Anyone managed to root H815 with v20a (6.0)? (locked bootloader) - G4 Q&A, Help & Troubleshooting

Hi, has anyone been able to successfully root H815 with v20a kdz?
From 10b to 10d and even 10h, I've rooted all the images my self, by using the root injection method,
Where i extract the system.bin from the kdz (.dz), and run the injection script* on an ubuntu \ fedora.
*Mind you, I've used the same method (With the Updated SuperSU binaries&app [M Compatible]),
[.bin == .img]
After i have a rootedsystem.img I'd copy it onto the internal SD, and then boot in download mode, and used dd..
But ever since the M Upgrade through LGUP, none of the commands works, seems like Send_commands has become useless, likely LG blocked access to shell through downloadmode..
It always return 'FAIL', to any command.
But the os is fine, usb debugged was on, and pc was allowed, also OEM Unlock was ticked
Did anyone try the same method and also failed?
(if not, just test 'id' when using send_commands, the result would always be 'FAIL')

Even if this method would still work, you wouldn't be able to boot into the system. Since Android 6 the bootloader checks if the system partition is modified. Therefore you need to flash a custom Kernel, which is impossible with an locked bootloader.

That's the good part about that method,
It could be used as a 'backdoor' to write ANY part of the main block device,
it's just mostly used to write the system partition part and replace it with rooted system image:
'dd if=/data/media/0/rootedsystem.img bs=8192 seek=55296 count=529920 of=/dev/block/mmcblk0'
But you could calculate where the boot \ kernel partitions are and also use 'dd' to overwrite them as well..
If LG truly blocked this, we're basically screwed for now (Locked bootloader users)
Yes we could always revert back to LP, and then the method should work again.. (I'm really hoping it does...)

Shameless Self bump with edit:
Reverting back now, putting LGUP to the test:
- 1st time Failed OMG OMG Brick?!? - Win10 TH2 driver issues probably
- 2nd time works on Server 2008R2 VM through workstation, fhuu, doged that bullet...
Update:
Send_Command Functionality is working again!!! Whoooohooo
ROOT EXPOSED and all the goodie goodies

X0rzist said:
Even if this method would still work, you wouldn't be able to boot into the system. Since Android 6 the bootloader checks if the system partition is modified. Therefore you need to flash a custom Kernel, which is impossible with an locked bootloader.
Click to expand...
Click to collapse
Correct - root won't happen for MM anytime soon on bootloader locked devices, if ever.

Related

A new method for ROOTing your xoom!!!

I do not know why you say this...
MOD EDIT: Rooters beware. Proceed with extreme caution, as these are highly uncharted waters.
Hi,
I am here to provide you a new method in rooting your xoom, it does not require to flash the decrypted boot.img image.
I have tried it only on my Wifi XOOM, which is a UK version. (With a Japan version of ROM, downloaded from Motodev and upgrade to 3.1)
***EDIT***
I have also tried on a HK 3g xoom (which shows MZ601 in MTP but MZ602 in fastboot). It works without any problem, and internal storage preserved untouched.
===============================================================
I am NOT a xoom developer, nor a rom cook. I am just a user of xoom, which know
a little on developing and are willing to try new things.
So, I can not be sure that the method below works on your device. By following the
things below, your xoom may have a chance to brick.
I am not responsible for any brick or mulfunction device.
===============================================================
To root your xoom, you should start with flashing your device with the clockworkmod recovery (Please refer to the post by solarnz).
After flashing the clockworkmod recovery, do the following.
1. Download the attached ROOT.zip, place it on the root directory of the external sd card, and rename it to update.zip
2. Restart your device to the recovery by:
Type "adb reboot recovery" from your pc
OR press volumn down ~2 seconds after the motorola logo appears when the device starts,
then volumn up when "-->Android recovery" appears.
3. Apply the update in the recovery.
That's it. Your device should be already rooted.
=======================================================================
I am not the inventor of the method, I think about this since I have a Samsung i9000,
and the method of rooting the i9000 is by applying a update.zip file.
I have created the ROOT.zip file by changing the i9000 root zip file with the newer su and superuser.apk (From here: http://forum.xda-developers.com/showthread.php?t=1010568)
I have also changed the updater-script in order to let the updater mount the correct partition for the update.
I am not sure if this update applies to other devices (especially for the 3g ones). This should work if the system partition have name "/dev/block/platform/sdhci-tegra.3/by-name/system".
I would like to thank solarnz for providing the clockmodwork recovery for xoom,
the one who invented the method of rooting the i9000 with a update.zip (I cannot find who make that, sorry...),
and also Xaositek for providing the su and superuser.apk files (I am too lazy to find it by myself...).
========================================================================
That's all. Please try on your device (especially for those stock 3.2) if you would like to take some risk, and report if it is success or not.
Thanks.
eddielo said:
Hi,
I am here to provide you a new method in rooting your xoom, it does not require to flash the decrypted boot.img image.
I have tried it only on my Wifi XOOM, which is a UK version. (With a Japan version of ROM, downloaded from Motodev and upgrade to 3.1)
===============================================================
I am NOT a xoom developer, nor a rom cook. I am just a user of xoom, which know
a little on developing and are willing to try new things.
So, I can not be sure that the method below works on your device. By following the
things below, your xoom may have a chance to brick.
I am not responsible for any brick or mulfunction device.
===============================================================
To root your xoom, you should start with flashing your device with the clockworkmod recovery (Please refer to the post by solarnz).
After flashing the clockworkmod recovery, do the following.
1. Download the attached ROOT.zip, place it on the root directory of the external sd card, and rename it to update.zip
2. Restart your device to the recovery by:
Type "adb reboot recovery" from your pc
OR press volumn down ~2 seconds after the motorola logo appears when the device starts,
then volumn up when "-->Android recovery" appears.
3. Apply the update in the recovery.
That's it. Your device should be already rooted.
=======================================================================
I am not the inventor of the method, I think about this since I have a Samsung i9000,
and the method of rooting the i9000 is by applying a update.zip file.
I have created the ROOT.zip file by changing the i9000 root zip file with the newer su and superuser.apk (From here: http://forum.xda-developers.com/showthread.php?t=1010568)
I have also changed the updater-script in order to let the updater mount the correct partition for the update.
I am not sure if this update applies to other devices (especially for the 3g ones). This should work if the system partition have name "/dev/block/platform/sdhci-tegra.3/by-name/system".
I would like to thank solarnz for providing the clockmodwork recovery for xoom,
the one who invented the method of rooting the i9000 with a update.zip (I cannot find who make that, sorry...),
and also Xaositek for providing the su and superuser.apk files (I am too lazy to find it by myself...).
========================================================================
That's all. Please try on your device (especially for those stock 3.2) if you would like to take some risk, and report if it is success or not.
Thanks.
Click to expand...
Click to collapse
How do you flash cwm if your device if locked? Also the purpose of the rooted boot.img is to allow you to mount your device for adb commands.
Sent from my PG86100 using Tapatalk
yeah no offense but this sounds a little sketch... I see you make a quote at the bottom asking people to report success if they try... I personally would not try this.
Unlocking and rooting is really not that hard and not very time consuming using current methods
Of course, for installing CWM, you have to unlock your device by using "fastboot oem unlock", but that will not brick your device anyway.
For this method, you do not need to issue adb commands to root your device, so no need to have a modified boot.img.
Also, for the current rooting methods, it is not 100% work on some device (like the HK 3g version, which reported missing of internal storage after rooting with currently available method), I would like to see if this work on that.
Rooters beware. Proceed with extreme caution, as these are highly uncharted waters.
eddielo said:
For this method, you do not need to issue adb commands to root your device, so no need to have a modified boot.img.
Click to expand...
Click to collapse
I think you missed my point. Rooted boot.img isn't used for rooting. Its used for adb commands like adb remount. Say i want to adb push a file to my xoom, ls a directory on my xoom, or adb rename system files. Those are all reason you need the rooted boot.img.
Sorry, this is not a rooting method. All what this is doing is flashing su, busybox and Superuser.apk.
There is more to rooting a device than this. You also need an insecure boot image.
I am sorry if I do not catch the real meaning of rooting a device.
What I think of rooting is to let my device, starting from everything stock, untouched, to a state that applications that need root, like Titanium backup or root explorer, works without problem.
I have tried on my two devices with this method, titanium backup works perfectly, root explorer can remount the system partition to rw and can successfully copy files and delete files from that.
The insecure boot.img image, as far as I know, provides everyone to use "adb remount" and make changes to the system directory. But my method do not need adb in copying the binaries and chmod them. You may call it flashing, but after that, su works without problem.
Please, try it first. If you think it is not a method of rooting, I am sorry about that.
Actually guys, don't dismiss him just yet, over in the Galaxy S II forums we only flash insecured images long enough to root the OS then flash back to a secure one, so you have root access but no remount or system r/w.
It's a (fairly) legitimate method and is exactly how I rooted my xoom this time round, well not exactly, I did it like this:
unlock
flash solarnz CWM
adb mount system r/w
push su and busybox
reboot
install superuser from market
done
This is how most people run their GSII and means you can use root apps but no insecure boot image (because the GSII shows a warning on every boot with insecure images and keeps a binary flash counter, cheeky samsung).
This will at least get you to the point where you can su from within android and dump your boot image to modify it yourself, which is what I just did to update my Euro 3G root guide.
So does this mean just "rooted".....like can't flash a rom?
Sent from my Xoom using XDA Premium App
roughneckboren said:
So does this mean just "rooted".....like can't flash a rom?
Sent from my Xoom using XDA Premium App
Click to expand...
Click to collapse
Rooting has nothing to do with installing a rom. To install a rom, you just need to unlock and fastboot flash CWM. This guide in noway helps you flash a rom.
alias_neo said:
Actually guys, don't dismiss him just yet, over in the Galaxy S II forums we only flash insecured images long enough to root the OS then flash back to a secure one, so you have root access but no remount or system r/w.
It's a (fairly) legitimate method and is exactly how I rooted my xoom this time round, well not exactly, I did it like this:
unlock
flash solarnz CWM
adb mount system r/w
push su and busybox
reboot
install superuser from market
done
This is how most people run their GSII and means you can use root apps but no insecure boot image (because the GSII shows a warning on every boot with insecure images and keeps a binary flash counter, cheeky samsung).
This will at least get you to the point where you can su from within android and dump your boot image to modify it yourself, which is what I just did to update my Euro 3G root guide.
Click to expand...
Click to collapse
Without an rooted boot.img your recovery will get wiped out every time you boot the OS.
So will this let you make a titanium backup of your data? That way you could recover your data after using the regular unlock method that erases everything?
silvinoa said:
So will this let you make a titanium backup of your data? That way you could recover your data after using the regular unlock method that erases everything?
Click to expand...
Click to collapse
Yes and NO...
Yes this method will allow you to run titanium backup. But to use this method you have to unlock, which erases everything.

[Q&A] [Recovery] [v500] CWM 6.0.5.1

Q&A for [Recovery] [v500] CWM 6.0.5.1
Some developers prefer that questions remain separate from their main development thread to help keep things organized. Placing your question within this thread will increase its chances of being answered by a member of the community or by the developer.
Before posting, please use the forum search and read through the discussion thread for [Recovery] [v500] CWM 6.0.5.1. If you can't find an answer, post it here, being sure to give as much information as possible (firmware version, steps to reproduce, logcat if available) so that you can get help.
Thanks for understanding and for helping to keep XDA neat and tidy!
Didn't work- aboot needs flashing?
Hi, I got up to the last step, but aborted as per your instructions when access to aboot was denied. Does this mean I need to downgrade to a different stock android before putting a custom recovery on? If so, how do I do that?
When you first typed "su" to gain root access in the terminal, did you allow it in the SuperSU application? It sounds like your problem is related to root permissions not being given. Was the problem with using the "dd" command or the command to patch the recovery.img?
---------- Post added at 12:48 PM ---------- Previous post was at 12:44 PM ----------
Oh, I think the problem is that you need to go into the developer options and allow root to both apps and adb. Root permission is default to apps only and that setting needs to be changed to give adb root access.
Edit: I added a new note about this to the guide.
I am running stock HTC and there is no option to allow root access in developer options as in your screenshot (main thread- I don't have permission to post). However, I checked in SuperSU and root access is granted.
I am not very experienced in this area. Maybe I'm doing something wrong. Here's a copy and paste from command line I used to run ADB:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
E:\Google SDK\adt-bundle-windows-x86_64-20130729\sdk\platform-tools>adb push rec
overy.img /data/local/tmp
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
3423 KB/s (10514432 bytes in 2.999s)
E:\Google SDK\adt-bundle-windows-x86_64-20130729\sdk\platform-tools>adb push lok
i_tool /data/local/tmp
2286 KB/s (379276 bytes in 0.162s)
E:\Google SDK\adt-bundle-windows-x86_64-20130729\sdk\platform-tools>adb shell
[email protected]:/ $ su
su
[email protected]:/ # chmod 755 /data/local/tmp/loki_tool
chmod 755 /data/local/tmp/loki_tool
[email protected]:/ # dd if=/dev/block/platform/msm_sdcc.1/by-name/aboot of=/data/local
/tmp/aboot.img
cc.1/by-name/aboot of=/data/local/tmp/aboot.img <
1024+0 records in
1024+0 records out
524288 bytes transferred in 0.085 secs (6168094 bytes/sec)
[email protected]:/ # /data/local/tmp/loki_tool patch recovery /data/local/tmp/aboot.im
g /data/local/tmp/recovery.img /data/local/tmp/recovery.lok
a/local/tmp/recovery.img /data/local/tmp/recovery.lok <
Loki tool v2.1
[-] Unsupported aboot image.
Ok, your problem is not related to permissions. You have followed the directions correctly. The problem you have is that your aboot.img is not compatible with loki_tool, so it is unable to patch your recovery.img to recovery.lok. Perhaps downgrading your firmware would install an older loki_tool exploitable aboot partition. You might also just be able to change aboot without having to downgrade everything else, but it really depends on your version of software. There are some recovery threads that install a new aboot.img along with a new recovery.img, but just make sure you don't install the wrong aboot, because you might get a boot loop and have to reset with the LG tool.
Edit: when you say you are running stock HTC, do you really mean stock LG? This is for v500 devices only.
Yes, I meant stock LG. I've got version 4.4.2, v 50020d.
The threads I've seen seem to require a custom recovery to install the old version of android... which is what I need to install a custom recovery. Maybe I'm being dense. Can you point me in the right direction at all?
Yes, I think 20d is the latest firmware that has the aboot partition patched to prevent loki_tool from working. The safest way, without risking a boot loop, would probably be to downgrade your firmware to an older version with the LG tool. But, I don't know if those older images are available for your device. I would assume that any official v500 image from LG would work, as long as the hardware is not different. I've heard that some of the newer v500 devices have a different camera module, which would require the latest version of software for the different camera to be supported. By downgrading the LG firmware on newer models, you could lose the camera driver support. Maybe you should determine what camera is in your device before you make a decision on which version of software to install with the LG tool.
I stupidly upgraded from 500b to d when my OS recommended it but my G-Pad is a bit older. Basically, I should be able to downgrade to tha without risking the camera. But I don't know how. I had a look at an LG tool thread, but it was quite confusing and most talk was related to the LG G2. There are many options in the LG tool which I have no idea about. I might be abIe to work it out after extensive reading but a bigger problem is I don't know where to get the image to flash v500b from.
Yes, we need a thread with links to all the stock images.
---------- Post added at 03:31 PM ---------- Previous post was at 03:13 PM ----------
The question really is, which loki_tool exploitable aboot.img is compatible with the software on your device. I have a feeling that you would get a boot loop if you tried to change only your aboot.img to an older version without downgrading the system to match.
Edit: I'm not really sure what would happen if I made a copy of my aboot partition for you to flash over your copy. I could post my aboot.img, and it could be flashed to your device using dd, but it's risky.
Theoretically, if you flash a new aboot.img and recovery.lok (to match the new aboot partition), you would not be able to boot into the old system (because your boot partition does not match the new aboot partition), but you should still be able to get into the new custom recovery (because it matches aboot). Then you could install a custom Rom that replaces your old boot partition (the kernel).
Edit: I think you should take a look at this thread: http://forum.xda-developers.com/showpost.php?p=53140473&postcount=14
I was able to download the kdz file for my v500 which should work for your device also.
Here is a link to the LG Tool that is modified to download the file from a local server: http://storagecow.eu/index.php?dir=Xda/LG+Software/KDZ+Flashing+Tools/
Edit: I recommend using LG Flash Tool 2014 to flash the kdz file instead.
http://forum.xda-developers.com/showthread.php?t=2797190
Unsupported aboot image
Hi!
When I enter the command to patch the recovery I got the response "Unsupported aboot image"
I´m on V50020a, loki_tool only supports V50010a?
It means your aboot is patched. I'd downgrade with lg tool then root over again.
Deltadroid said:
It means your aboot is patched. I'd downgrade with lg tool then root over again.
Click to expand...
Click to collapse
Thanks, just looked thru the rest of this thread and realized that, lazy me.
Latest 20D and CWM - device unlock, so Boot success!! ??
Hi All,
I am trying to get into Recovery but I only get "device unlock, so Boot success!!", Goes dim for a second and then just loads back into Stock.
I am unable to access TWRP.
Any help?
SOLVED. Downgraded to 10A
Deltadroid said:
The new versions of LG Tool won't let you downgrade because the program checks for the latest firmware version to install. There is another version of LG Tool that does allow for downgrading firmware here:
http://forum.xda-developers.com/showthread.php?t=2797190
Now you just need to get the kdz file to install here:
https://www.androidfilehost.com/?w=files&flid=13296
Click to expand...
Click to collapse
I tried using that tool to downgrade to the 4.2.2 firmware, but the tool keeps saying that the pad became disconnected, ad the retry button does not work. I have tried both in USB Debugging mode and download mode. Is there any other way to get the V50010A_00.kdz firmware onto my GPad?
You must have your device in download mode in order to use the LG Tool. It doesn't matter what settings you have in the rom. Perhaps trying a different Windows computer could help.
Deltadroid said:
You must have your device in download mode in order to use the LG Tool. It doesn't matter what settings you have in the rom. Perhaps trying a different Windows computer could help.
Click to expand...
Click to collapse
I did end up trying with a different computer, and finally had success. Then I re-applied root with towelroot, and I'm good to go. Thanks!
I followed the instructions and have successfully installed the CM recovery. When I booted into the recovery, I decided to make a backup. The backup went fine, then I selected "restore" to see what was available, and there was one backup, just like I expected. However, the backup file was dated 1970-11-21.09.49.26. The clock on my tablet should have been set correctly, so why is it dated like that?
It seems like a patch is needed for CWM to set the proper time. I wonder if Philz gets the correct time. I know TWRP 8.0.0 has the correct time with a recent patch.
I'm sure someone with access could cherry pick that patch for us.
Now that I have done a backup, I am good to go to install a custom ROM now, correct? If I don't like the ROM I can just restore my backup to go back to stock 4.2.2?

[Tool] iovySU - Root your device without unlocking its bootloader

Reminder: iovySU works only on select Lollipop-based firmwares from Xperia M5, if you updated your phone to Android 6.0, the only way to get root is by unlocking its bootloader and flashing a custom kernel, like this one. If your phone has a permanently locked bootloader, there's NO WAY to root while running Marshmallow, but you can still downgrade to Lollipop and use iovySU if you desperately need root access on your bootloader locked M5.
Today I present you iovySU, a tool based on iovyroot binary which can sucessfully root Xperia M5 family! No need to unlock your bootloader or lose your unique DRM keys!
Requirements
• You must be using one of the supported firmwares (they're listed on "Supported Firmwares" down below and are also available as FTF, so you can downgrade with Androxyde's FlashTool if needed).
• USB Debugging must be enabled on the phone (available in Settings => Developer Settings -- if you can't see it, go to Settings => About Phone and tap 7 times on Android Build).
• ADB drivers should be installed on the computer, otherwise this tool won't see it (you can install Xperia Companion to get the drivers or use the stand-alone ADB driver).
• Your computer should be running Windows or Linux (you can probably use the Linux script on Mac, but that's completely untested and not guaranteed to work at all).
Instructions
• Download the attached ZIP and unzip its contents somewhere;
• Connect your phone, open iovysu.bat and wait (if you're on Linux, launch iovysu.sh from Terminal instead);
• After the process finished, the tool will notify you, press any key to reboot your phone;
• If iovySU worked, on your phone you should see a SuperSU notification, tap on it and let it update the binary (if you don't see the SuperSU notification, open SuperSU from app drawer instead);
• After updating the binary, reboot your phone once more and enjoy your fully rooted phone!
Supported Firmwares
For single SIM variants (E5603, E5606 and E5653):
• 30.0.A.1.23
• 30.1.A.1.33
For dual SIM variants (E5633, E5643 and E5663):
• 30.0.B.1.23
• 30.1.B.1.33
Frequently Asked Questions
Q: Help! I've enabled USB Debugging on my phone but iovySU keeps stuck at "Waiting for device" message!
A: This means ADB isn't "seeing" your phone, either because you didn't install ADB drivers (you can use this stand-alone driver) or because you didn't authorize the connection on your phone. If iovySU still can't see your phone, make sure you don't have another Android device with USB Debugging enabled plugged on your computer at the same time or emulators like BlueStacks or Genymotion running.
Q: Help! I'm using one of the supported firmwares, I ran iovySU, it rebooted my phone but I still don't have root access/SuperSU didn't show up in the app drawer!
A: Run iovySU again. Sometimes the exploit may freeze and your phone may reboot before SuperSU gets installed. In case you tried a few times and still can't get root, post the output of the tool here so I can help you.
Q: Help! I'm using a newer firmware but I couldn't find an FTF of a supported firmware version which matches my variant! What can I do?
A: I've uploaded the FTFs of the supported firmwares (check the forum), you can crossflash them safely to your phone (just don't do single SIM => dual SIM or vice versa -- the phone will bootloop). After rooting with iovySU, get an FTF which matches your variant/region with XperiFirm/FlashTool and use dd Flasher Minimal to flash it while maintaining root access.
Q: Why should I use this instead of KingRoot?
A: Mainly because it's open source, so you can see what's actually being modified on your phone. Currently, KingRoot has the convenience of rooting Xperia M5 with one click but on the other hand you get a dubious root managing app that have issues with some root-enabled apps and also includes other bloat stuff built-in. Although with some effort it can be replaced with SuperSU, the process is not that simple and can still leave junk on your system. That's also the main reason I talked with @zxz0O0 as soon as I noticed iovyroot could work on Xperia M5.
Q: I used iovySU and I'm rooted now, but I'm stuck on an older firmware version/another variant and OTAs fail to install. How can I update without losing root access?
A: By using my other tool, dd Flasher Minimal. If you crossflashed your phone in order to use iovySU, just get an FTF that matches your variant/region with FlashTool/XperiFirm and use it with dd Flasher Minimal.
Q: Is there any difference between iovySU and iovyroot?
A: Yes and no. Basically, the only difference between iovySU and iovyroot is that iovyroot gains temporary root to make a TA backup of the supported devices, while iovySU benefits from the same temporary root but to actually install SuperSU permanently on the system. The reason iovyroot script only backups TA partition is that many of the supported devices have additional security measures enabled, like dm-verity, so, these devices would refuse to boot if a single byte was modified on the system partition (and well, you actually need to write into system partition to get permanent root). For our luck, none of the Xperia M5 firmwares available at the moment have dm-verity, so we can get full root access without any issues!
Q: Can I use iovySU to root <insert device here>?
A: Well, if it's a device supported by iovyroot, without dm-verity (or similiar) on its kernel and running an ARM64 version of Android Lollipop or newer, then yes, it should work. It theoretically can work also with 32-bit devices, but then you'll need to modify the SuperSU package used by iovySU with the appropriate binaries (that's because unlikely the official SuperSU package, iovySU uses a stripped down version including only the bare minimum needed to get SuperSU installed on an ARM64 ROM).
Credits
I'm the author of the script but it also includes pieces of code made by @Chainfire (SuperSU) and heavily relies on iovyroot binary. I would also like to thank the people who helped testing the exploit earlier and @zxz0O0 for developing the iovyroot binary and his promptly help in adding Xperia M5 support to it.
worked for me on 30.1.A.1.33 PERFECTLY!
Please note: I was using nova launcher, I had to Change back to Default xperia launcher for iovySU to work
Thank you!
Ok I managed to get root with this, but something odd happened. So I tried to Root with KingRoot beforehand, but it didn't work and I couldn't uninstall the app. So when I tried to use ivorySU today, after reboot the screen froze on startup forcing me to do a hard reset. After doing that and rebooting I had gained access to Root with KingRoot, but I didn't have SuperSU. What proceeds now? I really want SuperSU instead of KingRoot. I'm kinda new at this, sorry if this is a noobish question.
I'm on a E5606 model, Firmware: 30.1.A.1.33.
@Neofranky, I strongly suggest flashing a FTF suitable to your device to restore your system partition to clean state then try iovySU directly. If you try using iovySU after trying KingRoot, it may leave you with their su version and then, by running iovySU, it would detect that as an already rooted device, thus doing nothing.
Or, now that you have root (even through it's from KingRoot and not SuperSU) you could use dd Flasher Minimal with a FTF of a newer firmware (or from the same firmware if 30.1.A.1.55 wasn't released on your region yet), that would also restore your system partition to a clean state + SuperSU, wiping KingRoot completely...
will this work for c5 E5553 5.1?
@gsser, currently, no. Before trying anything, your phone must be supported by iovyroot (in other words, it should have a Lollipop kernel with build date of Deceber 2015 or earlier). Then, after having iovyroot support it must not have dm-verity enabled on its kernel, otherwise iovySU won't work (however you would still be able to backup your TA Partition with the main iovyroot in that case). If your phone meets those requirements, you can talk with @zxz0O0 to see if support for your phone can be added in iovyroot...
Problem to root with iovyhu
Hi everybody, i'm stuck when i run the .bat on win 10 64, i have an NTFS partition, put the folder on my D: drive, changed permisions to run as a administrator ans nothing, i just got a windows that say path not found:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
i've tried tu run it from a fat32 usb, and got the same result.
i am using the 30.1.A.1.33 for 5603 xperia M5, even reflashed twice the cellphone.
can you tell me what I am doing wrong. thanks ins advance.
hectorgironc said:
can you tell me what I am doing wrong. thanks ins advance.
Click to expand...
Click to collapse
You're running the .bat as Administrator, that's what you're doing wrong. When you call a .bat file as admin (not just iovySU, this applies to any .bat), Windows will set the working path as something like C:\Windows\System32 and that's why it fails, iovySU files aren't on the system folder. So, either run the .bat directly or manually navigate to the folder where iovySU is located with an elevated Command Prompt before running it if you really need or want to run with elevated privileges...
I all, how can I unroot my device? Thank you
I believe that the best way to unroot is to use flashtool to install a stock ROM.
In the method above you used flashtool to install everything but the system file. This even install that file.
mbc07
Thanks for the fast answer, I did it as you told me, opened a CMD window with Adminstrator Rights, entered to the iovusy follder, but the Iovysu.bat keeps in waiting mode:
My settings on my phone are Developer mode activated, USB debugging activated, in security page Unkown sources are allowed.
I dunno but, here at work i Have Win 7 64 bits, At home is Win 10 64 bits and Linux Mint, Haven´t tried on lunix due it does not recognize my phone ( I am a little bit lamer with LINUX yet =P), Can anybody tell me a OS Setting that worked?
This is the first time a phone gives me a lot of trouble, is my fourth android phone. =\
Regards.
@hectorgironc you either didn't install ADB drivers correctly or didn't authorize the computer on the phone...
@vatastala there's various methods for unrooting, you can choose full unroot option inside SuperSU settings, flash a FTF with Androxyde's Flashtool or perform a repair through Xperia Companion, for example...
OK, finally after several tests installing android SDK's, google drivers, java sre as some forums commented... even I offered a chicken sacrifice to the gods, the only thing worked to me was to install the adb drivers for the m5 from developers xperia page:
http://developer.sonymobile.com/downloads/drivers/
just scroll until you find xperia m5 drivers, is about 8.5 MB, or download it from here.
after that everything was a charm. thanks for your help mbc07 :good:
mbc07 said:
Today I present you iovySU, a tool based on iovyroot binary which can sucessfully root Xperia M5 family! No need to unlock your bootloader or lose your unique DRM keys!
Requirements
• You must be using one of the supported firmwares (they're listed on "Supported Firmwares" down below and are also available as FTF, so you can downgrade with Androxyde's FlashTool if needed).
• USB Debugging must be enabled on the phone (available in Settings => Developer Settings -- if you can't see it, go to Settings => About Phone and tap 7 times on Android Build).
• ADB drivers should be installed on the computer, otherwise this tool won't see it (you can install Xperia Companion to get the drivers or use the stand-alone ADB driver).
• Your computer should be running Windows or Linux (you can probably use the Linux script on Mac, but that's completely untested and not guaranteed to work at all).
Instructions
• Download the attached ZIP and unzip its contents somewhere;
• Connect your phone, open iovysu.bat and wait (if you're on Linux, launch iovysu.sh from Terminal instead);
• After the process finished, the tool will notify you, press any key to reboot your phone;
• If iovySU worked, on your phone you should see a SuperSU notification, tap on it and let it update the binary (if you don't see the SuperSU notification, open SuperSU from app drawer instead);
• After updating the binary, reboot your phone once more and enjoy your fully rooted phone!
Supported Firmwares
For single SIM variants (E5603, E5606 and E5653):
• 30.0.A.1.23
• 30.1.A.1.33
For dual SIM variants (E5633, E5643 and E5663):
• 30.0.B.1.23
• 30.1.B.1.33
Frequently Asked Questions
Q: Help! I've enabled USB Debugging on my phone but iovySU keeps stuck at "Waiting for device" message!
A: This means ADB isn't "seeing" your phone, either because you didn't install ADB drivers (you can use this stand-alone driver) or because you didn't authorize the connection on your phone. If iovySU still can't see your phone, make sure you don't have another Android device with USB Debugging enabled plugged on your computer at the same time or emulators like BlueStacks or Genymotion running.
Q: Help! I'm using one of the supported firmwares, I ran iovySU, it rebooted my phone but I still don't have root access/SuperSU didn't show up in the app drawer!
A: Run iovySU again. Sometimes the exploit may freeze and your phone may reboot before SuperSU gets installed. In case you tried a few times and still can't get root, post the output of the tool here so I can help you.
Q: Help! I'm using a newer firmware but I couldn't find an FTF of a supported firmware version which matches my variant! What can I do?
A: I've uploaded the FTFs of the supported firmwares (check the forum), you can crossflash them safely to your phone (just don't do single SIM => dual SIM or vice versa -- the phone will bootloop). After rooting with iovySU, get an FTF which matches your variant/region with XperiFirm/FlashTool and use dd Flasher Minimal to flash it while maintaining root access.
Q: Why should I use this instead of KingRoot?
A: Mainly because it's open source, so you can see what's actually being modified on your phone. Currently, KingRoot has the convenience of rooting Xperia M5 with one click but on the other hand you get a dubious root managing app that have issues with some root-enabled apps and also includes other bloat stuff built-in. Although with some effort it can be replaced with SuperSU, the process is not that simple and can still leave junk on your system. That's also the main reason I talked with @zxz0O0 as soon as I noticed iovyroot could work on Xperia M5.
Q: I used iovySU and I'm rooted now, but I'm stuck on an older firmware version/another variant and OTAs fail to install. How can I update without losing root access?
A: By using my other tool, dd Flasher Minimal. If you crossflashed your phone in order to use iovySU, just get an FTF that matches your variant/region with FlashTool/XperiFirm and use it with dd Flasher Minimal.
Q: Is there any difference between iovySU and iovyroot?
A: Yes and no. Basically, the only difference between iovySU and iovyroot is that iovyroot gains temporary root to make a TA backup of the supported devices, while iovySU benefits from the same temporary root but to actually install SuperSU permanently on the system. The reason iovyroot script only backups TA partition is that many of the supported devices have additional security measures enabled, like dm-verity, so, these devices would refuse to boot if a single byte was modified on the system partition (and well, you actually need to write into system partition to get permanent root). For our luck, none of the Xperia M5 firmwares available at the moment have dm-verity, so we can get full root access without any issues!
Q: Can I use iovySU to root <insert device here>?
A: Well, if it's a device supported by iovyroot, without dm-verity (or similiar) on its kernel and running an ARM64 version of Android Lollipop or newer, then yes, it should work. It theoretically can work also with 32-bit devices, but then you'll need to modify the SuperSU package used by iovySU with the appropriate binaries (that's because unlikely the official SuperSU package, iovySU uses a stripped down version including only the bare minimum needed to get SuperSU installed on an ARM64 ROM).
Credits
I'm the author of the script but it also includes pieces of code made by @Chainfire (SuperSU) and heavily relies on iovyroot binary. I would also like to thank the people who helped testing the exploit earlier and @zxz0O0 for developing the iovyroot binary and his promptly help in adding Xperia M5 support to it.
Click to expand...
Click to collapse
Hi for my ask,
Your firmware is support with flashtool 0.9.21.0 or no, beause i flash with flashtool and brick my device 4 times, and sent to Sony Center 4 times, now I am very afraid to use flashtool with M5
If use flashtool 0.9.21.0 it have use .fsc script or not with your firmware
Thanks
The fsc file is now built into the package that flash tool gets from xperifirm. So unlike 20 you no longer get a prompt
icstm said:
The fsc file is now built into the package that flash tool gets from xperifirm. So unlike 20 you no longer get a prompt
Click to expand...
Click to collapse
Thanks so much, i just up flashtool 0.9.22.1, it's ok now flashtool have changelog:
C4 and C5 users please do not flash using Flashtool. It will brick the device. M5 users please do use FSC when flashing or it will brick your device
i hope flash it ok
Hi thanks for the hard work.
I just upgraded to marshmallow firmware through Sony companion. Means no root.
1) Any chance for me to revert back to 5.1 using customised FTF you supplied with flashtool?
2) If above yes, then root will be applied as per your instructions. Is root maintained if I flash the marshmallows using dd tool?
Waiting your response.
Downgrading with Androxyde's Flashtool to one of the old exploitable firmwares then using dd Flasher Minimal to go to the latest Lollipop firmware still works fine. Just don't use dd Flasher Minimal with the Marshmallow firmware, it'll bootloop because of dm-verity...
mbc07 said:
Downgrading with Androxyde's Flashtool to one of the old exploitable firmwares then using dd Flasher Minimal to go to the latest Lollipop firmware still works fine. Just don't use dd Flasher Minimal with the Marshmallow firmware, it'll bootloop because of dm-verity...
Click to expand...
Click to collapse
Can i downgrade without wiping userdata? Any possible side effects of doing it?
Bennybtc said:
Can i downgrade without wiping userdata? Any possible side effects of doing it?
Click to expand...
Click to collapse
From my past experience with other devices, downgrading without wiping user data will result in a bootloop, or, in the rare occasion it actually complete the boot, all apps will keep FCing and the phone will be unusable. The only cases where keeping user data don't yield issues is when you upgrade to a newer or to the same Android version...

NOST - Improved Version of OST LA 6.0.4 (v0.6, 02. Mar 2019)

"NOST" - short for "No Service Tool" (or "Nokia Service Tool" but that sounds too official and boring ) is a small hobby project I've been working on in the last couple of days.
It aims to make the service tool for Nokia 8 (and HMD Phones in general) more useable, user-friendly, and straigtforward to use, and after having to test it myself, and also
making a small beta test in the Telegram group for Nokia 8, I feel like posting it here so others can try it out too if they want.
First, to be clear: NOST is not completely my work. It is based on OST LA 6.0.4, which was made by HMD/Foxconn. Unlike the previous OST Patches, NOST does not replace
the executable with a hacked one, but instead wraps it and patches the methods that need patching at runtime. The result is that the changes are completely opensource
and readable by others, while the underlying OST files are not modified at all. I tried to base it on a different (i.e. newer) version of OST, but those are pretty much unpatchable,
at least not with a serious amount of reverse engineering, which brings not only time issues but legal ones as well.
NOST changes a couple of things, compared to the unmodified OST LA:
It removes the need for authentification against HMD/FIH servers (really, shoutout to the one who made the original hack, even though I could not use their code)
Moved the logs folder to the same folder as the application, as opposed to somewhere on the system to make debugging easier
The options for flashing firmware images appear reliable now. (At least for me they only appeared sometimes if not never on the original OST).
Removed one of the options that if it appeared crashed the flashing process ("Check System AP Status")
One user of the Telegram group had issues where OST would crash because it detects an invalid locale setting in Windows. NOST just catches that issue and defaults to english
Removed the "Edit Phone Information" button. It never worked and it's only purpose was to make the "Next" button appear, which works like it should now as well.
NOST refuses to flash your phone if your bootloader isn't unlocked critically. The old OST would just try to flash but never make any progress which confuses inexperienced users.
Perhaps the most important change: NOST allows to flash modified firmware images without the need to extract and modify them by hand.
With the original OST, people who wanted to reflash their phone had to download a firmware bundle, extract and edit it to be able to use it with OST LA 6.0.4, since the newer versions
had unpatchable issues that prevent using them. Repacking the images in a format OST expects wasn't possible either since that enabled some sort of signature algorithm on the modified
images and caused the flashing to fail. NOST solves this problem by allowing the use of a different packaging format. Those binaries still need to be extracted but it is done transparently in
the background without the user having to download any other tools. The formats that can be used in images are .zip and .qlz
.zip Firmwares:
.zip firmware files are simply archives of the (edited) files that would normally be extracted from an .nb0 file. This means, if you extract a .nb0 with the extractor found on XDA, the contents
of the *_unpacked folder it creates should be the contents of your .zip.
.qlz Firmwares:
.qlz files are based on QuickLZ compression, which gives them a small size but also a low decompression time.
The tool to generate them is called exdupe. Generating these images is pretty straigtforward. Assuming you are on windows, download the exdupe
tool from the link above (or take it from the NOST Tools/ folder) and copy it into the folder that contains the unpacked .nb0.
Code:
- exdupe.exe
- <nb0 name>_unpacked/
- <nb0 name>.mlf
- ....
Open a commandline in that folder, and run the following command:
Code:
exdupe.exe <name of the folder to compress> <name of the firmware file>.qlz
You should already see how fast it compresses the firmware folder now. As a reference: Compressing the latest Nokia 8 firmware (about 4GB) takes maybe 30 seconds and yields a 2GB file.
Repacked Firmware Bundles:
I created .qlz images of the May and November firmwares, as well as one of the various Pie Maintainance Releases.
You can find them here: https://tmsp.io/fs/xda/nb1/firmware
I already successfully reverted from December Security Patch to November using NOST, and then updated back using OTA Sideloading without problems.
As always when working with flashing tools, proceed with caution!
How to unlock to critical:
KonikoO said:
For those who wonder how to unlock into critical state :
Reboot into bootloader download mode and execute those commands :
fastboot flash unlock *unlock .bin*
fastboot flashing unlock_critical
Afterwards you should be able to flash provided .qlz with NOST.
Click to expand...
Click to collapse
Download:
The actual tool: https://github.com/StollD/NOST/releases
Drivers: https://github.com/StollD/nokia-driver-installer/tree/master/out
Source Code: https://github.com/StollD/NOST
License:
OST LA 6.0.4 is copyrighted by the respective authors. It is not modified permanently.
The custom NOST code is licensed under the GNU General Public License.
Icon by Freepik © Flaticon
I tried this is working,nice tool.
Thanks dev.
Thank you THMSP! very cool?
Sent from my TA-1004 using XDA Labs
Can flash the May and November update but cannot flash latest Pie with this tool. I flashed Pie but returned back to November update?
Lee Castro said:
Can flash the May and November update but cannot flash latest Pie with this tool. I flashed Pie but returned back to November update?
Click to expand...
Click to collapse
Yes, you can revert back from Pie to Oreo using this. What is the issue with Pie for you?
THMSP said:
Yes, you can revert back from Pie to Oreo using this. What is the issue with Pie for you?
Click to expand...
Click to collapse
What I mean is if I flash the Pie file you provided I just returned back to Android 8.1 Novemeber update no changes at all. Maybe there something wrong with the Pie file you uploaded. But the rests are all working fine with the tool.
Lee Castro said:
What I mean is if I flash the Pie file you provided I just returned back to Android 8.1 Novemeber update no changes at all. Maybe there something wrong with the Pie file you uploaded. But the rests are all working fine with the tool.
Click to expand...
Click to collapse
Thanks for the hint, I will take a look. Probably just derped when pulling partitions and renaming the images (might have worked in my November folder by accident).
EDIT: I repulled the images from Pie (I indeed somehow worked in my November folder when making the image), repackaged them and updated the version in the drive folder. You should now be able to flash Pie. Sorry for the mistake.
THMSP said:
Thanks for the hint, I will take a look. Probably just derped when pulling partitions and renaming the images (might have worked in my November folder by accident).
EDIT: I repulled the images from Pie (I indeed somehow worked in my November folder when making the image), repackaged them and updated the version in the drive folder. You should now be able to flash Pie. Sorry for the mistake.
Click to expand...
Click to collapse
Thanks again,This is really a big help.
Wow, this is something we've been all seeking for a long time now ! For those who wonder how to unlock into critical state :
Reboot into bootloader download mode and execute those commands :
fastboot flash unlock *unlock .bin*
fastboot flashing unlock_critical
Afterwards you should be able to flash provided .qlz with NOST.
hey there! wonderful tool to have. Thank u so much
Not working in my laptop say a software need a to update
Blackhacker07 said:
Not working in my laptop say a software need a to update
Click to expand...
Click to collapse
If you have dependency issues I would suggest to install OST LA 6.0.4 first, so you get its dependencies, until I can make a proper installer for NOST.
THMSP said:
If you have dependency issues I would suggest to install OST LA 6.0.4 first, so you get its dependencies, until I can make a proper installer for NOST.
Click to expand...
Click to collapse
Could you perhaps figure out how to get rid of the unlocked bootloader message?
ironman38102 said:
Could you perhaps figure out how to get rid of the unlocked bootloader message?
Click to expand...
Click to collapse
Are you talking about the error message that appears when you press the Next button to start flashing?
If yes, your bootloader needs to be unlocked to critical, then the message won't appear.
If you are unsure if your bootloader is unlocked to critical, do "fastboot oem device-info", it will tell you.
If you mean the message that your phone displays when booting with an unlocked bootloader then sorry, I doubt that's possible (I think it is embedded into the bootloader).
THMSP said:
Are you talking about the error message that appears when you press the Next button to start flashing?
If yes, your bootloader needs to be unlocked to critical, then the message won't appear.
If you are unsure if your bootloader is unlocked to critical, do "fastboot oem device-info", it will tell you.
If you mean the message that your phone displays when booting with an unlocked bootloader then sorry, I doubt that's possible (I think it is embedded into the bootloader).
Click to expand...
Click to collapse
Actually its in splash.img that can be dumped. Its the hex editing possibly that might be a problem for someone not familiar with it
How to flash it's says this...
Blackhacker07 said:
How to flash it's says this...
Click to expand...
Click to collapse
What do you mean?
KonikoO said:
Wow, this is something we've been all seeking for a long time now ! For those who wonder how to unlock into critical state :
Reboot into bootloader download mode and execute those commands :
fastboot flash unlock *unlock .bin*
fastboot flashing unlock_critical
Afterwards you should be able to flash provided .qlz with NOST.
Click to expand...
Click to collapse
Thank you so much for this advice. I wouldn't have ever figured out how to unlock critical on my own and that was the thing that was preventing me from flashing. I tried searching the other OST LA flashing threads as well but this info seemed to have been missing, or then i completely missed it. Thank you so much anyways. If anybody else is trying to figure out why their OST LA or NOST is giving them the se_err_adb_cmd_get_fail_result error, this should help. I just used the unlock.key in place of the *unlock.bin* in your command and it worked.
Can you please upload Oreo December update stock and patched boot image. TIA
Yesterday I noticed that my Pie Image was still not quite useable, since it contained a corrupted system partition.
This seems to have happened because of my Magisk Setup and me only replacing the boot partition image and not uninstalling Magisk completely.
I rebuilt the image, to be fully stock, and also included the latest B07 update that @hikari_calyx uploaded yesterday. You can get it from the drive link in the OP.

Teclast M40 Pro Discoveries

Teclast M40 Pro Discoveries​Various helpful points of knowledge to unlock your bootloader, to root, and use your tablet.
Problem: Where can I obtain the official firmware?
Solution: Teclast Website
Usage: type M1A3 in search
Problem How can I unpack "pac" files?
Solution: Build C utility divinebird / pacextractor
Solution: Download pre built Linux executable pacextractor.zip
Usage: >./pacextractor Firmware.pac
Bash:
git clone https://github.com/divinebird/pacextractor
cd pacextractor
make
Problem: I need tools to flash my device
Solution: Download the latest SPD Upgrade Flash Tool SPD_Upgrade_Tool
Problem: msvcr100.dll missing error in Windows whilst running SPD (Factory/Research/Upgrade) Tools
Solution: Download and install 2010 Visual C++ Distribution
Problem: I want to unlock my bootloader. (Window and Linux kit)
Solution: Download TeclastM40Pro_Unisoc_UnlockTools.zip
Usage: Read readme file.
Problem: How can I remove the dm_verify warning on boot up after unlocking the bootloader?
Untested Solution: digitally sign the vbmeta partition and write it back. See [Tutorial] How to create a custom signed vbmeta.img
Problem: I want to root my device.
Solution: Modify boot.img with Magisk, then sign.
Usage: Upload to your device's download directory, the current boot.img read from your device, or from the same version firmware. Then install Magisk app from here. Use Magisk to patch the boot.img. Sign the partition. Then flash back the signed magisk version of boot.img to "boot_a" partition. Guide to flashing single partition at Hovatek Website
Problem: I need to emergency flash my device?
Solution: Currently only from Windows, use SPD Upgrade Tools to reflash firmware.
Usage: From the tablet powered off, or if boot looping. Hold down the power-button and volume-down for five seconds, release the power-button, and keep the volume-down button still held for another five seconds, then release or release if the detected earlier. Windows and SPD tools should then detect your device to flash.
Problem: I want to improve my Telcast M40 Pro
Solution: List of suggested apps below;
FDroid App Store F-Droid Website
Aurora > via FDroid. App store allowing the direct download from Google Playstore, without your own account.
Lawnchair > via FDroid. Fast open source sophisticated launcher.
AdAway > via FDroid. Removes adverts whilst using apps.
TrackerControl > via FDroid. Manages apps access to internet, and blocks spyware and trackers.
.
Problem: I want root mode without the effort of hacking a rom partition.
Solution: For those with World version Teclast M40 Pro device, here is a signed rooted boot partition I created. Read the readme file inside the zip. You will require an unlocked device, windows setup with USB drivers for Teclast, the complete firmware from Teclast website, and SPD Update Tools installed. If you're successful, then on rooting you will need to install Magisk app to get root active. Magisk will reboot once to finalise.
Download : TeclastM40Pro_ROW__v1p0_signedboot_magiskrooted.zip
Download : TeclastM40Pro_ROW__v1p2_signedboot_magiskrooted.zip
SPD Upgrade Tools is closing while trying to flash stock firmware, both with M40 Pro locked and unlocked bootloader. What should i do?
laurorual said:
SPD Upgrade Tools is closing while trying to flash stock firmware, both with M40 Pro locked and unlocked bootloader. What should i do?
Click to expand...
Click to collapse
Sorry for replying late. I got no indication of the response. To the problem, I can only suggest getting a different version of SPD or m aking sure your computer system is properly updated. I hope you've already solved the issue!
Maybe you're experiencing, "Problem: msvcr100.dll missing error in Windows whilst running SPD (Factory/Research/Upgrade) Tools" See above for solution.
I've noticed a new ROM for world edition, "M40 Pro(M1A3)_Android 11.0_ROW V1.02_20220525", but not getting any system update options for OTA. People flashing their systems may want the latest firmware!
Thanks to your Magisk file I was able to root my tablet, but when updating to the latest version it goes into bootloop, I have tried updating the original firmware image again, but it also goes into bootloop.
Is there any way to install Magisk modules?
Thanks for your post, it helped me a lot to unlock my tablet.
Edit: My version is the M1A1 firmware V1.03_20210804
Edit 2: Finally, when updating my tablet with the root file that is in the post, it did not allow me to install any Magisk module, the solution is to download version 24.3, and update automatically, without changing to a higher version of Magisk
Glad you worked it out Miny !!! Sorry the warning emails for new posts have been going to a gmail account I no longer use.
Also your hardware maybe different and require it's own unique firmware and boot images. It seems the cracking in similar though.
Some questions:
Do I need to unlock my bootloader in order to be able to get root with magisk?
The tools for unlocking the bootloader uses
Code:
fastboot flashing unlock_bootloader
. My version of fastboot (33.0.3p1-android-tools) doesn't have that command. The included one (0.0.0-09219) does, but I wan't to be careful about running softwar from untrusted sources. Where is that version of fastboot from?
Does any of the steps necessary to get root access delete my data?
Hi there.
I have a m40pro (M1A1) running android 11, do you know if I can install firmware Z3A1 to get android 12? Or will be bricked?
Thanks in advance
rubsbcn said:
I have a m40pro (M1A1) running android 11, do you know if I can install firmware Z3A1 to get android 12? Or will be bricked? Thanks in advance
Click to expand...
Click to collapse
To tell you the truth, not sure. Most SoC are impossible or near impossible to brick. They usually allow for an injection or have a read only boot section. Other words you could test. Also research difference in hardware between models, and that may indlicate if something may not work. The kernel/drivers are the improtant aspect.
jorkusjorkus said:
Some questions:
Do I need to unlock my bootloader in order to be able to get root with magisk?
The tools for unlocking the bootloader uses
Code:
fastboot flashing unlock_bootloader
. My version of fastboot (33.0.3p1-android-tools) doesn't have that command. The included one (0.0.0-09219) does, but I wan't to be careful about running softwar from untrusted sources. Where is that version of fastboot from?
Does any of the steps necessary to get root access delete my data?
Click to expand...
Click to collapse
What OS are you using? Google is constantly changing Android Studio and the added modules. Then others may build with options removed. Personally I use Archlinux and load up standalone android-tools from the community repository. Currently v33.0.3-3
Try fastboot --help
Your version may have
Code:
fastboot flashing unlock_critical
minyfriki said:
Thanks to your Magisk file I was able to root my tablet, but when updating to the latest version it goes into bootloop, I have tried updating the original firmware image again, but it also goes into bootloop.
Click to expand...
Click to collapse
What I found works, is when using SPD Research Tool, load up the firmware.pac and then go into settings and click "Select All Files" and again to unselect, which leaves the default required items.
Then manually change BOOT to the Magisk img. Then click on all VBMETA types, and UBOOT_LOADER (may not be required though). Then flash.
You should get bootable tablet (no looping). Warning: UserData partition is written over.
I'll share my Magisk image for v1.2
e8hffff said:
What OS are you using? Google is constantly changing Android Studio and the added modules. Then others may build with options removed. Personally I use Archlinux and load up standalone android-tools from the community repository. Currently v33.0.3-3
Try fastboot --help
Your version may have
Code:
fastboot flashing unlock_critical
Click to expand...
Click to collapse
I'm using the same version as you on the same OS. After some research it seems like unlock_bootloader was removed in this commit from 2018. From what I can tell, unlock_critical does something else (unlock_bootloader runs
Code:
fb_queue_download("unlock_message", data, sz); fb_queue_command("flashing unlock_bootloader", "unlocking bootloader");
while unlock_critical runs
Code:
do_oem_command("flashing", "unlock_critical" and doesn't take the signature argument);
)
I'll see if I can compile the older version with the needed command.
What about my other questions?
Issue: Android not starting. I had the infinite restart when plugged in the usb. I tried to reload the installation package (succeeded), but didn't fixed the issue. Battery was not charging yet. When I started the Teclast M40 pro, the logo showed up, but the tablet turned off again.
Solution: I have disassembled the cover, unplugged the 5 pin plug from the battery for half hour and plugged again. When I tried to turn it on, everything was fine.
dougcwb said:
Solution: I have disassembled the cover, unplugged the 5 pin plug from the battery for half hour and plugged again. When I tried to turn it on, everything was fine.
Click to expand...
Click to collapse
Wow that's weird Doug. Remember this, if you don't already know, that you can do a cold start by holding down the power button for over 10 seconds, on most devices.
I guess you're running now on rooted tablet !!!
e8hffff said:
Wow that's weird Doug. Remember this, if you don't already know, that you can do a cold start by holding down the power button for over 10 seconds, on most devices.
I guess you're running now on rooted tablet !!!
Click to expand...
Click to collapse
I did the installation package process that the Teclast sent me. The last thing they told me to do was keep trying to install the package (wft?). Well, I just open the tablet, unplugged the battery for a while and after that it worked.
Maybe this resolved 2 things:
1-the battery was not properly connected in the first place, so when I plugged the 5 pin to the board it connected as it should.
2- Maybe there is a "memory" in the board attached to the battery that was bricked (or something like that) when I pulled off the plug, this memory was reseted.
BTW, when the tablet came to life again, the battery was at 87%.

Categories

Resources