthread.php?t=2282603
There is a few options when it comes to choosing a custom recovery. I'm currently using Philz. If you get Philz, make sure to get the d2lte version. The thread for Philz recovery is below:
http://forum.xda-developers.com/showthread.php?t=2201860
Sent from my SGH-T999 using Tapatalk
When put the phone in download mode it says product name is SGH-i747 ... but I've never seen another SGH-T999, so for all I know they all say this. Is this why you're thinking it has an ATT build.prop? It does have the T-Mobile logo when starting up and shutting down. I can go read more on that. I wonder if there's an Android OS for dummies book.... I've been working with DOS, Windows, & Linux for decades, it can't be THAT hard to understand.
I need to get comfortable doing CM backup and restore. Yeah, you're right, I don't want Knox -- but there is a de-knoxed 4.3 build out there on the forum which is what I intend to flash when I finally get to a point where Odin will let me flash it. Or I see you've linked some threads that talk about other ways.
I'll go read those threads you linked and see what I can absorb from them. Thanks!
flipster64 said:
When put the phone in download mode it says product name is SGH-i747 ... but I've never seen another SGH-T999, so for all I know they all say this. Is this why you're thinking it has an ATT build.prop? It does have the T-Mobile logo when starting up and shutting down. I can go read more on that. I wonder if there's an Android OS for dummies book.... I've been working with DOS, Windows, & Linux for decades, it can't be THAT hard to understand.
I need to get comfortable doing CM backup and restore. Yeah, you're right, I don't want Knox -- but there is a de-knoxed 4.3 build out there on the forum which is what I intend to flash when I finally get to a point where Odin will let me flash it. Or I see you've linked some threads that talk about other ways.
I'll go read those threads you linked and see what I can absorb from them. Thanks!
Click to expand...
Click to collapse
Most T-Mobile and AT&T s3 ROMs are cross compatible. It sounds like it is a sgh-t999. If it has an AT&T ROM on it, that would make ODIN throw out errors (to prevent bricking your phone) until you have your build.prop identity the device as an sgh-t999.
Sent from my SGH-T999 using Tapatalk
Oh, man. The road blocks. They are legion. And sometimes circular
I've tried updating the bootloader (from CM v6.0.3.1) as described here:
http://forum.xda-developers.com/showthread.php?t=2282603
But CWM aborts the installation:
Finding update package
Opening update package
Installing update
assert failed: getprop(ro.product.device) == "dttmo" || getprop("ro.build.product") == "d2tmo"
error in external/sd/T999_UVDMD5_firmware_v4.zip
(Status 7)
Installation aborted.
Which I figured has something to do with what it's finding in build.prop as mentioned above. Except I just looked in my build prop, and it says it's an SGH-T999 made by samsung.
ro.build.product.model=SGH-T999
ro.product.brand=samsung
But then it says that ro.product.model is obsolete, and to use ro.product.device ... which looks like it's set to ... canada? ro.product.device=d2can
Which certainly doesn't match dttmo or d2tmo.
So ... edit the build.prop file, then?
I downloaded an editor to do it. It does whine about not being able to open /storage/sdcard0/buildprop.tmp, not sure if that's going to be an issue. I "re-rooted" with CWM_SuperUserv3.0.7 so I can now use root explorer again (which is how I looked at the build.prop file) ...
At that point I guess I'd flash the radio/bootloader above, reboot to Odin mode, and try the Knox-Free 4.3 flash again?
Any red flags going up?
flipster64 said:
Oh, man. The road blocks. They are legion. And sometimes circular
I've tried updating the bootloader (from CM v6.0.3.1) as described here:
http://forum.xda-developers.com/showthread.php?t=2282603
But CWM aborts the installation:
Finding update package
Opening update package
Installing update
assert failed: getprop(ro.product.device) == "dttmo" || getprop("ro.build.product") == "d2tmo"
error in external/sd/T999_UVDMD5_firmware_v4.zip
(Status 7)
Installation aborted.
Which I figured has something to do with what it's finding in build.prop as mentioned above. Except I just looked in my build prop, and it says it's an SGH-T999 made by samsung.
ro.build.product.model=SGH-T999
ro.product.brand=samsung
But then it says that ro.product.model is obsolete, and to use ro.product.device ... which looks like it's set to ... canada? ro.product.device=d2can
Which certainly doesn't match dttmo or d2tmo.
So ... edit the build.prop file, then?
I downloaded an editor to do it. It does whine about not being able to open /storage/sdcard0/buildprop.tmp, not sure if that's going to be an issue. I "re-rooted" with CWM_SuperUserv3.0.7 so I can now use root explorer again (which is how I looked at the build.prop file) ...
At that point I guess I'd flash the radio/bootloader above, reboot to Odin mode, and try the Knox-Free 4.3 flash again?
Any red flags going up?
Click to expand...
Click to collapse
I'd highly recommend updating your recovery before doing much. Once you do that, try flashing the bootloader and the 4.3 ROM.The only red flag would be if you plan to use Odin since it is identifying as a different phone due to the build.prop.
Also, it sounds like the previous owner messed up when they modified the build.prop. You really shouldn't need to worry about editing it if you plan to switch ROMs since any new ROM is going to replace it anyways.
Sent from my SAMSUNG-SGH-T999 using Tapatalk
By recovery I think I understand you're saying the latest version of CM ... which I see for my phone is 6.0.4.5 (SGS3 T-Mobile).
I am also reading I can flash a ROM with CM, though all of the ROMs I've seen so far (including the one I want to use) are .tar files and I think CM uses zips.
I don't suppose you can just un-tar the ROM and zip it ... can't be that easy ... can it?
Right, you will need to either update CWM or change to a different recovery such as TWRP or Philz (Philz is based on CWM but has a lot more features.
You're right. Most ROMs are installed/flashed in a custom recovery in ZIP format rather than Odin. Making an Odin package compatible with recovery isn't nearly as simple as unpacking a .tar file and zipping it.
You can find a lot of ROM options that are possible to flash in the development section of this board.
Sent from my SAMSUNG-SGH-T999 using Tapatalk
I've updated to Philz CM 6.07.9.
My modem is already T999UVDMD5 ... if I flash the update in this thread (http://forum.xda-developers.com/showthread.php?t=2282603) I'm guessing it will overwrite CM and put the stock recovery back. So I decided to skip that part and try the update again.
I'm getting this here...
<ID:0/006> Added!!
<ID:0/006> Odin v.3 engine (ID:6)..
<ID:0/006> File analysis..
<ID:0/006> SetupConnection..
<ID:0/006> Initialzation..
<ID:0/006> Get PIT for mapping..
<ID:0/006> Firmware update start..
<ID:0/006> sbl2.mbn
<ID:0/006> NAND Write Start!!
<ID:0/006> FAIL! (Auth)
<OSM> All threads completed. (succeed 0 / failed 1)
I have root ... I can go in and look at build.prop and edit it, but it won't let me save it.
I guess I need to find a different way to flash.
Well, I THOUGHT my bootloader must be locked.
But I'm unsure now ... I mean ... I'm rooted. I can flash stuff with Philz Custom CWTouch ...
It's that FAIL! (Auth) that's getting me.
flipster64 said:
Well, I THOUGHT my bootloader must be locked.
But I'm unsure now ... I mean ... I'm rooted. I can flash stuff with Philz Custom CWTouch ...
It's that FAIL! (Auth) that's getting me.
Click to expand...
Click to collapse
Odin will continue to fail until your build.prop is fixed. Really, all you need to do is pick a custom ROM from these forums and flash using Philz. Afterward, you should be back in order. Just make sure you follow the instructions in the ROM's thread and also make sure the ROM is for the t999
Sent from my SAMSUNG-SGH-T999 using Tapatalk
So there are custom roms that are zips instead of .tars on this forum, then?
Or Can Philz flash a .tar?
I'll look for a custom rom zip out there for my phone.
Related
I'm having some trouble flashing 4.1.1 on a 4.1.2 phone. I was linked to this site and grabbed the 4.1.1 firmware from there. I've tried both Odin 3.07 and 3.09 but I get a "complete(write) operation failed" error with both.
What's odd is this device is most assuredly an i747, yet on the phone's screen in Download Mode the Device Name field shows T999 for some reason. Might that have something to do with this failure to flash?
I was able to successfully flash a file earlier that rooted the device, successfully from the looks of it. SuperSU seems to be working fine.
Any ideas on how I can get this flashed so I can unlock the phone for use on Smart Talk?
Edit: After doing a factory reset from recovery I now get this from Odin:
<ID:0/004> Odin v.3 engine (ID:4)..
<ID:0/004> File analysis..
<ID:0/004> SetupConnection..
<ID:0/004> Initialzation..
<ID:0/004> Get PIT for mapping..
<ID:0/004> Firmware update start..
<ID:0/004> aboot.mbn
<ID:0/004> NAND Write Start!!
<ID:0/004> FAIL! (Auth)
<OSM> All threads completed. (succeed 0 / failed 1)
Looks like there is a bootloader mismatch that it's causing the write failure.
audit13 said:
Looks like there is a bootloader mismatch that it's causing the write failure.
Click to expand...
Click to collapse
Audit, could it be that it's got the BL for T999 which is what's causing the errors? However, wouldn't that have been likely to cause a soft brick in the first instance unless the rest of the system is compatible? I guess he could check system information under Settings to see if this really has i747 firmware or someone's previously successfully "changed" it to a T-Mob phone. Not sure that's possible but I was just thinking ... perhaps a previous J-Tag operation especially if it was purchased in the secondary market.
Larry2999 said:
Audit, coup as t be that it's got the BL for T999 which is what's causing the errors? However, wouldn't that have been likely to cause a soft brick in the first instance unless the rest of the system is compatible? I guess he could check system information under Settings to see if this really has i747 firmware or someone's previously successfully "changed" it to a T-Mob phone. Not sure that's possible but I was just thinking ... perhaps a previous J-Tag operation especially if it was purchased in the secondary market.
Click to expand...
Click to collapse
It was purchased as a refurb. Everything under System Setting - About Phone shows up as i747. Completely stuck at this point.
Edit: I just installed an app called Info that shows all relevant build information.
Bootloader version shows as T999UVDMD5
Model is SGH-I747
Build ID I747SEMC1
How can I fix this mismatch?
Headcase_Fargone said:
It was purchased as a refurb. Everything under System Setting - About Phone shows up as i747. Completely stuck at this point.
Edit: I just installed an app called Info that shows all relevant build information.
Bootloader version shows as T999UVDMD5
Model is SGH-I747
Build ID I747SEMC1
How can I fix this mismatch?
Click to expand...
Click to collapse
That would explain it then. Thankfully T999UVDMD5 would appear to be the Bootloader for the T-Mob version running Android 4.1.2 (and not the inflexible 4.3). Have you tried flashing the 4.1.2 bootloader via recovery or, if you are feeling adventurous, the 4.1.1 version? You may find both via the links below ...
(http://www.androidfilehost.com/?fid=23269279319197288)
http://www.androidfilehost.com/?fid=23269279319197287
See also previous thread on updating bootloaders (http://forum.xda-developers.com/showthread.php?t=2321310)
Larry2999 said:
That would explain it then. Thankfully T999UVDMD5 would appear to be the Bootloader for the T-Mob version running Android 4.1.2 (and not the inflexible 4.3). Have you tried flashing the 4.1.2 bootloader via recovery or, if you are feeling adventurous, the 4.1.1 version? You may find both via the links below ...
(http://www.androidfilehost.com/?fid=23269279319197288)
http://www.androidfilehost.com/?fid=23269279319197287
See also previous thread on updating bootloaders (http://forum.xda-developers.com/showthread.php?t=2321310)
Click to expand...
Click to collapse
Tried flashing the first one from stock recovery and got:
Verifying update package...
E:signature verification failed
Installation aborted
I read somewhere that this happens when trying to flash a non-signed file in stock recovery so I installed Clockwork recovery and tried flashing both of those files. They both yield this error:
E:Error in (file path and name)
(Status 7)
Installation aborted.
Tried flashing via TWRP and get:
E:Error executing updater binary in zip (file path and name)
Updating partition details...
Failed
So apparently this phone is already unlocked. Never bought a refurbished phone before so didn't even think to try before unlocking it.
So I guess I don't need to downgrade to 4.1.1 afterall. Where does that leave me? I still have this mismatched bootloader (for the T999 model).
Am I okay to just try flashing a recent ROM like AOKP 4.4?
Headcase_Fargone said:
So apparently this phone is already unlocked. Never bought a refurbished phone before so didn't even think to try before unlocking it.
So I guess I don't need to downgrade to 4.1.1 afterall. Where does that leave me? I still have this mismatched bootloader (for the T999 model).
Am I okay to just try flashing a recent ROM like AOKP 4.4?
Click to expand...
Click to collapse
Looks like we learn all the time. I didn't know you could install a bootloader for one system on another system and still get it to work. Thankfully your phone is unlocked. If the phone is working normally, your best option may be to leave it that way for now although, as we've seen, this could seriously limit firmware upgrade possibilities. It's doubtful whether flashing a custom ROM would help because even custom ROMs don't have their own bootloaders and still have to rely on the manufacturer's bootloader to run. A custom ROM would, therefore, probably leave things the way they are with the bootloader. I'm sure there would be a way to get this done. We just have to research a little bit more.
Maybe, now the phone is unlocked and you probably don't need the lower firmware anymore, you may try updating to 4.3 JB. At this stage, you really have nothing to lose so it may be worth trying.
Hello why you want to downgrad maaaaaaaaad
Sent from my GT-S7500 using xda app-developers app
laith al shishani said:
Hello why you want to downgrad maaaaaaaaad
Sent from my GT-S7500 using xda app-developers app
Click to expand...
Click to collapse
Just wanted to downgrade in order to unlock, but it appears to already be unlocked so that's no longer necessary.
Larry2999 said:
Looks like we learn all the time. I didn't know you could install a bootloader for one system on another system and still get it to work. Thankfully your phone is unlocked. If the phone is working normally, your best option may be to leave it that way for now although, as we've seen, this could seriously limit firmware upgrade possibilities. It's doubtful whether flashing a custom ROM would help because even custom ROMs don't have their own bootloaders and still have to rely on the manufacturer's bootloader to run. A custom ROM would, therefore, probably leave things the way they are with the bootloader. I'm sure there would be a way to get this done. We just have to research a little bit more.
Maybe, now the phone is unlocked and you probably don't need the lower firmware anymore, you may try updating to 4.3 JB. At this stage, you really have nothing to lose so it may be worth trying.
Click to expand...
Click to collapse
So just try flashing AOKP or CM or something via TWRP? Don't the newer ROMs require an updated bootloader?
Edit: Got impatient and tried flashing Cyanogenmod. I used the CM Windows installer to minimize any chances of me screwing up the process. Followed the instructions, installer said installation complete, successfully installed, etc. All it did was do a factory reset. Touchwiz 4.1.2 is still on there.
Hello all,
I've been perusing through many threads on the XDA forum looking for how to solve a download problem on my SGH-i747m but haven't found it. Hopefully, one of you intelligent folks can help me.
Long story short, I screwed up the bootloader a while back which hard bricked the device. I originally recieved the phone in a soft bricked state from a buddy so I don't know many particulars about the Android version before I hard bricked it. I sent the phone for JTAG which allowed the the phone to boot to the Samsung screen. I'm not sure how the JTAG process works, but I assume it cleared everything except the bootloader. All I want to do now is restore the phone back to stock so it's usable.
The following is a summary of what I tried....Using Odin v3.07 and a stock firmware I747MVLUEMK5 I attempted to download the firmware into the device. Unfortunately, in the early stages, I get these errors
From Odin:
<ID:0/003> NAND Write Start!!
<ID:0/003> sbl3.mbn
<ID:0/003> aboot.mbn
<ID:0/003> FAIL! (Auth)
<OSM> All threads completed. (succeed 0 / failed 1)
On the phone:
Warranty Bit: 1
Bootloader AP SWREV: 2
SW REV CHECK FAIL: Fused 2 > Binary 1
I tried re-rooting the device with CF-Auto-Root and then was able to flash CWM 6.0.4.7 to do a full wipe of everything. On my next attempt, I get the same errors.
You're trying to flash an older build than what is already there, which cannot be done. You can only flash the same or newer from now on.
Judging by the SW REV CHECK, you can flash builds ND2, NE6 or NF2. (Depending on your carrier, NF2 may not be available.)
Flash one of those and it should work.
Can you explain some detail about these build designations? I'm not familiar with those.
When I researched the stock firmwares for Telus, I discovered that the MK5 build (if "build" is the correct term) was the newest available. To my understanding..isn't 4.3 is the newest is gets for the i747m?
Go to http://sammobile.com/firmwares
The latest build is 4.4.2.
Youll have to sign up to download, but its free and as far as i can tell they dont spam your email or anything like that.
ND2 is a newer 4.3 build, and is what you are currently running. The others are 4.4.2
Its been awhile since I've done my firmware, but I'm giving my phone over to my sister soon and upgrading to a Note Edge.
I'm trying to get this phone on Likewise S5, but having a little difficulties with the older guilds to install various stuff, also all the warning on the Likewise S5 don't show up in the guide I was following for the actual installation, like stuff about bootloaders and modems (I don't know what these are), I am a techy just I'm not well versed in Cellphone Firmware talk at all, more of a PC person.
This was the guide I'm following well can't link it, its on Team android, for the likewise S5 for S3 i747
I'm Trying to install CWM Because I believe I don't have one currently installed, if I do is there a way I can find out? all I believe I have is just a oem 4.1.2 firmware that was rooted.
Almost all the CWM guides that are out have their own downloads that no longer work for the CWM that they provide, and honestly I don't wanna mess with it anymore and want to get the proper combination, I've downloaded the latest one for Samsung Galaxy S3 from the Official Clockwork mod website for Touch version, but I'm not sure how to flash "that" I know it says to use PDA on 1.85 Odin which i've tried but it just says
<ID:0/004> Added!!
<ID:0/004> Odin v.3 engine (ID:4)..
<ID:0/004> File analysis..
<OSM> All threads completed. (succeed 0 / failed 1) (No pass or fail)
I'm not sure what I'm doing at this point and could really use some help, specific to what I'm doing.
And to be specific I have a Samsung Galaxy S3 i747 From Rogers Wireless in Canada (Sept 2012), and it isn't bricked have booted it up just fine.
Currently I am dealing with a finnicky USB port as well, need to get some alchohol and see if I can get a more reliable connection out of it. I got it to point now I feel like I'm comfortable flashing it just eh, could be better, long as its sitting generally its connected slight pressure in cord to be sure, usually charges no problem but USB connectivity is whats finnicky. I cleaned out the lint with a needle didn't really seem to help a whole lot but definetly lets the plug go in further now, even bought a new cord that gets a decent click but it still a little floppy side to side, feels like its the plug has room to move inside the female end of the plug, vs anything being "loose"
Any chance your phone is already rooted? Odin flashing anything with a flaky USB port would make me a little nervous.
If you're rooted, there's an app called flashify that makes updating recovery pretty simple and there is no USB connection needed.
Also in the Play store if you search for Samsung Phone Info you should find an app that will tell you what firmware you're on. Install it and report back what it tells you you're on for bootloader and baseband and someone here should be able to chime in on whether it will run newer roms ok, or how to proceed if its out of date.
jason2678 said:
Any chance your phone is already rooted? Odin flashing anything with a flaky USB port would make me a little nervous.
If you're rooted, there's an app called flashify that makes updating recovery pretty simple and there is no USB connection needed.
Also in the Play store if you search for Samsung Phone Info you should find an app that will tell you what firmware you're on. Install it and report back what it tells you you're on for bootloader and baseband and someone here should be able to chime in on whether it will run newer roms ok, or how to proceed if its out of date.
Click to expand...
Click to collapse
I am already rooted I know that I did the root myself, to get Super admin permissions for the Ps3 controller blutooth controller permissions.
I'll look into Flashify, I'll install phone info now
Ok here is from my Samsung phone info app;
DMF1 firmware is pretty out of date. Unless you pick an older build of a custom rom, you'll run into some issues.
The full Canadian carrier updates for i747m are all available for download from sammobile.com, but those will be really big files to flash with Odin. I wouldn't try that unless you're really confident in that USB port. This won't be a really quick flash and interrupting it could brick your phone.
The safest route might be to unroot the phone and take carrier OTAs until your firmware is up to date. You'll have to be on stock recovery for OTAs. Once you're unrooted if you power down and reboot your phone, I'm pretty sure the stock recovery will come back. If not, here's a link to a stock recovery: http://forum.xda-developers.com/showthread.php?t=2026751
To get going with rooting and custom roms again you'll have to flash a custom recovery in Odin once you get up to date on OTAs, but that will be a 5 - 10 MB file to flash as opposed to a 1 GB+ full system update. Don't worry about that until you get the bootloader and modem up to date, one step at a time. :good:
How do I perform an update though to manually update the phone, like to unroot it basically I'm Connecting it to USB getting it to recognize in Kies?
Like I have full USB access to my phone now, yes the port is flaky but it functions. Kies says my device is on latest firmware even though I know 4.4.2 was released by rogers for the device, i.e I don't understand how to unroot it and bring it up to date
I don't know what a OTA is, I don't understand what a modem/bootloader is etc.
I'm assuming what I have to do is update it to 4.4.2 via the normal firmware but currently it isn't giving me an option to
OTA is "over the air" updates. They are pushed to your phone and often update your phone's bootloader, modem, and rom to new versions. They'll download and install with wifi or cell data, no USB connection required. It is a very safe way to update your phone, but OTA updates will fail if you are rooted and have custom recovery (at least AT&T's will).
With android 4.1 and DMF1 firmware you're something like 2 or 3 updates out of date. Usually OTA notifications just pop up on their own, or you might have a "check for updates" option somewhere in your rom settings. Has this phone been off the grid for a while, update process frozen, or just declining OTAs for the last year and a half or so? Is it not tied to a carrier anymore?
I have updated bootloaders and modems outside of the OTA process, but only on the i747 AT&T variant. If OTA is not an option for some reason, I can't comment on what your safest route would be on the Canadian variant, but there are plenty of expert i747M users on here. Someone will chime in to help you out.
If OTA is an option, then the easiest way to unroot used to be to install SuperSU from the Play store, if you're not already using it. In SuperSU settings there used to be a "full unroot" option.
Ok So what do I need to do exactly I unrooted the phone no problem but it still doesn't recognize it as needing new firmware still so I'm still confused how to update it.
My understanding is I need to update this to latest base version which would be 4.4.2, but I'm not sure how to do that exactly since its not automatically doing it given the custom rom.
Confirm the bootloader on your phone and post it here.
It is the bootloader that will determine which stock firmware to flash from sammobile.com onto your i747m.
audit13 said:
Confirm the bootloader on your phone and post it here.
It is the bootloader that will determine which stock firmware to flash from sammobile.com onto your i747m.
Click to expand...
Click to collapse
Again, I'm not well versed in android terminology etc, I don't really know what a bootloader is, everything in those screen caps above is what I'm using
If you want to be on the latest stock, just use Odin to flash the stock Rogers 4.1.1 ROM from sammobile.com. Then use OTA updates to update the phone to the latest KK.
audit13 said:
If you want to be on the latest stock, just use Odin to flash the stock Rogers 4.1.1 ROM from sammobile.com. Then use OTA updates to update the phone to the latest KK.
Click to expand...
Click to collapse
Again, I Really Need more details Odin isn't so simple that its Oh Slot dis dat flash in der and poof completeo, if you read through the thread you'd you I have a flaky USB port that isn't 100% stable, flashing a 1gb rom through a iffy connection doesn't sound smart.
How do I flash this correctly from SD card if I can?
Please describe, Which App I need for it, what I need to do in app etc, cuz Odin is like AD AP DS WE aslaksd its all gibberish to me unforunately for different flashing locations
I know of no way to flash a completely stock ROM from an SD card.
If you wanted to flash it from an SD card, you would probably need to download the entire ROM, strip out the stock recovery, and re-pack the ROM into a zip file.
I'm still extremely confused, I need consise directions what I need to do, so far I haven't had solid details in this thread yet how to get my firmware installed :crying:
Evockzi said:
I'm still extremely confused, I need consise directions what I need to do, so far I haven't had solid details in this thread yet how to get my firmware installed :crying:
Click to expand...
Click to collapse
since youre computer literate , so to speak , perhaps this method would help/be more 'simple'. IDK , just a thought.
http://forum.xda-developers.com/showthread.php?t=2225405
"all i can really do , is stay out of my own way and let the will of heaven be done"
Is that method compatible with my device? before I've only been following ones that flash with odin.
The Reason why the isn't helpful immediately for me, I Do Not Know what I need to Do to achieve what I need.
Bootloader means almost nothing to me, I do Not know what I need to accomplish, No one has answered that question yet for me.
My Question is again, So, Do I need to install 4.4.2 Base as downloaded from that Samsmobile, and How Do I install Specifically that?
Beyond That my question expands into, Ok After I install that What do I need to do to install likewise.
I Do not know what I need to do so all these guides about doing specific tasks that you know what you need to do are useless to me at this moment I'm afraid.
I have enough of a stable USB connection I can Odin it Right now I just need to know what to select, etc
I yolo'd it with the connection, and flashed it with older odin 1.85 since I know PDA is the correct one idk what the hell it is in the new odin.
Passed, took almost 8 mintues to flash it, Now I just need to get back to original question of installing CWM Recovery and Getting Likewise S5 rom installed.
Do I have correct 4.3-4.4 Modem and boot loader that it spams in bright red on the likewise requirements?
Managed to finish all the installations without a hitch,
Followed a guide to CWM install and then root it through installing SuperSU, Then had everything to install Likewise which can be done on the device.
Everything installed perfect now I have a S5 to give to my sister cheers
@Evockzi glad you got it figured out.:victory:
"all i can really do , is stay out of my own way and let the will of heaven be done"
It seems that after the November AT&T OS upgrade that my wife was unable to get into the Settings App (Settings Failed Error). :crying:
1. Got on with Samsung support, they took me through several reboot sequences, etc.
2. Finally they said we need to Factory Reset. We backed up data with Kies and proceeded.
3. While rebooting from the factory reset, OP Sys fails on the language selection screen (Settings Failed Error)
4. Samsung took us too Kies and tried to flash the Op Sys.
5. Now getting "Firmware upgrade encountered an issue".
6. Tried Kies again but does not find my device.
7. Downloaded the I747 AT&T Rom and using Odin
8. Am able to get the "Downloading" screen to work
8. Odin sees the Com but when trying to flash, it Fails every single time.
HERE IS THE SEQUENCE:
<ID:0/005> Added!!
<OSM> Enter CS for MD5..
<OSM> Binary Check MD5.. Do not unplug the cable..
<OSM> Please wait..
<OSM> Checking MD5 finished Sucessfully..
<OSM> Leave CS..
<ID:0/005> Odin engine v(ID:3.1100)..
<ID:0/005> File analysis..
<ID:0/005> SetupConnection..
<ID:0/005> Initialzation..
<ID:0/005> Get PIT for mapping..
<ID:0/005> Firmware update start..
<ID:0/005> SingleDownload.
<ID:0/005> aboot.mbn
<ID:0/005> NAND Write Start!!
<ID:0/005> FAIL! (Auth)
<ID:0/005>
<ID:0/005> Complete(Write) operation failed.
<OSM> All threads completed. (succeed 0 / failed 1)
Now I am stuck as to what to do next. PLEASE HELP :crying:
Ur wife seem to enabled the protection against odin flash. Too sad, else it would work.
This is why u should never enable that crap.
Good luck
Skickat från min SM-G900F via Tapatalk
Sachitoge said:
Ur wife seem to enabled the protection against odin flash. Too sad, else it would work.
This is why u should never enable that crap.
Good luck
Skickat från min SM-G900F via Tapatalk
Click to expand...
Click to collapse
Sachitoge, thanks for your reply!
So what your saying is that my Wife's phone is as good as being Hard Bricked?
Kinda
Samsung has implemented knox to prevent theft to reset phone, this will fail wth odin no matter what you do, its impossible because its locked and encrypted.
For now it seems its hard bricked, but if u never got root on it or if your knox trigger is 0x0, and u got this far with brick, then your operator or samsung is responsible to fix it no matter what, stay on what you say and push them saying you didnt do anything and that you enabled knox protection thus Odin flash fails. Say to them with a more serious speech and deeper speech like you its kinda feeling that you seem like you are angry. Tell them you need asap phone and replace it asap. You can even say to diagnose the phone and see that you didnt do anything illegal (root proccess) or dropped phone.
Just never take a break with whatever they say about refusing it, stay behind your words and phrase, they should and MUST help you fix the phone or replace it.
EDIT: This knox protection is additional optional protection, and is not must, so u know. Its impossible to turn it off without getting into your Settings app and disable it manually.
Skickat från min SM-G900F via Tapatalk
Sachitoge said:
Kinda
Samsung has implemented knox to prevent theft to reset phone, this will fail wth odin no matter what you do, its impossible because its locked and encrypted.
. . .
Just never take a break with whatever they say about refusing it, stay behind your words and phrase, they should and MUST help you fix the phone or replace it.
Skickat från min SM-G900F via Tapatalk
Click to expand...
Click to collapse
I talked to the voice tech support and they said that i should first try to image the operating system at the BestBuy store. If I can't get it to work then to send it into them and they will do a "free" evaluation. However since i started with a good phone, they are liable. Although they may try and get me to pay for fixing it
As it is, should i really send it to them? Or is there any other software solution, or a JTAG??? (not sure all that would involve)
Thanks!
Look, that knox protection is as good as Apple's remote iCloud lock function. It is encrypted, and it requires decryption of the system partition (i may be wrong, i just say what i believe is/can be). The Knox is a type of a Encryption, it's really secure and safe and is used widely worldwide, the decryption is hard because it must be protected with your samsung account and password, because it required that during enabling it. This indicates it is encrypted according to your specified Samsung account. I may be wrong, but try to find on internet whether it's possible to disable it remotely. Try to boot phone normally, then go on PC/Laptop and search to login to Samsung account and by any chance, look to remotely unlock this Knox security.
Other than that, without access to "Settings" app, you wont be able to disable it. Simply impossible. It is encrypted.
Same for iOS Devices that got locked with remotely iCloud lock app, it is locked and encrypted remotely and requires remotely decryption to system partition and this is why almost nobody can bypass it. There are ways but sadly are private from public to prevent Apple team patch the exploit. I do believe they use this exploit for iDevice that is stolen to afterward sell to another end-user the stolen phone, or possibly they could be unlocking devices in exchange of money. Easy money from my view, however, it is encrypted and is no way possible. MAYBE samsung can do it from their end without saying "we decrypted it and did clean install rom" instead of that, they will speak in a manner speech like "We did put the phone into a developer-only software from our end on our PC and did a full disk-clean which also killed all files, and had to re-attempt to install rom and reconfigure IMEI". Maybe not exactly like this but something close this. From what i know, whenever you do full clean, your IMEI mostly stays, this is because you mostly cant really navigate it manually or delete it, usually it is protected lol.
I hope you're not tired with this long message, you shouldn't be charged for such a mess they caused to you, so like i said, dont let your guard down and hesitate, stay behind your phrase/word! I promise, it will work!
You mentioned Voice Tech Support, talk serious, talk that you are not tech heavy, (for ur wife). Play a bit stupid-role about technology and that it happened while OS Upgrade.
Remember, they will be after your money, don't let them do it and get cash into their pocket for free, it's not worth and not your fault to cause you being charged!
Please, try my method and you will see it really saved you a couple 10 dollars. As of sending the phone, im not sure, they wont however pay the shipping fee, other than that any other cost is unacceptable so beware, dont get phished from IT experts.
Remember, reason this is long is to save you from being charged. Hope it helped, good luck buddy.
I recommend not using Odin to flash any ROMs at this point.
The flash is failing because you are trying to flash a ROM with a bootloader that is older than the bootloader on the phone which is indicated by the failure after trying to flash aboot.mbn file.
There is not full ROM available for the i747 after 4.1.1. All OS upgrades were provided by AT&T as OTA updates.
I recommend flashing a custom recovery, booting to recovery, mounting the data partition, a copy everything you can to a PC. Then, flash a custom ROM, Gapps, and install the Samsung Phone Info app from the Play Store to find the phone's bootloader version.
audit13 said:
The flash is failing because you are trying to flash a ROM with a bootloader that is older than the bootloader on the phone which is indicated by the failure after trying to flash aboot.mbn file.
There is not full ROM available for the i747 after 4.1.1. All OS upgrades were provided by AT&T as OTA updates.
I recommend flashing a custom recovery, booting to recovery, mounting the data partition, a copy everything you can to a PC. Then, flash a custom ROM, Gapps, and install the Samsung Phone Info app from the Play Store to find the phone's bootloader version.
Click to expand...
Click to collapse
You are right, it could be, i dont know how things really work in USA as i always bought unlocked phones and living in europe, so it was good to point that out. The error do happen while knox protection is on too, same type of message so its a bit tricky...
Skickat från min SM-G900F via Tapatalk
I have never seen Knox protection cause that error. I don't think it is not Knox that is stopping the flash, it is the bootloader security.
The only protection that I have seen that would have an effect in download mode would be re-activation lock.
Sachitoge said:
. . . other than that any other cost is unacceptable so beware, dont get phished from IT experts. . . Remember, reason this is long is to save you from being charged. Hope it helped, good luck buddy.
Click to expand...
Click to collapse
Thanks for your long reply! and in helping me with this issue. I will be firm with them. My wife is not tech savvy and I don't know how my wife's phone got encrypted, or if there was someone remotely hacking her phone from our PC or over the wireless. She always complained to me that someone was listening in on her conversations and interfering with her text messages. And we had some evidence this was taking place. She does not know how to encrypt her phone, so she didn't enable knox encryption. So perhaps her phone was hacked somehow.
On the download screen of the phone this is what I am getting:
ODIN MODE
PRODUCT NAME: SGH-I747
CURRENT BINARY: Samsung Official
SYSTEM STATUS: Official
QUALCOM SECURE BOOT: ENABLE
Warranty Bit: 0
BOOTLOADER RP SWREV: 3
SW REV CHECK FAIL : Fused 3 > Binary 0
Downloading.......
Does this mean anything to you that could possible help knowing what the problem is?
I see nothing to indicate that the phone is encrypted.
The existence of the warranty bit line tells me the phone has at least a 4.3 bootloader which caused the Odin flash to fail: the ROM being flashed has an older (probably 4.1.1) bootloader.
Knox and encryption are not the same thing. Encryption can take place in the absence of Knox and Knox can be present on a non-encrypted phone.
Whether the phone is or is not sim-locked isn't relevant to this situation as it can happen regardless of a phone's sim-lock status.
audit13 said:
I recommend not using Odin to flash any ROMs at this point. . . The flash is failing because you are trying to flash a ROM with a bootloader that is older than the bootloader on the phone which is indicated by the failure after trying to flash aboot.mbn file. . . There is not full ROM available for the i747 after 4.1.1. All OS upgrades were provided by AT&T as OTA updates. . . I recommend flashing a custom recovery, booting to recovery, mounting the data partition, a copy everything you can to a PC. Then, flash a custom ROM, Gapps, and install the Samsung Phone Info app from the Play Store to find the phone's bootloader version.
Click to expand...
Click to collapse
Thank you for your suggested solution! I have an Identical phone to my wife's phone. Is there anything else useful i can grab from my phone? The info App states:
Model: SAMSUNG-SGH-I747
Device Type: d2att
Product Name: d2uc
Country origin: MADE IN CHINA
Manuf. Date: 2012.08.31
Knox Warranty Void: 0x0
Storage: 16 GB
Product Code: SGH-I747RWBATT
Orig CSC Code: ATT
Firmware CSC Code: ATT
Active CSC Code: ATT
CSC Country: USA/US
Mobile Operator: AT&T / 310410
Bootloader Version: I747UCUFNJ2
PDA Version: I747ATTFNJ2
Baseband Version: I747UCUFNJ2
Latest Firmware: Not Found
Kernel Version:
3.4.0-1514807
[email protected] #1
32-bit
Java Virtual Machine: Dalvik 1.6.0
Root Existence: No
Android Version: 4.4.2
Build Number: KOT49H.I747UCUFNJ2
Build Fingerprint: samsung/d2uc/d2att:4.4.2/KOT49H/i747UCUFNJ2:user/release-keys
Build Description: d2uc-user 4.4.2 KOT49H I747UCUFNJ2 release-keys
Build Date: Mon Aug 10 14:43:43 KST 2015
Changelist: 1514807
Hardware / Board: qcom / MSM8960 [32-bit]
Platform / Chip: MSM8960
GPU: Qualcomm Adreno 225
Modem Board: MSM8960
Hardware Revision: REV0.4
Firmware: KIES SYMBOL --- I747UCDLK3 --- date: 2012-11-01 ---- USA (ATandT) ---- Version: 4.1.1 --- CSC: I747ATTDLK3
Your phone is running the latest ROM as indicated by the nj2.
The line about kies, where did that come from?
audit13 said:
Your phone is running the latest ROM as indicated by the nj2.. . . The line about kies, where did that come from?
Click to expand...
Click to collapse
That line came from the Firmware Browser page of the Phone INFO *Samsung* App.
Is it possible to extract all the files I need from my phone and burn them over to my Wife's semi-bricked phone?
Nope, that won't work.
If you backed up everything on her phone, I recommend flashing a custom recovery and then a custom ROM to see what baseband is on the phone. I would not flash anything until that has been confirmed.
Flashing the wrong bootloader and modem file could hard brick the phone.
audit13 said:
Nope, that won't work. . . .If you backed up everything on her phone, I recommend flashing a custom recovery and then a custom ROM to see what baseband is on the phone. I would not flash anything until that has been confirmed. . . .Flashing the wrong bootloader and modem file could hard brick the phone.
Click to expand...
Click to collapse
I am still new here, and although I am a computer programmer, a lot of the terms are foreign to me.... i understood the custom recover and the custom ROM but what is the "baseband" that needs to be determined? Can i get the baseband information from my identical phone?
The baseband or modem is software installed on the phone to control its functionality. The last 4 characters of the baseband/modem should match the last 4 characters of the bootloader.
From your post above, notice the fnj2:
Bootloader Version: I747UCUFNJ2
Baseband Version: I747UCUFNJ2
The bootloader and baseband/modem will change as you upgrade the phone's ROM.
If the soft-bricked phone has the mjb bootloader and you try to flash an lk3 bootloader, this will probably hard-brick the phone because the lk3 bootloader is an older bootloader. The i747 can only be flashed with an identical or newer bootloader which makes the bootloader version a very important piece of information.
audit13 said:
.......The i747 can only be flashed with an identical or newer bootloader which makes the bootloader version a very important piece of information.
Click to expand...
Click to collapse
So why not just flash her phone with the newest bootloader available?
If you want to flash the latest bootloader and modem, you'll have to install a custom recovery first. Also, I am not sure if the modem and bootloader need to be upgraded in release order. I wouldn't think so since I have flashed the Canadian version of the s3 (i.e. i747m) from 4.1.2 to 4.4.2 with no problem.
Always flash the bootloader and modem in the same session before rebooting. Don't flash a modem, reboot, and flash a bootloader as this could also cause a brick.
NOTE: flashing a custom recovery will change the warranty bit from 0 to 1 which will tell a Samsung tech that non-official software was installed on the phone and you may wind up with no recourse against Samsung.
I recommend this if you will not be pursuing the matter further with Samsung: install a custom recovery, boot into recovery, wipe cache, and reboot the phone. Hopefully, clearing the cache will allow the phone to boot as I think it is still stuck in a boot loop.
If the phone still will not boot and you have not back up all of the data, boot to recovery, mount the data partition, connect the phone to a computer, copy off what you need, wipe/format the data and cache, then reboot.
audit13 said:
If you want to flash the latest bootloader and modem, you'll have to install a custom recovery first. ... ... ...
Click to expand...
Click to collapse
I am willing to try it. Do you know a thread i can follow or how i can get some instruction on creating and flashing a custom recovery? Also..... i still have the option to bring the phone over to BestBuy store who is a Samsung tech center. I am not sure if they can do anything other that what I have already tried
** STOP & DO NOT **
Pass Go (... or collect 200 dollars ...)
Attempt this without reading the first page entirely at least
Attempt this without knowledge of how to recover from softbrick status
Flash any non official Firmware if you're banking on a warranty claim later {It may or may not work}
Post in this thread, any super negativity, disbelief, or naysaying.
Blame any Project/Thread contributor(s) for what YOU did, when YOU flashed your device. Please, no one forced you to press start in ODIN.
Preface
*****
[FOR THE LATEST UPDATE: GO TO POST #185 for the next steps towards rev 4/5 bootloaders.]
https://forum.xda-developers.com/showpost.php?p=79764173&postcount=185
Bootloader v3 and v4 devices currently on MM or Nougat can use the Factory Binary for their particular bootloader version in order to install a 5.1.1 based ROM that can have an untethered full root. To downgrade back to 5.1.1 use the combination firmware available for your bootloader revision. From there you CAN root 5.1.1 un-tethered.
** I do believe using the Binary 5 Combination Firmware, you can still root using the method for the v4 Bootloader, if you don't mind downgrading back to 5.1.1 and being on the combination firmware.
** I still haven't got a root method for fully rooting 6.0.1, or rooting 7.0 at all. These root methods will have your device ending up on a 5.1.1 build of Android.
For rooting Bootloader v4, please see @droidvoider 's Post #110, Post #110
Since there have been many threads scattered throughout the N920A forums about how to root 6.0.1/5.1.1, and how to downgrade the AT&T Galaxy Note 5 MM Builds back to LL builds, I've decided to collect up all the information I've had time to gather. This thread pertains to downgrading marshmallow builds to lollipop builds, and it covers gaining a tethered root system. What I am also going to cover is what I've discovered about the Factory Binary Firmware for this device. This includes what I call the Eng Modem & Eng Sboot, and how the PB2 Eng Kernel can be used with all three of the above.
Throughout all of my testing on the device, I have never once tripped my KNOX counter. The warranty remained valid on the device and it has been persistently rooted.
@TechNyne66 has outlined {proven} instructions for attaining a Tethered Root. I know there are already a few threads circulating the forum here about Root Status & Progress of the Note 5, and I hate just adding one more to the mix, but this isn't meant to be a general discussion thread.
I spent a lot of time reading over the last two years about the Exynos7420 SoC and I am always trying to learn more than high level google searches can give to me. There are a lot of hardware level topics involved I need more information on, hopefully the devs on XDA with this kind of knowledge would contact me. Because google does not always have the answers we search for when it comes to mobile hardware. It is in the minds of the devs here, and not always posted publicly. Not everyone in the world who wants the abilities granted by root access, is ready/able to deal with the potential hazards and security risks to their Device & Personal Lives. But they never will be ready, if we cannot study what those risks are in the first place.
Just remember, there is a reason things like SuperSu exist in the first place. Without a method to manage access to root privelages by installed apps, you'd be using an Open Source Universal Remote that knows everything about you, its surrounding environment, and knows how to manipulate said data. Given the nature of the Exynos7420's 64bit Architecture, all known variants of the SM-G920, SM-G925, and SM-N920 should theoretically be able to run or boot any code we could ever write for a computing device. We have the build-tools. It's just a matter of using a specific version of a particular tool depending on the timing & current context. Ideally.
My Device Results
*****
The firmware that was initially installed on my particular AT&T Note 5 when I first got it, was the August 1st 2016 build "UCS3BPH4". I have the Full ODIN Package, as well as the OTA.zip that upgrades PE6 to PH4. I also have the OTA.zip for upgrading PB2 to PE5.
I really need, if anyone has some, any unreleased official OTA updates for adb instead of just all ODIN files. I'd also like some advice on how examine how the bootloader loads a kernel, and what it looks for when it does. The update chain of OTAs to the PE5 build would be great. The N920A is odd in the sense that AT&T released two different update paths for their devices. Some devices ended up on the left path, and some on the right path.
When I flashed the Unlocked PH4 Modem, my device became carrier unlocked and opened the APN Editor. I consider it an Eng Modem.
When I flashed the Eng PH1 Sboot.bin from the Factory Binary and the Eng PB2 Kernel, I became able to Flash+Root a Lollipop Build that would stick on rebooting. Using a device with a Version 3 Bootloader. If there are other ways to downgrade to lollipop from marshmallow without using the Eng Sboot, please tell me.
I'm not trying to say at this point that the 3APH1 Firmware is actually a real eng binary like they found for the S8. But the system image on the firmware does have some interesting tidbits I haven't seen in any other Factory Binary I've messed with. It's more than normal.
If you cannot find any of the items I'm referring to in the links below. PM Me.
*****
What I understand about 3BPH4
Included Files in Full ODIN Package:
AP_N920AUCS3BPH4_CL7563702_QB10603229_REV00_user_low_ship.tar.md5
BL_N920AUCS3BPH4_CL7563702_QB10603229_REV00_user_low_ship.tar.md5
CP_N920AUCS3BPH4_CL7563702_QB10603229_REV00_user_low_ship.tar.md5
CSC_ATT_N920AATT3BPH4_CL7563702_QB10603229_REV00_user_low_ship.tar.md5
NOBLELTE_USA_ATT.pit
If I remember reading correctly, ODIN FW whose CSC file does not include a 'hidden.img' in their Cache.img are technically Unbranded ROMs. If this is still true today, then this firmware minus CSC is actually unbranded but uses the AT&T multi-cert CSC. Unless I didn't look hard enough, I did not find a hidden.img when I used CacheRipper to unpack the Cache.img -- I don't remember what post I read this in, I read many threads all the time, I can't confirm at this moment this assumption still holds in modern builds or this device series. Still testing other theories.
I'm not sure about other N920a's, but I have a multi-CSC cert on the device, meaning it should be able to accept any firmware compatible within the same series. At least that's how I remember it being. Same goes for my VZW S5 & S6 Edge. -- I don't know how common Multi-CSC certs are still. I honestly can't remember NOT having a Multi-CSC on any of the Samsung Devices I've owned. Mine all have them. I just have some intuitive feeling the Multi-CSC is basically a requirement for Unlocking.
I have successfully downgraded the AP file many times to earlier builds by flashing the AP by itself. I have successfully done a full cold boot after downgrading the PH4 AP file to PB2, OJ1, and OGG. I successfully flashed the PE6 AP file as well.
I have successfully downgraded the CSC file many times when downgrading the AP file as well. I cannot remember at this moment if I had success downgrading the CSC by flashing only the earlier FW CSC file. The One time I can remember, I flashed only the '.PIT' file included with PH4 & the CSC file of the earlier FW. I do know that I've downgraded the AP file and not the CSC with no errors. I have NOT yet tried to downgrade the CSC file by itself to an earlier version than the Installed AP. -- It remains to be tested in more detail how the AP File and PIT File affect the flashing of a different CSC.
The PH build series is the first publicly available FW for the N920A to use a Level 3 Bootloader Binary. I notice this change from Binary 2 to Binary 3 on most devices going from 5.1.1/6.0 to 6.0.1 Builds on Samsung Devices. With the Exception of Verizon, who has been using a Level 4 Bootloader Binary for quite some time, most Carriers are just now getting around to Level 3 Binaries in their Firmware. Leading many people to believe it is completely locked to a level 3 and can never boot anything designed for an earlier binary. -- While I have so far not been able to test a method for fully downgrading all parts of the BL File from Binary 3 to Revision 1 or 2, a Revision 3 bootloader can still boot a Binary 2 ROM. Although I'm told it is possible to fully downgrade all parts of the PH4 bootloader to an earlier version, but have not successfully done so.
I have successfully downgraded the 3BPH4 sboot.bin included within the BL File of the Full ODIN Package. I did it by packaging the earlier sboot.bin into a tar by itself and flashing in the BL slot of ODIN (3.10.6). Anytime I try to flash a full revision 2 bootloader it quite expectedly fails the flash at param.bin. It trips the alarm in Download Mode by stating the error Binary 2 Device 3. In my successes here, Download Mode still showed Official Device Status, Valid KNOX Bit/Warranty Status, Passing DM-Verity Verification. In all my flashes thus far I've never tripped KNOX. Once, the device status changed from Official to Custom, but KNOX was still showing valid. It wouldn't boot due to an error about invalid kernel length, but everything was valid status under the hood. -- The two downgrades I'm referring to, are the downgrades from
N920AUCS3BPH4 sboot -> N920AUCU3APH1 engsboot
Using the Bootloader from the Factory Binary, we can downgrade from Android 6.0.1 to 5.1.1. I also have the N920C_XXU3API1_ENGSBOOT, but ODIN wouldn't even start to flash it before failing. I don't have the param.bin or cm.bin for either of the ENGSBOOT files. If they even exist publicly or privately.
N920AUCS3BPH4 sboot -> N920AUCU2APB2 sboot
Like I mentioned above, I downgraded the sboot from a binary 3 to a binary 2, by flashing only the sboot.bin and not trying to downgrade the param.bin or cm.bin. But I think having the stock PH4 param.bin & cm.bin could be what is leading to a couple roadblocks. While the flash to PB2 sboot went off without a hitch, and did successfully do a full boot, it only lasted for about 20 minutes. When more tests caused it to stick in a bootloop to prevent itself from tripping the KNOX warranty bit due to invalid kernel length causing failed boot. This is also the only time in all my tests that my Device changed from Official to Custom status. Reflashing the Full PH4 package returned everything back to Stock. I also flashed Systemless Root (Which worked btw! But Verity Caught it, hence why the session lasted only 20 minutes or so) during this test session which could have also done it potentially.
My Best experience flashing most of the files I've tried successfully, came from using ODIN v3.10.6, and it does not seem to be a standard ODIN. Instead of just Odin3.exe & Odin3.ini, these are the files that came bundled inside the Odin zip:
Odin Downloader Release Notes.xlsx
Odin3 v3.10.6.exe
Odin3.ini
S1PlugIn.bundle_141117.zip
SS_DL.dll
But it seems like this version of ODIN has some kind of FTP mode within it for grabbing something I have no idea at this moment. So insights from someone smarter than me would be nice. I think FTP mode was enabled by connecting the Device to odin, while in RNDIS USB Mode. If not, I know that connecting to ODIN in that connection mode did something odd in one of the ODIN versions I have. ALSO, what are all the modded versions running around supposed to be used for exactly? And how were they modded? Often times they fail to flash simple things this v3.10.6 flashes successfully without blinking.[/color]
*** *** ***
Rooting/Downgrading Files Involved
I.Note5 Online Repo - https://drive.google.com/folderview?id=0B4PoJYLnmv1BNzY2OXB3QlFfcVk
** This is the folder where I'm keeping all files referenced here + other N920A related material.
II. Binary 3 Lollipop Bootloader (N920AUCU3APH1 sboot.bin, FRP eng Bootloader) - https://drive.google.com/folderview?id=0B4PoJYLnmv1BQ19qeVFUd2cxaWM
** This sboot can be flashed overtop of the Stock PH4 sboot.bin and IT WILL NOT trip KNOX. This is the only "binary 3" bootloader for our device I've found that will boot 5.1.1 based ROM's or Kernels. Using this bootloader, you can flash 5.1.1 based ODIN AP Firmware Files (ROMS) & continue to have Official Device status for Warranty/KNOX Purposes.
III. 2APB2 Lollipop Eng Kernel - https://drive.google.com/folderview?id=0B4PoJYLnmv1BQVBfQUdYeE5IR1U
** This is a 5.1.1 based, rooted kernel. As far as I know this is a leaked Engineering Kernel from the 2APB2 build. Flashing this Kernel and the PH1 eng sboot, overtop of Stock PH4, gives access to an ADB Root Shell during the bootloop/failure. Flashing this kernel overtop of a stock LL based Kernel allows a bootable rooted system.
IV. Metalcated g920a 5.1.1 Root v4 -
** This is Metalcated's Root Method for the Galaxy S6. This zip is used for the Root-Install & Root-Boot script files. The Root-Install command should be ran once the PB2 Kernel has been flashed and successfully rebooted the first time. Afterwards, the Root-Boot command should be ran during the device's next boot process, to continue using the PB2 Kernel & maintain a bootable system.
*** *** ***
6.0.1 Downgrading Instructions (tested using full Stock PH4 FW)
1.) Enable Developer Options
2.) Enable OEM Unlock
3.) Enable USB Debugging (For a safe bet I make sure to "always remember the device" by saving the RSA Key)
4.) Power Off then Boot into Download Mode
5.) Flash the Binary 3 Lollipop Bootloader using the "BL" slot in ODIN. (Listed Above)
6.) Once Bootlogo Appears, reboot into download mode by holding, VOL Down + HOME + POWER
7.) Now Flash the AP File of the Lollipop FW you want to install. (The OGG ROM, has no DM-Verity in Recovery Mode)
8.) Boot into Recovery Mode
9.) Wipe Data/Factory Reset
10.) Reboot
*** *** ***
5.1.1 Tethered Root Instructions (tested on PB2 & OJ1 ODIN AP FW/ROM's)
1.) Enable Developer Options
2.) Enable OEM Unlock
3.) Enable USB Debugging (For a safe bet I make sure to "always remember the device" by saving the RSA Key)
4.) Power Off then Boot into Download Mode
5.) Flash the PB2 eng Kernel (Listed Above)
6.) Once Booted, recheck steps 1-3, then run the "root-Install" script (.cmd for Windows, .sh for Linux) from Metalcated's zip archive.
7.) During Device Boot Up, make sure the device the connected to your PC, and run the "root-Boot" script from Metalcated's zip archive. And the device should finish booting successfully with the PB2 eng Kernel still intact.z
removed outdated information about Note 5 source codes.. Please see links by Delgoth for updated info
** too many words on someone elses thread **
I think the main problem for you is that you are on a binary 4. I have not tested any of this using a device that starts on binary 4.
But thank you for this, and I will go over these a little later today. I do already have the MM sources for the N920A/V/C and am working on that this week.
Flashing the PB2 flashed a LL rooted kernel, thats why on a device with MM installed it will hang. But during that hang plug it into the pc and open ADB
See if you have root shell.
Just wondering if anyone got anywhere with this. I know nothing about what you guys are talking about but I have N920AUCS4CPL1 and was wondering if anyone figured out a root for it
We have another thread up in the General Android Q&A Forum. I currently have adb shell with eng kernel running Lollipop U1AOGG AP running the U3APH1 eng bootloader.
I also have Busybox support, and can make persistent changes to the /system & /data directories
Droidvoider has also created a type of custom odin/heimdall flashing application used during runtime.
This is big stuff!!!
https://forum.xda-developers.com/android/help/injecting-root-setting-selinux-stages-t3573036/page2
in binray 3 not working, tested
What do you mean when you say it did not work for binary 3? Which FW build did you test? And how did you use ODIN when you flashed?
What tests of yours failed specifically? Because I've successfully downgraded to Lollipop from both the PHA & PH4 builds. I haven't actually tried PJ1. But with the corrupt bootloader issue people have mentioned. It would depend on if you upgraded to a Binary 4 sboot or not.
Sent from my Galaxy Note5 using XDA Labs
Does this thread only apply to the at&t note 5?
shawtypanda said:
Does this thread only apply to the at&t note 5?
Click to expand...
Click to collapse
Yes! This isn't going to work on Verizon.
Actually it could potentially work for Verizon.
If you substitute the Verizon Combination Firmware for the AT&T and apply the same principles accordingly.
So you're saying that there could be a root for the verizon version of this phone?
shawtypanda said:
So you're saying that there could be a root for the verizon version of this phone?
Click to expand...
Click to collapse
I need a Verizon tester for my stuff. Your security patch level can not exceed October, 2016. Please check in Settings|Device|About what your security patch level is. If your patch level is 2017, it is not likely I will be attempting to gain root. Unless there are reports of issues such as battery drain, or if enough people complain about not being able to switch carriers again. freddierice connected the dots with his tools which I have altered to be mine.
Greyhat Root Project - Root Console is a tool which executes commands from a text file, not a root shell
trident is freddierice's tool exactly being converted for the Note 5 (yes verizon also) It is a root shell so to speak, but I'm still working on sepolicy injection (read no context hack yet, limited by context)
Greyhat Root Project -- Root Console
Build a cmd_list.txt to issue commands as root. It also replaces screencap with dirtycow so you can use dirtycow with the two contexts. root + system_server or install_recovery. From install_recovery I am able to switch to init context, maybe a couple others, this feature is being finalized today. But ultimately until I finish trident we don't have reload init, can't reload policy
trident Note 5 version
This is still being converted it does work but the INIT_OFFSET needs to be worked out still, then it should reload init which will reload sepolicy correctly.
edit
The binaries for Greyhat Root Project -- Root Console are specific to each build of Android. You can certainly try the Android 6 or Android 5 toolbox / applypatch on your device but if it fails I need to compile a version specifically for your build. Please PM me with build number, obtain as follows
1. Plug in your device and ensure you can connect to adb shell
2. adb shell getprop ro.build.id
(if you're in the shell already leave off the adb shell) getprop ro.build.id
3. PM me that number, should look like MMB29K
I'm on the latest ota update so I'm assuming I don't qualify but if there's a way for me to downgrade or something so I can test this then I will. But how's the progress? I'm curious
What's this funny stuff about us being able to root our EQC6 (Did we have this update? I don't remember) firmware lol ?? I'm not sure this is even close to the truth, I can already see the bricks happening to mislead ppl. Check it out and tell me (us) what we really wanna hear or give us the sad but real truth
http://www.teamandroid.com/2017/05/...d-70-att-galaxy-note-5-n920a-nougat-firmware/
If someone need I can test verizon version if it ever will be..
I'm on 5.1.1. Was waiting for root, but now thinking of upgrading to nougat. Would be a good idea if waiting for root, or should just stick with 5.1.1
Aurey24 said:
What's this funny stuff about us being able to root our EQC6 (Did we have this update? I don't remember) firmware lol ?? I'm not sure this is even close to the truth, I can already see the bricks happening to mislead ppl. Check it out and tell me (us) what we really wanna hear or give us the sad but real truth
http://www.teamandroid.com/2017/05/...d-70-att-galaxy-note-5-n920a-nougat-firmware/
Click to expand...
Click to collapse
Yeah that looks to be an auto generated page.
I think we're almost done. Basic Shell root is achieved. I had SuperSU half installee before I reflashed. On MM builds.
But on the Note 5 and S6 edge it is coming quickly. Ive just been too busy the last two weeks to check out the signatures.
just recently got my hands on a Note 5 but didn't realise that the N920A was near impossible to root. I was just about to update this phone to the stock nougat but then found this thread today and it looks promising.
Currently running the PB2 firmware. If this root ends up being successful, will it only allow for a permanent root on 5.1.1 or 6.0.1? Or will you be able to flash a ROM like Nougat Nemesis and everything will be okay? Understandable that time will only tell. I'm currently using the Nemesis Nougat on my s6 Edge as my daily driver but would much rather use the Note 5 with Nemesis as my daily driver.
I can see why people love the Note. It truly is a great phone.
is this still a thing?