Help - Bricked HTC m9 - Not rooted - Advice needed - - One (M9) Q&A, Help & Troubleshooting

Hi,
My wife HTC m9(UK, Vodaphone, latest stock ROM, No root) was turned off last night to charge.
When booted up it does the below. It does not load into the OS. Every boot loops into the below.
https://drive.google.com/file/d/0B8n21CQX7535cjF4MnZqV2E1dGM/view?usp=sharing
It says the software has been modified?
My wife was very insistent that I never root or change ROMS on her phone.
Does anyone have a fix or is this send off for replacement?
Any advice would be greatly appreciated.
Thanks
Ca1v

ca1v said:
Hi,
My wife HTC m9(UK, Vodaphone, latest stock ROM, No root) was turned off last night to charge.
When booted up it does the below. It does not load into the OS. Every boot loops into the below.
https://drive.google.com/file/d/0B8n21CQX7535cjF4MnZqV2E1dGM/view?usp=sharing
It says the software has been modified?
My wife was very insistent that I never root or change ROMS on her phone.
Does anyone have a fix or is this send off for replacement?
Any advice would be greatly appreciated.
Thanks
Ca1v
Click to expand...
Click to collapse
What happens if you try to boot to Download Mode? I guess you see the black screen that is mentioned in Q7, right? If that's the case there isn't much you can do...

Download mode seems to be working (https://drive.google.com/file/d/0B8n21CQX7535cEFhTlpnajF5anM/view?usp=sharing)
If this is the case, can you point me in the right direction to get resolved?
Many thanks for the help

Flippy498 said:
What happens if you try to boot to Download Mode? I guess you see the black screen that is mentioned in Q7, right? If that's the case there isn't much you can do...
Click to expand...
Click to collapse
Download mode seems to be working (https://drive.google.com/file/d/0B8n...ew?usp=sharing)
If this is the case, can you point me in the right direction to get resolved?
Many thanks for the help

Interesting. Your video in post 1 shows a security warning. That means that the OS got deleted. This is only possible if you unlock the bootloader and delete it manually via TWRP or if the EMMC gets broken. Since the phone's S-ON and its bootloader is locked and not unlocked or relocked I assumed that the latter happened*.
As long as the download mode is working you can restore the system with the help of a RUU. Instructions can be found in the thread I linked in my last post. Be aware that all data on the phone is going to get erased.
* Well, it is possible to get the phone's status back to S-ON and locked with S-OFF but you said you never tinkered with that phone...

Flippy498 said:
Interesting. Your video in post 1 shows a security warning. That means that the OS got deleted. This is only possible if you unlock the bootloader and delete it manually via TWRP or if the EMMC gets broken. Since the phone's S-ON and its bootloader is locked and not unlocked or relocked I assumed that the latter happened*.
As long as the download mode is working you can restore the system with the help of a RUU. Instructions can be found in the thread I linked in my last post. Be aware that all data on the phone is going to get erased.
* Well, it is possible to get the phone's status back to S-ON and locked with S-OFF but you said you never tinkered with that phone...
Click to expand...
Click to collapse
Just thought I'd bring to your attention that apps are now being written that will try to obtain root without you knowing. The reason is that they can steal any information they want and sell it to corporations for as little as 4 pence/6c a record.
It is possible that it is a failed root by an app.
"I'm safe, I only download my apps from google playstore" - nope, you're not.
"I only use signed apps and the checksum is always correct" - nope, checksum can be matched with padding.
"I only use external sources to update genuine apps" - nope, see the Google playstore comment above.
"I have all my security and privacy set to super strict, I have my apps verified by google" - nope, still not secure because alerts are only written when the malicious/bad code is found.
Be warned, my fellow xda'ers. There is a whole new breed of security breach and it is terminal to root as a whole. Apps like kingoroot etc are issuing the wrong type of people with the wrong type of information and they are using it for the wrong purposes.
Google will stuggle to put a lid on these types of apps because they attack the hardware for access to software (a simple memory buffer overflow attack), inject a few lines of code and you're in, permanently. It will eventually result in a total lockdown at the manufacturer and bye bye root access, roms, mods etc, you'll get what you're given.
How do we prevent this?. We don't and we can't. We just have to sit back and watch as the world takes our privacy while bricking our devices one by one just to "try" to earn a poxy 4p.
Beamed in by telepathy.

@shivadow: I'm actually not sure what you're trying to achieve with your post. Malicious apps that can root your device without letting the user know about that exist since several years now. (Click here for a random example from 2011) Smartphones aren't completely safe and they never were. Everyone who's claiming the opposite either doesn't know what he/she is talking about or is simply lying.
To name just a few more android security flaws/exploits that emerged in the past: rageagainstthecage, gingerbreak, heartbleed, stagefright, the master key vulnerability, the futex bug, rootnik...
All of these have more or less been used for manipulating android phones. There is no absolute security. Android is still as secure/insecure as it's always been.
In addition, several OEMs are already trying to prevent their customers from rooting their phones since several years. Samsung's KNOX is a perfect example. (I don't want to discuss whether they're successful. That's a whole different topic.)
But let's get back to the deleted OS of the OP's phone: I've never heard about failed root attempts that erase a complete system partition. Therefore, I highly doubt that a malicious app caused all the trouble. Failed root attempts may cause a bootloop but they don't wipe your phone. Just think about the following: How should the dev of such app gain money if the app deletes OSes? Without OS there is no information you can steel and if you have no information you could sell/abuse/whatsoever you don't gain any money. Oh and not to forget that most apps on the play store already collect more than enough data from your phone they can sell afterwards without having to root it.

I meant failed root could be the cause, if the op didn't then who did?. If no-one modded it then dead nand is the only player..
I agree with every thing else but I don't trust those apps that try to gain root in the background to steal data and I think it's too easy for them to bugger your phone just for the sake of making a few coins. Face it, if I was doing it, once I had what I wanted I wouldn't care about the device. Sod the gracious exit and all that jazz.. No evidence, no conviction.
Maybe I'm being ott but my questions and points are still valid.
This is a proper "who dunnit" because I doubt it died of its own accord.
Knox is for businesses btw. If knox is triggered, which is very easy to do, the business is advised not to buy the device as it "may" have been compromised. But if no company secrets are being held on the device then it's still good to use. Knox protection was counteracted by supersu. In a nutshell, unless you run a company knox is of no concern to the everyday user.
Just thought I'd chuck that in there, I'm versed in the arts of the s3 i9300. I moved from that phone to this m9.
Beamed in by telepathy.

Related

[Q] Unlock counter?

So, it seems that HTC is now refusing warranty service if you are S-off, regardless of the rest of the state of the phone itself. I have, while reading about this, heard rumors of an unlock counter that would reveal how many times you have locked/unlocked the boot loader, presumably so that even if you managed to "lock" (as opposed to "relock"), a record would still exist that the phone was previously "unlocked". That seems a bit much, since there is already a "relocked" status, but you never know.
Now, if this exists, I would imagine this is probably part of what using the HTCdev token does (in addition to factory resetting the phone). It would make sense that directly writing to the lock locations would bypass such a counter, but it would still be useful information to know.
It wouldn't be unprecedented either. I recall my Samsung Galaxy S2 has a counter that keeps track of how many times certain things are flashed (like the recovery partition), requiring tools like triangle away after a while.
Has anyone looked into this?
jshamlet said:
So, it seems that HTC is now refusing warranty service if you are S-off, regardless of the rest of the state of the phone itself. I have, while reading about this, heard rumors of an unlock counter that would reveal how many times you have locked/unlocked the boot loader,
presumably so that even if you managed to "lock" (as opposed to "relock"), a record would still exist that the phone was previously "unlocked". That seems a bit much, since there is already a "relocked" status, but you never know.
Now, if this exists, I would imagine this is probably part of what using the HTCdev token does (in addition to factory resetting the phone). It would make sense that directly writing to the lock locations would bypass such a counter, but it would still be useful information to know.
It wouldn't be unprecedented either. I recall my Samsung Galaxy S2 has a counter that keeps track of how many times certain things are flashed (like the recovery partition), requiring tools like triangle away after a while.
Has anyone looked into this?
Click to expand...
Click to collapse
I can't recall reading anything like that on these M8 forums, if there was something like that surely the developers here would have picked it up by now and shared such information , in the least to warn people to not do it unless they're prepared to accept the fact that there are such counters...
I know the S3 also had a counter like the S2. That aside, where's the link to the article(?) you read about the S-OFF issue?
I just got my device back from service. I left it s-off, no problem. Warranty covered.
I bookmarked it on my computer at work so I'll have to try to find it again. Gist of it was that a guy sent a phone in converted to stock, including S-on, and HTC refused warranty repair because they had evidence that it had been tampered with. I'm trying to find the thread again, as it may simply be the guy had used HTCdev at some point.
jshamlet said:
I bookmarked it on my computer at work so I'll have to try to find it again. Gist of it was that a guy sent a phone in converted to stock, including S-on, and HTC refused warranty repair because they had evidence that it had been tampered with. I'm trying to find the thread again, as it may simply be the guy had used HTCdev at some point.
Click to expand...
Click to collapse
Well that would make sense if he bricked his device by gaining S-OFF and stupidly flashed something like he shouldn't have i.e something from another device. If it's hardware related then I can't see how they can refuse a warranty repair on the basis of tampering with software unless they can prove that unlocking bootloader and getting S-OFF causes a screen to crack for example.
But like I said before, you probably can't under estimate huge companies and their greedy nature along with the lies, fraud and general corruption that follows it.

Do google know that we've unlocked the bootloader?

Do google know that we've unlocked the bootloader? (as Sony do as they ask for email adresses etc and confirm the ulock)
Wondering about warranty.
there is a notice about unlocking of bootloader may violate warranty . thing is it is stated in a somewhat vague manner, it is not like CAUTION YOU ARE ABOUT TO VIOLATE WARRANTY but rather worded like you may be in violation of warranty. anyway, i think it does violate and yes there is most likely a software switch that sets a value in hardware register which can be recovered to determine that the bootloader was unlocked. if you have the least bit of concern do not unlock.
dkryder said:
there is a notice about unlocking of bootloader may violate warranty . thing is it is stated in a somewhat vague manner, it is not like CAUTION YOU ARE ABOUT TO VIOLATE WARRANTY but rather worded like you may be in violation of warranty. anyway, i think it does violate and yes there is most likely a software switch that sets a value in hardware register which can be recovered to determine that the bootloader was unlocked. if you have the least bit of concern do not unlock.
Click to expand...
Click to collapse
Ok thanks.
One last google noob question; does rooting usually need an unlocked bootloader?
On xperia root is more difficult to achieve with a locked bootloader, but can be done, thanks to the devs.
I guess I will read the 6P thread to get a feel for the situation.
Cheers again.
i do not know if it is possible, in practice as far as i know it is necessary to unlock if any modification is wanted. recently it is popular to gain root without mod of /system partition. hopefully that is what is achieved with the pixel c.
edit: never done this but, fastboot boot recovery recovery.img then flash a superuser from temp recovery. however it seems you would still be restricted from mod of /system
in future.
dkryder said:
i do not know if it is possible, in practice as far as i know it is necessary to unlock if any modification is wanted. recently it is popular to gain root without mod of /system partition. hopefully that is what is achieved with the pixel c.
edit: never done this but, fastboot boot recovery recovery.img then flash a superuser from temp recovery. however it seems you would still be restricted from mod of /system
in future.
Click to expand...
Click to collapse
If you use fastboot boot then you do not need to specify a partition (only if using fasboot flash *partition* image.img).
The device is still very new but im sure a custom recovery will be released soon so an easy root can be achieved.
MArk.
mskip said:
If you use fastboot boot then you do not need to specify a partition (only if using fasboot flash *partition* image.img).
The device is still very new but im sure a custom recovery will be released soon so an easy root can be achieved.
MArk.
Click to expand...
Click to collapse
I sure hope so. That's one of the only things keeping me from buying it already. It's kind of worrisome that the development forums are almost completely dead (save for the one thread trying to get root without a custom recovery, of course). I guess I'm just spoiled by using only Nexus devices, so having very active development is usually the norm.
well, the thing was only a rumor about sales start up until a report in a german site on 12/5 or so that sales would start 12/8 and then on 12/8 a confirm that at 1pm eastern u.s.a. sales would begin. talk about giving people a decent notice about a device this pixel c was a new low for google. it's almost they decided to sell them as android tablet at last moment instead of tossing in trash as a complete failure as chrome os tablet so, yeah, it will take a while for anyone that has skill to develop this device to ante up the funds and take delivery. if bootloader remains locked and boot temp recovery to flash supersu does that restrict the root in any way? i am just curious about this as my bootloader is unlocked.

"System update available"

Hi,
terribly sorry to bother you guys!
I recently bought an M9 (Belgium, no carrier) and rooted it with the help of this youtube video /watch?v=rOHN8byHAzk
works fine, it's rooted.
The thing is: i did updates before doing the root, as i unlocked bootloader everything was lost/deleted, at the time (4a.m), with my brain half asleep i didn't think about doing the updates again before performing the actual root. Now i keep getting the "system update available" message and can't get rid of it.
It'll keep popping up every few hours, obviously i can't install them because i arrive back at twrp recovery.
Android version 5.0.2
Kernel version 3.10.49-g5c16a62
I turned software updates off in the "about" section in settings, to no avail. I keep getting the message that updates are available. Downloading them and then proceeding to remove the downloaded files don't solve it.
I'm a total noob at this, but (hopefully) not a complete idiot. If there are any steps i can take to get rid of this constantly popping up, please advise me:fingers-crossed:
There's more than one possibility to proceed. Could you provide the output of the "htc_fastboot getvar all" command, when M9 is in download mode (without IMEI and Serial no.). I'd like to point you into the right direction.
Send by the swarm intelligence of my coffee machine ?.
Thanks for taking the time!
It's in download mode, i've got my command prompt open but it says "htc_fastboot is not recognized as an internal or external command, program or batchfile"
In all honesty just pay for s-off and you can flash an unsigned zip and be done with it.
Otherwise you need to get back to official status to flash the update. Pita to be honest.
Sent from my HTC One M9 using Tapatalk
shivadow said:
In all honesty just pay for s-off and you can flash an unsigned zip and be done with it.
Otherwise you need to get back to official status to flash the update. Pita to be honest.
Sent from my HTC One M9 using Tapatalk
Click to expand...
Click to collapse
*sigh*
I'm going to take a few days off of work and try to educate myself on how all of this works exactly because i'm starting to feel like i just came out of the stone age. Honestly, i just rooted my last phone through good old towelroot without ever having to touch or change anything else. I should not have touched stuff i know nothing of to begin with.
I appreciate you guys taking the time to reply, i'm gonna find some sites to teach me more about this, if you have anything that could help me, feel free to share, because i literally know 0.
Fatimiyye said:
*sigh*
I'm going to take a few days off of work and try to educate myself on how all of this works exactly because i'm starting to feel like i just came out of the stone age. Honestly, i just rooted my last phone through good old towelroot without ever having to touch or change anything else. I should not have touched stuff i know nothing of to begin with.
I appreciate you guys taking the time to reply, i'm gonna find some sites to teach me more about this, if you have anything that could help me, feel free to share, because i literally know 0.
Click to expand...
Click to collapse
Basically, there is a safety feature in HTC otas now that prevents them from running unless your phone is 100% stock. So being rooted, it won't run. There are only two ways forward, find the RUU files for your carrier and install them, or get s-off and update manually. There are multiple threads on how to do all this in the General forum. Read there before doing anything else. HTC phones work differently from other handsets that have to be hacked to achieve root. There is an official path, but how you do it matters.
iElvis said:
Basically, there is a safety feature in HTC otas now that prevents them from running unless your phone is 100% stock. So being rooted, it won't run. There are only two ways forward, find the RUU files for your carrier and install them, or get s-off and update manually. There are multiple threads on how to do all this in the General forum. Read there before doing anything else. HTC phones work differently from other handsets that have to be hacked to achieve root. There is an official path, but how you do it matters.
Click to expand...
Click to collapse
Thank you very much man. I'm gonna learn up first, and then take your advice and head to the general forum.
For all other noobs who are desperate to catch up, this is helping me out quite a bit:
http://androidforums.com/threads/how-to-and-some-root-terminology.353591/ => Terminology
https://www.youtube.com/watch?v=rOHN8byHAzk => Unlock bootloader and root the phone
http://forum.xda-developers.com/showthread.php?t=2588979 => This helps to install ADB/fastboot/drivers
http://www.addictivetips.com/mobile...on-htc-android-phones-with-unrevoked-forever/ => some info about s-off
http://forum.xda-developers.com/showpost.php?p=59745198&postcount=3 => HTC One M9 FAQ
Edit: OH, AND THIS! https://www.youtube.com/watch?v=JmvCpR45LKA
FFS, WATCH THAT ONE!
Just in case anyone has the same issue (i like to end on a positive note =D ) :
The easiest working solution i found for the issue is to go to the Apps management (Settings, apps), go to "All", select "Updater" and then clear data.
No pop ups so far.
Credit for this goes to moderator Earlymon from androidforums

Losing features upon bootloader unlock/root?

Hey everyone,
I've tried to google around and search the forums on XDA but there is no straight up answer to some questions I have. This is the first HTC device I own and although I have been rooting/unlocking devices since the Nexus 4, I am afraid to go ahead with this one. I just wanted the answers to the following questions, if anyone here knows them please:
1. Unlocking the bootloader seems straight-forward and supported by HTC. I'm in the UK which means no Uh-Oh protection. If something was to happen to the device and I sent it back under warranty, would I be ****ed or would HTC replace/repair it? HTC UK's call center was worse than useless and HTC US' policy doesn't apply to us so I thought I should ask here.
2. Does unlocking the bootloader and rooting mean I will lose access to the fingerprint scanner, camera quality or anything 'stock'? I know Android Pay won't work but at the moment I am not too bothered either way because it's a hit and miss thing with it.
3. Finally, is there a way to completely revert unlocking the phone/s-off and going back to S-ON/Locked without any signs of having messed around with the device? I ask in relation to question 1. If unlocking the bootloader voids the warranty for UK users, is there a way to go back to stock and make the phone as though NOTHING was done to it?
Thank you to anyone who helps answer even 1 of these questions :victory:. I want to root and get xposed onto my new device but not at the cost of losing features on a brand new phone or losing warranty on it either :silly:
1. I can't comment on this simply because I don't know and don't want to spread false information.
2. You will not lose any features at all. In fact, I'm running a bootloader unlocked and rooted setup and Android Pay still seems to work fine for me. It let me add a debit card but I haven't yet been able to actually try to purchase something.
3. Yes, if you are S-Off you can completely revert back to a locked bootloader with S-On if you want to.
I'd recommend both unlocking and S-Off so you can revert back to stock in the future for a warranty claim just to be safe.
jaredkzr said:
1. I can't comment on this simply because I don't know and don't want to spread false information.
2. You will not lose any features at all. In fact, I'm running a bootloader unlocked and rooted setup and Android Pay still seems to work fine for me. It let me add a debit card but I haven't yet been able to actually try to purchase something.
3. Yes, if you are S-Off you can completely revert back to a locked bootloader with S-On if you want to.
I'd recommend both unlocking and S-Off so you can revert back to stock in the future for a warranty claim just to be safe.
Click to expand...
Click to collapse
Hey, thanks for the reply! Only just saw this, not sure why it didn't notify me.
Right no worries about point one seeing as point 3 makes it irrelevant if I can revert back and save my warranty anyway. Just to be sure on points 2 and 3, I can definitely 100% go back to Locked/S-On status and the system won't show I have messed around at all? As for Android Pay, that's cool! Did you set it up before or after rooting? And does your fingerprint scanner work? Can you make payments on google play by authorising with your fingerprint?
Thank you again for your help!
Devzz said:
Hey, thanks for the reply! Only just saw this, not sure why it didn't notify me.
Right no worries about point one seeing as point 3 makes it irrelevant if I can revert back and save my warranty anyway. Just to be sure on points 2 and 3, I can definitely 100% go back to Locked/S-On status and the system won't show I have messed around at all? As for Android Pay, that's cool! Did you set it up before or after rooting? And does your fingerprint scanner work? Can you make payments on google play by authorising with your fingerprint?
Thank you again for your help!
Click to expand...
Click to collapse
Yep, you can definitely 100% go back to Locked/S-On state assuming you were previously S-Off. There will be no signs that the device was messed with.
For Android Pay, I had initially set it up prior to rooting but the rooting process wiped my phone. I had no issues setting it up again on a freshly rooted install.
Google Play and every other app that uses it still fully supports authorization via fingerprint. From what I can tell, I have lost absolutely no features by rooting. There really is nothing to lose once you get past the initial phone wipe that occurs when you unlock the bootloader.
jaredkzr said:
Yep, you can definitely 100% go back to Locked/S-On state assuming you were previously S-Off. There will be no signs that the device was messed with.
For Android Pay, I had initially set it up prior to rooting but the rooting process wiped my phone. I had no issues setting it up again on a freshly rooted install.
Google Play and every other app that uses it still fully supports authorization via fingerprint. From what I can tell, I have lost absolutely no features by rooting. There really is nothing to lose once you get past the initial phone wipe that occurs when you unlock the bootloader.
Click to expand...
Click to collapse
Ah that's great! Would've thought HTC would implement some kind of security thing where rooting may cause the fingerprint scanner to not work like Samsung/Sony have. Good on HTC :highfive: I'm gonna start reading up now and unlock/s-off/root the phone in the next few hours! :fingers-crossed:
Devzz said:
Ah that's great! Would've thought HTC would implement some kind of security thing where rooting may cause the fingerprint scanner to not work like Samsung/Sony have. Good on HTC :highfive: I'm gonna start reading up now and unlock/s-off/root the phone in the next few hours! :fingers-crossed:
Click to expand...
Click to collapse
Yeah, it really is a great thing they've done! HTC is being really friendly to developers and power users. If you have questions or need some help with the unlocking or rooting feel free to drop me a PM!

Sony bootloader exploits and/or bypass

Hi
I'm new to the forum but have been doing a fair amount of research. I am stuck now though and would like a bit of help.
My situation is that I have a Xperia XA1 ultra (I know I should post in that device specific forum but not much seems to be happening there) I have a very specific problem that I have treated like a forensics problem.
The phone is locked by a pattern which has been guessed by another person so many times that the gatekeeper only allows one entry per day provided the phone is charged otherwise the timer resets.
It has not been rooted and ADB is disabled.
I have connected to it through fastboot and what I can gather is that it is running Android Oreo.
The system details are as follows:
Product: XA1 Ultra G3221
Build Number: 48.1.A.0.129
Chipset: Mediatek MT6757 Helio P20
Bootloader: Locked
My research has led me to the possibility of loading a recovery image into the RAM of the phone and accessing ADB that way. I tried this with a TWRP image but obviously it didn't work. There is a company called Cellebrite that claims to be able to load it's own boot/recovery image into the bootloader and gain entry that way, however the license is something like £10,000. I'm definitely not a commercial customer.
The final option for me would be to dump the memory via JTAG or chipoff, the contents would be encrypted but I found a blog where somebody had managed to find the location of the gesture.key file while the system was encrypted. I can't remember what the site was called though, it took me ages to find last time.
My main questions are does Sony sign the boot image with it's own keys or does it use the standard Android Verified Boot?
Does Sony reuse the same keys for signing across devices? Likely not but maybe
Is there a way to send specific instructions to the RAM via fastboot?
Does anybody know of an exploit that could be used?
Is there a way to extract the boot.img and recover the Sony keys?
If there any other docs, resources or ways to get the data that could help, I will gladly read and/or try them. I think this forum is probably the biggest resource one though but after a while the specific information needed gets harder to find.
The main thing is that I don't unlock the bootloader and flash anything. It's all got to be live and non data damaging.
I tried MTPwn on the off chance that it would work but nope, it was a no go.
If there was a way to utilise the mediatek exploit to gain entry from fastboot that would be excellent, or to use fastboot to dump the memory.
Thanks for reading, I hope someone can help.
Your thread was quite confusing at first as I wasn't sure what to look for exactly :/
That being said, you have your phone locked and you want to unlock it. However you don't want to flash or reset your device, you don't have root permission, you don't have debugger mode on and you don't want to unlock the bootloader, correct?
Basically you're asking for the impossible...
All I can think of is FROST attack. See article for details and source code.
You can also send your device to your nearest Sony service center and they can probably fix it with no memory loss.
Other than that, you MUST hard reset your phone if you want it back.
However should you come to your mind and realize the reality of the situation where you shouldn't be picky about it then you can start with flashing custom recovery. Or using third-party programs like dr.fone.
XDHx86 said:
Your thread was quite confusing at first as I wasn't sure what to look for exactly :/
That being said, you have your phone locked and you want to unlock it. However you don't want to flash or reset your device, you don't have root permission, you don't have debugger mode on and you don't want to unlock the bootloader, correct?
Basically you're asking for the impossible...
All I can think of is FROST attack. See article for details and source code.
You can also send your device to your nearest Sony service center and they can probably fix it with no memory loss.
Other than that, you MUST hard reset your phone if you want it back.
However should you come to your mind and realize the reality of the situation where you shouldn't be picky about it then you can start with flashing custom recovery. Or using third-party programs like dr.fone.
Click to expand...
Click to collapse
Thanks for getting back to me, yes I realise it is asking for the impossible. I'll have a research around that article and see if I can find some information on how to write the program to dump the contents over USB. I tried Dr Fone but that only gave me the option of a hard reset.
My current line of attack is an exploit over USB called OATmeal, whereby a Raspberry Pi is used over OTG with a filesystem label of "../../data", it allows the filesystem of the phone to be mounted and data written off. It is a little complex and so I am struggling a bit with getting it to work. The team over at Project Zero have a good write-up of it so I'm following that and the POC at exploit-db to guide me through it.
I think I will be able to get the USB part to work but I'm not sure if I have to write a Java file to automatically run when /data is mounted, or if that's even possible.
Forenzo said:
My current line of attack is an exploit over USB called OATmeal
Click to expand...
Click to collapse
Not to make you frustrated, but this is an old exploit and I highly doubt it'd work on your device, unless your device security patch is older than 9-2018.
And you can't rollback on your security patch.
You should really consider flashing TWRP or other custom recovery. You have no other option.
XDHx86 said:
Not to make you frustrated, but this is an old exploit and I highly doubt it'd work on your device, unless your device security patch is older than 9-2018.
And you can't rollback on your security patch.
You should really consider flashing TWRP or other custom recovery. You have no other option.
Click to expand...
Click to collapse
Fortunately the device hasn't been updated since around 2-2018 or 3-2018 so any exploit I can find from then onwards that I can use will be great. I really do get that the only realistic option is to unlock the bootloader and flash the recovery but the data needs to be recovered and I absolutely don't want to wipe it.
If I can't do it then it will gather dust until the end of time...
It seems that no matter what I say you won't realize the situation you are in.
I can only suggest to NEVER mess with the phone circuits or the motherboard. No matter which stupid yoututbe tutorial you saw. Those guys are douchebags who only know how to get views and don't care for whatever you/they do to your device.
Needless to say messing with the circuits or the motherboard require dexterity and experience which I'm positive you don't have.
As I said before if you send it to an authorized service center, then they can help you with it without memory loss.
Sending you device to a service center isn't an insult or an act of low self esteem. Service centers exist for a reason, and they're basically geeks who are too passionate about electronics and decided to make a living out of it.
Or maybe you can somehow use the EDL mode on the phone.
In Qualcomm devices the EDL mode is locked and can only be accessed by an authorized person who have the security code of your device. I don't know if it even exist in MTK devices.
Should you actually manage to boot into EDL mode - Assuming it exists and is unlocked - then BEWARE: EDL mode is very low level and any command can directly affect the kernel or compromise the system. Don't use commands you're not sure what do they do.
You can use EDL mode to recover the data from the phone then wipe it clean, then restore the data.
You cannot access memory with EDL mode, but you can access the current image on your device. And from which you can get the key file.
EDL mode is a very very powerful tool (Much more powerful than debugging, fastboot, or anything you may know of) as it doesn't need unlocked bootloader to use it and through which you can do anything to your device including flashing other ROMs.
Good luck on your impossible quest. Make sure to post updates should you find yourself stuck.

Categories

Resources