YES, I have read as much as I can in the forums (all day today, rather nice way to spend a holiday though).
I have a Xperia Z1 Compact D5503 handset (FR SFR version, from eBay). I have recently updated it to Android 5.0.2 via XperiFirm tool. I flashed the Customized_IN version (D5503_Customized IN_1281-0184_14.5.A.0.242_R3D). It WAS NOT rooted and I don't remember if I had unlocked the bootloader.
[I have a laptop running Windows 8.1 x64, with latest versions of XperiFirm, FlashTool x64, Android Studio (with Google USB driver), PC Companion. My laptop detects my phone as MTP (or MSC when I choose so), but in the Device Manager, it never shows as android adb device (always MTP, or USB stick). I tried Update Driver option but to no avail, it says the Google USB driver or the downloaded Z1 Compact driver (from Sony site) is not supported (either by the phone or the PC). But the phone shows debugging connected, even prompts my authorization (first time only). Flashmode and Fastboot modes are detected well enough.]
Now, it says I am not allowed to unlock bootloader (via "*#*#7378423#*#* > Service Info > Configuration" menu). It shows the following:
------------------------------------------------------
Rooting Status:
Bootloader unlock allowed: No
------------------------------------------------------
I am unable to unlock the bootloader (or root, yeah, that's the ultimate goal) via the following methods:
1. Official Sony Method,
2. ZergRush
3. TowelRoot,
4. Easy Root Tool,
5. Newroot (by Doomlord),
6. Flashtool (that BLU option),
7. Fastboot via cmd.exe,
8. Flashing pre rooted zip files (cannot open stock recovery option, does this have any? I used the stock recovery a lot on my old Samsung).
Flashtool, cmd and Newroot showed variants of this same error: "only position independent executables (PIE) are supported."
Sony gave me a code, but that also yielded another variant of the same.
Now, as far as I have understood, what I need is one or more of the following:
1. a pre-rooted ftf file (someone said that is impossible as for Sony's encryption, is that right?)
2. some way to root without unlocking bootloader (Newroot does that, but did not work)
3. some way to override that crazy arrogance of Sony and unlock the bootloader and be my white knight...
Can anyone provide me with a guide or some example? It is not at all fair of Sony to create these non-allowance nonsense.
P.S. Please do not mind my tone, I am usually very docile but a whole day (literally; 6 AM to 6 AM next day!!!) in front of my PC without any result have mutated me a bit.
BTW, I am fairly proficient in following complex instructions only if they are conclusive (I don't want to spend another day figuring out how to follow them)
i cannot contribute in any way, i just wanted to tell you you´re not the only one with the problem. if i find a solution i will get back to you
Flash .108 firmware, root with "rootkitxperia", install dualrecovery, use prf creator to make a flashable rooted zip of lollipop (if that's what you want) and flash in recovery. Job done
I'm actually relieved to see someone else experiencing the exact same problems, I've already spent several days figuring out how to unlock the bootloader and get my phone rooted, but to no avail. However my device does state that the bootloader can be unlocked, but can't be found through cmd prompt when connected in fastboot mode and get's the same error: 'only PIE (position independent executables) are supported when trying to unlock the bootloader with flash tool.
White knights on problem solving horses would be greatly appreciated indeed!
I got a Z1C recently from eBay but have also done this on a Z Ultra and Z2, because of the cross development Sony stuff this is very similar for all of them.
You only need to unlock the boot loader if you want to flash a custom kernel or ROM. You don't need to unlock it to get root access, however to get root access you'll have to flash an old version of Android. You're flashing an old version from before they patched the exploits you want to use to get root.
So the steps are:
1. Get an old version of the official Sony ROM.
2. Flash the old ROM.
3. Exploit it to obtain root access.
4. Install a custom recovery.
5. Make a custom flashable zip of the firmware you want to use with root included.
6. Enter custom recovery and flash the zip you created in step five.
The files I used to do this are:
From XperiFirm I download "1280-5440 Netherlands T-Mobile NL 14.4.A.0.108 / R9C".
Using Flashtool I made an FTF from it and flashed it.
Then I used "EasyRootTool v12.4" to get root access.
I installed "Z1C-lockeddualrecovery2.8.21-RELEASE.installer.zip" from Nut's site.
Then you go back to XperiFirm and grab the version of Android you want to use. I used the 5.0.2 Customised AU one as I'm in Australia, you probably want the Indian one.
Use PRFCreator to make a flashable zip with a custom recovery and SuperSU, for that you need the "Z1C-lockeddualrecovery2.8.21-RELEASE.flashable.zip" not the installer.
There are posts with this info around, it's almost 5am for me so I'm not going to go looking for the links to the posts, you'll have to do that yourself. If you read for the day you've probably found them already.
First of all, I would advise against unlocking your bootloader unless you have a backup of your TA partition. Otherwise you risk losing your DRM keys and might criple your camera. This is irreversible damage without a backup. Second, on the official Sony unlock page it states specifically that not all devices are allowed to unlock the bootloader. If it doesn't, though luck then I guess but I could be wrong.
Now to backup the TA partition you need to be rooted which is not possible up to now with Lollipop unless your bootloader is unlocked. So this is a bit of a problem. Luckily flashtool (make sure to use the older 0.9.18.6 version at the bottom of the download page) allows you to flash a previous version without unlocked bootloader or being rooted. Choose one from the list at the bottom of this link but make sure to use a .108 one from the "KitKat [Old]" section (I chose Generic UK unbranded => link points to UA version, UK FTF here). Then root it through one of your preffered methods, backup TA partition and install a recovery.
Then create your own stock FTF with flashtool. Use this method with PC Companion or just download it through flashtool's built-in Xperifirm with this method.
Then create your own pre-rooted flashable zip with PRFCreator with part 2 from this guide. Continue with part 3 from the same guide (maybe skip the 3 big cups of coffee), exhale and get on with your life.
Maybe check out this one and this one (basically the same process) too.
It's the same procedure as written above but with some links I used to gather the information. I just went through this myself so still had all the tabs open. These were most of the useful ones I believe. It really is a PITA to gather all the bits and pieces from miscellaneous posts scattered all over this forum.
Why flash a 108 kk and then root? Just create lollipop rom with prf creator and flash that.
spudata said:
Why flash a 108 kk and then root? Just create lollipop rom with prf creator and flash that.
Click to expand...
Click to collapse
PRFCreator doesn't make FTF's but flashable zips. From the PRFCreator thread:
To flash a pre-rooted firmware, you need a recovery menu
Click to expand...
Click to collapse
To install a recovery you need to be rooted (at least as far as I know) or have an unlocked bootloader. The point is not to unlock the bootloader at all (like when it is not possible) or maybe only after taking a backup of TA partition if not already done so (which again needs root access).
You're absolutely right, my mistake. Think i had a memory lapse
Related
Right Seeing In Multiple Forums on devices More people who have purchased their Xperia Want to know How to.. and Where to get this.. How do I.
FAQ:
How do I enter Fastboot?
*Below
How do I enter Recovery mode?
Below
How do I Know when My device is In Fastboot or Recovery?
Fastboot Blue LED lights upRecovery Green LED lights Up
What's Recovery mode?
Its basically a Recovery Such as Your device Wont Boot or has a Soft brick You can Flash a FTF (Factory Firmwares).
Whats Fastboot?
When You your device is In a mode that enables Custom Images to enter the device that are not signed by the manufacturer. Can also Flash CWM images and Userdata, Kernels, also The System Partition.
FAQ end
Whats A bootloader?
A Software Which runs before the system is loaded telling the phone what to do.
How do I unlock a Bootloader?
There have been or always been a Soloution for Xperia Phones to be unlocked those being :
Paid SETOOL/OMNIUS
*This Maintains your DRM (Digital rights management keys) Basically To stop Things Like Track ID musci unlimited to be runned on other Phones.
*Unlocks SIM network and Bootloader and Unlocks Fastboot.
*You get a Backup of your system Files (Notice Only with Jinx13 or Aljeandrissimo)
*Allows OTA updates to not brick the device.
Sony's Unlock Bootloader Service:
The Standard method for Unlocking removes DRM keys and OTA updates can Brick the device. Only for generic Sim Unlocked Phones! Which Can enter fastboot.
S1tool:
For generic Phones SIM unlocked.
Maintains DRM and OTA dont brick.
But No System Backup.
Root? Superuser? What the...
These Just allow Applications that require special levels of Security To function such as TB and Rootexplorer. SuperUser is what Gives you the Choice to Allow these apps run, And also Updates the SU binary files.
Warranty? Can I keep 'em If I do it?
No Most likely is the answer only a few areas allow Unlocked or rooted Phones (I think) But SETOOL and S1tool are non-reversable. Root can be reversed and Updating Via OTA wont harm it. But OTA maintains root.
Flashtool. What is this X4L?....
Flashtool Is a Open source Tool lettting Xperia Users Flash FTF i mentioned earlier on, In more advance details You can maintain stuff like this ; I have baseband -56 and I want to keep it when I flash to Latest 4.0.A.0.62 So with options Just check Exclude Baseband Baym You got a Older Baseband On a New FW!
First Time Enetering Recovery to Flash a FTF which Debrands the Phone!:
Guide:
Step 1) Power the device off and remove any USB in the Socket.
Step 2)Hold The Back button arrow going this way "<--" and Plug the USB in to the Phone.
Step 3)Let go when You see a Green LED appear.
Im Bootloader Unlocked How do I enter Fastboot?
Like Before Follow the Guide:
Step 1) Power off the device remove any USB in the Port.
Step2) Hold the Search Button "The magnifiying Scope" and Plug the USB in.
Step 3) Let go when you see a Blue LED.
Pre-Rooted Kernels and CWM?
Kernels Such as Darkforest kernel & DoomLords Kernel Have a Pre-Root feature means you can root any FW you want.
CWM what da?...
CWM stands for Clock work mod ; Enables you to flash packages to add to your FW or Installing a ROM using a Edify Script.
ClockWorkMod?Ya mentioned it before what's that?
Its basically a Like "Recovery but Flashes .zip files with Scripts It reads to tell it what to do, This is still a Pain in my Hole "Edify" After Gingerbread It was vital to switch from Amend To Edify Because of major flaws.
Hi,
So I'm new to these forums and have been browsing all of the rooting guides for my HTC M8. I am running official Marshmallow and really want to root my phone (again) as far I know I have unlocked boot loader. I had to factory reset my phone last year and never got round to re rooting, but now with marshmallow I wish to do so again.
My issue is I can't seem to understand the steps the guides are outlining. I download the links and try and open them, but nothing happens. Is there a step by step fluid guide in rooting my phone? As all the guides I have found have basically blown over my head. I used a toolkit in the past which did everything for me automatically. If no such post exists would someone be able to explain the steps in a simplified manner? (If possible)
Many thanks in advance to any who help
Optcpsi said:
as far I know I have unlocked boot loader
Click to expand...
Click to collapse
This is easy to determine definitely. Boot into bootloader (if you don't know how, ask and I'll explain) and it will either say bootloader is: LOCKED, UNLOCKED or RELOCKED near the top of the screen.
Vomer's guide is dated at this point, but mostly still accurate for what you want to do (root MM); and its the best guide I know of: http://forum.xda-developers.com/htc-one-m8/general/vomerguides-m8-bootldr-unlock-s-off-t2800727
If your bootloader is UNLOCKED, you can skip the whole section on unlocking it, and pick back up the guide again where it says CUSTOM RECOVERY. If the bootloader is LOCKED or RELOCKED, you'll need to do the section for unlocking the bootloader.
AFAIK, the only part of Steps 0 and 1 that is out of date, is the TWRP version. For MM, you should use TWRP 3.0. And somewhat obviously, the fastboot command to flash TWRP will need to have the corresponding file name; rather than the old version number given in the guide's example.
You'll also want to use SuperSU 2.76 (if the SuperSU version is too old, it will fail to root MM and leave you stuck with no boot). But the guide is already rigged to link to the latest stable version (not a particular version number), so presently it already links to 2.76.
Don't continue to Step 2 of the guide. Its not longer accurate, and not needed for root.
redpoint73 said:
This is easy to determine definitely. Boot into bootloader (if you don't know how, ask and I'll explain) and it will either say bootloader is: LOCKED, UNLOCKED or RELOCKED near the top of the screen.
Vomer's guide is dated at this point, but mostly still accurate for what you want to do (root MM); and its the best guide I know of: http://forum.xda-developers.com/htc-one-m8/general/vomerguides-m8-bootldr-unlock-s-off-t2800727
If your bootloader is UNLOCKED, you can skip the whole section on unlocking it, and pick back up the guide again where it says CUSTOM RECOVERY. If the bootloader is LOCKED or RELOCKED, you'll need to do the section for unlocking the bootloader.
AFAIK, the only part of Steps 0 and 1 that is out of date, is the TWRP version. For MM, you should use TWRP 3.0. And somewhat obviously, the fastboot command to flash TWRP will need to have the corresponding file name; rather than the old version number given in the guide's example.
You'll also want to use SuperSU 2.76 (if the SuperSU version is too old, it will fail to root MM and leave you stuck with no boot). But the guide is already rigged to link to the latest stable version (not a particular version number), so presently it already links to 2.76.
Don't continue to Step 2 of the guide. Its not longer accurate, and not needed for root.
Click to expand...
Click to collapse
Thanks for posting, couldn't find an up-to-date tutorial anywhere.
TWRP is asking to keep system read-only and I'm confused. If I allow modificaions, can I automatically never receive OTA updates again?
Will there even be another one for the M8/ will it get Nougat? Anyways, can I still root it with read-only?
Schmix said:
Thanks for posting, couldn't find an up-to-date tutorial anywhere.
TWRP is asking to keep system read-only and I'm confused. If I allow modificaions, can I automatically never receive OTA updates again?
Will there even be another one for the M8/ will it get Nougat? Anyways, can I still root it with read-only?
Click to expand...
Click to collapse
You need to allow modifications for root. At least traditional root. Systemless root, I would think would work if you stay read only - but do the research especially if you don't know the difference between traditional root and systemless root.
You can't install OTA updates with a rooted device in any case, so that point is irrelevant.
If/when ever an OTA comes, you would need to return to stock never rooted ROM and stock recovery, in order to OTA update (there are guides on this forum). This would remove any modification by TWRP.
But that's mostly just FYI/academic. Its extremely unlikely we'll get an OTA update to Nougat. Your best bet for Nougat will be custom ROMs, anyway.
1. UNLOCK bootloader with HTC Dev site.
2. Flash latest twrp recovery
3. Flash Stable v2.65 SuperSU
4. Flash wp mod.
5. Update SuperSU on Play Store.
Latest SuperSU 2.76 zip kills Boomsound. Permissive zip can fix that.
Hello everyone
Can you guys help me to unlock my bootloader and root my sony z5 premium without loosing my drm keys..
And is it necessary to downgrade?
If its necessary how to downgrade it?
And will downgrading my phone will let me lose my drm keys?
yes a downgrade to 6.0 is necessary bc it is used to insert a dirtycow exploit so u can extract the drm keys and save them so u can unlock the bootloader without loosing them something u can do on 7.X.X bc improved security
LastDarkWarlord said:
yes a downgrade to 6.0 is necessary bc it is used to insert a dirtycow exploit so u can extract the drm keys and save them so u can unlock the bootloader without loosing them something u can do on 7.X.X bc improved security
Click to expand...
Click to collapse
I'm also a sort of noob in a similar situation as OP. I was hoping to clarify the answers so there is no confusion (I've got a stock z5p E6853 running 7.1.1). Correct me if I'm wrong....
1. In order to root a stock z5p running Nougat without loosing the DRM keys --> the phone's firmware has to be downgraded to 6.0.
2. You would perform the downgrade from Nougat to MM using Xperifirm and flashtool.
3. After the downgrade the dirtycow exploit is used to extract the DRM keys.
Does downgrading a stock device from Nougat to MM automatically unlock the bootloader and therefore erasing the DRM keys???? I've read conflicting instructions that saying that in order to downgrade a stock z5p you must unlock the first bootloader which means erasing the DRM keys.
Thank you for being patient with a noob.
hantav said:
I'm also a sort of noob in a similar situation as OP. I was hoping to clarify the answers so there is no confusion (I've got a stock z5p E6853 running 7.1.1). Correct me if I'm wrong....
1. In order to root a stock z5p running Nougat without loosing the DRM keys --> the phone's firmware has to be downgraded to 6.0.
2. You would perform the downgrade from Nougat to MM using Xperifirm and flashtool.
3. After the downgrade the dirtycow exploit is used to extract the DRM keys.
Does downgrading a stock device from Nougat to MM automatically unlock the bootloader and therefore erasing the DRM keys???? I've read conflicting instructions that saying that in order to downgrade a stock z5p you must unlock the first bootloader which means erasing the DRM keys.
Thank you for being patient with a noob.
Click to expand...
Click to collapse
I was able to answer my own question by taking a risk and make the attempt to backup the DRM keys on my stock z5p running 7.1.1. My findings from my noob experience are:
Downgrading to Lollipop on a stock phone doesn't automatically unlock phone's bootloader.
Because the phone is bootloader is still locked after the procedure, the DRM keys were still intact and I was able to do the backup.
The procedure that I followed to downgrade and then do the DRM backup was basically the procedure as described in https://forum.xda-developers.com/z5-premium/development/rooting-xperia-z5-z5p-variants-drm-keys-t3437902 by @YasuHamed. However, I found the instructions still a little to complicated for a noob.
The very detailed set of instructions that I followed can be found here: The actual instructions that I followed were . The page talks about the Xperia X but the procedure is nearly identical to that of the z5p. The different steps that I did were:
Downloading the "Commerial and Journalists" version of Android firmware from Xperifirm for my E6853 z5p, which is Lollipop 5.1.1 the factory OEM operating system.
Once the firmware was downloaded from Xperifirm it needs to be extracted so that flashtool could read it. Xperifirm has the ability to extract automatically after downloading but I ran into errors because the generated file names were TOO long (more then 260 characters). Instead, I used flashtool to decrypt the files. In flashtool, go to "TOOLS" --> "BUNDLES" --> "FILESET DECRYPT".
After the FTF file is created by flashtool, you can start the downgrade procedure by pressing the "lightning bolt" button in flashtool. In my case, the procedure failed multiple times because of a faulty USB cable to connect the phone to the PC. Make sure you don't use a ****ty cheap cable.
After the downgrade, I had Lollipop installed which allowed me to use the ivoryroot exploit https://forum.xda-developers.com/crossdevice-dev/sony/iovyroot-temp-root-tool-t3349597 to the TA-DRM backup. If you chose to use ivoryroot make sure you pay attention to the exact model of phone and the version of android that you have installed. For my E6853, ivoryroot only works on Android v.32.0.A.6.170 & v.32.0.A.6.200.
With the phone connected to the PC, run "tabackup.bat" from the PC.
The expect file should be "TA-ModelNumber-Serial-Time.img" that has a size of 2,097,152 bytes.
Thanks.
hantav said:
I was able to answer my own question by taking a risk and make the attempt to backup the DRM keys on my stock z5p running 7.1.1. My findings from my noob experience are:
Downgrading to Lollipop on a stock phone doesn't automatically unlock phone's bootloader.
Because the phone is bootloader is still locked after the procedure, the DRM keys were still intact and I was able to do the backup.
The procedure that I followed to downgrade and then do the DRM backup was basically the procedure as described in https://forum.xda-developers.com/z5-premium/development/rooting-xperia-z5-z5p-variants-drm-keys-t3437902 by @YasuHamed. However, I found the instructions still a little to complicated for a noob.
The very detailed set of instructions that I followed can be found here: The actual instructions that I followed were . The page talks about the Xperia X but the procedure is nearly identical to that of the z5p. The different steps that I did were:
Downloading the "Commerial and Journalists" version of Android firmware from Xperifirm for my E6853 z5p, which is Lollipop 5.1.1 the factory OEM operating system.
Once the firmware was downloaded from Xperifirm it needs to be extracted so that flashtool could read it. Xperifirm has the ability to extract automatically after downloading but I ran into errors because the generated file names were TOO long (more then 260 characters). Instead, I used flashtool to decrypt the files. In flashtool, go to "TOOLS" --> "BUNDLES" --> "FILESET DECRYPT".
After the FTF file is created by flashtool, you can start the downgrade procedure by pressing the "lightning bolt" button in flashtool. In my case, the procedure failed multiple times because of a faulty USB cable to connect the phone to the PC. Make sure you don't use a ****ty cheap cable.
After the downgrade, I had Lollipop installed which allowed me to use the ivoryroot exploit https://forum.xda-developers.com/crossdevice-dev/sony/iovyroot-temp-root-tool-t3349597 to the TA-DRM backup. If you chose to use ivoryroot make sure you pay attention to the exact model of phone and the version of android that you have installed. For my E6853, ivoryroot only works on Android v.32.0.A.6.170 & v.32.0.A.6.200.
With the phone connected to the PC, run "tabackup.bat" from the PC.
The expect file should be "TA-ModelNumber-Serial-Time.img" that has a size of 2,097,152 bytes.
Thanks.
Click to expand...
Click to collapse
VERY WELL EXPLAINED
the above process dies at xperia XZ, the new generation of complication starts with all 4gb ram devices of SONY (from Xzs) where there is NO way to downgrade to |Android to level of dirtycow script to work!. Nor there is way to have drm fix kernel! (YET)
Hi,
As the title says, I need help rooting a Xiaomi Mi A2 Lite device, that is updated to Android 9.
I tried rooting it, but the issues are:
1. It needs unlocking the device first, so I tried going to - //en(DOT)miui.com/unlock/.
There it wants me to connect my device to my Mi account in Setting > Developer Options > Mi Unlock Status. Thing is that this device is using one of the ROM versions, which doesn't have Mi Unlock Status.
2. This led me to try and update the ROM. Issue here is that doing so through the fastboot is not possible because the device needs to be unlocked, so I tried this - //en(DOT)miui.com/a-232.html
3. From there on, everything is fine until step 3. In android 9, they have decided to move the System Update to another table, which is fine but there are no longer 3 dots or an option to select a package. I tried looking for that without success.
4. Downgrading to Android 8 is not possible anymore, and I haven't really checked if I can do it with a locked phone.
Can someone help me find what I am missing here? There must be a way I can root the device.
Thank you!
developer options , unlock oem, boot to bootloader and type fastboot oem unlock, its that simple. All you nee to do after this is follow a tutorial for rooting with magisk.
My friend you were following the wrong guide. This is an Android One device you don't need the unlock procedure that the other MIUI device have to do.
As mentioned above the unlocking is straight forward, however the steps following can be a bit more confusing.
Basically there are different methods on how to actually gain root access, the most popular and recommended one would be using a framework/app called Magisk.
Download the magisk manager from the app store and more importantly check exactly your build number in your phone settings as you will need a patched boot.img file for exactly that build (here you can either download the patched boot from one of the thread here but its more safe to actually patch the original boot.img yourself).
However most of the stuff is written in this thread, it's only missing the updated boot files for Android Pie.
I recommend you to patch the boot from the official Rom files (for example for Pie 10.0.2.0 here and patch it via magisk manager yourself)
Thank you all. I managed to root it.
1. Not entirely sure how the unlock went but it was successful. I tried the fastboot oem unlock. I think that did it.
2. Got TWRP on the fastboot and installed Magisk
3. Root access was granted, data got wiped twice though, but the second part was my fault.
I've been trying to get the root prompt on the ZTE Blade A7 Prime (Visible version; MediaTek MT6761 A22 Quadcore processor) since the past couple of weeks and have researched down all the possible known and/or related methods discussed in forums here and failed each one of them, due to the following 2 fundamental reasons:
Failure reasons:
1. ZTE Blade A7 Prime has the 'unlock' command(s) removed from the fastboot, viz., 'fastboot oem [unlock | unlock-go | unlock_critical]' are not even implemented and the 'fastboot flashing [unlock | unlock_critical]' commands have been removed. So all the permanent rooting methods, including the Magisk App, fail.
2. There was a firmware auto-upgrade around 2021JUN01 by ZTE. This was the first one since the last upgrade back in ~2020JAN/FEB, when the bootloader-locked 'mtk-su' bootless root method was supposedly working (I had not tried it then). Now its broken and I am getting the following error right at the launch of the 'mtk-su -v' command:
" armv71 machine
Failed critical init step 1 "
The following methods of getting a root prompt DO NOT work anymore:
A. Magisk App method:
Releases · topjohnwu/Magisk
The Magic Mask for Android. Contribute to topjohnwu/Magisk development by creating an account on GitHub.
github.com
This method requires an unlocked bootloader and that is NOT possible due to 1. above.
B. bootloader locked 'mtk-su' bootless root method:
Amazing Temp Root for MediaTek ARMv8 [2020-08-24]
Software root method for MediaTek MT67xx, MT816x, and MT817x! So it's no big secret that not too long ago, I found a way to achieve temporary root on MediaTek chipsets. No preinstalled root solution or device unlock was needed. The tool I...
forum.xda-developers.com
AND
Amazing Temp Root for MediaTek ARMv8 [2020-08-24]
Software root method for MediaTek MT67xx, MT816x, and MT817x! So it's no big secret that not too long ago, I found a way to achieve temporary root on MediaTek chipsets. No preinstalled root solution or device unlock was needed. The tool I...
forum.xda-developers.com
Both these above procedures FAIL because of the failure mentioned in 2. above.
C. The mtk-su easy App method.
ZTE Blade 10 prime root possible?
Is it possible to root the blade 10 prime? I couldn't find a suitable forum thread for it, so sorry if this is the wrong place. If it's the wrong place, is there somewhere I should post this question instead?
forum.xda-developers.com
OR
GitHub - JunioJsv/mtk-easy-su: Get bootless root access with few clicks.
Get bootless root access with few clicks. Contribute to JunioJsv/mtk-easy-su development by creating an account on GitHub.
github.com
This method also fails due to 2. above as its just a wrapper around the 'mtk-su' B. method above.
If anyone knows how to get the root prompt, or even the bootloader unlocked by any method whatsoever, please enlighten.
pity you didn't use flashify or some partition backup software to save your phone firmware before it auto upgraded. then you'd be able to use sp flash tool to revert back to the rootable build
the bootloader isn't unlockable so the above is probably the only way you're getting root back if you can ask someone to provide the stock firmware and scatter file for you
luridphantom said:
pity you didn't use flashify or some partition backup software to save your phone firmware before it auto upgraded. then you'd be able to use sp flash tool to revert back to the rootable build
Click to expand...
Click to collapse
Doesn't flashify require root access to save the phone's firmware? I read a bit now about flashify and that's what I figure it implies/requires. I never had root access. I only tried to get it in 2021JUN and realized that I was late to the game by just about a month.
BTW, any chance the 'mtx-su' rooting script would be updated to root this new firmware update?
luridphantom said:
the bootloader isn't unlockable so the above is probably the only way you're getting root back if you can ask someone to provide the stock firmware and scatter file for you
Click to expand...
Click to collapse
Could you please care to give some pointers as to how to get the prior stock firmware and the "scatter file" and the procedure to downgrade?
TIA.
vla-511411 said:
Doesn't flashify require root access to save the phone's firmware? I read a bit now about flashify and that's what I figure it implies/requires. I never had root access. I only tried to get it in 2021JUN and realized that I was late to the game by just about a month.
BTW, any chance the 'mtx-su' rooting script would be updated to root this new firmware update?
Could you please care to give some pointers as to how to get the prior stock firmware and the "scatter file" and the procedure to downgrade?
TIA.
Click to expand...
Click to collapse
yea, the idea is to backup with flashify once you had a temp root with mtk-su if you were able to get it before. i've done it with some old alcatels to save their fw in case i ever had a forced update
no mtk-su update because the exploit has been patched long ago
you won't be able to get it unless someone else has the prior stock firmware. there's this method of dumping old fw without root that i haven't tried yet
How to use SP Flash tool to backup Mediatek firmware
Update: I suggest you use Wwr tool + SP flash tool for the dump instead of SP Flash tool alone as you can proceed without first having the scatter file and using MTK Droid Tools (which is now outdated
forum.hovatek.com
I'll give that 'wwr-tool + SP flash tool' method a try and comment back.
BTW, my ZTE phone is running Android 9 and hence has the partition A/B architecture. So, is it possible to that the *other* partition, viz., the currently non-active partition still has the older boot and system images?
i would just dump your entire rom and take out the partitions you need with the scatter file. that file gives you a mapping of where every partition is
without an unlocked bootloader id be very careful flashing partitions anywhere even with sp flash tool
Appreciate your responses.
I don't exactly know what you mean by a "scatter file" but I do have the text o/p of the /dev/block/.../by-name directory (I'm very comfortable with Linux, I just don't know Android), if that's what is that scatter file for. Else, please detail how to get that. FWIW, I have read up and understand (to the extent needed) what the 2-partition slot A and B are about. If there're tutes or references about how/what all set of stock images I need to save out from my phone, please detail.
Ofcourse, I'll be very careful with flashing things with the locked bootloader. The only intent of mine is to extract the boot.img for patching via Magisk (which does not need a unlocked bootloader) and get the root prompt. So, again, my interest in 'mtk-su' or any other temp-root methods is just to extract that boot.img kernel image for Magisk.
I'm not yet able to use that SP flash tool method and will give details once I figure out that I'm not doing some basic wrong.