Q&A for Potential To Recover Note 4 Bootloader After Flashing Retail Firmware
Some developers prefer that questions remain separate from their main development thread to help keep things organized. Placing your question within this thread will increase its chances of being answered by a member of the community or by the developer.
Before posting, please use the forum search and read through the discussion thread for Potential To Recover Note 4 Bootloader After Flashing Retail Firmware. If you can't find an answer, post it here, being sure to give as much information as possible (firmware version, steps to reproduce, logcat if available) so that you can get help.
Thanks for understanding and for helping to keep XDA neat and tidy!
Ryanbg - note 4 DE re-unlock bootloader
Hi ryan, i was told to contact you about trying to re-unlock my note 4 developer edition bootloader. I cant post in the development section yet, so here i am. I made a huge mistake by flashing the note 4 stock rom on my note 4 DE. Before doing so i permanantly erased everything under advanced settings in TWRP. The icing on the cake is that i deleted my custom rom backup too. Can you help me? If my device becomes bricked i do have a protection plan under verizon and may be able to get a new stock note 4. Im decently tech savvy and will gladly help you out in any way.
Thanks, Adam
is it possible to flash a developer edition rom to a retail note 4 verizon
Just curious
Dale2x2 said:
Just curious
Click to expand...
Click to collapse
No. You can't flash anything on the retail Note 4. You don't have root and you don't have a custom recovery.
I guess I asked the wrong question
Is it possible to flash stock de firmware on retail note 4 after hearing of de editions being turned into retail it had me curious
Dale2x2 said:
Is it possible to flash stock de firmware on retail note 4 after hearing of de editions being turned into retail it had me curious
Click to expand...
Click to collapse
No there are device specific aboot and other individual phone markers that prevent you from flashing a RE and making it a DE. It sure would be nice to have someone on the inside able to help us with this or get our devs a specific program allowing this type of thing though
Thank you, I've racked my brain to try and help this retail root situation and like everyone else I'm coming up short.
thanks
Thanks
Flashing aboot
I have my aboot and I have tried to make it flashable but it fails. I have stripped all the zeroes from the last bit of data to the very end of the mbn file using HxD. I then used 7-zip to tar the aboot.mbn to aboot.tar. I then flash it. What I see on my phone is:
Product Name: SM-N910V
Current Binary: Samsung Official
System Status: Official
Reactivation Lock(KK): Off
Qualcomm Secureboot: Enable (CSB)
RP SWREV: S1, T1, R1, A1, P1
Secure Download: Enable
UDC START
SECURE CHECK FAIL: aboot
This is a devloper edition phone that was flashed with retail stock firmware in order to get Samsung Gear VR up and running. The aboot was saved using EFS pro beta before hand by itself and then all partitions were backed up. I can share aboot if needed. I dont have linux so I cant md5 the tar if that is required. I can send the aboot if needed.
I think I locked my bootloader
I have purposely steered clear of advanced operations as I can't wrap my head around many of those concepts. I've been safely rooting for the last 7 years until now. I just got my DE a few days ago and was having random reboots. I made recovery backups like I've always done before and thought that was enough since I don't do anything passed a few Xposed modules (tethering, ad removal) which is what I think was causing the reboots. I decided to start from scratch and applied SM-910V (I'm certain) firmware to find it will not root now. From the hours of reading I've done, I think my bootloader is locked.
I continue reading here now, but it seems I was supposed to backup aboot and Samsung can't help either? Since the device is 4-5 months old, I was hoping to find more positive information.
ODIN MODE (HIGH SPEED)
PRODUCT NAME: SM-N910V
CURRENT BINARY: Samsung Official
SYSTEM STATUS: Official
REACTIVATION LOCK(KK): OFF
QUALCOM SECURE BOOT: ENABLE (CSB)
RP SWREV: S1, T1, R1, A1, P1
SECURE DOWNLOAD: ENABLE
UDC START
bagery77 said:
I have purposely steered clear of advanced operations as I can't wrap my head around many of those concepts. I've been safely rooting for the last 7 years until now. I just got my DE a few days ago and was having random reboots. I made recovery backups like I've always done before and thought that was enough since I don't do anything passed a few Xposed modules (tethering, ad removal) which is what I think was causing the reboots. I decided to start from scratch and applied SM-910V (I'm certain) firmware to find it will not root now. From the hours of reading I've done, I think my bootloader is locked.
I continue reading here now, but it seems I was supposed to backup aboot and Samsung can't help either? Since the device is 4-5 months old, I was hoping to find more positive information.
ODIN MODE (HIGH SPEED)
PRODUCT NAME: SM-N910V
CURRENT BINARY: Samsung Official
SYSTEM STATUS: Official
REACTIVATION LOCK(KK): OFF
QUALCOM SECURE BOOT: ENABLE (CSB)
RP SWREV: S1, T1, R1, A1, P1
SECURE DOWNLOAD: ENABLE
UDC START
Click to expand...
Click to collapse
Where did you get the "SM-910V firmware? If you got it from here xda: http://forum.xda-developers.com/not...mware-firmware-kernel-modem-recovery-t2942937 and used the "Full Firmware" then you have locked your bootloader. Go to post #2, the OP offers two sets of downloads-one for retail versions of the Note 4 and one set for Developer Edition Note 4s. If you downloaded and installed a file from the retail set then you've locked your bootloader. However, you should be able to restore with your backed up aboot as you have tried. I'm not sure what you have to do to create a flashable aboot. Hopefully someone will chime in here and help you out. You can try PMing ryanbg to solicit his help.
jpcalhoun said:
Where did you get the "SM-910V firmware? If you got it from here xda: http://forum.xda-developers.com/not...mware-firmware-kernel-modem-recovery-t2942937 and used the "Full Firmware" then you have locked your bootloader. Go to post #2, the OP offers two sets of downloads-one for retail versions of the Note 4 and one set for Developer Edition Note 4s. If you downloaded and installed a file from the retail set then you've locked your bootloader. However, you should be able to restore with your backed up aboot as you have tried. I'm not sure what you have to do to create a flashable aboot. Hopefully someone will chime in here and help you out. You can try PMing ryanbg to solicit his help.
Click to expand...
Click to collapse
Thank you for the reply. I got the firmware from Sammobile which I thought was reputable. I didn't get it from here because I wanted to unroot completely and go back to stock in case an Xposed setting was not the culprit for reboots. The firmwares I found here confused me as they seemed to specify rooted and retail versions. I guess it was dumb to assume Sammobile SM-910V firmware was actually for SM-910V device. I thought I was being careful.
From what I've been reading, normal backups don't appear to include aboot. So I think I'm effed.
bagery77 said:
Thank you for the reply. I got the firmware from Sammobile which I thought was reputable. I didn't get it from here because I wanted to unroot completely and go back to stock in case an Xposed setting was not the culprit for reboots. The firmwares I found here confused me as they seemed to specify rooted and retail versions. I guess it was dumb to assume Sammobile SM-910V firmware was actually for SM-910V device. I thought I was being careful.
From what I've been reading, normal backups don't appear to include aboot. So I think I'm effed.
Click to expand...
Click to collapse
Yeah, the file you got from Sammobile was retail firmware which will lock your bootloader, they don't understand the difference between a Developer phone and a retail phone. But, if you backed up your aboot as you say then all is not lost. Try giving ryanbg a PM to see if he can take the back up you have and create a flashable file for you. He has done that for some other users. Also, there are a few active members here on this forum that may be able to help. Manbat and EMSPilot may be able to help you. Give them a PM also. Good luck.
Locked Note 4 DE
I don't think that bagery77 backed up his aboot or at least he hasn't said he has in any of his posts. Samsung will be of no help either, I was told by tech support that if the phone is 100% stock and the download screen says Official that the phone has a one year warranty against failure. Note that the unlocked bootloader or Developer warranty is only 30 days. I was told (and have not confirmed) that if the phone suffers from a defect that is not related to flashing the phone or any physical damage that Samsung would replace the phone with another Developer Edition phone. I have sent a PM to Ryan with my aboot and will flash it to my phone as soon as I get it back to confirm a bootloader unlock from a full retail flash. If it works and does unlock my bootloader I will either be donating to Ryan or pledging to a cause of his choice. I just find it hard to believe that Samsung would say here is a developer device and then hoard the software to allow a 100% clean flash file like Motorola does. This is my first Samsung device but I have had several Motorola Developer devices. Side note, Gear VR works great!!!
Juxto2010 said:
I don't think that bagery77 backed up his aboot or at least he hasn't said he has in any of his posts. Samsung will be of no help either, I was told by tech support that if the phone is 100% stock and the download screen says Official that the phone has a one year warranty against failure. Note that the unlocked bootloader or Developer warranty is only 30 days. I was told (and have not confirmed) that if the phone suffers from a defect that is not related to flashing the phone or any physical damage that Samsung would replace the phone with another Developer Edition phone. I have sent a PM to Ryan with my aboot and will flash it to my phone as soon as I get it back to confirm a bootloader unlock from a full retail flash. If it works and does unlock my bootloader I will either be donating to Ryan or pledging to a cause of his choice. I just find it hard to believe that Samsung would say here is a developer device and then hoard the software to allow a 100% clean flash file like Motorola does. This is my first Samsung device but I have had several Motorola Developer devices. Side note, Gear VR works great!!!
Click to expand...
Click to collapse
You're right. You stated that you backed up your aboot, he did not. I got the two post confused. Not hard for me to do, lol. I hope ryanbg comes through for you.
Locked Note 4 DE
So I have been following the threads for root on the retail versions and I was wondering that if once root is obtained will that increase my chances of restoring my locked Dev edition device or am I kinda boned. I have other blocks backed up besides the aboot as well but I am not having any luck with flashing my backed up aboot back to my device. I haven't heard back from Ryan yet but I am hopeful that one way or another I will regain an unlocked bootloader.
Juxto2010 said:
I have my aboot and I have tried to make it flashable but it fails. I have stripped all the zeroes from the last bit of data to the very end of the mbn file using HxD. I then used 7-zip to tar the aboot.mbn to aboot.tar. I then flash it. What I see on my phone is:
Product Name: SM-N910V
Current Binary: Samsung Official
System Status: Official
Reactivation Lock(KK): Off
Qualcomm Secureboot: Enable (CSB)
RP SWREV: S1, T1, R1, A1, P1
Secure Download: Enable
UDC START
SECURE CHECK FAIL: aboot
This is a devloper edition phone that was flashed with retail stock firmware in order to get Samsung Gear VR up and running. The aboot was saved using EFS pro beta before hand by itself and then all partitions were backed up. I can share aboot if needed. I dont have linux so I cant md5 the tar if that is required. I can send the aboot if needed.
Click to expand...
Click to collapse
You forgot to trim off some of the junk data at the end of the aboot, and the 00's padding.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Open your aboot backup with a hex editor. You'll want to delete everything AFTER the highlighted data, but don't delete the highlighted data. Only then can you tar it and flash.
ryanbg said:
You forgot to trim off some of the junk data at the end of the aboot, and the 00's padding.
Open your aboot backup with a hex editor. You'll want to delete everything AFTER the highlighted data, but don't delete the highlighted data. Only then can you tar it and flash.
Click to expand...
Click to collapse
I'm confused. How do you tell what is junk data and what is good? I tried to help him and would like to know how to edit mine as well. From the way you said before it sounded like we just needed to remove the zeros at the end. I'm lost. At least I know EFS Pro will restore it lol. But a flashable would be much better.
Misterxtc said:
I'm confused. How do you tell what is junk data and what is good? I tried to help him and would like to know how to edit mine as well. From the way you said before it sounded like we just needed to remove the zeros at the end. I'm lost. At least I know EFS Pro will restore it lol. But a flashable would be much better.
Click to expand...
Click to collapse
Well before the S5/N4 all you needed to do was get rid of the 00s but there's actually a memory leak in the S5/N4 bootloader which copies a portion of a function in the bootloader to just after the second signature, which needs to be removed in order to pass signature verification. I'd thought they'd have fixed it by now, but I guess they haven't patched it yet.
---------- Post added at 09:55 PM ---------- Previous post was at 09:42 PM ----------
Juxto2010 said:
I don't think that bagery77 backed up his aboot or at least he hasn't said he has in any of his posts. Samsung will be of no help either, I was told by tech support that if the phone is 100% stock and the download screen says Official that the phone has a one year warranty against failure. Note that the unlocked bootloader or Developer warranty is only 30 days. I was told (and have not confirmed) that if the phone suffers from a defect that is not related to flashing the phone or any physical damage that Samsung would replace the phone with another Developer Edition phone. I have sent a PM to Ryan with my aboot and will flash it to my phone as soon as I get it back to confirm a bootloader unlock from a full retail flash. If it works and does unlock my bootloader I will either be donating to Ryan or pledging to a cause of his choice. I just find it hard to believe that Samsung would say here is a developer device and then hoard the software to allow a 100% clean flash file like Motorola does. This is my first Samsung device but I have had several Motorola Developer devices. Side note, Gear VR works great!!!
Click to expand...
Click to collapse
If you did happen to have an old S3/S4/N3 or any HTC/Motorola device based on Qualcomm chipsets that you can part ways with, I'd certainly appreciate it and pay for shipping. Even if it has a broken screen or parts, as long as it powers on, it'd be useful to me. They'd be used for research and development. That's only if it's lying around and collecting dust and you have no use for it. Otherwise a simple thank you is more than sufficient. It's really unfair how Samsung uses such a poor method for unlocking the bootloader and will refuse to service or repair such a device. If they aren't going to help anyone, who will? If anything, I'm protecting their Developer edition consumers from disaster.
ryanbg said:
Well before the S5/N4 all you needed to do was get rid of the 00s but there's actually a memory leak in the S5/N4 bootloader which copies a portion of a function in the bootloader to just after the second signature, which needs to be removed in order to pass signature verification. I'd thought they'd have fixed it by now, but I guess they haven't patched it yet.
Click to expand...
Click to collapse
So if I'm understanding this right I need to do the same to my bootloader? I have the same lines after what you highlighted. Just delete below the highlighted area along with the zeros at the end?
Related
Hello Folks,
Nice site you have here I've heard it said that hacking is the new avant garde.
I have a: Samsung Galaxy S4 mini. GT-I9195 4.2.2. I got it here new in Germany a month ago.
A week ago, I tried to install Lollipop and didn't really understand what I was doing. Something seems to have gone wrong.
Now when I switch the mobile on, the Galaxy Logo appears but also a little yellow text message: "Set Warranty Bit : kernel" at the top of the screen. After this the mobile does nothing except display this message.
As I understand it, I should have 'rooted' the mobile first before trying to flash Lollipop via Odin. Correct?
Also, as I now understand it, I should have placed Lollipop on the SD card before trying to flash the mobile with Lollipop. correct?
I'm totally new at this and would appreciate it if someone can help direct me towards getting the mobile working again? And if I could run a better version of software I'd be thrilled!
Kind regards...
MonkeyHunting said:
Hello Folks,.............................
As I understand it, I should have 'rooted' the mobile first before trying to flash Lollipop via Odin. Correct?
Also, as I now understand it, I should have placed Lollipop on the SD card before trying to flash the mobile with Lollipop. correct?
I'm totally new at this and would appreciate it if someone can help direct me towards getting the mobile working again? And if I could run a better version of software I'd be thrilled!
Kind regards...
Click to expand...
Click to collapse
Hi there, according to my understanding if you have bought the phone recently, the stock version should have been 4.4.2. But anyways, u cannot flash Lollipop via odin. U need a custom recovery like cwm or TWRP for that. Not sure about the "set warranty bit" thing. May be KNOX has been tripped.At this moment i would suggest you to download a fresh firmware, from SAMMOBILE, to your to PC. Then flash it via ODIN. Thanks.
HITTING THE THANKS BUTTON IS EASIER THAN WRITING IT
matesurano said:
Hi there, according to my understanding if you have bought the phone recently, the stock version should have been 4.4.2. But anyways, u cannot flash Lollipop via odin. U need a custom recovery like cwm or TWRP for that. Not sure about the "set warranty bit" thing. May be KNOX has been tripped.At this moment i would suggest you to download a fresh firmware, from SAMMOBILE, to your to PC. Then flash it via ODIN. Thanks.
HITTING THE THANKS BUTTON IS EASIER THAN WRITING IT
Click to expand...
Click to collapse
Hello Matesurano! Thank you for your help!
Hi there, according to my understanding if you have bought the phone recently, the stock version should have been 4.4.2.
- Yes you are correct. It's is actually 4.4.2
But anyways, u cannot flash Lollipop via odin. U need a custom recovery like cwm or TWRP for that.
- Thank you for this info. I was not aware that this was the procedure. I will somehow look into this method.
May be KNOX has been tripped
- Yes, I believe that Knox has been tripped. Mobile screen reads:
ODIN MODE
PRODUCT NAME: GT-I9195
CURRENT BINARY: CUSTOM
KNOX KERNEL LOCK: 0x0
KNOX WARRANTY VOID: 0x1
CSB-CONFIG-LSB: 0x30
BOOTLOADER AP SWREV: 2
WRITE PROTECTED; ENABLED
Using Odin I've tried to flash these files but had no luck in getting the mobile to boot up and work.
I9195_stock_recovery.tar
I9505XXUBMEA_I9505OXABMEA_DBT.zip
I9505XXUHOB7_I9505YBTHOB7_DBT.zip
I9505XXUHOD7_I9505OXAHOD7_DBT.zip
NZC-I9195XXUCOC2-20150513152200.zip
I9505_pit_file.zip
If somebody knows how to get this phone running I would be so happy!
Kind regards,
Jona
Check the file names of the rom you are trying to flash via Odin as they do not match your phone model. You are flashing the wrong version of firmware by the looks of it
Lol, aren't those .zip files for the jfltexx?
Sent from my GT-I9505G using XDA Free mobile app
---------- Post added at 06:57 AM ---------- Previous post was at 06:44 AM ----------
To this moment there is no official lollipop firmware for the galaxy s4 mini, however you can always use something else like cyanogenmod (i personalidade dont like it).
Here is a download link for KitKat official release.
I CANNOT POST OUTSIDE LINKS ww w.sammobile. com/firmwares/download/46699/I9195XXUCOC2_I9195BTUCOC1_BTU/
Good morning Yilun,
Thank you for your help and your suggestion at SamMobile
When I check that link you gave I see that it is a UK firmware. I am in Germany and see that a 'Germany (E-Plus)' firmware is available for download and since that is the carrier my mobile is from I will go with that one. I hope it will work!
I will not be able to have access to a Windows computer until Friday but will try to flash the mobile then and report back my success.
RuffBuster, I appreciate you trying to help but if you can do give more info next time in the way that Yilun has then that would be more beneficial to the people you are trying to help. some extra direction can go a long way.
Thank you to everyone on this forum
Kind regards,
Jona
MonkeyHunting said:
Good morning Yilun,
Thank you for your help and your suggestion at SamMobile
When I check that link you gave I see that it is a UK firmware. I am in Germany and see that a 'Germany (E-Plus)' firmware is available for download and since that is the carrier my mobile is from I will go with that one. I hope it will work!
I will not be able to have access to a Windows computer until Friday but will try to flash the mobile then and report back my success.
RuffBuster, I appreciate you trying to help but if you can do give more info next time in the way that Yilun has then that would be more beneficial to the people you are trying to help. some extra direction can go a long way.
Thank you to everyone on this forum
Kind regards,
Jona
Click to expand...
Click to collapse
To much effort for people who do to little reading... you shouldn't attempt any kind of flashing without doing the appropriate research. I spent weeks researching before I did anything with my phone.
And 2 seconds with Google you would have found this website. "Samsung firmware" and voilĂ the first search result.
Next time don't be lame and tell me what I "should" of done. Just be thankful I answered at all...
RuffBuster, Your answer contained no useful info. If you are not able to actually elaborate on the help you think you are giving then you are not actually helping anyone. Seems like you just want to give half answers to stroke your ego and collect posting points or something. Tell you what though, how about you do yourself a favour and go outside, there is a whole world beyond your phone. Feel free to write something childish back, I promise won't read it.
...
Guys chill, we are here to help eachother not say bad words?.
Sent from my GT-I9505G
Just saw it on the verizon note 4 forum. How come no one is posting about i? Can it be used on N910A variant?
Well.. they have been talking about it.. for over 2 weeks actually.
And no, as of right now it cannot be used for att
Sent from my SAMSUNG-SM-N910A using XDA-Developers mobile app
atx84 said:
Well.. they have been talking about it.. for over 2 weeks actually.
And no, as of right now it cannot be used for att
Sent from my SAMSUNG-SM-N910A using XDA-Developers mobile app
Click to expand...
Click to collapse
Yes i have converted to Developer mode, unlocked rooted retail verizon note4 as of now only works for that phone. I also have a retail verizon edge and there is no unlock yet for that....
bigbooker455 said:
Yes i have converted to Developer mode, unlocked rooted retail verizon note4 as of now only works for that phone. I also have a retail verizon edge and there is no unlock yet for that....
Click to expand...
Click to collapse
So the N910A still is no go. What a bummer!
Is that because at&t left out the developer mode?
I hate at&t so much never in the history of stupidity has anyone screwed up a perfectly well manufactured item as they do.
Remember when they were the only company to add the PMA standard of wireless charging on the lumia 1520?
Man I hope someone fired that idiot. LOL
cxyjordan said:
So the N910A still is no go. What a bummer!
Click to expand...
Click to collapse
YUP!
adambomb_13 said:
Is that because at&t left out the developer mode?
I hate at&t so much never in the history of stupidity has anyone screwed up a perfectly well manufactured item as they do.
Remember when they were the only company to add the PMA standard of wireless charging on the lumia 1520?
Man I hope someone fired that idiot. LOL
Click to expand...
Click to collapse
I was reading note4 AT&T thread and found this, like i said do not take any updates!
AT&T released an update with security enhancements yesterday, any word about this and how this affects us?
I am not sure. I know that I have my OTA blocked; however, I too find it interesting that a sudden security update is released now about two weeks after the Verizon hack is discovered and rolled out. It is stuff like this that tells me that their devs know something that we have yet to discover.
This may work for you AT&T guys.......
Plus, the tools to finish this are already public.
You compile SamsungCID (in a KitKat tree), and use it to change the CID using temp root, then you can flash the corresponding developer edition aboot via ODIN. The reason I haven't release it is that there is an easier method.
Ryan has a slightly better method, he extracts the CID blob from the developer edition aboot, and places it into the current aboot partition, then changes the CID to match the blob. This allows us to convert without needing to be on the developer edition aboot's increment version to unlock.
I have opted to not release the former method, as it could result in people who don't read thoroughly enough bricking due to flashing the old aboot on a newer increment.
bigbooker455 said:
This may work for you AT&T guys.......
Plus, the tools to finish this are already public.
You compile SamsungCID (in a KitKat tree), and use it to change the CID using temp root, then you can flash the corresponding developer edition aboot via ODIN. The reason I haven't release it is that there is an easier method.
Ryan has a slightly better method, he extracts the CID blob from the developer edition aboot, and places it into the current aboot partition, then changes the CID to match the blob. This allows us to convert without needing to be on the developer edition aboot's increment version to unlock.
I have opted to not release the former method, as it could result in people who don't read thoroughly enough bricking due to flashing the old aboot on a newer increment.
Click to expand...
Click to collapse
Now that sounds feasible..... if i had all the tools and a full set of instructions i would love to give it a try in a heart beat.......
giga8547 said:
Now that sounds feasible..... if i had all the tools and a full set of instructions i would love to give it a try in a heart beat.......
Click to expand...
Click to collapse
Make that two of us, I am typically very thorough when I read instructions and have a way of thinking outside the box when looking at issues. Not to mention, if we can unlock the darn bootloader on these things, many of us could do a MM OS update from a more unbloated and pure form.
bigbooker455 said:
This may work for you AT&T guys.......
Plus, the tools to finish this are already public.
You compile SamsungCID (in a KitKat tree), and use it to change the CID using temp root, then you can flash the corresponding developer edition aboot via ODIN. The reason I haven't release it is that there is an easier method.
Ryan has a slightly better method, he extracts the CID blob from the developer edition aboot, and places it into the current aboot partition, then changes the CID to match the blob. This allows us to convert without needing to be on the developer edition aboot's increment version to unlock.
I have opted to not release the former method, as it could result in people who don't read thoroughly enough bricking due to flashing the old aboot on a newer increment.
Click to expand...
Click to collapse
We should be able to change the CID on any Note 4 so I don't see why this wouldn't work. Don't we need root to copy the aboot? My understanding was that the kingroot method doesn't work anymore after an AT&T update. It is now soft bricking phones. I am wondering if the security update could be removed by flashing the original 5.1.1 or maybe even 5.0.1.
dkmac said:
Make that two of us, I am typically very thorough when I read instructions and have a way of thinking outside the box when looking at issues. Not to mention, if we can unlock the darn bootloader on these things, many of us could do a MM OS update from a more unbloated and pure form.
Click to expand...
Click to collapse
I don't own a AT&T version of the Note4, can you roll back?
bigbooker455 said:
I don't own a AT&T version of the Note4, can you roll back?
Click to expand...
Click to collapse
Unfortunatly, once you are on 5.1.1 you are stuck there. I believe that all attempts to roll back to 4.4.4 ended either in failure or a bricked device. To complicate matters more, after king root released I believe version 4.2 it became successful and unstable. Once the phone reboots automatically or manually, you cannot make it past the boot screen. You get a display that tells you to return to an att store. If you root now, you have to reboot via Odin to get the phone up and going again. With all that said, king root is stable to use, but only for a few minutes before unstability and then ultimately reboot. I always have faith in the possible and know that there is and will be a way around all this mess for a permanent unlock bootloader and root.
dkmac said:
Unfortunatly, once you are on 5.1.1 you are stuck there. I believe that all attempts to roll back to 4.4.4 ended either in failure or a bricked device. To complicate matters more, after king root released I believe version 4.2 it became successful and unstable. Once the phone reboots automatically or manually, you cannot make it past the boot screen. You get a display that tells you to return to an att store. If you root now, you have to reboot via Odin to get the phone up and going again. With all that said, king root is stable to use, but only for a few minutes before unstability and then ultimately reboot. I always have faith in the possible and know that there is and will be a way around all this mess for a permanent unlock bootloader and root.
Click to expand...
Click to collapse
I feel you!
bigbooker455 said:
I feel you!
Click to expand...
Click to collapse
Yea, that's why I have been looking for the info that you were talking about. I want to see what I could do to help breath new life back into our phones.
I bought a phone that was FRP locked (I know, stupid me) and cannot access the serial number in order to emergency flash it with Smart Switch. Can someone please share their serial number with me so I can reflash it? If not, does anyone have any help? I am on G920PVPU3CPF4
Even doing a SmartSwitch (or Odin) flash won't remove the lock. No amount of flashing or resetting will remove it. The lock is stored in a hidden partition that is never touched by flashes and resets.
There are ways to remove the lock, but they're paid services offered by professionals
iBowToAndroid said:
Even doing a SmartSwitch (or Odin) flash won't remove the lock. No amount of flashing or resetting will remove it. The lock is stored in a hidden partition that is never touched by flashes and resets.
There are ways to remove the lock, but they're paid services offered by professionals
Click to expand...
Click to collapse
I have a similar issue, could this be fixed with a Z3X Box?
you could try this method . . .
https://www.youtube.com/watch?v=ggRhkme9FC0
if for any reason didn't work try this one
https://www.youtube.com/watch?v=KRUp09bXnDA
JeffB81 said:
I have a similar issue, could this be fixed with a Z3X Box?
Click to expand...
Click to collapse
Yes it can be, do you have one?
discomaniac said:
Yes it can be, do you have one?
Click to expand...
Click to collapse
No, but I was able to repair my phone with Odin and the CPI3 firmware. Thank you
JeffB81 said:
No, but I was able to repair my phone with Odin and the CPI3 firmware. Thank you
Click to expand...
Click to collapse
You took off FRP lock with software?
JeffB81 said:
No, but I was able to repair my phone with Odin and the CPI3 firmware. Thank you
Click to expand...
Click to collapse
Confirm?
vazersecurity said:
Confirm?
Click to expand...
Click to collapse
I have read elsewhere that flashing the original firmware the phone was factory installed with can fix the frp lock
crazynapkinman said:
I have read elsewhere that flashing the original firmware the phone was factory installed with can fix the frp lock
Click to expand...
Click to collapse
Incorrect. FRP is held in a partition that is not touched during a firmware flash
vazersecurity said:
Confirm?
Click to expand...
Click to collapse
iBowToAndroid said:
Incorrect. FRP is held in a partition that is not touched during a firmware flash
Click to expand...
Click to collapse
Then what about this Cl3? Are there steps after flashing the firmware?
crazynapkinman said:
Then what about this Cl3? Are there steps after flashing the firmware?
Click to expand...
Click to collapse
Flashing firmware can't fix an FRP lock - period.
If you want to know what that poster meant by his message, I suggest you ask him directly
Samsung phones can be frp unlocked by flashing firmware
I have personally FRP unlocked 2 Samsung phones by flashing the stock firmware usin Odin. A samsung j7 and a Samsung s5. I am getting so sick of people saying you can't do something when they have no clue. I have also flashed older versions into phones. That's how I rooted the s5 infact. When everyone was saying it was impossible to root at the time. As soon a I figure out how to use sp flash or something to flash different phones other than Samsung I will post saying how it worked not get on someone else's post and say it will never work it's impossible. The world of computers, phones and software is suppose to be open source not locked, hidden and full of viruses.
Bullshipcaptcha said:
I have personally FRP unlocked 2 Samsung phones by flashing the stock firmware usin Odin. A samsung j7 and a Samsung s5. I am getting so sick of people saying you can't do something when they have no clue. I have also flashed older versions into phones. That's how I rooted the s5 infact. When everyone was saying it was impossible to root at the time. As soon a I figure out how to use sp flash or something to flash different phones other than Samsung I will post saying how it worked not get on someone else's post and say it will never work it's impossible. The world of computers, phones and software is suppose to be open source not locked, hidden and full of viruses.
Click to expand...
Click to collapse
LOL.
The FRP data is stored in the "persistent" partition, which is never touched by a firmware flash, just like EFS and a bunch of other partitions.
So no.
That doesn't matter when the phone no longer has a persistent partition.
iBowToAndroid said:
LOL.
The FRP data is stored in the "persistent" partition, which is never touched by a firmware flash, just like EFS and a bunch of other partitions.
So no.
Click to expand...
Click to collapse
You obviously think you know something and I wont argue or dispute whether you do or dont but I know what I did for sure and what I did was flash stock firmware into those phones and they where no longer FRP locked afterwards. Also When the phone is bricked the phone is flashed blank. There are no patitions if flashed blank. Even when there is persistent data it's still data that is able to be edited with a custom rom which can be flashed after you flash stock rom. I dont know much but I know what I have done personally. My wife is still using her rooted j7 with note 8 D.N.A undetected that we bought f.r.p. locked.
So ya. Just because the internet says it's not possible doesn't mean it's not possible It just means you haven't tried hard enough to prove it yourself. Brick that phone if you have to. Build with that brick.
Bullshipcaptcha said:
You obviously think you know something and I wont argue or dispute whether you do or dont but I know what I did for sure and what I did was flash stock firmware into those phones and they where no longer FRP locked afterwards. Also When the phone is bricked the phone is flashed blank. There are no patitions if flashed blank. Even when there is persistent data it's still data that is able to be edited with a custom rom which can be flashed after you flash stock rom. I dont know much but I know what I have done personally. My wife is still using her rooted j7 with note 8 D.N.A undetected that we bought f.r.p. locked.
So ya. Just because the internet says it's not possible doesn't mean it's not possible It just means you haven't tried hard enough to prove it yourself. Brick that phone if you have to. Build with that brick.
Click to expand...
Click to collapse
I own a business that does FRP removals and many other software-related services for mobile devices . I've done this for years - knowing this type of thing is literally my job.
The "persistent" partition is ALWAYS there - just like system, boot, recovery, and all the others. And I promise you, you can't remove an FRP lock by throwing it in Download mode and flashing some firmware with Odin, just like you can't remove it by booting to recovery mode and doing a factory reset. It's just not that easy.
Your going to need to go against the grain her a moment . Business or no business
iBowToAndroid said:
I own a business that does FRP removals and many other software-related services for mobile devices . I've done this for years - knowing this type of thing is literally my job.
The "persistent" partition is ALWAYS there - just like tem, boot, recovery, and all the others. And I promise you, you can't remove an FRP lock by throwing it in Download mode and flashing some firmware with Odin, just like you can't remove it by booting to recovery mode and doing a factory reset. It's just not that easy.
Click to expand...
Click to collapse
I'm telling you. I'm not debating the facts. Im telling you what I did. Kinda like I did today with a Moto e4 play. I bypassed frp with flashing stock rom through Odin and then custom rom on the Samsung J7. Today I bypassed frp lock with twrp on the Moto e4 with the bootloader still saying OEM locked . I don't have a business in the phones field but I am a business man and sittin on 12 frp locked phones gets tire some. Thant goodness for broken digitizers and displays or I'd still have a bunch more of them. I wont dipute that you know what your doing because likely you do more so than I; we can can probably be certain. I'm just going to tell you the 100 percent fact. Upset wife as my motivating factor I successfully unlocked and rooted a j7 by flashing stock rom into it with Odin then custom reccovery then root then custom rom. The custom recovery I used by accident was for a different brand Jay 7 so mysecond time around I tried the "right" recovery and bricked it. Then again and again and again until Knox was tripped and that's when finally I took bl,ap cp, csc and flashed them in dl mode successfully from there I had Rob from simple cell unlock ( Thanks Rob your the best) remotely unlock the jay7 from T-Mobile after which I flashed the "wrong" proper twrp file giving me the ability to install custom note 8 dna rom into the system. Took two tries, first try I flashed no encrypt no verity but it custom rom frp locked. So second time I made sure I install the developer tools package with OEM unlock switch not able to be turned off then no encrypt no verity. It was a very long process since especially since it was only my second successful full root. Then vallet. Man becomes praised by wife. Man feels empowered man tears apart more phones makes mess, MAN HAPPY! WIFE HAPPY! LOL okay sorry about that part.
---------- Post added at 04:18 PM ---------- Previous post was at 04:06 PM ----------
iBowToAndroid said:
LOL.
The FRP data is stored in the "persistent" partition, which is never touched by a firmware flash, just like EFS and a bunch of other partitions.
So no.
Click to expand...
Click to collapse
None the less each developer has a different approach that being said you frp unlocking phones? I have a Samsung s8 Moto e5 five LGs one zte n835 a couple of alcatels and a few more I couple reassemble real quick If I knew some one who had the abilitby to unlock especially if said amazing developer was teaching El padawan young Como. Yo tango mucho programs, apps and software. Just need the knowledge.
Bullshipcaptcha said:
Today I bypassed frp lock with twrp on the Moto e4 with the bootloader still saying OEM locked
Click to expand...
Click to collapse
Thinking you can flash TWRP on a locked bootloader device shows me exactly what your knowledge level is when it comes to all of this. Future discussion would be futile, and no more responses from me will be had. I do wish you luck with your devices though
How frustrating you are.
Your business need some schooling it sounds like. Your business can't be doing good. Go ahead and Google the Moto e4 unlock method. You will see. You have to try before you say it won't work.
discomaniac said:
I bought a phone that was FRP locked (I know, stupid me) and cannot access the serial number in order to emergency flash it with Smart Switch. Can someone please share their serial number with me so I can reflash it? If not, does anyone have any help? I am on G920PVPU3CPF4
Click to expand...
Click to collapse
I just removed the frp lock on my s6 using a combination firmware (found here-https://firmware.gem-flash.com/index.php?a=downloads&b=folder&id=7410) which completely erased all partions and allowed me to access the settings menu to enable the OEM unlock setting. They are two different firmware there. I used the second one and it worked like a charm. Hope this helps
This was posted in the all Note 8 forum claiming it is an engineering combo. Has anyone tried it to verify it is actually an engineer boot?
https://firmware.gem-flash.com/index.php?a=browse&b=category&id=12507
The link above requires a paid membership but a file with the same name is available from androidfilehost, can't verify the md5 though.
https://www.androidfilehost.com/?w=files&flid=213338
From what i gather from the firmware this is the us firmware for sprint, which in theory should work for verizon, however not worth bricking to find out.
---------- Post added at 02:09 PM ---------- Previous post was at 02:08 PM ----------
have you checked the sprint note 8 links??
I just ordered my vzw n8 today for tomorrow delivery. However im not smart enough nor brave enough attempt anything on it with a random rouge firmware, but you can bet I will follow this thread. Here's to wishful thinking. : )
~SG
Also being discussed here
https://forum.xda-developers.com/ga...ssion-snapdragon-note-8-models-t3670091/page4
Is it possible to use the mentioned firmware for some carrier switching flashing on note 8, just like what they did to S8 in this thread: https://forum.xda-developers.com/galaxy-s8/how-to/snap-guide-flashing-standard-fw-carrier-t3625817
I can confirm this Combination firmware is legit, or at least the one from the AFH link. You must do a factory reset after flash or the phone will not boot, likely due to encryption.
This kernel is permissive, and it does have ADB enabled by default.
bangbusdriver said:
I can confirm this Combination firmware is legit, or at least the one from the AFH link. You must do a factory reset after flash or the phone will not boot, likely due to encryption.
This kernel is permissive, and it does have ADB enabled by default.
Click to expand...
Click to collapse
When you say likely due to encryption, do you mean encryption already present on the phone or does flashing this encrypt it? I don't believe my phone is encrypted as I haven't enabled any secure unlock system. Or do you mean bootloader encryption. Unless I'm mistaken the phone isn't encrypted until after a secure unlock option is enabled.
I really don't want to go through my phone setup again when root isn't available yet. This just seems like a first step to enable flashing of a rooted firmware.
jellyhead said:
When you say likely due to encryption, do you mean encryption already present on the phone or does flashing this encrypt it? I don't believe my phone is encrypted as I haven't enabled any secure unlock system. Or do you mean bootloader encryption. Unless I'm mistaken the phone isn't encrypted until after a secure unlock option is enabled.
I really don't want to go through my phone setup again when root isn't available yet. This just seems like a first step to enable flashing of a rooted firmware.
Click to expand...
Click to collapse
Since android 6.0, encryption of /userdata is supposed to have been standard. My understanding is that the partition is encrypted at first boot. It's probably encrypted with your personal key after you set a secure lock setting.
Regardless, won't boot without factory reset. You will lose your data if you want to use this firmware, but simply flashing it doesn't format /userdata. I can't say whether or not flashing back to stock triggers automatic factory reset, but sometimes it does.
I did confirm earlier today thought that you can't only flash the kernel. Phone won't boot, regardless of factory reset. Nor will it work with abl.mbn(I assume android boot loader), and xbl ( download mode?) But, the kernel is not fully permissive anyway. /system cannot be remounted rw, and I can't manipulate the files in /dev/block either.
---------- Post added at 10:57 PM ---------- Previous post was at 10:54 PM ----------
lilila said:
Is it possible to use the mentioned firmware for some carrier switching flashing on note 8, just like what they did to S8 in this thread: https://forum.xda-developers.com/galaxy-s8/how-to/snap-guide-flashing-standard-fw-carrier-t3625817
Click to expand...
Click to collapse
I'd like to try that, but insofar I noticed in Download mode it says the carrier is ATT. I think this might be set in the /efs but I could be wrong. If so, root can help. For the record, Verizon is the same model N950U as ATT.
Greetings all,
Been a couple years since I've visited these boards, I just picked up the note a couple days back. Am I reading this correctly that we can actually flash the verizon model with the engineering firmware to a more permissive setup without brick, or am I just exceptionally out of date and reading this wrong?
The.Jericho.Initiative said:
Greetings all,
Been a couple years since I've visited these boards, I just picked up the note a couple days back. Am I reading this correctly that we can actually flash the verizon model with the engineering firmware to a more permissive setup without brick, or am I just exceptionally out of date and reading this wrong?
Click to expand...
Click to collapse
Correct, its safe to flash the engineering firmware
hmm. interesting. now I just need to understand (or make sure I understand correctly) that/what is gained by using this firmware? Is root or bootloader unlocked gained by flashing this firmware? I would think this would be a hot topic and more people to chime in. Is there another thread somewhere where people are dissecting this firmware in more detail (based on what IS known)? Sorry, im just trying to simplify the subject. : )
~SG
I have successfully used this for carrier switching...Carrier Switching Guide coming soon....
SomeGuy2008 said:
hmm. interesting. now I just need to understand (or make sure I understand correctly) that/what is gained by using this firmware? Is root or bootloader unlocked gained by flashing this firmware? I would think this would be a hot topic and more people to chime in. Is there another thread somewhere where people are dissecting this firmware in more detail (based on what IS known)? Sorry, im just trying to simplify the subject. : )
~SG
Click to expand...
Click to collapse
THIS!! ^^
If this is true then I am trading in my Note 4 asap!
Though I have that sinking feeling in my gut that it may be too good to be true. As you've said, I too really feel like this info would have spread like wildfire if this was the case. I hope I am wrong!
Edit: I read a little more into it and it's pretty much just a carrier unlock. Not bootloader... :/
SomeGuy2008 said:
hmm. interesting. now I just need to understand (or make sure I understand correctly) that/what is gained by using this firmware? Is root or bootloader unlocked gained by flashing this firmware? I would think this would be a hot topic and more people to chime in. Is there another thread somewhere where people are dissecting this firmware in more detail (based on what IS known)? Sorry, im just trying to simplify the subject. : )
~SG
Click to expand...
Click to collapse
Root is now live
https://forum.xda-developers.com/galaxy-note-8/development/root-samfail-galaxy-note8-t3685340
jellyhead said:
Root is now live
https://forum.xda-developers.com/galaxy-note-8/development/root-samfail-galaxy-note8-t3685340
Click to expand...
Click to collapse
Thanks for the info. Damit, I have everything working just right in a non rooted fashion. And to be honest I kinda like it that way. But then again I do miss the typical root advantages.
~SG
I'll be waiting to see if the 80% battery issue gets solved.
I read that part. Yuk. That sucks. Ima hold out for a bit while it bakes in the oven a little longer.
I'm stoked that it does not trip knox...
Hello all, So I have been flashing for years but I am a complete nOOb. Ive just spent 4 hours looking around the internet and XDA for a solution to this issue... Any thoughts or help would be greatly appreciate it!
First off when I received this phone I waited the 7 days for Samsung's new security feature (I came from a S5 so this was a shock). Flashed TWRP with no issues. Proceeded over a few weeks to flash Lineage, Resurrection remix, and then tried to flash Light ROM for the s9. Had some issues with that so I flashed back to Stock Firmware no issue and have been using the past month. Now that I am not busy again I wanted to get twrp back on my phone but OEM unlock was not available. Thought that was weird seeing as the up time was well over the 168 hour marker so I decided to factory reset just to see if that would reset it. I waited the 7 days again and still wasnt there. So I wanted to Flash Stock rom again but now whenever I do it this pops up on the download screen:
sw rev. check fail (bootloader) device 2, binary 1
and Odin is stuck on the recovery.img protion.
Please let me know if you an help or if more info is needed!
Check you're not trying to downgrade the bootloader as shown here
G960FXXU2BRGA << Version 2
Check which version it says in Download mode (B:1 or B:2)
Either match it or flash a higher version
*Detection* said:
Check you're not trying to downgrade the bootloader as shown here
G960FXXU2BRGA << Version 2
Check which version it says in Download mode (B:1 or B:2)
Either match it or flash a higher version
Click to expand...
Click to collapse
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Picture is of my download screen and ,
Great call! Just dug into it some more and thats the issue. Since the PAK CSC isnt on U2 yet im going to flash one from another country. I know you can but ive never heard of the downsides of flashing another countries firmware... is there one? Also have you heard of the issue with the oem unlock not appearing after 7 days?
Edit: Also what is the proper way to give you credit for answering the question as well as pointing out a good answer for people in the future who are confused? Just the thanks button?
Update: I tried again with a swiss one with Version 2 but it still failed. Ill download a few and try them as well just to be sure.
drowsy_fish said:
Picture is of my download screen and ,
Great call! Just dug into it some more and thats the issue. Since the PAK CSC isnt on U2 yet im going to flash one from another country. I know you can but ive never heard of the downsides of flashing another countries firmware... is there one? Also have you heard of the issue with the oem unlock not appearing after 7 days?
Edit: Also what is the proper way to give you credit for answering the question as well as pointing out a good answer for people in the future who are confused? Just the thanks button?
Update: I tried again with a swiss one with Version 2 but it still failed. Ill download a few and try them as well just to be sure.
Click to expand...
Click to collapse
Yea just hit the thanks button if someone helped (I don't see your image)
Only real downsides I've heard of are things like VoLTE and WiFi calling not being active on certain CSCs
Check the "Repartition" option in ODIN 3.13.1 settings too, possible the custom ROM messed them up
OEM unlock does seem to be hit and miss for some people, some get it immediately (I did), some wait 7 days, others wait 7 days and nothing, not seen a solution other than just keep waiting yet
*Detection* said:
Yea just hit the thanks button if someone helped (I don't see your image)
Only real downsides I've heard of are things like VoLTE and WiFi calling not being active on certain CSCs
Check the "Repartition" option in ODIN 3.13.1 settings too, possible the custom ROM messed them up
OEM unlock does seem to be hit and miss for some people, some get it immediately (I did), some wait 7 days, others wait 7 days and nothing, not seen a solution other than just keep waiting yet
Click to expand...
Click to collapse
Eh im not to worried about VoLTE or WifiCalling so thats good but I was under the impression you needed a PIT file to re-partition your phone without bricking it? (No clue whata PIT file is , just remember reading that about 5 years ago)
Hmm thats annoying.... the idea for this security is nice but it is sure a hassle for people who want custom binaries.
drowsy_fish said:
Eh im not to worried about VoLTE or WifiCalling so thats good but I was under the impression you needed a PIT file to re-partition your phone without bricking it? (No clue whata PIT file is , just remember reading that about 5 years ago)
Hmm thats annoying.... the idea for this security is nice but it is sure a hassle for people who want custom binaries.
Click to expand...
Click to collapse
PIT file is now included in the CSC part of the firmware (Partition Information Table)
Yea Samsung have really gone to town on locking down devices lately, I haven't even bothered rooting a phone since my S5, had an S7 and now S9 since then, just left them stock
*Detection* said:
PIT file is now included in the CSC part of the firmware (Partition Information Table)
Yea Samsung have really gone to town on locking down devices lately, I haven't even bothered rooting a phone since my S5, had an S7 and now S9 since then, just left them stock
Click to expand...
Click to collapse
God, I loved the S5... solid phone. Had it up to just 3 months ago when I got the s9.
I had just tried to flash the firmware I just used and failed with. But I clicked to fast and forgot to check the box for it to re-partition with. Weirdly enough it flashed with no issue... I have no clue what happened but it must have just been those 1s and 0s being finicky. Thanks for the info about the bootloader ect though.... you have been a huge help brother
drowsy_fish said:
God, I loved the S5... solid phone. Had it up to just 3 months ago when I got the s9.
I had just tried to flash the firmware I just used and failed with. But I clicked to fast and forgot to check the box for it to re-partition with. Weirdly enough it flashed with no issue... I have no clue what happened but it must have just been those 1s and 0s being finicky. Thanks for the info about the bootloader ect though.... you have been a huge help brother
Click to expand...
Click to collapse
Nice one, just a glitch in the matrix no probs :good:
*Detection* said:
Check you're not trying to downgrade the bootloader as shown here
G960FXXU2BRGA << Version 2
Click to expand...
Click to collapse
I am also stuck at recovery.img in Odin, while downgrading to a 6 months older stock firmware. The long story short - I want the older firmware because I have a TWRP backup done while this older stock rom was installed on my phone. When upgraded to the new stock firmware, I lost root and restored the TWRP backup (incl. boot) but in the end it the phone doesn't start up. So I want to install the older stock rom in order to be able to restore the TWRP backup. Any ideas how to do that? My only wish is to have a phone that boots and to which I can restore the TWRP backup (where all my apps and settings are).
Update: managed to flash the new firmare, I obviously cannot flash the older firmware because of the older bootloader. So, any ideas how to restore the TWRP backup (made when the old firmware was installed) while the new firmware is currently installed?