Develop Bugs

Wild speculation

I don't have the experience to know if this is possible, which is why I ask because I'm curious. I post here because I want devs to see it, and think "that could work" or "idiot"
As we know the defy bootloader will probably never be unlocked, now I was thinking would it not be possible to somehow isolate the bootloader from a rom, and run some kind of virtual one in a seperate partition to run a fully custom kernel? It's probably crazy but I'm dying to know what people think, don't be too hard on me I have no coding experience :/ however all opinions are welcome I think anything is possible
Sent from the real world by hacking into the matrix

I don't want that this will become another dead Bootloader-Hacking-Thread but I want to give you an answer with the facts:
1) There currently is no known way to execute code before booting the kernel because everything is well protected though signing code.
2) The only way to boot a kernel after kernel-boot are tools like kexec or 2ndboot. But a phone's RIL is a heavy stone on that way because it's not that easy to reinitialize this part of hardware and without RIL a phone is useless. The main-developers canceled this project due to this reason.
Other "non-phone"-devices with locked bootloader (like Sony's google-tv) are using this method without problems.
3) You can use kexec/2ndboot to load a full bootloader instead of an kernel only, too. But because we don't have the source we would have to reverse engineer it to disable the signature check of the kernel otherwise you would load another useless protected bootloader This was also an project but I don't think it's still alive...
Additional note: You can't directly flash a modified bootloader because our chipset has built-in OMAP3-security features. This means the CPU will only boot signed Code from NAND.
You can find many helpful information about this topic on this page:
http://and-developers.com/partitions:cdt#cdt_table_of_droid_x

Thanks that clarifies things quite a bit, however I mean loading not just a second kernel but a WHOLE bootloader that would handle the phones entire functions independently, or is it completely hardwired so its impossible for something to override it? (Sorry if you have already answered in the above). Another thing, has noone tried to compile custom fixed sbf? Maybe the bootloader could be replaced that way? In software almost anything done can be undone in some way, although perhaps this is the rare case where it isn't
Sent from the real world by hacking into the matrix

I edited my post to have everything at one place.
I hope this answers your questions.

The bootloader is like the bios in a pc (actually is part of the bios), it's what initializes the device and loads the rest of the code. to load it again or another one you had to reinitialize the device. the issue with the RIL is that when reset or restarted it "panics" and resets the whole device (I think, read it somewhere).
also the second unlocked bootloader that you want to load does not exist anyway.
it's better to just help the developers with bug reports and testing than daydream.
sorry mate!

m11kkaa said:
I edited my post to have everything at one place.
I hope this answers your questions.
Click to expand...
Click to collapse
So its all been tried before, damn! XD at least the devs here have done a fine job of making good roms even with this limitation, guess I will do my research before I buy my next phone as I love playing with roms, the more custom, the better
Sent from the real world by hacking into the matrix

[ADVICE] How to avoid a hardbrick

Recently, i experienced the drama of having a hard bricked phone. Its a real headache, because you know that you wasted money into a useless brick, and if you send it to the assistence, you arent going have your cell phone for weeks, or even months. So, maybe you already heard those advices, but you need to make sure you never will never commit such an error.
Im not talking that root may damage your phone. If you do it right, it will not. But what can brick your phone is your attitude after root. Flash roms or kernels can brick your phone, but only using avast anti thief root options can not. Have this in mind.
1- NEVER (repeating, never) flash something that ISNT for your phone. It may be to the HNA-G7533339LS, but if you flash it on the HNA-G7533339 without those LS, you can get into touble. The firmware were for GT-S7500, but i flashed it in a GT-S7500L. Result: Brick
2- Dont think that if you have Clockworkmod backup or something like that, you cant brick anyway. If your bootloader gets corrupted, nothing will save you. Nothing. And you may corrupt it by flashing roms the wrong way.
3- Read the comments at the ROM that you are going flash, at less. Or make a search at Google. It may save your ass. Recently, lots of Galaxy S II owners had trouble with a leaked ICS kernel, and they bricked their phones, so read before doing ****.
4- I dont recommend flashing homemade custom roms or flashing untested ROMs, but someone needs to be the first. Only do this if you are really sure of what you are doing.
5- Asking dont hurts. If you are uncertain, ask. Its the best way to avoid problems.
6- For security reasons, always flash having a recently charged cell phone, seated on something, to avoid a falling smartphone. Also, if flashing throught ODIN, its preferable using a charged notebook.
7- Have a usb jig at your home. It may save you at some cases. You can buy one at www.dealextreme.com , or make your own.
8- And the last, after a hard brick, dont think your game is over. If you are under warranty, and your cell phone is truly bricked, send it to a assistance, and play dumb, like "I dont know what happened, but it turned off and isnt rebooting anyway". It isnt right to lie, but it may be necessary, for serious. Thay arent going cover a custom flashed phone. If it isnt under warranty, find someone with a riff box at your city. It may fix your phone.
I hope those advices can help you to avoid headaches.And know that Im not saying "dont flash roms". They may wonderfully boost your phone, and give it a new face. Only be sure of what you are doing Sorry by my bad english (it isnt my native language) , and bye!

gabriel2anjos said:
Recently, i experienced the drama of having a hard bricked phone. Its a real headache, because you know that you wasted money into a useless brick, and if you send it to the assistence, you arent going have your cell phone for weeks, or even months. So, maybe you already heard those advices, but you need to make sure you never will never commit such an error.
Im not talking that root may damage your phone. If you do it right, it will not. But what can brick your phone is your attitude after root. Flash roms or kernels can brick your phone, but only using avast anti thief root options can not. Have this in mind.
I hope those advices can help you to avoid headaches.And know that Im not saying "dont flash roms". They may wonderfully boost your phone, and give it a new face. Only be sure of what you are doing Sorry by my bad english (it isnt my native language) , and bye!
Click to expand...
Click to collapse
Hey Thanks a lot for this.. I really needed this.. if it is possible then please help me with my doubts...
OK.. I will directly get to the point... I want to do "something" for my phone, the Galaxy S Advance... like create a custom Kernel or a ROM for this device... Now I'm a total "newbie" in all these.. so this will be my first time... now my question is: Which will be easier and SAFER to make; a custom ROM or a kernel?... Because I will obviously be the first one to try my own creation so like please tell me which one will be safer for me to try out? So that even if I do something wrong - I will still be able to fix it without spending any money on Repairing from shops...

Sami Kabir said:
Hey Thanks a lot for this.. I really needed this.. if it is possible then please help me with my doubts...
OK.. I will directly get to the point... I want to do "something" for my phone, the Galaxy S Advance... like create a custom Kernel or a ROM for this device... Now I'm a total "newbie" in all these.. so this will be my first time... now my question is: Which will be easier and SAFER to make; a custom ROM or a kernel?... Because I will obviously be the first one to try my own creation so like please tell me which one will be safer for me to try out? So that even if I do something wrong - I will still be able to fix it without spending any money on Repairing from shops...
Click to expand...
Click to collapse
If it's your first time and you don't know a lot about these, the safer(and easier) would be, for sure, trying to create a custom ROM. A kernel requires lots of knowledge, you need to compile things, code, make magic.... It's hard and dangerous, cause it's the bridge between firmware and hardware. If something go wrong, you are gonna have a bad time. But the rom creation process is much more easy, there are lots of tutorials, and if u know how to use Linux there is even a tool called dsxda kitchen(or something like that). The chances of bricking are smaller(but are still present) and it usually makes the device better.
So, if u are really need it, first get experience creating a ROM. Only think about kernels later.
Hope I helped, and good luck :thumbup:
Enviado de meu GT-P5110 usando o Tapatalk 2

Useful video for newbies
I've uploaded one video on YouTube last January, that should help beginners what to do, as well as read in the text step by step and translate it (many people who visit this forum don't understand very well english, so they can copy&paste it into their translators). Here is the link:
http://www.youtube.com/watch?v=0NXBN9Z63TY
Last January I've read in different forums that many people had issues with "E: signature verification failed" even after successful root, as sometimes they just rooted but didn't have CWM recovery yet.
There were no good explainations how to solve it so I did that video, on the example of Samsung Tab 2 GT-P5110.
The video has helped many people, meanwhile it's clicked nearly 50K times....
Cheers!

My Micromax Bolt Q370 doesn't have any custom recovery available. But I am rooted, Xposed Installed. (Installed using terminal), Dolby Atmos installed (Installed through Flashfire).
Yeah, but I soft bricked it many times (6 times) and have to fix it in service centre.
Now I know what's healthy for my phone, and what bricks my phone. Now I'm stopped playing with root apps, until somebody make a custom recovery for my phone.

gabriel2anjos said:
If it's your first time and you don't know a lot about these, the safer(and easier) would be, for sure, trying to create a custom ROM. A kernel requires lots of knowledge, you need to compile things, code, make magic.... It's hard and dangerous, cause it's the bridge between firmware and hardware. If something go wrong, you are gonna have a bad time. But the rom creation process is much more easy, there are lots of tutorials, and if u know how to use Linux there is even a tool called dsxda kitchen(or something like that). The chances of bricking are smaller(but are still present) and it usually makes the device better.
So, if u are really need it, first get experience creating a ROM. Only think about kernels later.
Hope I helped, and good luck :thumbup:
Enviado de meu GT-P5110 usando o Tapatalk 2
Click to expand...
Click to collapse
yet the lineage OS devs STRONGLY advise AGAINST me doing this since i dont know what im doing, so how tf is this easier 0.0 (as my device is unsupported)

[Q] FB Mode question

Fastboot Mode
PRODUCT NAME - tuna
VARIANT - maguro 16gb
HV VERSION - 9
BOOTLOADER VERSION - PRIMELC03
BASEBAND VERSION - I9230XXLH1
CARRIER INFO - NONE
SERIAL NUMBER - XXXXXXXXXXXXXXXX
SIGNING - production
LOCK STATE - unlocked
When it says unlocked, is it talking about my SIM or my bootloader?
Do Nexus's come bootloader unlocked, I mean; they are dev friendly.
Don't make fun of me, I'm only curious and trying to start learning about android and maybe even develop things considering I do know alot about graphics.
Thanks in advance.
Edit: I forgot it meant bootloader (blonde moment?), but is this regular for nexus devices?

I'm almost certain it's talking about your bootloader but to be certain reboot your device. If you see an unlocked padlock under Google when you turn on your device your bootloader is unlocked.

063_XOBX said:
I'm almost certain it's talking about your bootloader but to be certain reboot your device. If you see an unlocked padlock under Google when you turn on your device your bootloader is unlocked.
Click to expand...
Click to collapse
Yeah it is, I know that; i edited my post after realizing that.
But what I'm asking is; Is it typical for nexus devices to come with unlocked bootloaders or not?
I got my from i wireless and I believe it is a imported device.

It's not. Probably was returned/refurbished.

Haaah.
What are the chances that it's rooted and how can I check?
I traded in my One S and got this phone as a replacement.
Strange that it came in the original boxing with everything.
Thanks man.

If it doesn't have superuser then it isn't rooted.

Thanks.
I'm gonna be a noob and ask one more question.
Is it easy to brick your phone from rooting?

Or SuperSU. Try rootchecker. "Is it easy to brick your phone from rooting?" Not from rooting but perhaps flashing if you tend to jump into things..

brainfart moments can give you a softbrick pretty easily, but with fastboot and (we arent quite fans of this like the fascinate people were) ODIN you would have to realllllly screw up and probably try to completely brick it. make sure you have fastboot set up and working correctly before doing anything questionable. it will save your ass lol
edit: speaking of fastboot, i would probably use it to format and reflash all partitions with the latest stock image before messing around since it sounds like your phone has been screwed with before you got it (you never know what other people did to it). theres a really good guide about resetting to stock in either the general or q/a section here. dont worry about relocking the bootloader, there isnt really a way to unlock it wrong... it either works or doesnt. since you sound pretty tech savvy, please dont use toolkits, learn fastboot. it seems like toolkits are a one click problem, not a one click fix lol.

electro` said:
Thanks.
I'm gonna be a noob and ask one more question.
Is it easy to brick your phone from rooting?
Click to expand...
Click to collapse
Practically impossible. You'd have to not read anything and then willfully do something to ruin your device. And even then it's almost certainly recoverable so not bricked.

It seems nearly impossible to brick your device. x.x
I installed ParanoidAndroid last nigh but for some reason I tried installing a mod and I lost the status bar and home buttons.
I was so pissed off, I had to unroot my device and reflash the stock rom.
I'm going to try using CyanogenMod 10.1 and see where it gets me. It will probably be better considering you can make alot more customizations to your device ui and such.
Thanks 063_XOBX.

Rooting without exploding the device? Have not had an HTC in a long time.

Just ordered my HTC 10, excited...and nervous as I've not had a new device (like long term) in... like over 1.5 years. :S I'm mainly hoping the microSD card slot likes my 128GB U1 x633 card so I can finally have enough space for all my vinyl rips, and then I hope the DAC is as good as they say.
So anyway, I've been reading all of this stuff about rooting and loosing the radio connection and something about the data encryption breaking everything O.O!!! Holy crap. I just wanna root it, find a good rom and dev to support and enjoy it. This is what I do on my current daily driver, my old OPO. I've been trying to look around, search, and read to make sure that I avoid all of these issues mentioned but so far I've not found a concrete explanation of why said issues happen. Not new to rooting/flashing at all, but HTC devices always seemed to of been touchy when it came to custom stuff, and I don't want to explode this thing. My main problem is that I've been away from HTC for.... well since early 2014.
My current knowledge of android stuffz tells me to:
1) Unlock Bootloader via ADB
2) Flash TWRP/Other Customer Recovery
3) Find sweet rom, flash and spend hours customizing
4) Flash xposed and go crazy with modules until the phone explodes and then scale it back to a realistic level
5) Enjoy Phone
6) Cake
HOWEVER... I remember HTC devices having a bit more complication due to things like... RUU and firmware.. I don't even remember what RUU means lol... But I remember when I had my M8 I was always fighting these dang firmware issues. While I ended up with a fantastic experience, I remember fighting for almost 2 months or so to get it to behave. Battery was out of control, phone was crashing, camera exploding. Oh man it sucked, but finally someone really cool was like... "Yo dude I had these issues, this is what you have to do with HTC stuff" , and after a full hour of flashing shiz I had the phone running smoothly and behaving correctly. Something about... you had to flash each level of the firmware and then reboot and...something. Like you couldn't just skip to the latest firmware? I don't remember exactly.
So anyway, the main question I have is. Could someone either
A.) Point me in the direction of a post or something to study to understand what to do and not do. I've searched but not really found anything solid. Something for folks who've been off the HTC scene for a while.
B.) If there isn't really a single post on this, perhaps if someone doesn't mind explaining this (even pm is fine) to me so I don't explord this expensive mofo and cry.
C.) Give me a hug, because I am nervous about having a new device O.O , it's been so long and I'm so used to Cm13 and xposed and all that jazz. I is be scared.
I would be grateful to any and all help/support.
Anyway, thanks in advanced guys and gals. :3

Locklear308 said:
Just ordered my HTC 10, excited...and nervous as I've not had a new device (like long term) in... like over 1.5 years. :S I'm mainly hoping the microSD card slot likes my 128GB U1 x633 card so I can finally have enough space for all my vinyl rips, and then I hope the DAC is as good as they say.
So anyway, I've been reading all of this stuff about rooting and loosing the radio connection and something about the data encryption breaking everything O.O!!! Holy crap. I just wanna root it, find a good rom and dev to support and enjoy it. This is what I do on my current daily driver, my old OPO. I've been trying to look around, search, and read to make sure that I avoid all of these issues mentioned but so far I've not found a concrete explanation of why said issues happen. Not new to rooting/flashing at all, but HTC devices always seemed to of been touchy when it came to custom stuff, and I don't want to explode this thing. My main problem is that I've been away from HTC for.... well since early 2014.
My current knowledge of android stuffz tells me to:
1) Unlock Bootloader via ADB
2) Flash TWRP/Other Customer Recovery
3) Find sweet rom, flash and spend hours customizing
4) Flash xposed and go crazy with modules until the phone explodes and then scale it back to a realistic level
5) Enjoy Phone
6) Cake
HOWEVER... I remember HTC devices having a bit more complication due to things like... RUU and firmware.. I don't even remember what RUU means lol... But I remember when I had my M8 I was always fighting these dang firmware issues. While I ended up with a fantastic experience, I remember fighting for almost 2 months or so to get it to behave. Battery was out of control, phone was crashing, camera exploding. Oh man it sucked, but finally someone really cool was like... "Yo dude I had these issues, this is what you have to do with HTC stuff" , and after a full hour of flashing shiz I had the phone running smoothly and behaving correctly. Something about... you had to flash each level of the firmware and then reboot and...something. Like you couldn't just skip to the latest firmware? I don't remember exactly.
So anyway, the main question I have is. Could someone either
A.) Point me in the direction of a post or something to study to understand what to do and not do. I've searched but not really found anything solid. Something for folks who've been off the HTC scene for a while.
B.) If there isn't really a single post on this, perhaps if someone doesn't mind explaining this (even pm is fine) to me so I don't explord this expensive mofo and cry.
C.) Give me a hug, because I am nervous about having a new device O.O , it's been so long and I'm so used to Cm13 and xposed and all that jazz. I is be scared.
I would be grateful to any and all help/support.
Anyway, thanks in advanced guys and gals. :3
Click to expand...
Click to collapse
I was in the same boat haven't owed an HTC since the Fuze running Windows lol and have been a loyal Samsung user since the S1 so the whole adb fastboot thing was a little overwhelming. I followed the guide in the forum and had a few hiccups but overall went pretty smooth. Adb is definitely not as user friendly as Odin on a Sammy device but not to difficult. My only tips would be make sure you have all the latest drivers, twrp, and adb installed. It seems pretty hard to permanently brick a device these days from my experience so I wouldn't worry to much. As far as the radio not working, as long as you keep your device encrypted you won't lose your radio. I'm sure the devs will find a fix for this soon enough. Enjoy your new 10!
Edit: I'm using a lexar 128gb 633x U1 micro sd and all is well. Worked with adoptable storage also but felt a little sluggish so I went back to using it as external storage.

AndroiderM said:
I was in the same boat haven't owed an HTC since the Fuze running Windows lol and have been a loyal Samsung user since the S1 so the whole adb fastboot thing was a little overwhelming. I followed the guide in the forum and had a few hiccups but overall went pretty smooth. Adb is definitely not as user friendly as Odin on a Sammy device but not to difficult. My only tips would be make sure you have all the latest drivers, twrp, and adb installed. It seems pretty hard to permanently brick a device these days from my experience so I wouldn't worry to much. As far as the radio not working, as long as you keep your device encrypted you won't lose your radio. I'm sure the devs will find a fix for this soon enough. Enjoy your new 10!
Click to expand...
Click to collapse
Well I am comfortable in adb :3 so that's not a worry. So un-enecrypting it is just an option, and I should just avoid it for now? What is the advantage of un-encrypting it?
What guide did you use? Also, what about all this firmware and ruu stuff?
Sorry for so many questions... Lol this thing wasn't cheap and I am nervous , BTW what setup do you have? Root? ROM?
Thanks for replying :3

Locklear308 said:
Well I am comfortable in adb :3 so that's not a worry. So un-enecrypting it is just an option, and I should just avoid it for now? What is the advantage of un-encrypting it?
What guide did you use? Also, what about all this firmware and ruu stuff?
Sorry for so many questions... Lol this thing wasn't cheap and I am nervous , BTW what setup do you have? Root? ROM?
Thanks for replying :3
Click to expand...
Click to collapse
http://forum.xda-developers.com/htc-10/how-to/guide-root-optionally-s-off-radio-t3373025
From what I understand unencrypting breaks the radio. With it unencrypted you would get slightly better performance and boot times I think. I would definitely avoid it for now. I'm currently using twrp with Viper 10 rom. I've also used leedroid and still trying to find which one I prefer. I've only had my 10 for 3 days lol so I haven't found my sweet setup just yet. I left s-on for now as I don't really need it off.
No idea about the firmware and ruu stuff. I made a backup of stock rom before I started flashing. I'm pretty sure there is or will be a repo with factory firmware, radios, etc. I don't know what ruu stands for either lol.
---------- Post added at 06:56 AM ---------- Previous post was at 06:51 AM ----------
Did you get carrier or unlocked version

AndroiderM said:
http://forum.xda-developers.com/htc-10/how-to/guide-root-optionally-s-off-radio-t3373025
From what I understand unencrypting breaks the radio. With it unencrypted you would get slightly better performance and boot times I think. I would definitely avoid it for now. I'm currently using twrp with Viper 10 rom. I've also used leedroid and still trying to find which one I prefer. I've only had my 10 for 3 days lol so I haven't found my sweet setup just yet. I left s-on for now as I don't really need it off.
No idea about the firmware and ruu stuff. I made a backup of stock rom before I started flashing. I'm pretty sure there is or will be a repo with factory firmware, radios, etc. I don't know what ruu stands for either lol.
---------- Post added at 06:56 AM ---------- Previous post was at 06:51 AM ----------
Did you get carrier or unlocked version
Click to expand...
Click to collapse
Unlocked, at least that's what the guy on Swappa marked it as. *fingers crossed*
Got it for 510. One scratch on the metal
Alright so I will back things up and avoid the radio breaking stuff. I will check that link, thanks man

Locklear308 said:
Unlocked, at least that's what the guy on Swappa marked it as. *fingers crossed*
Got it for 510. One scratch on the metal
Alright so I will back things up and avoid the radio breaking stuff. I will check that link, thanks man
Click to expand...
Click to collapse
No problem, mine has two scratches on metal too lol but guy gave me $200 and unlocked htc 10 w uh oh protection and original receipt for my s7e at&t branded locked bootloader ?. Was a no brainer for me

Locklear308 said:
Just ordered my HTC 10, excited...and nervous as I've not had a new device (like long term) in... like over 1.5 years. :S I'm mainly hoping the microSD card slot likes my 128GB U1 x633 card so I can finally have enough space for all my vinyl rips, and then I hope the DAC is as good as they say.
So anyway, I've been reading all of this stuff about rooting and loosing the radio connection and something about the data encryption breaking everything O.O!!! Holy crap. I just wanna root it, find a good rom and dev to support and enjoy it. This is what I do on my current daily driver, my old OPO. I've been trying to look around, search, and read to make sure that I avoid all of these issues mentioned but so far I've not found a concrete explanation of why said issues happen. Not new to rooting/flashing at all, but HTC devices always seemed to of been touchy when it came to custom stuff, and I don't want to explode this thing. My main problem is that I've been away from HTC for.... well since early 2014.
My current knowledge of android stuffz tells me to:
1) Unlock Bootloader via ADB
2) Flash TWRP/Other Customer Recovery
3) Find sweet rom, flash and spend hours customizing
4) Flash xposed and go crazy with modules until the phone explodes and then scale it back to a realistic level
5) Enjoy Phone
6) Cake
HOWEVER... I remember HTC devices having a bit more complication due to things like... RUU and firmware.. I don't even remember what RUU means lol... But I remember when I had my M8 I was always fighting these dang firmware issues. While I ended up with a fantastic experience, I remember fighting for almost 2 months or so to get it to behave. Battery was out of control, phone was crashing, camera exploding. Oh man it sucked, but finally someone really cool was like... "Yo dude I had these issues, this is what you have to do with HTC stuff" , and after a full hour of flashing shiz I had the phone running smoothly and behaving correctly. Something about... you had to flash each level of the firmware and then reboot and...something. Like you couldn't just skip to the latest firmware? I don't remember exactly.
So anyway, the main question I have is. Could someone either
A.) Point me in the direction of a post or something to study to understand what to do and not do. I've searched but not really found anything solid. Something for folks who've been off the HTC scene for a while.
B.) If there isn't really a single post on this, perhaps if someone doesn't mind explaining this (even pm is fine) to me so I don't explord this expensive mofo and cry.
C.) Give me a hug, because I am nervous about having a new device O.O , it's been so long and I'm so used to Cm13 and xposed and all that jazz. I is be scared.
I would be grateful to any and all help/support.
Anyway, thanks in advanced guys and gals. :3
Click to expand...
Click to collapse
I'm on my third htc10. Exploded last two after rooting haha. Really not hard mate. Just read the guides provided and ask any questions you need. Most ppl on XDA will be helpful, and some will reply like me lol.
BTW, simple answer, unlock phone via HTC Dev, then flash Viper. Done.

purple patch said:
I'm on my third htc10. Exploded last two after rooting haha. Really not hard mate. Just read the guides provided and ask any questions you need. Most ppl on XDA will be helpful, and some will reply like me lol.
BTW, simple answer, unlock phone via HTC Dev, then flash Viper. Done.
Click to expand...
Click to collapse
Alright neato, so do I need to ensure I let it download any and all OTA's for the firmware before doing anything? Is s-off safe to get as well in regards to the issues I referred to in my OP above?
And his is this viper? Does it allow things like settings similar to cm and also allow for xposed?
Thanks for replying man, I feel more comfortable now as it sounds like there isn't anything crazy required to safely root this thing . Phew!!

Locklear308 said:
Alright neato, so do I need to ensure I let it download any and all OTA's for the firmware before doing anything? Is s-off safe to get as well in regards to the issues I referred to in my OP above?
And his is this viper? Does it allow things like settings similar to cm and also allow for xposed?
Thanks for replying man, I feel more comfortable now as it sounds like there isn't anything crazy required to safely root this thing . Phew!!
Click to expand...
Click to collapse
I got an M9 for my wife not that long ago and just had my 10 show up today and gonna root. Just do like the other dude said. Find a guide that says how to use HTC dev to unlock the bootloader. You can't just enter a command in adb like "unlock bootloader" and have it work. Go to the HTC dev website, make an account, pick your device and it walks you through the steps of unlocking the bootloader. That's really the only semi-difficult part IMO. Then proceed as normal. Download twrp, make a stock nand, download ROM, su binaries, kernel, etc. etc. go to recovery and flash. I'm sure there's a couple other steps in their but that's the basics.
As for Viper, it tends to come with so many mods built in, I'd personally be kind of reluctant to use xposed with it to to much modifying. It's a great ROM, but so is leedroid You can try each and see what you like, but if you want to more safely use xposed I'd personally go with leedroid.

DroidIt! said:
I got an M9 for my wife not that long ago and just had my 10 show up today and gonna root. Just do like the other dude said. Find a guide that says how to use HTC dev to unlock the bootloader. You can't just enter a command in adb like "unlock bootloader" and have it work. Go to the HTC dev website, make an account, pick your device and it walks you through the steps of unlocking the bootloader. That's really the only semi-difficult part IMO. Then proceed as normal. Download twrp, make a stock nand, download ROM, su binaries, kernel, etc. etc. go to recovery and flash. I'm sure there's a couple other steps in their but that's the basics.
As for Viper, it tends to come with so many mods built in, I'd personally be kind of reluctant to use xposed with it to to much modifying. It's a great ROM, but so is leedroid You can try each and see what you like, but if you want to more safely use xposed I'd personally go with leedroid.
Click to expand...
Click to collapse
Oh right, I do remember about the whole HTC dev website thing. I was mainly just concerned with the firmware issues and stuff that I had before.
Is there any kind of limitations for reasons not to upgrade to the highest available firmware? Something like, maybe the highest one can't be rooted yet or something like that. I just want to make sure that I don't shoot myself in the foot haha.
Thank you all for your help

Locklear308 said:
Oh right, I do remember about the whole HTC dev website thing. I was mainly just concerned with the firmware issues and stuff that I had before.
Is there any kind of limitations for reasons not to upgrade to the highest available firmware? Something like, maybe the highest one can't be rooted yet or something like that. I just want to make sure that I don't shoot myself in the foot haha.
Thank you all for your help
Click to expand...
Click to collapse
Hey, I'm not sure about firmware not being able to be rooted but the best way to go about it (what I did anyway) is to unlock the phone via htcdev.com, flash a custom recovery (Latest TWRP which has also worked around the encryption stuff?) and then back up everything other than the data partition. That way, no matter what you do, you always have something to revert back to. The reason for not backing up data is due to the encryption. From my understanding, restoring an encrypted data partition would break things. Once you have the phone unlocked and recovery sorted, you are free to flash viper etc. and root the phone using SuperSU. I'm sure you are aware unlocked devices are quite easy to root so whatever you flash will most likely be on latest firmware, already rooted.
As for installing OTAs etc., you need unmodified system and recovery which is where the backups kick in. Simply back up your data on an SD card (pictures etc. not the actual partition) and restore the system-image and recovery. This should reset the phone although I'm not sure if it'll wipe anything and allow you to do OTA updates. Alternatively, get the latest firmware for your device from htcdev (again, not sure if they have firmware on there) and use that instead.
If any of the information above is incorrect or missing steps, someone feel free to correct me.

Sony bootloader exploits and/or bypass

Hi
I'm new to the forum but have been doing a fair amount of research. I am stuck now though and would like a bit of help.
My situation is that I have a Xperia XA1 ultra (I know I should post in that device specific forum but not much seems to be happening there) I have a very specific problem that I have treated like a forensics problem.
The phone is locked by a pattern which has been guessed by another person so many times that the gatekeeper only allows one entry per day provided the phone is charged otherwise the timer resets.
It has not been rooted and ADB is disabled.
I have connected to it through fastboot and what I can gather is that it is running Android Oreo.
The system details are as follows:
Product: XA1 Ultra G3221
Build Number: 48.1.A.0.129
Chipset: Mediatek MT6757 Helio P20
Bootloader: Locked
My research has led me to the possibility of loading a recovery image into the RAM of the phone and accessing ADB that way. I tried this with a TWRP image but obviously it didn't work. There is a company called Cellebrite that claims to be able to load it's own boot/recovery image into the bootloader and gain entry that way, however the license is something like £10,000. I'm definitely not a commercial customer.
The final option for me would be to dump the memory via JTAG or chipoff, the contents would be encrypted but I found a blog where somebody had managed to find the location of the gesture.key file while the system was encrypted. I can't remember what the site was called though, it took me ages to find last time.
My main questions are does Sony sign the boot image with it's own keys or does it use the standard Android Verified Boot?
Does Sony reuse the same keys for signing across devices? Likely not but maybe
Is there a way to send specific instructions to the RAM via fastboot?
Does anybody know of an exploit that could be used?
Is there a way to extract the boot.img and recover the Sony keys?
If there any other docs, resources or ways to get the data that could help, I will gladly read and/or try them. I think this forum is probably the biggest resource one though but after a while the specific information needed gets harder to find.
The main thing is that I don't unlock the bootloader and flash anything. It's all got to be live and non data damaging.
I tried MTPwn on the off chance that it would work but nope, it was a no go.
If there was a way to utilise the mediatek exploit to gain entry from fastboot that would be excellent, or to use fastboot to dump the memory.
Thanks for reading, I hope someone can help.

Your thread was quite confusing at first as I wasn't sure what to look for exactly :/
That being said, you have your phone locked and you want to unlock it. However you don't want to flash or reset your device, you don't have root permission, you don't have debugger mode on and you don't want to unlock the bootloader, correct?
Basically you're asking for the impossible...
All I can think of is FROST attack. See article for details and source code.
You can also send your device to your nearest Sony service center and they can probably fix it with no memory loss.
Other than that, you MUST hard reset your phone if you want it back.
However should you come to your mind and realize the reality of the situation where you shouldn't be picky about it then you can start with flashing custom recovery. Or using third-party programs like dr.fone.

XDHx86 said:
Your thread was quite confusing at first as I wasn't sure what to look for exactly :/
That being said, you have your phone locked and you want to unlock it. However you don't want to flash or reset your device, you don't have root permission, you don't have debugger mode on and you don't want to unlock the bootloader, correct?
Basically you're asking for the impossible...
All I can think of is FROST attack. See article for details and source code.
You can also send your device to your nearest Sony service center and they can probably fix it with no memory loss.
Other than that, you MUST hard reset your phone if you want it back.
However should you come to your mind and realize the reality of the situation where you shouldn't be picky about it then you can start with flashing custom recovery. Or using third-party programs like dr.fone.
Click to expand...
Click to collapse
Thanks for getting back to me, yes I realise it is asking for the impossible. I'll have a research around that article and see if I can find some information on how to write the program to dump the contents over USB. I tried Dr Fone but that only gave me the option of a hard reset.
My current line of attack is an exploit over USB called OATmeal, whereby a Raspberry Pi is used over OTG with a filesystem label of "../../data", it allows the filesystem of the phone to be mounted and data written off. It is a little complex and so I am struggling a bit with getting it to work. The team over at Project Zero have a good write-up of it so I'm following that and the POC at exploit-db to guide me through it.
I think I will be able to get the USB part to work but I'm not sure if I have to write a Java file to automatically run when /data is mounted, or if that's even possible.

Forenzo said:
My current line of attack is an exploit over USB called OATmeal
Click to expand...
Click to collapse
Not to make you frustrated, but this is an old exploit and I highly doubt it'd work on your device, unless your device security patch is older than 9-2018.
And you can't rollback on your security patch.
You should really consider flashing TWRP or other custom recovery. You have no other option.

XDHx86 said:
Not to make you frustrated, but this is an old exploit and I highly doubt it'd work on your device, unless your device security patch is older than 9-2018.
And you can't rollback on your security patch.
You should really consider flashing TWRP or other custom recovery. You have no other option.
Click to expand...
Click to collapse
Fortunately the device hasn't been updated since around 2-2018 or 3-2018 so any exploit I can find from then onwards that I can use will be great. I really do get that the only realistic option is to unlock the bootloader and flash the recovery but the data needs to be recovered and I absolutely don't want to wipe it.
If I can't do it then it will gather dust until the end of time...

It seems that no matter what I say you won't realize the situation you are in.
I can only suggest to NEVER mess with the phone circuits or the motherboard. No matter which stupid yoututbe tutorial you saw. Those guys are douchebags who only know how to get views and don't care for whatever you/they do to your device.
Needless to say messing with the circuits or the motherboard require dexterity and experience which I'm positive you don't have.
As I said before if you send it to an authorized service center, then they can help you with it without memory loss.
Sending you device to a service center isn't an insult or an act of low self esteem. Service centers exist for a reason, and they're basically geeks who are too passionate about electronics and decided to make a living out of it.
Or maybe you can somehow use the EDL mode on the phone.
In Qualcomm devices the EDL mode is locked and can only be accessed by an authorized person who have the security code of your device. I don't know if it even exist in MTK devices.
Should you actually manage to boot into EDL mode - Assuming it exists and is unlocked - then BEWARE: EDL mode is very low level and any command can directly affect the kernel or compromise the system. Don't use commands you're not sure what do they do.
You can use EDL mode to recover the data from the phone then wipe it clean, then restore the data.
You cannot access memory with EDL mode, but you can access the current image on your device. And from which you can get the key file.
EDL mode is a very very powerful tool (Much more powerful than debugging, fastboot, or anything you may know of) as it doesn't need unlocked bootloader to use it and through which you can do anything to your device including flashing other ROMs.
Good luck on your impossible quest. Make sure to post updates should you find yourself stuck.