Related
IT IS POSSSSIIIIIBBBBLLLLLE!
I am rewriting this tutorial from RDS www.yuplaygod.com member's post
This is only meant for users who had rooted their device, in lollipop, have cwm or twrp recovery installed. IF not rooted find guides for it. (Hint: Google it)
I suggest to not use fastboot for flashing roms... It may brick you device (I meant hard brick)
So here is what we are going to do!
STEPS (VERY SIMPLE)
1) Download Back_to_cm11-signed by Abhiram.zip https://drive.google.com/file/d/0B4etFrzyEA01UklKR3N5T2JYeGc/view?usp=sharing
2)Download recovery-yu.img https://drive.google.com/file/d/0B4etFrzyEA01d2VGRXNuY2I1MGs/view?usp=sharing
3)Copy Back_to_cm11-signed by Abhiram.zip to SDCARD
4)Open recovery and flash it
5)Open fastboot mode.
6)Connect to your computer and flash recovery-yu.img
7)Open recovery by pressing "vol+"+"vol-"+"pwr"
8)Flash stock rom zip. Go to this guide to get it http://forum.xda-developers.com/yureka/orig-development/rom-t3042384
9) Rock with it!.
********FOR THOSE WHO ARE NOT GOOD WITH FASTBOOT**********
So yureka is something different. So you have to specify the device id for the fastboot to find it.
Install adb-setup.1****.exe https://drive.google.com/file/d/0B4etFrzyEA01SE9NTVNRWTl4Y0E/view?usp=sharing
Open CMD
Type fastboot -i 0x1ebf devices
If any device is detected you r good to go
Close CMD
Open the place where you have downloaded recovery-yu.img
By pressing shift, right click the folder (in which you have downloaded recovery-yu.img) click open command window here
and type fastboot -i 0x1ebf boot recovery-yu.img
That's it
Have you tried that and didn't face any hardbricks?
Yes
I risked my own device to prove that. Go ahead 10000% sure that this will work. Because my device did not brick at all
Please hit tanks if you got it working! It is working..
Abhiram Shibu said:
I risked my own device to prove that. Go ahead 10000% sure that this will work. Because my device did not brick at all
Please hit tanks if you got it working! It is working..
Click to expand...
Click to collapse
tank you
The OP suggest not to use fastboot mode as it may hard brick device & the steps tht follow are based on fastboot option... I'm confused, Is it safe to use fastboot mode thn?
ujilraj their is nothing to be confused. You can use fastboot mode. But if you flash system.img and data.img via fastboot, which has different partition styles, then you will end up with hard bricked phone... That's why!
Flashing recovery is very safe! GO for it!
I have tested it
For further clarification i'm asking this, pardon me...
First i boot into CM12 recovery & flash Back_to_cm11-signed by Abhiram.zip
Then,
Enter fastboot mode & install recovery-yu.img tht belongs to CM11.
Then,
I boot into CM11 recovery & flash any CM11 rom... Rite???
A bit confuse
Abhiram Shibu said:
I suggest to not use fastboot for flashing roms... It may brick you device (I meant hard brick)
That's it
Click to expand...
Click to collapse
I am a bit confuse here. Could you explain to me what is the different between:
Code:
package_extract_file("firmware-update/tz.mbn", "/dev/block/bootdevice/by-name/tz");
package_extract_file("firmware-update/hyp.mbn", "/dev/block/bootdevice/by-name/hyp");
package_extract_file("firmware-update/sbl1.mbn", "/dev/block/bootdevice/by-name/sbl1");
package_extract_file("firmware-update/rpm.mbn", "/dev/block/bootdevice/by-name/rpm");
package_extract_file("firmware-update/emmc_appsboot.mbn", "/dev/block/bootdevice/by-name/aboot");
package_extract_file("firmware-update/NON-HLOS.bin", "/dev/block/bootdevice/by-name/modem");
AND
Code:
fastboot -i 0x1ebf flash tz tz.mbn
fastboot -i 0x1ebf flash hyp hyp.mbn
fastboot -i 0x1ebf flash sbl1 sbl1.mbn
fastboot -i 0x1ebf flash rpm rpm.mbn
fastboot -i 0x1ebf flash aboot emmc_appsboot.mbn
fastboot -i 0x1ebf flash modem NON-HLOS.bin
ujilraj said:
For further clarification i'm asking this, pardon me...
First i boot into CM12 recovery & flash Back_to_cm11-signed by Abhiram.zip
Then,
Enter fastboot mode & install recovery-yu.img tht belongs to CM11.
Then,
I boot into CM11 recovery & flash any CM11 rom... Rite???
Click to expand...
Click to collapse
Ujilraj That is absolutely correct ! You got it man.:good:
tirta.agung said:
I am a bit confuse here. Could you explain to me what is the different between:
Code:
package_extract_file("firmware-update/tz.mbn", "/dev/block/bootdevice/by-name/tz");
package_extract_file("firmware-update/hyp.mbn", "/dev/block/bootdevice/by-name/hyp");
package_extract_file("firmware-update/sbl1.mbn", "/dev/block/bootdevice/by-name/sbl1");
package_extract_file("firmware-update/rpm.mbn", "/dev/block/bootdevice/by-name/rpm");
package_extract_file("firmware-update/emmc_appsboot.mbn", "/dev/block/bootdevice/by-name/aboot");
package_extract_file("firmware-update/NON-HLOS.bin", "/dev/block/bootdevice/by-name/modem");
AND
Code:
fastboot -i 0x1ebf flash tz tz.mbn
fastboot -i 0x1ebf flash hyp hyp.mbn
fastboot -i 0x1ebf flash sbl1 sbl1.mbn
fastboot -i 0x1ebf flash rpm rpm.mbn
fastboot -i 0x1ebf flash aboot emmc_appsboot.mbn
fastboot -i 0x1ebf flash modem NON-HLOS.bin
Click to expand...
Click to collapse
That is good question, I appreciate that.
So.... I got to say is that. When you use "fastboot -i 0x1ebf flash aboot emmc_appsboot.mbn " This will format the desired partition and put files there. If the partition table is modified then more likely it would not flash but erase the whole partion. That will lead to a hard bricked phone. The procedure you told will work.
But zip just copies these files to that location..... Sounds great, i think.
IN my opinion ONLY FASTBOOT CAN CAUSE HARD BRICK which is the greatest issue faced by yureka users.
If you managed to flash a 32bit rom in recovery without flashing the zip I have given you, the chances are you end up into a boot loop or Soft Brick. But do the same with fastboot you will end up with Hard bricked phone!
Zip method is always safe. I mean the safest!
Flashing recovery via fast boot don't cause anu Hard Bricks. I tried in my phone, i ended up with Soft Brick.... I repaired it by using unsafe method flashed ROM via fast boot. Luckily there was no partition mismatch. I could have flashed recovery and flashed my zip file!
So my advise please don't use fastboot. It is too dangerous for your phone ( As most of them can't even contact the customer care ) I don't want you to end up like this....
Note: Most of them flash system.img and data.img first .... don't do that... If you r so sure flash the files you mentioned first. As they contain boot loader(Priorety), Modem, Partiton Style, Touch Drivers.......
Good Luck! :good:
I hope this information helped you
Please hit thanks if I helped you in any manner!
Abhiram Shibu said:
That is good question, I appreciate that.
So.... I got to say is that. When you use "fastboot -i 0x1ebf flash aboot emmc_appsboot.mbn " This will format the desired partition and put files there. If the partition table is modified then more likely it would not flash but erase the whole partion. That will lead to a hard bricked phone. The procedure you told will work.
But zip just copies these files to that location..... Sounds great, i think.
IN my opinion ONLY FASTBOOT CAN CAUSE HARD BRICK which is the greatest issue faced by yureka users.
If you managed to flash a 32bit rom in recovery without flashing the zip I have given you, the chances are you end up into a boot loop or Soft Brick. But do the same with fastboot you will end up with Hard bricked phone!
Zip method is always safe. I mean the safest!
Flashing recovery via fast boot don't cause anu Hard Bricks. I tried in my phone, i ended up with Soft Brick.... I repaired it by using unsafe method flashed ROM via fast boot. Luckily there was no partition mismatch. I could have flashed recovery and flashed my zip file!
So my advise please don't use fastboot. It is too dangerous for your phone ( As most of them can't even contact the customer care ) I don't want you to end up like this....
Note: Most of them flash system.img and data.img first .... don't do that... If you r so sure flash the files you mentioned first. As they contain boot loader(Priorety), Modem, Partiton Style, Touch Drivers.......
Good Luck! :good:
I hope this information helped you
Please hit thanks if I helped you in any manner!
Click to expand...
Click to collapse
Rather than flashing your zip via recovery, can I not use fastboot to flash the following in the order mentioned:
modem, sbl1, aboot, rpm, tz, hyp, recovery. The files that would be used are a part of cm11 fastboot package. After flashing all of these, boot to recovery and then flash the cm11 zip. I'll be essentially doing the same like you did. But I'll be using fastboot to flash firmware specific stuff. I strongly believe that these would not cause the infamous brick.
Thanks,
Sanjay
Abhiram Shibu said:
That is good question, I appreciate that.
So.... I got to say is that. When you use "fastboot -i 0x1ebf flash aboot emmc_appsboot.mbn " This will format the desired partition and put files there. If the partition table is modified then more likely it would not flash but erase the whole partion. That will lead to a hard bricked phone. The procedure you told will work.
But zip just copies these files to that location..... Sounds great, i think.
IN my opinion ONLY FASTBOOT CAN CAUSE HARD BRICK which is the greatest issue faced by yureka users.
If you managed to flash a 32bit rom in recovery without flashing the zip I have given you, the chances are you end up into a boot loop or Soft Brick. But do the same with fastboot you will end up with Hard bricked phone!
Zip method is always safe. I mean the safest!
Flashing recovery via fast boot don't cause anu Hard Bricks. I tried in my phone, i ended up with Soft Brick.... I repaired it by using unsafe method flashed ROM via fast boot. Luckily there was no partition mismatch. I could have flashed recovery and flashed my zip file!
So my advise please don't use fastboot. It is too dangerous for your phone ( As most of them can't even contact the customer care ) I don't want you to end up like this....
Note: Most of them flash system.img and data.img first .... don't do that... If you r so sure flash the files you mentioned first. As they contain boot loader(Priorety), Modem, Partiton Style, Touch Drivers.......
Good Luck! :good:
I hope this information helped you
Please hit thanks if I helped you in any manner!
Click to expand...
Click to collapse
2 questions :-
1. ) As you said that do not use the fastboot method to flash kitkat rom. My question is, Can i use fastboot method to flash the lollipop 64bit zip file (that is basically the same OTA update file), using same method which was used to flash kitkat (by extracting the zip file contents to a common folder containing flash-all.bat, if u remmeber?). Basically i want to know a method to re-flash lollipop 64 bit , if any1 knows?
2.) Once i suceed to get kitkat rom back , from the lollipop 64 bit. Can i use FASTBOOT method in FUTURE flashes to flash kitkat based custom roms or should i permanently DISCONTINUE flashing through fastboot, even after getting kitkat rom back by your method?
thanks in advance .... :good:
---------- Post added at 12:51 AM ---------- Previous post was at 12:41 AM ----------
Also i want to know. is there something like 32bit and 64 bit recovery. I hv heard that flashing incoatiable recovery can also lead to hard brick.
which recovery to flash when.??
could be great if any1 has positive information and can guide....
coolboyforeva said:
2 questions :-
1. ) As you said that do not use the fastboot method to flash kitkat rom. My question is, Can i use fastboot method to flash the lollipop 64bit zip file (that is basically the same OTA update file), using same method which was used to flash kitkat (by extracting the zip file contents to a common folder containing flash-all.bat, if u remmeber?). Basically i want to know a method to re-flash lollipop 64 bit , if any1 knows?
2.) Once i suceed to get kitkat rom back , from the lollipop 64 bit. Can i use FASTBOOT method in FUTURE flashes to flash kitkat based custom roms or should i permanently DISCONTINUE flashing through fastboot, even after getting kitkat rom back by your method?
thanks in advance .... :good:
---------- Post added at 12:51 AM ---------- Previous post was at 12:41 AM ----------
Also i want to know. is there something like 32bit and 64 bit recovery. I hv heard that flashing incoatiable recovery can also lead to hard brick.
which recovery to flash when.??
could be great if any1 has positive information and can guide....
Click to expand...
Click to collapse
There is nothing to be confused. there are 32 bit and 64 bit recoveries. Flashing wrong recovery will only softbrick your phone. I did it ones accidentally
32bit recovery https://drive.google.com/open?id=0B4etFrzyEA01d2VGRXNuY2I1MGs&authuser=0
64bit recovery https://drive.google.com/open?id=0B4etFrzyEA01NnZBWHcxWlVHTW8&authuser=0
If you want to flash lollipop then download lollipop flash-able zip file click here for zip file
There are some good working fastboot upgrade packages. So if you have one of them ( Tried it yourself to upgrade and worked earlier) Then use that package it will work!. Flashing with zip file with recovery reduces risk!:good:
Abhiram Shibu said:
There is nothing to be confused. there are 32 bit and 64 bit recoveries. Flashing wrong recovery will only softbrick your phone. I did it ones accidentally
32bit recovery https://drive.google.com/open?id=0B4etFrzyEA01d2VGRXNuY2I1MGs&authuser=0
64bit recovery https://drive.google.com/open?id=0B4etFrzyEA01NnZBWHcxWlVHTW8&authuser=0
If you want to flash lollipop then download lollipop flash-able zip file click here for zip file
There are some good working fastboot upgrade packages. So if you have one of them ( Tried it yourself to upgrade and worked earlier) Then use that package it will work!. Flashing with zip file with recovery reduces risk!:good:
Click to expand...
Click to collapse
ok . m not gonna use fastboot. But how will i flash signed lollipop zip file on custom recovery and unlocked bootloader. it wont boot. I would need an unsigned lollipop 64 bit zip file or rather a locked bootloader + stock 64 bit recovery . Any link for stock 64 bit recovery ? is above link for stock or custom recovery?
coolboyforeva said:
ok . m not gonna use fastboot. But how will i flash signed lollipop zip file on custom recovery and unlocked bootloader. it wont boot. I would need an unsigned lollipop 64 bit zip file or rather a locked bootloader + stock 64 bit recovery . Any link for stock 64 bit recovery ? is above link for stock or custom recovery?
Click to expand...
Click to collapse
Yes it will boot.
Link above is for custom CWM recovery.
Warning ******** Boring Story Ahead*********
So i purchased my yureka from Amazon. When i got it, I unlocked boot loader, installed cwm recovery right away. When the lollipop upgrade showed up I tried to download it via system upgrade. It downloaded but wont flash because of a custom recovery. So... I downloaded a signed zip file from xda attachment which i gave you. I cleared cache and tried installing the zip file.... It actually works.
Why it worked?
Stock rom looks for signed zips and it should be signed my their developer. But custom recoveries installs any zip file which is flashable regardless they are signed or unsigned. The only thing it looks for is the scripts and device compactability.
So try flashing the lollipop signed zip file. It will surely work...
So... What will the zip file do?
It will wipe system, modem, recovery etc exept data. Resize them and copy files in.
So ... What will you end up with.
Obviously,
A locked bootloader ( Which when unlocked wipes data)
A stock old cyanogen recovery.
Non rooted CM12.....
So this means that if you want to be a power user you have to start form beginning. So... consider taking a nandroid backup before you upgrade.....
STEPS TO BACKUP DATA ON CYANOGEN 11
So... Abhiram I cant find my backup on sdcard
answer to this question is very simple. You know that your sdcard and app memory are same. So they created a new folder 0 and mounted as your sdcard.
So... How do you get that out....
There are 2 methords
Common step boot into recovery and connect your mobile to your computer. Make sure that ADB drivers are installed
Methord 1
Type
"adb shell
cp -r /sdcard/clockworkmod/ /sdcard/0/android/
adb reboot"
So after the phone rebooted. Open file manage ( anyone ) Browse into android folder in your sdcard, you will find your backup there. If you cant find your whole backup , the chances are you r running out of memory.
Methord 2
type
"adb pull /sdcard/clockworkmod/ %UserProfile%/documents/backup_from_nandroid/ "
Your backup can be found in c:/users/<your user name here>/documents/backup_from_nandroid/
So that is it....
So when you unlock boot loader you can copy this backup into your phone by....
1) Copy backup to adb folder
2) Type adb push <Directory name> /sdcard/clockworkmod/
Then do a advanced restore. Select data and restore
done!
Abhiram Shibu said:
Yes it will boot.
Link above is for custom CWM recovery.
Warning ******** Boring Story Ahead*********
So i purchased my yureka from Amazon. When i got it, I unlocked boot loader, installed cwm recovery right away. When the lollipop upgrade showed up I tried to download it via system upgrade. It downloaded but wont flash because of a custom recovery. So... I downloaded a signed zip file from xda attachment which i gave you. I cleared cache and tried installing the zip file.... It actually works.
Why it worked?
Stock rom looks for signed zips and it should be signed my their developer. But custom recoveries installs any zip file which is flashable regardless they are signed or unsigned. The only thing it looks for is the scripts and device compactability.
So try flashing the lollipop signed zip file. It will surely work...
So... What will the zip file do?
It will wipe system, modem, recovery etc exept data. Resize them and copy files in.
So ... What will you end up with.
Obviously,
A locked bootloader ( Which when unlocked wipes data)
A stock old cyanogen recovery.
Non rooted CM12.....
So this means that if you want to be a power user you have to start form beginning. So... consider taking a nandroid backup before you upgrade.....
STEPS TO BACKUP DATA ON CYANOGEN 11
So... Abhiram I cant find my backup on sdcard
answer to this question is very simple. You know that your sdcard and app memory are same. So they created a new folder 0 and mounted as your sdcard.
So... How do you get that out....
There are 2 methords
Common step boot into recovery and connect your mobile to your computer. Make sure that ADB drivers are installed
Methord 1
Type
"adb shell
cp -r /sdcard/cyanogenmod/ /sdcard/0/android/
adb reboot"
So after the phone rebooted. Open file manage ( anyone ) Browse into android folder in your sdcard, you will find your backup there. If you cant find your whole backup , the chances are you r running out of memory.
Methord 2
type
"adb pull /sdcard/clockworkmod/ %UserProfile%/documents/backup_from_nandroid/ "
Your backup can be found in c:/users/<your user name here>/documents/backup_from_nandroid/
So that is it....
So when you unlock boot loader you can copy this backup into your phone by....
1) Copy backup to adb folder
2) Type adb push <Directory name> /sdcard/clockworkmod/
Then do a advanced restore. Select data and restore
done!
Click to expand...
Click to collapse
Ok.. I want to revert back to kitkat. i wont be using fastboot to flash rom(only to flash recovery image). Is there anything else which i should avoid and keep in mind in order to prevent hard brick?? please suggest
coolboyforeva said:
Ok.. I want to revert back to kitkat. i wont be using fastboot to flash rom(only to flash recovery image). Is there anything else which i should avoid and keep in mind in order to prevent hard brick?? please suggest
Click to expand...
Click to collapse
Tips to avoid hardbrick.
Don't flash ROM via fastboot
Don't Format partition using fast boot
You can flash boot and recovery via fastboot.
You can do anything in recovery.
Advice backup ROM before you install kernel, or any zip files. That will help you if you soft brick your phone.
Hit thanks if I help you in anyway till now.
On reading the OP's comments another doubt occurred, Do i need to unlock bootloader all the time when switching between KK & LP? (Will the internal SD memory gets wiped all the time... Do i need to backup every data on the internal SD memory onto PC before switching from KK to LP & vice-versa?)
Yes, but in case of upgrading and unlocking boot loader
Nice Question
When you downgrade from CM12 to CM11 your data will be safe. Unlocking boot loader will not do anything with your data:angel:
But When you are upgrading from CM11 to CM12 your data will be also safe, but the problem occurs when you try to unlock boot loader It will wipe all of your data.:crying:
When we unlock boot loader in kitkat CM11 by using command fastboot -i 0x1ebf oem unlock
It doesn't ask for any confirmations.
But in case of CM12 when you unlock boot loader by using the same command, before wiping data, it asks for confirmation. ie It tells to push vol+ to confirm or push vol - to stop.
If you see like this. Fastboot is going to erase your sdcard.
Its a good practice to backup your data when you r playing with your phones firmware, It will help you get back your memorable moments, favorite music etc.
If you have an otg cable. Keep a pendrive for backup
So concluding in unlocking CM11 no data loss unlocking in CM12 there is data loss.
Good luck:good:
One more doubt, suppose i'm on KK & want to upgrade to some custom CM12.x rom, do i need to go through the process of installing stock cm12 all the time, or do u suggest any other simple way to directly do the same?
Hey,
I've been messing around with flashify app to see if it will install a custom TWRP or CWM as a recovery image but made sure i backed up my recovery using ES File Explorer (as root) /dev/block/platform/msm_sdcc.1/by-name/ recovery and by all intents and purposes it would work if there was a custom recovery out there that would support the Amazon Fire Phone.
When i install a random phones custom recovery and boot up into recovery it will show the amazon screen then with power and up button pressed it will go to a plain black screen.
I would the recover my original recovery file to area mentioned above after this not working and i would have my normal recovery again.
Just wondering if anyone can utilize this info as i know that the Kindle HDX managed to have a custom recovery installed on with with a locked bootloader.
I am currently looking at building a custom CWM recovery for device but if anyone else has better understanding of how to do this it might save a lot of time lol
TheDynamo said:
Hey,
I've been messing around with flashify app to see if it will install a custom TWRP or CWM as a recovery image but made sure i backed up my recovery using ES File Explorer (as root) /dev/block/platform/msm_sdcc.1/by-name/ recovery and by all intents and purposes it would work if there was a custom recovery out there that would support the Amazon Fire Phone.
When i install a random phones custom recovery and boot up into recovery it will show the amazon screen then with power and up button pressed it will go to a plain black screen.
I would the recover my original recovery file to area mentioned above after this not working and i would have my normal recovery again.
Just wondering if anyone can utilize this info as i know that the Kindle HDX managed to have a custom recovery installed on with with a locked bootloader.
I am currently looking at building a custom CWM recovery for device but if anyone else has better understanding of how to do this it might save a lot of time lol
Click to expand...
Click to collapse
I'm doing experiments, I flashed the TWRP version of the Galaxy Note 3 HLTE as they share processor but has not worked, I keep trying.
Best regards,
Just spent hours trying to make a custom CWM recovery image in Ubuntu 14.04 following the guide below but didn't have much luck. May try again at the weekend. If anyone else wants to have a go i have attached recovery and boot images
http://forum.xda-developers.com/android/development/guide-how-to-build-cwm-based-recovery-t2973804
On my KDFIRE Soho is the bootloader Locked and Stock recovery. But you can Flash Roms with the Stock Recovery. There is something with the signature. But only custom Roms based on FireOS Are Working. The FireOS Statusbar is my Personal Nightmare
Well I ported a custom CWM recovery but unfortunately it still does not work when installing with Flashify get the same black screen - Attached.
This made me laugh today
Amazon.co.uk
Your Account Amazon.co.uk
Message From Customer Service
Hello,
I understand that you are not happy, as bootloader is locker for Amazon Fire Phone and would like to have a Key to unlock Bootloader.
I realise that you have been greatly inconvenienced by this situation, it is never our intention to cause inconvenience to our valued customers like you. Please accept my apologies.
Unfortunately, at this time we do not have option to provide Key to unlock Bootloader.
Customer feedback like yours is very important in helping us continue to improve the Fire phone experience. I've forwarded your message to our Fire Phone Team for consideration as we make further improvements.
Thanks for taking the time to provide your feedback.
We look forward to seeing you again soon.
Warmest regards,
Sravanthi
Your feedback is helping us build Earth's Most Customer-Centric Company.
Amazon.co.uk
here's something you should consider.. make a single byte modification to the original bootloader and see if it boots.. if it does.. then we're clear.. if not we're ****ed.. if we're ****ed, then we need to deal with the procedure authenticating (and probably hashing) the recovery.. the bootloader.. or hashcode's hijack it is...
AbdouRetro said:
here's something you should consider.. make a single byte modification to the original bootloader and see if it boots.. if it does.. then we're clear.. if not we're ****ed.. if we're ****ed, then we need to deal with the procedure authenticating (and probably hashing) the recovery.. the bootloader.. or hashcode's hijack it is...
Click to expand...
Click to collapse
So did anyone tried this? It's very easy to do.
Pull your recovery image
Code:
adb shell
su
cat /dev/block/platform/msm_sdcc.1/by-name/recovery > /sdcard/recovery.img
exit
adb pull /sdcard/recovery.img .
then open it up in a hex editor (hdx - windows/ vi - linux) and change a useless byte (probably at the end of the file) or unpack/repack the image using unmkbbotimg/mkbootimg. Then push it back
Code:
adb push recovery.img /sdcard/recovery-new.img
adb shell
su
cat /sdcard/recovery-new.img /dev/block/platform/msm_sdcc.1/by-name/recovery
exit
Then try rebooting to your recovery
Code:
adb reboot recovery
If it works, We might be able to replace stock recovery with a custom built CWM recovery or something since we have the kernel source available. As it seems in update-script, recovery has access to everything weather bootloader is unlocked or not. If you can't modify recovery image yourself, post it here. I'll modify it for you.
madushan1000 said:
So did anyone tried this? It's very easy to do.
Pull your recovery image
Code:
adb shell
su
cat /dev/block/platform/msm_sdcc.1/by-name/recovery > /sdcard/recovery.img
exit
adb pull /sdcard/recovery.img .
then open it up in a hex editor (hdx - windows/ vi - linux) and change a useless byte (probably at the end of the file) or unpack/repack the image using unmkbbotimg/mkbootimg. Then push it back
Code:
adb push recovery.img /sdcard/recovery-new.img
adb shell
su
cat /sdcard/recovery-new.img /dev/block/platform/msm_sdcc.1/by-name/recovery
exit
Then try rebooting to your recovery
Code:
adb reboot recovery
If it works, We might be able to replace stock recovery with a custom built CWM recovery or something since we have the kernel source available. As it seems in update-script, recovery has access to everything weather bootloader is unlocked or not. If you can't modify recovery image yourself, post it here. I'll modify it for you.
Click to expand...
Click to collapse
so this works i just tested it, I used the method you posted about changed the last bit with the hex editor, changed the last octet from 00 to 01, used flashify to flash the recovery
Heres the link to the recovery I modded if you want to test/verify:
https://drive.google.com/file/d/0Bw62MrywuCbwNUZ3Sm05b3FBMGM/view?usp=sharing
thoughtlesskyle said:
so this works i just tested it, I used the method you posted about changed the last bit with the hex editor, changed the last octet from 00 to 01, used flashify to flash the recovery
Heres the link to the recovery I modded if you want to test/verify:
https://drive.google.com/open?id=0Bw62MrywuCbwNUZ3Sm05b3FBMGM
Click to expand...
Click to collapse
You changed a bit at the end of the image right? Then that doesn't make any difference. Sorry I was misleading the last time. I didn't know any better myself then. Recovery partition doesn't contain the recovery image in its entirety. There is extra space. What bootloader does is, it reads the image Heder from the first few bytes of the partition, header contains the length of the recovery image. Then the bootloader verify that length of the recovery partition against some encrypted hash. So to check if this really works (My bet is it doesn't) we have to change a bit inside the length of the recovery image. The easiest thing to do is, unpack and repack the recovery image. I'll give it a try later and post the results.
madushan1000 said:
You changed a bit at the end of the image right? Then that doesn't make any difference. Sorry I was misleading the last time. I didn't know any better myself then. Recovery partition doesn't contain the recovery image in its entirety. There is extra space. What bootloader does is, it reads the image Heder from the first few bytes of the partition, header contains the length of the recovery image. Then the bootloader verify that length of the recovery partition against some encrypted hash. So to check if this really works (My bet is it doesn't) we have to change a bit inside the length of the recovery image. The easiest thing to do is, unpack and repack the recovery image. I'll give it a try later and post the results.
Click to expand...
Click to collapse
Yeah i changed the one at the end, hopefully your testing does work, the way you explained it did make sense
Sent from my A0001 using Tapatalk
This is a no-go, I unpacked and repacked the stock recovery with bootimg-tools (so that it would have no signature information) and flashed it on to recovery partition. The device hangs on Amazon logo when I reboot to recovery. We need to find a way to unlock the bootloader
cnc-bootloader
When you need fastboot but just can't get to it
So I was working with my phone trying to see what I can do with it. I got it rooted (via towelroot) installed busybox, SuperSu, the usual. Then I installed custom recovery and then installed a script to enter recovery via VolDown+Power. It softbricked the phone gave me a LG Security Error. I fixed it and thought hey? Why not create an exploit that forces the phone into bootloader mode.
There sadly is no common access to bootloader mode and so unless you softbrick there is no bl mode. Until cnc-bootloader (command and conquer bootloader) is released (now lol). This exploit creates a backup of the boot partition then erases it. I am also developing a computer gui to make it easier and safer. It uses a slightly different method of doing it and it can be a lot safer too, so if you aren't comfortable with this then I'll post a link when I release it. (NOTE: This gui is released by Trident-Dev. It is not open source.) So heres how it works
Download the cnc-bootloader exploit and run with root permission on your device.
It will then make a backup called boot.img and erase your boot partition.
WARNING: Make sure to backup boot.img to your computer before you reboot. This is the only way to exit bootloader mode
Then just reboot your phone like n0rmal and it should be in a bootloader loop!
(This can be fixed by reflashing the backed up boot.img)
The exploit is available on GitHub at (Give me some time to get these 10 posts down and I will post the link. I have it up on Androidforums.com so yea. Just search for rpgslayer redtelko there and it will be one of the only threads you will see
More information is available in the README.md file and stay tuned for the release of our GUI version!
I would like to try this on my Sprint LG G4 to unlock bootloader. Please provide the link.
https://www.codeaurora.org/projects...unds-checking-when-flashing-sparse-images-cve
Based of this?
your account on github doesn't exist.
My phone is the ASUS Zenfone 3 deluxe (zs550kl) model and its bricked only can enter fastboot or adb still but my os will not boot I tried going to asus website for stock firmware (UL-Z018-WW-11.40.71.37-user.zip) and stock kernel (ZS550KL_Kermel_11_40_71_37.zip). how do I install these to fix my phone unless there is a better way to make it boot. by the way im new to android I always had iphone jailbroken until last year I am android now but give me noob instructions for the how to. maybe I should add this I already have adb/fastboot installed and the commands for adb devices or fastboot devices when in fastboot mode both recognize my device so maybe my commands are wrong or something but I tried every way I could toinstill firmware and not sure what to flash kernel as the zip or the file unzipped please help thanks in advance. Not sure why this happened exactly but my bootloader is unlocked already but was never rooted so if there is another way to install another custom firmware besides stock I would like those instructions also thanks again
first off your phone is soft brick meaning all you have to do is flash the stock android software back onto your phone.
install to sd card -> boot into recovery (stock or twrp whatever you have works)
flash from sd
let it load (this will work if you have the correct files)
it will reboot and will work good as new again.
you shouldnt have to flash the kernal, just the UL-Z0 file.
That would have worked yesterday but im having another issue now basically instead of waiting for a response on here I went ahead and did other stuff now my recovery menu is not showing up so I cant install from sd now the only option I'm getting is fastboot so is there a way to fix the stock recovery option or even install a custom recovery which might be eaiser because my bootloader is already unlocked. I was going to try to flash stock recovery my self but not sure how exactly I know I use fastboot flash recovery (recovery file name in the folder) and I think it's .img but not sure so I think it will be either .zip or .img file type but not sure what it will be called if it's stock or custom and not sure where to find either. Last issue I'm not sure of is the actual files I downloaded from asus.com the firmware for my specific phone model not working when I try to flash it as the .zip file so my question is do you need to do something with it such as edit the script of something inside the zip of it and I also downloaded the kernel for my specific phone model from the Asus site and not sure if I needed it when flashing stock rom back to device or how to even flash it on the device please help if you can and I know some questions might be dumb to you but remember I'm a noob when it comes to Android recently left iPhone and I was a pro there every phone had a jailbreak and all types of stuff so I know I can get this just takes time I'm sure
I have this exact issue with a new Padfone Infinity A86... No access to stock recovery, only fast boot... But in my case I'm even unable to flash the recovery.img from a firmware package...
I'm wondering if you guys can help this person, maybe there is something in that solution for my Padfone
1: download the full firmware package
2: use sdat2img to convert the sparse system image to a regular one
3: use fastboot to flash the stock boot.img & the newly converted system.img
4: hoping you didn't flash the recovery partition, if you did, reflash the stock dump from the file in my Bootloader unlock thread via fastboot
5: reboot to recovery & do a factory reset
Read the documentation at each step, do your research, learn the process.
I root my devices with magisk and make chmod 555 to NVD_IMEI. because of magisk bug. Then I use few week(maybe 2 week?) with no problem. but I trid mount ext4 sdcard(because I want easy to recover with TWRP(but I did not install yet) but AP file is to big so can't use fat32) and it's successful. At next morning(January 28th), I saw signal was dead.(but, wifi is alive. ; I can't remember about Bluetooth, IMEI and is only signal dead or can't attach sim card.) So I reboot my phone( because I just think something crash it) but can't boot and get stuck. so I flash stock rom but can't boot. but only recovery(Normal and TWRP all) work well. So I do re-partition but also not work. I do NAND Erase with magisk patched AP and it booted. but IMEI disappear(of course because I do NAND Erase) and wifi did not work. I flash stock rom again but boot fail... when flash magisk patched AP it boot. I don't know why only magisk patched AP only boot, but I will use patched AP so not important yet.(I don't know what will happen future.) I think wifi error because I NAND Erase so vender partition broke. So I will flash vender image first. but sadly I have IMEI backup but I don't have vender partition backup... So I search internet but couldn't find vender image. Where can I get image? Is because of other problem? Then what and how can I fix it?
vendor.zip is vender folder(partition) backup after I NAND Erase it. TWRP backups of Vender partitions are also fine. If there's anything that needs to be changed for each device, please let me know as well.(ex.S/N, IMEI)
Broken partition after NAND erase? Sounds unlikely if flashing went successful. You cannot break NAND memory itself using software, and flashing with the "re-partition" option using external PIT file will re-partition everything unconditionally, so no broken partition may remain after that. Sounds more like you flashed wrong or incompatible stock firmware. And did you do Factory Reset after flashing?
P.S.: And I still don't understand why so many people need Magisk so badly. Root is needed only for a few quite low-level apps.
uluruman said:
Broken partition after NAND erase? Sounds unlikely if flashing went successful. You cannot break NAND memory itself using software, and flashing with the "re-partition" option using external PIT file will re-partition everything unconditionally, so no broken partition may remain after that. Sounds more like you flashed wrong or incompatible stock firmware. And did you do Factory Reset after flashing?
P.S.: And I still don't understand why so many people need Magisk so badly. Root is needed only for a few quite low-level apps.
Click to expand...
Click to collapse
NAND Erase is at odin option.
I do root for use "few quite low-level apps" and view and fix or backup app data.
I use "SM-A325N_2_20230113085551_pl06359zs5_fac.zip". It's compatible stock from samsung server. I use this stock to recover once, and I recover it.
Ok ) I have extracted vendor.img from your firmware: https://easyupload.io/vgzftz (if that's what you needed, I cannot understand your language clearly enough). Only I am not sure how you're going to flash it, because it's a dynamic partition inside the physical "super" partition and cannot be flashed directly besides (reportedly) using dd from the shell or using fastboot.
I still think you somehow mixed parts from different firmware versions. I never seen a situation when flashing a complete stock firmware with re-partition and NAND erase and then Factory Reset would not fix the booting. Try going into Recovery and do Factory Reset right after flashing, without allowing the system to try booting.
uluruman said:
Ok ) 귀하의 펌웨어에서 vendor.img를 추출했습니다: https://easyupload.io/vgzftz (필요한 경우 귀하의 언어를 충분히 이해할 수 없습니다). 물리적 "슈퍼" 파티션 내부의 동적 파티션이고 셸에서 dd를 사용하거나 fastboot를 사용하는 것 외에는 직접 플래시할 수 없기 때문에 어떻게 플래시할지 확신할 수 없습니다.
Click to expand...
Click to collapse
삼성에는 패스트부트가 없습니다. 그러나 다운로드 모드가 있습니다. 다운로드 모드에서 odin을 사용하여 펌웨어를 업로드하십시오. 또한 TWRP에서 img를 플래시할 수 있습니다.
uluruman said:
Ok ) I have extracted vendor.img from your firmware: https://easyupload.io/vgzftz (if that's what you needed, I cannot understand your language clearly enough). Only I am not sure how you're going to flash it, because it's a dynamic partition inside the physical "super" partition and cannot be flashed directly besides (reportedly) using dd from the shell or using fastboot.
Click to expand...
Click to collapse
At samsung, there is no fastboot. but, there is download mode. Use odin to flash at download mode. Also can flash img and zip at TWRP.
If you still need help please be a bit clearer what exactly is your problem, what you cannot achieve. I think a Korean-speaking person would be of much help here but it seems there is none