Related
UPDATE 12/30/2011:
mmcblk0p14
UPDATE 12/29/2011: Redid the system dump from mmcblk0p27 and added firmware dump mmcblk0p1. System dump is large 512 megs now.
firmware.img
dead link
system.img
link replaced
Here it is guys. Hopefully skillful devs can turn this into gold.
System dump megaupload
dead link
MD5Sum: 173ef360d7fe2fa6c95563ae73adfce4
Dump pulled with Busybox in Terminal emulator if people are wondering how. This is my first attempt making system dump. Please let me know if the files are correct. Thanks.
If its right I could kiss you LOL. I couldn't it do.it.and I.hope devs can give us some great roms.
Sent from my LG Nitro HD
Now all we need are a few devs to get the party started. I wish I was half as smart as those men and women.
Sent from my Transformer TF101 using xda premium
I'm trying to figure out the location of factory recovery or if there is one.
I tried "mount" in terminal but can't get any useful info. Anyone?
Sent from my LG-P930 using XDA Premium App
I contacted a Guy who helped work an the new Huawei model. Any sort of Dec will help correct? Even if they worked on other phones.
Sent from my LG-P925 using Tapatalk
So, is there any way I could use this dump to restore my phone to the factory image? Or does something else need to be done to it for that?
rydeN- said:
I contacted a Guy who helped work an the new Huawei model. Any sort of Dec will help correct? Even if they worked on other phones.
Sent from my LG-P925 using Tapatalk
Click to expand...
Click to collapse
I'm pretty sure they can do it still, even if they don't physically have the phones to test it. We will have to be their guinea pigs to see if things work or not. So yeah, any Dev from any phone who knows their stuff should be able to help.
aquariuz23 said:
I'm pretty sure they can do it still, even if they don't physically have the phones to test it. We will have to be their guinea pigs to see if things work or not. So yeah, any Dev from any phone who knows their stuff should be able to help.
Click to expand...
Click to collapse
*insert Guinea pig noises* yeah we will be the Guinea pigs but its a small price to get some development here.
Sent from my LG Nitro HD
Wondering... can this be used to restore a LTE P930 from Bell?? if so, this would be a serious plus.
gordec said:
I'm trying to figure out the location of factory recovery or if there is one.
I tried "mount" in terminal but can't get any useful info. Anyone?
Sent from my LG-P930 using XDA Premium App
Click to expand...
Click to collapse
If you look within the /cache directory you will find a file called last_log that has the partition information you are looking for. I haven't had any luck mounting the partition, but I think that is normal. Now you can dump the partition to a file and then use some tools that have been developed by people here on xda to get access to the contents.
Regarding the system image... I think we may have everything we need from the LG open source web page. If you go there, you can download both the kernel.source and I think the image source (don't have my laptop to verify).
Let me.know if I can help out with anything...
So, is there a way push this dump back to the phone, aka restore to factory?
Nice, us @ the Thrill 4G Device area are trying to work some of the .apk's and other things from the Nitro HD dump are trying to build a Froyo FIX ROM with this same dump.
Be patient guys, I've not touched the Nitro, but I'm aware that LG Devices take a bit of work to make out a good ROM.
But with this dump and the work of the Thrill and Nitro fixes together we might have a multi-platform ROM.
The main difference, I believe OS mostly the HSPDA & ZTE difference.
Can anyone tell me what this is running? GB or Froyo?
gordec said:
Here it is guys. Hopefully skillful devs can turn this into gold.
System dump megaupload
MD5Sum: 173ef360d7fe2fa6c95563ae73adfce4
Dump pulled with Busybox in Terminal emulator if people are wondering how. This is my first attempt making system dump. Please let me know if the files are correct. Thanks.
Click to expand...
Click to collapse
Sent from my LG-P925 using Tapatalk
Gingerbread v2.3.5
So, anyone? can we dump this dumps in back in our phones?
if your adb works you can try extracting it
Any practical examples on how to?
Okay, so I don't think this archive that's been uploaded is going to work, but I could be wrong. I think we need somebody to perform the following set of commands (assuming the user has adb installed and put in PATH) in order to get a proper system.img:
adb shell
su
dd if=/dev/block/mmcblk0p27 of=/sdcard/system.img
I'm in dire straits right now with a phone that's only partially working. I'd really appreciate anyone's help (and system.img!) at this point. I know it's a huge freaking file, but I think it's going to be helpful for more than just me eventually.
If I'm in error and this is not the correct system partition, somebody please correct me, but according to the partition tables posted in the CWM thread, mmcblk0p27 appears to be /system
Edit, I think I also need /firmware which is mmcblk0p1. This file should be much smaller, though.
Malnilion said:
Okay, so I don't think this archive that's been uploaded is going to work, but I could be wrong. I think we need somebody to perform the following set of commands (assuming the user has adb installed and put in PATH) in order to get a proper system.img:
adb shell
su
dd if=/dev/block/mmcblk0p27 of=/sdcard/system.img
I'm in dire straits right now with a phone that's only partially working. I'd really appreciate anyone's help (and system.img!) at this point. I know it's a huge freaking file, but I think it's going to be helpful for more than just me eventually.
If I'm in error and this is not the correct system partition, somebody please correct me, but according to the partition tables posted in the CWM thread, mmcblk0p27 appears to be /system
Edit, I think I also need /firmware which is mmcblk0p1. This file should be much smaller, though.
Click to expand...
Click to collapse
I put it in the OP for you the new system dump and firmware. System dump is now like 500mb using your method. Hope it helps.
gordec, you are an amazing person! Thanks to you I'm back to an AT&T image (mostly). I was wondering if you could do one more partition image for me? Hopefully this is it, but I think I need mmcblk0p14 as well. I honestly don't know what to call this image except misc_mdm.img
Malnilion said:
gordec, you are an amazing person! Thanks to you I'm back to an AT&T image (mostly). I was wondering if you could do one more partition image for me? Hopefully this is it, but I think I need mmcblk0p14 as well. I honestly don't know what to call this image except misc_mdm.img
Click to expand...
Click to collapse
well i can help with that part and Gordec you can add this to the first post i just saw the request and thought id help out
misc_mdm.img
MD5SUM = 6d52e666a3f74a7b28cc121c0debc4df
Hello everyone, I desperately need help. Like many people I've read about around other forums, I decided to update my Telus Galaxy S3 to KitKat, and used Mobile ODIN, just because I am lazy and I didn't want a locked bootloader(who knows what Samsung might do these days, better be safe than sorry). The phone loaded up, but it told me that there's no SIM card plugged in. So just like all of the horror stories I've read after this terrible mistake, I decided to reboot the phone and possibly install back the 4.3 modem. Well, the shutdown worked perfectly. The restarting part, not so much. The moment I turn the phone off, I realized that I was holding a paperweight which doesn't respond to anything with a single exception being the red LED light going on if I plug it in without the battery inside. Sadly this fits in the every single story I've read AFTER this stupid mistake. Apparently the NE6 modem hard-bricks phones without the appropriate bootloader, and Mobile ODIN refuses to install bootloaders(it just skips them for safety reasons, how ironic that the safety measure bricked my precious?) After around 24 hours of not sleeping and googling every solution I can possibly foresee, I bought an external Micro SD card reader and tried to flash the debrick image files found around the forums(I'm a new user, so I can't link to any of them). Unfortunately, all the debricking files I've found were for the 4.3 software and I've flashed 3 debricking files I found to my card, at least 15-20 times for each image, followed the instructions perfectly, with no sign of life from the phone. What I am wondering is, because I've also read success stories from other carrier forums with a 4.4.2 debricking file and the fact that I couldn't even get my hands on one, maybe that's what people are missing at the moment? So my question is, can someone PLEASE upload a 4.4.2 debricking image for the Canadian Galaxy S3?(SGH-i747M, Telus would be awesome but I'm willing to try anything)
As a side note, I have another idea which may or may not work. I have downloaded the entire stock firmware from SamMobile, and was considering flashing the general 4.3 debrick image, plug the card in a linux box, and dd the bootloader mbn files located in the tar file downloaded in the appropriate partitions inside the memory card. I am currently giving it a try, and will report on the results. If either of the methods work, we can save dozens of S3's falling to the wrong hands of Samsung, without a JTAG! I could've paid for a JTAG because I can't afford a new phone due to the fact that I'm heading to college next year and my family is in serious bank debt, but here in Turkey, barely anyone knows how to JTAG and every phone repair shop would try to rip you off majorly(I was an exchange student, that's why I have the Canadian phone).
Failure
I have wrote the debrick_v4.3_SGH-I747M-UEMK5.img file I've found on this forum in a Micro SD card, extracted the I747MVLUFNE6_I747MOYBFNE6_I747MVLUFNE6_HOME.tar.md5 file I've downloaded from SamMobile and copied out the aboot, sbl2, sbl3, tz, rpm, and NON-HLOS (the modem file). Booted up my OS X partition and used dd to flash all the files in the appropriate partition on the memory card using this partition table I found on another forum:
Mount Point Start End Size File-System Name
__________________________________________________ ___
/dev/block/mmcblk0p1 4194kB 67.1MB 62.9MB modem
/dev/block/mmcblk0p2 67.1MB 67.2MB 131kB sbl1
/dev/block/mmcblk0p3 67.2MB 67.5MB 262kB sbl2
/dev/block/mmcblk0p4 67.5MB 68.0MB 524kB sbl3
/dev/block/mmcblk0p5 68.0MB 70.1MB 2097kB aboot
/dev/block/mmcblk0p6 70.1MB 70.6MB 524kB rpm
/dev/block/mmcblk0p7 70.6MB 81.1MB 10.5MB boot
/dev/block/mmcblk0p8 81.1MB 81.7MB 524kB tz
/dev/block/mmcblk0p9 81.7MB 82.2MB 524kB pad
/dev/block/mmcblk0p10 82.2MB 92.7MB 10.5MB param
/dev/block/mmcblk0p11 92.7MB 107MB 14.3MB ext4 efs
/dev/block/mmcblk0p12 107MB 110MB 3146kB modemst1
/dev/block/mmcblk0p13 110MB 113MB 3146kB modemst2
/dev/block/mmcblk0p14 113MB 1686MB 1573MB ext4 system
/dev/block/mmcblk0p15 1686MB 14.8GB 13.1GB ext4 userdata
/dev/block/mmcblk0p16 14.8GB 14.8GB 8389kB ext4 persist
/dev/block/mmcblk0p17 14.8GB 15.7GB 881MB ext4 cache
/dev/block/mmcblk0p18 15.7GB 15.7GB 10.5MB recovery
/dev/block/mmcblk0p19 15.7GB 15.7GB 10.5MB fota
/dev/block/mmcblk0p20 15.7GB 15.7GB 21.0MB ext4 carrier
/dev/block/mmcblk0p21 15.7GB 15.7GB 6291kB backup
/dev/block/mmcblk0p22 15.7GB 15.7GB 3146kB fsg
/dev/block/mmcblk0p23 15.7GB 15.7GB 8192B ssd
/dev/block/mmcblk0p24 15.7GB 15.8GB 5243kB grow
Unfortunately, there is still no sign of life on the phone with the card in place, and nothing has changed. I'm still desperately waiting for ideas, or a debrick image for the 4.4.2 software. In my opinion, Chainfire should've added a check on Mobile ODIN to see if the person is flashing 4.4.2 with the 4.3 bootloader, since it's so widely known that the combination certainly causes an irreversible hard brick. Not to mention there almost certainly is Samsung's mockery with the modem/bootloader software which more than likely caused the brick intentionally.
No ones been able to fix this kind of brick yet. Just keep watching the debrick thread and hopefully we'll figure out something soon. There are 4.4 2 and 4 3 images in the thread. You just have to search them out.
You won't be able to use adb to dd those partitions while its bricked.
DocHoliday77 said:
No ones been able to fix this kind of brick yet. Just keep watching the debrick thread and hopefully we'll figure out something soon. There are 4.4 2 and 4 3 images in the thread. You just have to search them out.
You won't be able to use adb to dd those partitions while its bricked.
Click to expand...
Click to collapse
I wasn't trying to dd the partitions in the phone while it's bricked. I thought about a clever idea of using a 4.3 debrick image and to dd the individual files from the stock firmware inside the appropriate partitions of the SD CARD, not the phone, so that the debrick card contains the 4.4.2 bootloader/modem/everything. Unfortunately, it didn't do anything major. And I have been searching everywhere for the past two days, and the only 4.4.2 debrick image I've found was for the SGH-i747, not the SGH-i747M, and if you have found something else, can you please share it with me?
Sorry. Missed that you had the I747M. But if you can get the phone to boot from the debrick sdcard, its probably much easier and safer to just flash the firmware via odin or flash twrp then use it to flash one of the recovery firmware packages. Using dd should only be necessary if needing to fix a partition not included in the firmware. This is never really needed unless someone flashes something like another devices kernel or modem.
DocHoliday77 said:
Sorry. Missed that you had the I747M. But if you can get the phone to boot from the debrick sdcard, its probably much easier and safer to just flash the firmware via odin or flash twrp then use it to flash one of the recovery firmware packages. Using dd should only be necessary if needing to fix a partition not included in the firmware. This is never really needed unless someone flashes something like another devices kernel or modem.
Click to expand...
Click to collapse
That's the problem right there. I can't get the phone to boot literally anything. I don't have a debrick image for my phone, so I was going to use a 4.3 image and make it boot. You know, the debrick image is like a mirrored copy of the S3's whole eMMC, with most of the useless parts omitted, and it just includes the bootloader to boot from. The S3's CPU is designed to boot from the SD card if the eMMC fails to boot, so it works perfectly just to load the bootloader, which leads to an ODIN flash. What I was trying to do was to use a debrick image, and use the dd to copy the 4.4 bootloader and modem inside the needed partitions in the SD card, again, it's not the phone I'm dd'ing to, it's the SD card. Unfortunately, that also didn't work. Now I just need more ideas, and/or a 4.4 debrick image.
Unfortunately we have not found a way to debrick a device that hard bricked by flashing the 4.4.2 modem on 4.3. No idea why its not working....
But we have also not been able to get an I747M image. So I'd like to see some one make one for you guys just to see if it might work.
Like I said before, keep watch on the debrick thread. And if you know anyone with the same model ask them to create the img.
DocHoliday77 said:
Unfortunately we have not found a way to debrick a device that hard bricked by flashing the 4.4.2 modem on 4.3. No idea why its not working....
But we have also not been able to get an I747M image. So I'd like to see some one make one for you guys just to see if it might work.
Like I said before, keep watch on the debrick thread. And if you know anyone with the same model ask them to create the img.
Click to expand...
Click to collapse
I understand. Just a question out of nowhere, if I was able to find someone to JTAG the phone, even though it's extremely hard given my circumstances, would it still not load up? I can't afford a new phone and I'm studying abroad so being phoneless is like a death sentence to me :crying:
I have found a zip file which will create a debrick.img on your internal device storage when flashed, it was located in http://forum.xda-developers.com/showthread.php?t=2625332 I realize that it's for a different phone, but it doesn't really matter because what it does is device independent, it doesn't actually 'flash' anything to the phone. I have checked the updater-script and it's completely safe.
So, if anyone has a SGH-i747M running the latest software, practically any Canadian Galaxy S3 with KitKat installed, PLEASE flash this file and post the debrick.img located in your internal storage! It will not actually flash anything to the phone, it will just copy a small portion of the entire eMMC and save it as a file. This can save mine and many other people's phones from the KitKat's wrath, and it's a very short process!
Ive posted a script in the debrick thread a couple weeks ago. Its one I made to use for the T999 several months ago so it might be a better option since its more closely related. Ill take a look at this one too though in case anything is done differently that can give me any ideas.
Note that it has not worked on the I747 yet though. I am working with KAsp3rd on a script that will create the image a bit differently though, so hopefully we will figure this out before too long!
I still recommend trying the one available on the I747M though. You never know!
---------- Post added at 01:58 PM ---------- Previous post was at 01:54 PM ----------
Lol! Shoulda read the op of the link you posted first! The script they are using looks to be the one I originally made! Nice to see its getting around! It probably won't be giving me any new ideas though...
DocHoliday77 said:
Ive posted a script in the debrick thread a couple weeks ago. Its one I made to use for the T999 several months ago so it might be a better option since its more closely related. Ill take a look at this one too though in case anything is done differently that can give me any ideas.
Note that it has not worked on the I747 yet though. I am working with KAsp3rd on a script that will create the image a bit differently though, so hopefully we will figure this out before too long!
I still recommend trying the one available on the I747M though. You never know!
---------- Post added at 01:58 PM ---------- Previous post was at 01:54 PM ----------
Lol! Shoulda read the op of the link you posted first! The script they are using looks to be the one I originally made! Nice to see its getting around! It probably won't be giving me any new ideas though...
Click to expand...
Click to collapse
I've read some success stories on the debricking thread, and the fact that the i747 has a locked bootloader after 4.3 while Canadian phones have more mercy to their users, I'd say that there's a good chance of it working. I have a couple of questions to you though, one is why did the phone boot up to a perfectly usable state when I first flashed the modem(entire firmware minus the bootloader), while telling me that no SIM cards were inserted, and a hard brick happened after a reboot? Did the modem firmware overwrite the bootloader or something while the phone is running? And my other question is, if I actually found someone who could JTAG the phone(these people can't even pronounciate JTAG, I don't know what my chances are) would this fix the phone? Or did Samsung encrypt or hash the bootloader after the 4.4 update? I've read somewhere that the bootloaders are hashed with the IMEI number, and that JTAG is even useless now, but I'm not sure about the credibility of the place I've read it.
The I747 bootloader isn't locked. People confuse the changes made for knox with locking it. A locked bootloader prevents you from flashing any recovery or kernel. The only thing we are now "locked" out of is firmware downgrades. But this is true for all S3's after 4.3. So while the Canadian carriers may be a bit more lenient with what they want restricted, it won't have any bearing on this because its directly due to Samsung's Knox.
As for why it boots the first time and bricks on reboot, I dont think anyone knows. My best guess is some issue with knox seeing it modified after its fully booted. It might then try to adjust some value or resolve some sort of incompatibility and in doing so inadvertently causes a brick when the system tries to read/use this during boot. It probably was not designed to do this intentionally, but was also not tested with this scenario.
For jtag, I cant say positively yet. One person reported there were major issues and it couldn't be fully recovered. Another said theirs worked fine, but im not sure they bricked due to the modem. If you do try this, just make sure they guarantee their work and will refund your money if its not 100% fixed.
They do use hashes to check the IMEI and NV Data, and I believe they've done so since the S3 was first released, maybe earlier. If jtag doesn't work, I dont believe this would be the cause.
DocHoliday77 said:
The I747 bootloader isn't locked. People confuse the changes made for knox with locking it. A locked bootloader prevents you from flashing any recovery or kernel. The only thing we are now "locked" out of is firmware downgrades. But this is true for all S3's after 4.3. So while the Canadian carriers may be a bit more lenient with what they want restricted, it won't have any bearing on this because its directly due to Samsung's Knox.
As for why it boots the first time and bricks on reboot, I dont think anyone knows. My best guess is some issue with knox seeing it modified after its fully booted. It might then try to adjust some value or resolve some sort of incompatibility and in doing so inadvertently causes a brick when the system tries to read/use this during boot. It probably was not designed to do this intentionally, but was also not tested with this scenario.
For jtag, I cant say positively yet. One person reported there were major issues and it couldn't be fully recovered. Another said theirs worked fine, but im not sure they bricked due to the modem. If you do try this, just make sure they guarantee their work and will refund your money if its not 100% fixed.
They do use hashes to check the IMEI and NV Data, and I believe they've done so since the S3 was first released, maybe earlier. If jtag doesn't work, I dont believe this would be the cause.
Click to expand...
Click to collapse
I can swear I've read quite a few things involving LOKI patches for the i747, and that Canadians are spared from it. That's why I thought there are some sort of restrictions on it. Anyway, I'll get my phone JTAG'ed in a few days and will surely report back on both this and the debrick thread.
I have really bad news to anyone hoping to get out of this mess with a simple JTAG. I have contacted a phone repair shop today(don't get me wrong, they can barely say the word JTAG, so it would be nice to have someone else trying to get a JTAG done), left my phone for an hour for them to complete the operation, and they told me that the eMMC is toast and has to be replaced. Apparently the JTAG program tells them that the eMMC is shown as zero bytes, making them unable to flash anything. I have flashed quite a bit, but have never done anything potentially dangerous to the chip besides installing the 4.4.2 firmware using Mobile ODIN, which is causing the brick as it doesn't flash the bootloader. Samsung seems to have really messed something up with the KNOX crap they're pushing at our phones, and I do not appreciate this happening. I cannot live without a phone since I'm studying abroad and I am taking a bank loan to be able to pay for a new phone(phone prices are absolutely ridiculous where I live). I am even considering legal action at this point because the brick is not accidental, there has to be some sort of intention to write something potentially dangerous to the phone's bootloader from a simple modem, not to mention the eMMC chip becoming toast right after the flashing, and many people's phones are becoming toast because Samsung's clumsiness. Sadly enough Samsung doesn't even fix the i9300's with SDS here, regardless if you're under warranty or not. My apologies for the rant, but can someone please report if they ever resort to JTAG?
CBKarabudak said:
I've read some success stories on the debricking thread, and the fact that the i747 has a locked bootloader after 4.3 while Canadian phones have more mercy to their users, I'd say that there's a good chance of it working. I have a couple of questions to you though, one is why did the phone boot up to a perfectly usable state when I first flashed the modem(entire firmware minus the bootloader), while telling me that no SIM cards were inserted, and a hard brick happened after a reboot? Did the modem firmware overwrite the bootloader or something while the phone is running? And my other question is, if I actually found someone who could JTAG the phone(these people can't even pronounciate JTAG, I don't know what my chances are) would this fix the phone? Or did Samsung encrypt or hash the bootloader after the 4.4 update? I've read somewhere that the bootloaders are hashed with the IMEI number, and that JTAG is even useless now, but I'm not sure about the credibility of the place I've read it.
Click to expand...
Click to collapse
Wow...Same issue here. I have tried every option in the debrick thread with no luck. Good to see that there are still people attempting to address this issue. Even though I have a new device I will continue to try and fix this as well.
danchise77 said:
Wow...Same issue here. I have tried every option in the debrick thread with no luck. Good to see that there are still people attempting to address this issue. Even though I have a new device I will continue to try and fix this as well.
Click to expand...
Click to collapse
I have also bought a new device, but I'm considering an eMMC change on the old device to gift if to my mother. Shame on Samsung for such a messed up software, JTAG didn't even fix it so this has to be somehow intentional. No software can 'accidentally' fry an eMMC chip.
CBKarabudak said:
I have also bought a new device, but I'm considering an eMMC change on the old device to gift if to my mother. Shame on Samsung for such a messed up software, JTAG didn't even fix it so this has to be somehow intentional. No software can 'accidentally' fry an eMMC chip.
Click to expand...
Click to collapse
WOW evern with the JTAG huh? I was just about to send mine out..Thank God you said something. I am going to look into getting a new chip as well. Thanks for the heads up.
danchise77 said:
WOW evern with the JTAG huh? I was just about to send mine out..Thank God you said something. I am going to look into getting a new chip as well. Thanks for the heads up.
Click to expand...
Click to collapse
No worries, I actually mentioned about it on a previous post in this thread. But again as I mentioned there, the phone repair shops around where I live don't even know how to pronounciate JTAG, so I'd strongly suggest you send it off anyway, given the service has a money back guarantee. It might be helpful to tell your repair service that the JTAG operation on my phone reported that there was 0 bytes available in the eMMC chip.
Wondering
CBKarabudak said:
I have found a zip file which will create a debrick.img on your internal device storage when flashed, it was located in http://forum.xda-developers.com/showthread.php?t=2625332 I realize that it's for a different phone, but it doesn't really matter because what it does is device independent, it doesn't actually 'flash' anything to the phone. I have checked the updater-script and it's completely safe.
So, if anyone has a SGH-i747M running the latest software, practically any Canadian Galaxy S3 with KitKat installed, PLEASE flash this file and post the debrick.img located in your internal storage! It will not actually flash anything to the phone, it will just copy a small portion of the entire eMMC and save it as a file. This can save mine and many other people's phones from the KitKat's wrath, and it's a very short process!
Click to expand...
Click to collapse
I was wondering if this method would work for my sgh i747? I softbricked mine last night but can still force it into download mode(plug into computer take battery out hold vol down and home then put battery back in while still holding buttons) and have had no luck at all with trying to use odin(the methods that i have tried all ended in failing). Im totally new to all this, including this site so im im posting something that has already been answered i apologize, but like i said ive been searching a lot and this actually sounds somewhat promising, just wanted to double check before i screw the phone up more.
That is for hard bricks only. If itll boot download mode on its own it wont even try to use the sdcard.
When you try flashing in odin, what does it say in its message box?
I need someone to pull these files for me....I'm doing some expirement on a another s4 varient and I don't have a T-Mobile version so I want someone to do me this quick favour. Thrry are the nv values of the device if you really want to know...
I have no responsibility for a brick , only do this if you know ehsg you are doing...not saying that I will brick your phone. These commands are an unforgivable....they are case sensitive so watchout!
You must have root And Terminal emulator app from the market to do this.
Code:
Su
dd if=/dev/block/mmcblk0p11 of=/mnt/sdcard/modemst1.bin
dd if=/dev/block/mmcblk0p12 of=/mnt/sdcard/modemst2.bin
Then go to your external sdcard and upload the files for me, modemst1.bin and modemst2.bin
If you are running the google edition ROM thats perfect but it doesn't really matter, I really need the files
Thanks!
Almost over 100 views and no one seems want to help here over in tmobile s4......when I mentioned the brick , it was never that serious its not like you going to brick your phone by just doing this......all you doing is BACKING UP the NV partion of the device. Cmon guys
atoore said:
Almost over 100 views and no one seems want to help here over in tmobile s4......when I mentioned the brick , it was never that serious its not like you going to brick your phone by just doing this......all you doing is BACKING UP the NV partion of the device. Cmon guys
Click to expand...
Click to collapse
Maybe try a different section? Like Android Development (Dev's only)?
I posted on general but it was moved to QA, I have no idea why...
I really need those files I'm just waiting to do my next step with the testing....
They are not even that hard to get from the device if you have root and terminal emulator...and they ain't hard to upload either....both if the files are 3mb each afaik for this s4 varient.
atoore said:
I posted on general but it was moved to QA, I have no idea why...
I really need those files I'm just waiting to do my next step with the testing....
They are not even that hard to get from the device if you have root and terminal emulator...and they ain't hard to upload either....both if the files are 3mb each afaik for this s4 varient.
Click to expand...
Click to collapse
Post it in the Dev section anyway.
I would try it but I have a .img that is a ***** to backup and I don't have an extra hard drive or sdcard to put 7 gigs on.
You are not Backing up the entire nv list....just these two bins....they are the modemst1.bin and modemst2.bin they are approximatly 3MB each 6mb total.
I think you misunderstood me, thanks btw
atoore said:
You are not Backing up the entire nv list....just these two bins....they are the modemst1.bin and modemst2.bin they are approximatly 3MB each 6mb total.
I think you misunderstood me, thanks btw
Click to expand...
Click to collapse
I understand. But just in case, I would want to make a backup. But the image file is 7 gigs
I Understand what you mean too...
The command in the first post will only backup two of the files...they are not even images, they are bins... You don't have to do the full backup to get these files for me.
They are 6mb total lol idk why you keep saying 7 gigs that's lots and lots
atoore said:
I Understand what you mean too...
The command in the first post will only backup two of the files...they are not even images, they are bins... You don't have to do the full backup to get these files for me.
They are 6mb total lol idk why you keep saying 7 gigs that's lots and lots
Click to expand...
Click to collapse
The image file that I have on my phone that is for Kali Linux is 7 gigs. I don't want something to happen to where I have to re do eeeeverything that is on the .IMG file lol. I know what you are asking, but with my luck I will mess something up.
I got what i need thanks to The Sickness!
This thread can be closed now
thanks again!
About 1 and a half months ago I flashed a Rom, as I had done many times before, and expected to have little to no problems with it. Man was I wrong. I was unaware that I had flashed a T-Mobile modem with it by mistake. I had done 3-4 backups in TWRP but they all must be too old to help or something. I have read that any Canadian SGH-T889v Note 2's, which is what I have, that flash the T-Mobile modem can not revert back to the Wind Mobile modem. If I am wrong can someone with more experiance with this issue, please, correct me and guide me in the right direction to repair it. I have bought a Z3X box to repair my imei but over the last 7 days I have been unable to have my Note 2 even be recognize by it. I am assuming that something has been damaged in the usb communication setup. And yes I have reconfigured the settings in the hidden menus just as the instructions laid out. The baseband appears to be locked to the T-Mobile version "T889UVUCMK7". I am at the android version 4.4.2, and my bootloader is at version T889VVLUDNE7, which is also the number for my PDA Version. I have read that a JTag may be the way to go to recover the full functionality of my Note 2. If this is correct can someone recommend a good one.
Thanks to everyone who shares their experience.
If you end up with JTAG, mobiletechvideos.com is a reputable one. I doubt you will get far without something akin to JTAG. YMMV.
Hello!
I just picked up a SM-G975U to play with.
Before you get your hopes up, Root and BL Unlock is NOT POSSIBLE on USA variants at this time!
I created this discussion so those willing and able can brainstorm with me with hopes of achieving root or unlock.
Now I wouldnt be creating this thread if I didnt think it was possible or without some form of teasers.
Dont ask me how but flashing combo is possible. I cannot and will not share the method/files as they are not mine to do so.
I noticed on combo this time around if you toggle oem unlock there is a tag that says "OEM Unlocked" when you enter download mode. When you long press vol up it also takes you to the unlock screen. After pressing vol up to accept it reboots and wipes data.
I am not sure the steps after this but so far havent been successful in flashing modified firmware. It is possible this is just a visual but I feel this is closer than any past devices ive owned. Anyone with know how on where the flash lock bit is stored would be of great help.
I should be able to flash some partitions after modifying them such as vbmeta or dtbo etc. to hopefully unlock the BL if I only knew what to modify.
This is not a how-to or dev thread so dont expect me to share any files. It is merely to discuss how the BL is unlocked on SD S10 devices to hopefully lead to an unlock down the road.
To my understanding, toggling the oem unlock sets a bit that tells the system that oem unlocking is allowed as well as disables security such as frp. This persists across reboots and firmware flashes etc.
After that, in DL mode there is a tag that also says device is oem unlocked. At this point you need to actually hold vol up to actually oem unlock the device.
After this I am unclear. We should be able to flash custom firmware at which verified boot state will be orange and the flash lock bit is 0. In my case, verified state is still green and flash lock is still 1 and flashes fail unless officially signed.
I know the dtbo is related to verity and vbmeta to verified boot. Vaultkeeeper to rlc. Then you have metadata, a few "keys" related partitions etc etc.
What is everyones take on this? Any ideas/suggestions are greatly appreciated in advance!
some screens
Welcome aboard! Appreciate all your work from the Note9! Kudos
Hey OP I know you from somewhere.... epic touch 4g forums?? I cant remember what device you had but anyways great to see you here. You think maybe chatting with the people that got root on enoxy may point you in the right direction. I know its enoxy and we got SD which is different but maybe a shot?*
krazy_smokezalot said:
Hey OP I know you from somewhere.... epic touch 4g forums?? I cant remember what device you had but anyways great to see you here. You think maybe chatting with the people that got root on enoxy may point you in the right direction. I know its enoxy and we got SD which is different but maybe a shot?*
Click to expand...
Click to collapse
haha I did own an epic 4g touch back in the day.. was more lurking way back then but who knows lol
for an update, no luck yet lol. been messin with combo on g975u but no easy way in yet. I have managed to change some stuff on efs and other partitions.
the binary checks sammy implemented starting in the s9 devices sucks.
I am still looking though.
i now have uid 1000 access.. with how selinux contexts and ownership is in pie tho i can only access stuff that is mounted rw and system user/group which so far is cache, carrier, efs, data, qdmdbg and various files spread throughout.
dev block wise i can access persistent, and steady partitions.. other than that i can write to the ones that are already mounted.
uid 1000 is a step in the right direction tho... beats shell 2000 uid
not to mention the method for uid 1000 should be there on any sammy device with combo firmware lol
Hi is there anything i can do to help at all cause if so i am willing i have found some stuff online as well posted it in a different post but can share it here if u are interested
I am definitely interested in learning more and being a part of this convo fellas! I have been in the Bus for at least 8 years now and want to learn the next step which is how to navigate around the S10 S10+ Security Features. Anyone mind showing me a few ropes please?
elliwigy said:
not to mention the method for uid 1000 should be there on any sammy device with combo firmware lol
Click to expand...
Click to collapse
This is similar to the techniques used to write imei on cpid phones. Can you share the scripts? You use for temp root.
Chibisuke1219 said:
Hi is there anything i can do to help at all cause if so i am willing i have found some stuff online as well posted it in a different post but can share it here if u are interested
Click to expand...
Click to collapse
Any good reads is welcome!
Vell123 said:
This is similar to the techniques used to write imei on cpid phones. Can you share the scripts? You use for temp root.
Click to expand...
Click to collapse
There is no scripts lol. I can't share the method or files to get to combo.
An update however, I noticed with system prices you can access the efs folder.
I found a way to pass kernel cmdline to the bootloader to set ro props.
I am still messing with it and need an rma as I messed up my efs and can't get cell service now lol
Is S10+ Snapdragon will get root / magisk in anytime soon?
Sent from my MI 8 using Tapatalk
Vuska said:
Is S10+ Snapdragon will get root / magisk in anytime soon?
Click to expand...
Click to collapse
Who knows lol. Similar to N9 seems like I'm only one working on it lol
Currently stuck In a boot loop as i found a exploit for kernel cmdline injection and set ro.secure=0 which it didn't like. I didn't read the info sammy posted on new securities on s10 lineup around additional security around RKP and Knox Verified Boot. It is not the same as say pixel devices as they added onto it
I was told in the other thread that what i had found was more than likely BS but if u still what the link i can give it also am still willing to use my phone as some help if u need it
Edit: switching phone sry guys but keep workin hard i will keep looking for new s10 + finds even though i wont have it and ill keep u updated with whatever i find
Try and flash G97500 I know on older devices it would boot if you used flash fire not sure if you can dd it or not Odin probably wont like it but worth a try just make a system tar and flash it but you would also need that combo firmware.
I'm rockin' the s10+ (am g975u)....
I want root!
I will make pwmage!
Stay tuned!
Ph3n0x said:
Try and flash G97500 I know on older devices it would boot if you used flash fire not sure if you can dd it or not Odin probably wont like it but worth a try just make a system tar and flash it but you would also need that combo firmware.
Click to expand...
Click to collapse
wont work.. secure check fail since signed with dif keys
elliwigy said:
i now have uid 1000 access.. with how selinux contexts and ownership is in pie tho i can only access stuff that is mounted rw and system user/group which so far is cache, carrier, efs, data, qdmdbg and various files spread throughout.
dev block wise i can access persistent, and steady partitions.. other than that i can write to the ones that are already mounted.
uid 1000 is a step in the right direction tho... beats shell 2000 uid
Click to expand...
Click to collapse
Since you have UID 1000 access, wouldn't you be able to dump the partitions off the phone?
If so, why not dump each of the writable partitions and then compare checksums/bits before and after doing the unlock?
I have the g975u and am willing to help however