Related
Hi All
I've searched and not found much info on this.
I've got a dump of an HTC HD7 using the Riff box (JTAG). The file is a 512MB BIN file.
Basically I would like to be able to see the files inside it. Ideally I would like to see the files/folders/structure inside the dump. I don't know how difficult or easy this is, so forgive me if I'm asking for the impossible. But is there a way of converting the bin file to something like a cab/nbh or even the files/folders so that I can view them in explorer or some similar tool?
At the moment I'm viewing the file in a hex editor trying to carve out certain files. But I figure since the file system and structure is known on Windows Phone 7, there may be a way of converting the entire image to a better support format.
So if anyone can suggest any tools or ways of doing this, it would be much appreciated.
Thanks
How do you use the jtag to get a dump of it? I don't know if you can use htcrie or not (search in this forum for the tool)
Sent from my SGH-i917 using XDA Windows Phone 7 App
snickler said:
How do you use the jtag to get a dump of it? I don't know if you can use htcrie or not (search in this forum for the tool)
Click to expand...
Click to collapse
I use the Riff Box which is supposed to a dump of the ROM/NAND, which it did, into a .bin file.
I've tried htcrie, but it doesn't load the bin file. I've tried looking for a tool that converts the .bin to a nbh, but found nothing so far
puunda said:
I use the Riff Box which is supposed to a dump of the ROM/NAND, which it did, into a .bin file.
I've tried htcrie, but it doesn't load the bin file. I've tried looking for a tool that converts the .bin to a nbh, but found nothing so far
Click to expand...
Click to collapse
Where do you get a riff box from? I want to dump my rom. I would look into the Windows Mobile threads and see if there is a tutorial OR pm ansar or xboxmod and see if they can help out. If possible can you provide how to obtain an use the riff box?
Sent from my SGH-i917 using XDA Windows Phone 7 App
nbh or nb it's for bootloader to write to nand, so it will have diff format with nand dump.
ted973 said:
nbh or nb it's for bootloader to write to nand, so it will have diff format with nand dump.
Click to expand...
Click to collapse
I'm not sure. I took a complete dump of the HD7 and it gave me a 512MB file in a .bin format. I believe that includes the bootloader and everything else, but I could be wrong.
I don't mind what kind of file it gets converted to, as long as I can view the files inside. Thanks
puunda said:
I'm not sure. I took a complete dump of the HD7 and it gave me a 512MB file in a .bin format. I believe that includes the bootloader and everything else, but I could be wrong.
I don't mind what kind of file it gets converted to, as long as I can view the files inside. Thanks
Click to expand...
Click to collapse
Try this thread http://forum.xda-developers.com/showthread.php?t=1260757 . There's something on there that speaks about WP7 Binary tools.
snickler said:
Try this thread http://forum.xda-developers.com/showthread.php?t=1260757 . There's something on there that speaks about WP7 Binary tools.
Click to expand...
Click to collapse
I've looked on that thread and have downloaded the tools. I've also messaged the author of the tool, but not got a reply yet. It looks like the tools which does work on the raw dump/bin files are for the logo and bootloader, not the entire image.
I'm still working on it, but there seems to be a lot of info that I need to sort though.
You may use Qualcomm tool from riff plugin. It's view all partitions
Missed this one.
No questions in the development section please!
Thread Closed
See my other thread about the upgrade message when I connect to HTC sync manager. (Even though the phone reboots and goes thru several flash screens, nothing is changed)
Phone is HTC Desire 526 Verizon prepaid.
This time, I let it run again, but I opened the program temp folder in explorer and grabbed the files.
It has a 1.2GB file that I'm guessing is system image and a 10MB file labeled boot image.
I uploaded it to my Google drive in the hopes that someone here can find a way to use it to get us a custom ROM, or at least root, going.
Here's the files:
https://drive.google.com/folder/d/0B_Sgf7j8WktiM0pmcDJveVBFWUU/edit
Cheers.
Are those files for the US or the Europe version?
Ynlord said:
Are those files for the US or the Europe version?
Click to expand...
Click to collapse
USA, Verizon prepaid
ericpeacock79 said:
USA, Verizon prepaid
Click to expand...
Click to collapse
Which one is exactly the temp directory of the program?
Ynlord said:
Are those files for the US or the Europe version?
Click to expand...
Click to collapse
Ynlord said:
Which one is exactly the temp directory of the program?
Click to expand...
Click to collapse
I pulled those files from the temporary download location of the HTC program on Windows, just after it downloaded the update, while it was copying the files to the phone.
It was in the Program Files directory of the HTC desktop program, instead of the windows user profile temp folder like most programs.
The files uploaded are the update files.
ericpeacock79 said:
I pulled those files from the temporary download location of the HTC program on Windows, just after it downloaded the update, while it was copying the files to the phone.
It was in the Program Files directory of the HTC desktop program, instead of the windows user profile temp folder like most programs.
The files uploaded are the update files.
Click to expand...
Click to collapse
I was having trouble downloading the one that you posted, i downloaded again with the htc sync manager and got it on this location C:\Users\<your_user_name>\AppData\Local\HTC MediaHub\FOTA.
Should i go to recovery and fast it or should i use adb for it?
Ynlord said:
I was having trouble downloading the one that you posted, i downloaded again with the htc sync manager and got it on this location C:\Users\<your_user_name>\AppData\Local\HTC MediaHub\FOTA.
Should i go to recovery and fast it or should i use adb for it?
Click to expand...
Click to collapse
I do not know if it would work like that. If I had to guess, I would say fastboot, but I really don't know.
I will try it tomorrow and let you know. I still have the phone, but I don't use it and can't seem to sell it on Craigslist...
Is it possible to unpack an image of the non branded version and compare the differences.. see what we can change to possibly allow hot-spot or root?
hemanolio said:
Is it possible to unpack an image of the non branded version and compare the differences.. see what we can change to possibly allow hot-spot or root?
Click to expand...
Click to collapse
That might be difficult, given that the US-market 526 was only sold by Verizon and doesn't seem to be too popular of a phone. I never found a way to order it unlocked straight from HTC.
Does the boot.img have an unlocked bootloader?I need one thats unlocked
there is no unlocked bootloader for the Vreizon prepaid Desire 526.
I posted these files in the hopes that someone could use them to get us unlocked.
Thank You for the files.
I will take a look and let you guys know how to flash it.
It will help the bootloader issue.
I need these files to keep working on this.
Thanks again
---------- Post added at 05:54 PM ---------- Previous post was at 05:46 PM ----------
To flash the rom. Whichever of the 2 downloads it is ???
rename the file to
Code:
0PM3IMG.zip
Copy 0PM3IMG.zip to the external sd card.
Boot the phone into the bootloader / download mode.
It should find the file on the sdcard and ask you if you want to install it.
I will test it out later.
Basically if you mess something up in the phone by deleting files or whatnot this should be useable to flash back to stock.
I know I'm just an amateur with programming but couldn't you/we just "Frankencode" it? Like have two/three of the same file and keep one original, have another be the successful edit, and have another be the experimental editing?
To some extent that is what i'm working on.
The Desire 626s is the same chipset and the boot-loader is unlockable.
These RUU files / ( Factory Rom ) ruu = rom update utility come packed with some goodies.
The bootloader is in the packages for the 526 and the 626.
The question is how to flash the files from the 626 to the 526.
The ruu uses a couple different security measures to make sure the files aren't tampered with.
The main zip file is signed with keys and verified to be signed against the public half of the keypair.
It's a file called keys in the /res folder of the recovery.img ramdisk.
By generating a pair of keys ( Private and Publick ) .pk8 and .pem and dumping the public key with dumppublickeys it is possible to change the key in the /res/key of the ramdisk. This means we can modify the main zip file and sign it with our own keys and it will pass the signature test.
But the zip files inside of the main zip are also signed / encrypted.
We can decrypt the inner zip files with bruuveal. So that can extract the zip files and not get errors.
Or use the HTC Decrypt tool found on this forum.
The interesting thing here is that prior to the ruu flashing the phone it flashes the HOSD.
That's the smaller zip file.
The only reason for HTC to do that i'm thinking is because the hosd / hboot that is on the phone to begin with blocks writing of the necessary partitions by some means.
So the hosd is pre-updated to allow the main ruu to flash.
This is not the case on the 626s. The other interesting thing is that the hosd flashes by itself in the main zip not a sub zip and like I said I can get around the first file signature.
If I can get the 626s firmware to flash to the 526 then we can unlock the boot-loader.
If we can find a way to get around the inner file signing ( If I can figure out where the public half of the key is)
You can flash the software using fastboot...
fastboot flash zip <name 1st zip>
fastboot flash zip <name 2nd zip>
If the second file will not be able to - use htc_fastboot
where to take - when unpacking (executing)standart RUU file
Anyone find a solution to this problem? I have the desire 526 and it froze during upgrading with the htc sync, now it doesn't go past the boot screen and I've searched for a solution to this problem everywhere.
Is it safe to say that none of the forums have a solution to the Desire 526 vzw prepaid problem? I've searched multiple forums, youtube videos, and no one either answer the problem or the answers do not work. However most of us are just looking for the original boot & recovery, but that seems to be an impossible mission. Hopefully, someone in some forum will come up with a solution that actually works, or someone will actually respond to some of our questions.
ericpeacock79 said:
See my other thread about the upgrade message when I connect to HTC sync manager. (Even though the phone reboots and goes thru several flash screens, nothing is changed)
Phone is HTC Desire 526 Verizon prepaid.
This time, I let it run again, but I opened the program temp folder in explorer and grabbed the files.
It has a 1.2GB file that I'm guessing is system image and a 10MB file labeled boot image.
I uploaded it to my Google drive in the hopes that someone here can find a way to use it to get us a custom ROM, or at least root, going.
Here's the files:
https://drive.google.com/folder/d/0B_Sgf7j8WktiM0pmcDJveVBFWUU/edit
Cheers.
Click to expand...
Click to collapse
curious to know what file are we suppose to use?
badHTC526 said:
curious to know what file are we suppose to use?
Click to expand...
Click to collapse
No idea. I just put these up in the hopes that someone would be able to put them to good use. I'm not a dev, sorry.
I was able to find quite a few RUU's for HTCD100LVW after excavaing into the mythical 2nd & later pages of Google search. I can't remember how bad my soft brick was, but I spend somewhere near 40 hours ****ing this phone up before finally pulling the right bootable sd image on BigCountry's BL/root/TWRP method
Sent from my Desire 526 using XDA Labs
Hellomy name is korlan. First forgive me for english mistake i will made that's not my common language.
Here is my problem :
2 days ago i accidently flashed (./flashall.sh) the nexus 5x with the 5 files (hammehead files made for nexus 5)... Obviously it has ereased the bootloader and now the phone won't boot.
I made TONS of research because i can acces to the qualcom DLmode (the ref is 8992);
At this points i'm stuck. How recover emmc and flash again the phone.
Luckily i have another nexus 5X. I have dump all raw rom ( dd /dev/block/mmXXX and got a 16gb file wich coresspond to a raw valid rom).
I was happy but i faced a big problem : How download this bin file to the bricked phone.
I have the tool called QPST wich require a programmer (probably MPGR8992 ) the bin file and a rawprogram.xml (partition table). I don't have thoses files anone know how to obtain it or another way to unbrick this phone ?
thanks a lot hope you can help me inthis situation.
Have you tried flashing the bootloader for the 5x with fastboot?
Sent from my Nexus 9 using XDA Free mobile app
Yes, but I can't boot on bootloader, and so on fastboot mode ...
Its a lg phone , maybe you can turn on factory mode.
@nate0
Could try some solutions here if not already attempted...http://forum.xda-developers.com/showpost.php?p=67089762&postcount=55 ...have the same issue, as I have messed with the GPT/QC partitions...
To be able to send the raw binaries you do need the flash programmer for this phone, and potentially the MPGR8992 mbn file as well. These two are apparently not available anywhere I have looked. The issue I am running into is that my phone resets the connection to all the tools I have used.
nate0 said:
Could try some solutions here if not already attempted...http://forum.xda-developers.com/showpost.php?p=67089762&postcount=55 ...have the same issue, as I have messed with the GPT/QC partitions...
To be able to send the raw binaries you do need the flash programmer for this phone, and potentially the MPGR8992 mbn file as well. These two are apparently not available anywhere I have looked. The issue I am running into is that my phone resets the connection to all the tools I have used.
Click to expand...
Click to collapse
MPGR8992 mbn file , i think we need another 5x and back up using box or something .
LG TOT file was provided and it's possible to enter Qualcomm download mode for repairing now
i need help ican't find TOT file for nexus 5X h791 16 GB
@Vortex said:
LG TOT file was provided and it's possible to enter Qualcomm download mode for repairing now
Click to expand...
Click to collapse
Could you please elaborate how you got the TOT file and how you managed to enter Qualcomm download mode?
Device State - locked
Similar Problem, same solution with TOT File (32GB TOT File works also for 16GB Models)
look here:
http://forum.xda-developers.com/nexus-5x/help/device-locked-t3355549/page4
Hi to all! Like the title said, i'm trying to extract from 7T product partition img, then i want to edit it and re-flash it back.
Which is the fastest way to do so?
to get to the image you can use the payload dumper and unpack the payload.bin contained in the firmware pack then you have the produckt.img whether you can edit this or whether it also has write protection I cannot tell you unfortunately .
Maybe you can do this using the edl.py script that's available on GitHub.
This script allows you to use some of the qualcomm sahara protocol commands for stuff like reading and saving partition from the phone to your computer, or to write a partition from the computer to the phone internal memory.
Also with msm tool, you can enable the readback mode that allows you to backup single or multiple partitions (you just have to check the ones you want).
I hard bricked an LG G7 ThinQ G710EAW by flashing the wrong firmware (T-Mobile) onto it via LGUP. It now goes into EDL mode after shorting test points, but I'm unable to revive it by following this unbrick thread. Loading up the partition images via Partition Manager in QFIL "succeeds", but it doesn't revive my phone. Doesn't get me to fastboot. Still nothing on screen.
I also tried the rawprogram*.xml option using the XMLs in that thread, but QFIL keeps erroring out that the partition sizes defined in the XML are different from what it sees on the device.
The OP for the thread seems to not be active any longer.
Can someone here please help me understand how to recover my phone?
Anyone? Happy to donate for help as well.
Bumping up this thread.
If I had another EAW motherboard, would it help unbrick my motherboard? Wondering how I can fix my phone
So, I was able to finally figure this all out, recover my LG G710EAW and bring it back to life! It was a mix of information from many threads. No boxes, and no payment to anyone. All free.
The OP of this thread is active but has completely stopped responding to his thread and to his DMs - he's likely uninterested in a 4-5 year old phone at this point. In his first post he mentioned creating rawprogram* XMLs by hand, and it taking hour+ to do so. However, I'm unsure why it took him that long and in the end the files don't even work for QFIL since the sector size in the XMLs (512B) is different from device sector size (4096B). Nevertheless, I was able to flash these via command line 'edl' which ignored the sector size, but it didn't recover the device.
Generating rawprogram XMLs is easy if you can figure out how to run this Python program mentioned in this thread. However, the files attached there no longer work in 2022, the links are dead, and Python 2.7 is a dinosaur. Someone in that thread mentioned a different, fixed, repo but it didn't work with Python 2.7 for the 'undz' part. After a lot of head banging, I tried Python3 and 'undz' worked.
Here are the steps:
- Download the firmware for your model in KDZ format
- Install QPST
- Install Python3.x
- Run: pip3 install setuptools zstandard
- Download ZIP for kdztools from the repo: https://github.com/ErickG233/kdztools (or the attachment)
- Unzip kdztools and CD into that directory kdztools-master. This version is bug-fixed and also generates rawprogram files for us.
- Copy the firmware KDZ into kdztools-master directory
- Run: python3 unkdz.py -f G710EAW30e_00_0916.kdz -x. This creates a DZ file in a new `kdzextracted` folder
- Move the extracted DZ file from the kdzextracted folder back one level up, into kdztools-master dir
- Run: python3 undz.py -f G71030q_00_user-signed-ARB0_OPEN_ESA_DS_OP_0916.dz -c
- This creates a dzextracted folder here with all the files needed to recover your phone. Now all we need are the rawprogram XMLs.
- Run: python3 undz.py -f G71030q_00_user-signed-ARB0_OPEN_ESA_DS_OP_0916.dz -r. This will create all the rawprogram XMLs you need to flash. No patch files are created, but that is OK.
- In my case, QFIL complained it couldn't find file "PrimaryGPT_0.bin", so I copied file gpt_main0.bin_0 and renamed the copy gpt_main0.bin_0_copy > PrimaryGPT_0.bin
- Load your phone into EDL mode. If you want to use test points, see the image in this thread.
- Load QFIL. Use the ELF programmer file from any of the threads linked thus far. Select flat build. Load all rawprogram XMLs generated previously. Hit cancel when it asks for patch file XMLs.
- Hit Download.
This will recover your phone so it's able to boot and all. However, in my case, the phone had lost serial number and IMEI numbers (dual SIM) as well.
- To restore your IMEI numbers, you will need your QCN file or a backup of your FSG (fsg.img) partition from before bricking. In my case, I had flashed, via LGUP, T-Mobile firmware on my Indian phone. I then dumped all the partitions using command line EDL. I have not used QCN method since it seems to require a lot of steps to put the phone into diagnostics mode. I had a backup of the FSG partition, so I used that instead.
- If you have a backup of your FSG partition, load QFIL > Partition Manager. Erase modemst1 modemst2 and fsg partitions. Then, load the backup FSG.img file onto FSG partition. Restart phone.
- Now, if you have the serial number from your bill or box, see this thread to restore it. Pay extra attention to the Firehose configuration section, or else, it may create some issues. It's best to restore S/N after restoring IMEI in my experience, but this could just be some randomness or bad Firehose config during S/N restore.
This happiness was short-lived. When I was flashing all these KDZ via QFIL and LGUP trying to get my IMEIs back, I once saw "This phone is permanently locked and cannot be unlocked". That seems to have taken out my second SIM slot.
Now, after a fresh QFIL flash (with erase before download), my first SIM slot is also dead.
Neither of the SIM slots work now.
This has been so frustrating!
urover said:
This happiness was short-lived. When I was flashing all these KDZ via QFIL and LGUP trying to get my IMEIs back, I once saw "This phone is permanently locked and cannot be unlocked". That seems to have taken out my second SIM slot.
Now, after a fresh QFIL flash (with erase before download), my first SIM slot is also dead.
Neither of the SIM slots work now.
This has been so frustrating!
Click to expand...
Click to collapse
Any luck in recovering the phone ??