The Pro 5 was my dream device, and I eventually realised that it is tough for non-flyme roms to run well on the device, I have tried compiling lineage and the phone cant simply get pass the boot logo.
I believe that such a device is destined to be forgotten, but here is what I have concluded about the device itself.
Pro 5 has 2 types of bootloader files, one of which can be unlocked
I compared the md5 sum of bootloader files from different versions of flyme (both international and the Chinese version) and the famous Flyme OS 5.6.1.19 daily global rom, the bootloader that can be unlocked has a md5 of 49e792016a8a11b4661b4832b40728b6 while all the other bootloaders have md5: 4e6c0082a8aedcc7e2f8204554593bae
Verification of Pro 5's update.zip is a feature that was implemented in certain versions of the recovery.img onwards - to be confirmed.
*Update* the pro5 bootload with that particular md5 is indeed signed by meizu, it's sha1 digest matches the .mf file which in turn matches with the .sf file, and I can use openssl cms to verify the .sf file with the .rsa file, which contains the same public key as any other meizu roms.
Unless Meizu's private key was leaked, the bootloader should be authentic and signed by meizu.
Next up, I will be trying to branch someof the older projects to build twrp for pro5, and will slowly move on to lineageos.
Hello, can you help me unlock Meizu Pro 5 Chinese version (without the first H when checking imei in fastboot)? I tried many options at XDA and 4pda forums, but all failed, Bootloader automatically locked itself after resetting the device. Thanks!
Frankyvn said:
Hello, can you help me unlock Meizu Pro 5 Chinese version (without the first H when checking imei in fastboot)? I tried many options at XDA and 4pda forums, but all failed, Bootloader automatically locked itself after resetting the device. Thanks!
Click to expand...
Click to collapse
what do you mean by resetting the device?
Xanth0k1d said:
what do you mean by resetting the device?
Click to expand...
Click to collapse
Specifically as follows: I have tried to update to many different versions (including A and G) through TWRP. But when uploading to a higher version, the Bootloader is locked again and cannot be unlocked after uploading to a higher version "5.6.1.19 daily"
Thank you for your interest in my question.
Frankyvn said:
Specifically as follows: I have tried to update to many different versions (including A and G) through TWRP. But when uploading to a higher version, the Bootloader is locked again and cannot be unlocked after uploading to a higher version "5.6.1.19 daily"
Thank you for your interest in my question.
Click to expand...
Click to collapse
each update.zip contains a "bootloader" file, as I described in the original post, the 5.6.1.19 daily update.zip has a different bootloader file as compared to bootloader files in other zips.
I find it uneasy because there is no way if I can confirm that the 5.6.1.19 daily update.zip is from meizu officially, but I believe that I checked the signature of some sort on the update.zip and concluded that the zip is indeed from meizu and very possibly not modified by a third party.
when you attempt to flash over versions of flyme, the bootloader file inside the zip gets flashed over the unlockable bootloader file, hence your bootloader becomes locked again.
In theory you could replace the bootloader in say an A version with the bootloader from the daily update.zip, and flash it via twrp while disabling signature check of the zip - this is something I believe I did not attempt before.
What would be even better is that someone still holding the meizu pro 5 ubuntu edition to dd the bootloader partition into a bootloader file, and we could compare that bootloader file with the one that is inside the update.zip - in this way we can confirm if the bootloader file that allows the bootloader to be unlocked is indeed from meizu.
Related
I have bricked my phone. It's stucked in a boot loop.
I had an up-to-date, non-rooted, locked XT1524. Since 3G and 4G didn't work on my country, first I tried flashing the modem and baseband from a retail XT1527 stock ROM. The flashing went OK, but 3G and 4G still didn't work (as happened to pablo_cba in this thread).
Then I turned my common sense off and tried flashing the whole XT1527 ROM. I though that since they were stock ROMs I didn't have any need to root the phone (or install TWRP). And since I was flashing the same version I had, I didn't need to unlock the bootloader either. Wrong! The ROM I flashed was version 5.1 (23.29-15), and my current ROM at the moment was 5.0 (22.50-X). Since I haven't unlocked the bootloader, I can't go back to the retail XT1524 stock ROM published here.
I was able to flash gpt.bin and bootloader.img, but things went south on boot.img. Now the bootloader is stuck with the following error:
Code:
version downgraded for boot
failed to validate boot image
Trying to flash boot.img (or system) fails with error:
Code:
hab check failed for boot
Failed to verify hab image boot
Trying to go back to XT1524 ROM fails with:
Code:
version downgraded for aboot
Trying to unlock the bootloader fails with:
Code:
Enable OEM Unlock
Which is obvious because I haven't enabled it on the phone, but it sucks because I can't boot and enable it.
So, here goes my questions:
- What does the "hab check failed" means? Is there any way to bypass it and finish flashing the XT1527 ROM?
- Is there any way to unlock the bootloader without enabling it first on developer settings?
- Is there anything I can do other than waiting that 5.1 gets rolled to XT1524 phones, and that a stock ROM for it gets leaked?
Thanks a lot for your kindly help!
Ah, I know exactly what happened. The good news is that your device is not bricked. The bad news is that you will need to wait a few weeks for the XT1524 5.1 stock images to be released.
The CID is a one byte Motorola specific value that indicates which region your device is for. Boot and system images are signed by Motorola tools that sign for a specific CID. The bootloaders for Motorola phones are signed with qualcomm tools that do not care about CIDs. As a result, you can flash a bootloader meant for a device with a different CID, but you can't flash a boot or system image for a different CID (while bootloader locked).
Since the bootloader is not CID specific, you were able to flash the new bootloader. The new bootloader blows fuses to increment the security version and prevent rollback. It will not allow you to flash an older boot and system image, since they may contain vulnerabilities. Now, the bootloader won't allow you to flash anything except a new 5.1 ROM signed for your CID.
I'd recommend just waiting a few weeks for the signed official 5.1 images for XT1524 to be released.
If you can't wait and are willing to take your phone apart and void the warranty and solder onto stuff, you can circumvent the Factory Reset Protection feature to unlock your bootloader. I don't recommend doing this, but it can be done. You will need to solder onto test points for the flash (that will be located underneath shielding cans). Writing 0x01 to the last byte of the frp partition will enable bootloader unlocking. Once again, I don't recommend doing this, I'm just stating what is possible.
EDIT: It might be worth a try seeing if Motorola will do something under warranty. The challenge will be to explain your problem in a manner that will not make them consider it to have been damaged by you. I don't know what they will think of your issue.
The exact thing happened to me. I think that the 5.1 firmware will arrive soon to your device. I took to my carrier, and they gave a new one in 2 weeks. I think that Motorola won't help you, as you requested the bootloader code.
I have a moto E XT1524 with android 5.0.2, after downloading The upgrade that fixes the problem of WIFI, my phone did not turn over ... is dead ... any ideas to resurrect?The upgrade was installed, but did not start anymore
Looking across surely have a phone with "hardbrick" when I connect the device to the PC, in the device manager appears "QHSUSB_BULK" ...
* I read different subjects and no solution for this.... not?
pablo_cba said:
Looking across surely have a phone with "hardbrick" when I connect the device to the PC, in the device manager appears "QHSUSB_BULK" ...
* I read different subjects and no solution for this.... not?
Click to expand...
Click to collapse
Yep, QHSUSB_BULK means that it failed to load the Motorola bootloader. Your device will need to be blank flashed. I don't think the blankflash files for this device are publicly available.
Was your bootloader unlocked? Had you upgraded then downgraded the stock ROM at some point?
squid2 said:
Yep, QHSUSB_BULK means that it failed to load the Motorola bootloader. Your device will need to be blank flashed. I don't think the blankflash files for this device are publicly available.
Was your bootloader unlocked? Had you upgraded then downgraded the stock ROM at some point?
Click to expand...
Click to collapse
Yes!, I upgraded to the 5.1 and later back to 5.0.2, That is what causes the problem? and the bootloader is unlocked...
Sorry for the ignorance, but what a blankflash? Ican expect those files to be filtered?
Thanks!
Did you upgrade your bootloader when you upgraded to 5.1? What could have happened is that the OTA tried to "upgrade" (downgrade) your bootloader. Motorola does not allow bootloader downgrades. It blows a fuse that prevents rollback when you upgrade your bootloader.
Blank flashing is a procedure to install the bootloader on a phone that doesn't have a (working) bootloader. There are Qualcomm tools that can communicate with the boot rom over the "Download Mode" (QHSUSB-DLOAD and QHSUSB-BULK) interfaces. These Qualcomm tools can be used to re flash the bootloader. These tools require special versions of the bootloader images. These images are called the blank flash images. Motorola uses these images in the factory when initially setting up a new device. Public firmware releases don't contain these files. You will need blank flash files for the 5.1 bootloader. Sometimes these files leak.
squid2 said:
Did you upgrade your bootloader when you upgraded to 5.1? What could have happened is that the OTA tried to "upgrade" (downgrade) your bootloader. Motorola does not allow bootloader downgrades. It blows a fuse that prevents rollback when you upgrade your bootloader.
Blank flashing is a procedure to install the bootloader on a phone that doesn't have a (working) bootloader. There are Qualcomm tools that can communicate with the boot rom over the "Download Mode" (QHSUSB-DLOAD and QHSUSB-BULK) interfaces. These Qualcomm tools can be used to re flash the bootloader. These tools require special versions of the bootloader images. These images are called the blank flash images. Motorola uses these images in the factory when initially setting up a new device. Public firmware releases don't contain these files. You will need blank flash files for the 5.1 bootloader. Sometimes these files leak.
Click to expand...
Click to collapse
Thanks for your answer .... then there is no other possibility to wait for a leak of blankfiles ...:crying:
I have a functioning but not up to date setup:
Apollo Nexus v2.0.1 which is unfortunately in the stock slot of Safestrap v3.75, no other ROM slots and previous FireOS backup leaves screen blank (boots and ADB accessible).
(The backstory to this: some update had gone wrong at the end of last year I this status is all I could manage to get to a functioning state.)
Now I would like to move to unlocked bootloader, TWRP and CM12.1
I tried to unlock the bootloader using the method with cuberHDX posted in other threads but in fastboot after
fastboot -i 0x1949 flash unlock 0xmmssssssss.unlock
I am getting
FAILED (remote: Unlock code is NOT correct)
I don't know what seems to be the problem. After the messy "fixes" from the end of last year I cannot quite remember which was the last version of the FireOS (and hence the bootloader that came along with it) that was installed.
--> Can anyone tell me how to find out the version of the bootloader?
Any other suggestions how to get out of my non-upgradeable situation? Any help greatly appreciated.
scaftogy said:
I have a functioning but not up to date setup:
Apollo Nexus v2.0.1 which is unfortunately in the stock slot of Safestrap v3.75, no other ROM slots and previous FireOS backup leaves screen blank (boots and ADB accessible).
(The backstory to this: some update had gone wrong at the end of last year I this status is all I could manage to get to a functioning state.)
Now I would like to move to unlocked bootloader, TWRP and CM12.1
I tried to unlock the bootloader using the method with cuberHDX posted in other threads but in fastboot after
fastboot -i 0x1949 flash unlock 0xmmssssssss.unlock
I am getting
FAILED (remote: Unlock code is NOT correct)
I don't know what seems to be the problem. After the messy "fixes" from the end of last year I cannot quite remember which was the last version of the FireOS (and hence the bootloader that came along with it) that was installed.
--> Can anyone tell me how to find out the version of the bootloader?
Any other suggestions how to get out of my non-upgradeable situation? Any help greatly appreciated.
Click to expand...
Click to collapse
Unfortunately, there is no reliable method to determine bootloader version. If you are confident in the steps you are taking to unlock the bootloader the your system may have upgraded past 3.2.3.2 which is the last version that contains the vulnerability that the unlock exploit leverages. You could try one of the Safestrap Flashable HDX Stock Images (suggest v3.2.6 for greatest compatibility) in the stock slot but this could result in a brick if everything doesn't line up properly. Not sure it is worth the risk given your device may have other lingering issues from the previous update attempt gone bad. Nexus v2 is still highly functional; you can safely update that to v2.05 and add a few Xposed modules to acheive a near KitKat experience.
OK, I was afraid that there wasn't any way to determine the bootloader version. Thanks for the clear answer.
Given that the state of my kindle HDX is somewhat complicated I agree that trying something like flashing a stock rom seems rather risky. I just needed someone else to confirm that.
I am fairly confident about the steps I took with cuber and the bootloader unlocking procedure (on linux VM which I use regularly). I am also 98% sure I never let FireOS update. Doing a bit more digging, I found that I have kept all files that I used for flashing last year. There are the following (relevant) files in that folder:
update-kindle-14.3.1.0_user_310079820.bin
update-kindle-14.3.2.4_user_324002120.bin
prerooted14.3.1.0.zip
Safestrap-Apollo-3.75-os3.2.4-B02.apk
apollo-nexus-rom-v2.0.1.zip
That leads me to believe that the bootloader should be version .3.2.4
Now I am a bit confused whether the version .3.2.4 should be unlockable. @Davey126, you wrote that the last one was .3.2.3.2. However the original thread by @dpeddi states in first post:
dpeddi said:
- Bootloader shipped with firmwareversion 1[34].3.1.0 <= x <= 1[34].3.2.4 (as we use the rsa bug)
Click to expand...
Click to collapse
Could anyone please confirm which one is actually the last version of the bootloader that can be unlocked?
scaftogy said:
OK, I was afraid that there wasn't any way to determine the bootloader version. Thanks for the clear answer.
Given that the state of my kindle HDX is somewhat complicated I agree that trying something like flashing a stock rom seems rather risky. I just needed someone else to confirm that.
I am fairly confident about the steps I took with cuber and the bootloader unlocking procedure (on linux VM which I use regularly). I am also 98% sure I never let FireOS update. Doing a bit more digging, I found that I have kept all files that I used for flashing last year. There are the following (relevant) files in that folder:
update-kindle-14.3.1.0_user_310079820.bin
update-kindle-14.3.2.4_user_324002120.bin
prerooted14.3.1.0.zip
Safestrap-Apollo-3.75-os3.2.4-B02.apk
apollo-nexus-rom-v2.0.1.zip
That leads me to believe that the bootloader should be version .3.2.4
Now I am a bit confused whether the version .3.2.4 should be unlockable. @Davey126, you wrote that the last one was .3.2.3.2. However the original thread by @dpeddi states in first post:
Could anyone please confirm which one is actually the last version of the bootloader that can be unlocked?
Click to expand...
Click to collapse
You need a version below 3.2.4, i.e. 3.2.3.2 or lower.
But the good news is, if you are on 3.2.4 you can use the rollback image provided by @ggow. Take a look at this thread (page 1 is about 3.2.5/3.2.6 users who can NOT use the rollback images).
Cl4ncy said:
You need a version below 3.2.4, i.e. 3.2.3.2 or lower.
But the good news is, if you are on 3.2.4 you can use the rollback image provided by @ggow. Take a look at this thread (page 1 is about 3.2.5/3.2.6 users who can NOT use the rollback images).
Click to expand...
Click to collapse
I am on @ggow's CM12.1 now! :victory:
Rolled back with this to .3.0.9, upgraded to stock .3.1.0, rooted, unlocked bootloader, flashed TWRP, and finally flashed CM12.1. Thanks so much for the hint to roll back!
To come full circle to the original question: Determining the version of the bootloader is not possible from adb or fastboot. If you don't know which version of the bootloader you have, it can help to try to find out which roms / updates you flashed before. In my case I had a folder on my PC that showed I must have had .3.2.4.
Hello guys,
I've been trying to root this phone since i've bought it, problem is every option i read on the web doesnt work because phone's bootloader is locked, and all methods get to this point when u have to unlock ur phone bootloader but in order to do that u have to get in the phone bootloader wich is locked. So who the hell is giving advices like these i dont know. Problem is that i am motivated to still root it, nothing its impossible.
So i am asking, did anyone from EU, with the EU ROM (full of mallware) MIUI 8, managed to unlock its bootloader and then managed to root it ?! please lets discuss here the options that work and the options that didnt work so we can make it through and solve this problem, everything thats on web at this moment 27-11-2016 doesnt work on the False EU MIUI 8.
Thanks.
CatalinSava said:
Hello guys,
I've been trying to root this phone since i've bought it, problem is every option i read on the web doesnt work because phone's bootloader is locked, and all methods get to this point when u have to unlock ur phone bootloader but in order to do that u have to get in the phone bootloader wich is locked. So who the hell is giving advices like these i dont know. Problem is that i am motivated to still root it, nothing its impossible.
So i am asking you did anyone from EU, with the EU ROM (full of mallware) MIUI 8, managed to unlock its bootloader and then managed to root it ? please lets discuss here the options that work and the options that didnt work so we can make it through and solve this problem, everything thats on web at this moment 27-11-2016 doesnt work on the False EU MIUI 8.
Thanks.
Click to expand...
Click to collapse
Not posibble without unlocked bootloader. Even the pre-rooted China Developer rom needs phone with unlocked bootloader. Good luck with unlocking the bootloader.
EU ROM full of malware?!?! Where did you get that idea? Completely false.
Anyway as said, yes you do need to unlock bootloader. Impossible any other way, because the system has dm-verity (similar to HTC S-On) which prevents modification to /system. So if you can't modify system or boot partition then you can't put Superuser binaries anywhere. Unlocked bootloader allows to put Superuser on boot pertition.
Sent from my Redmi Note 4 using Tapatalk
CosmicDan said:
EU ROM full of malware?!?! Where did you get that idea? Completely false.
Anyway as said, yes you do need to unlock bootloader. Impossible any other way, because the system has dm-verity (similar to HTC S-On) which prevents modification to /system. So if you can't modify system or boot partition then you can't put Superuser binaries anywhere. Unlocked bootloader allows to put Superuser on boot pertition.
Sent from my Redmi Note 4 using Tapatalk
Click to expand...
Click to collapse
Can't we just flash a recovery-that can disable dm-verity using SP Flash and root the phone that way?
I am guessing not because no one has said it works
I'm getting rly impatient because I still havent got my bootloader unlock request approved yet lol
asusm930 said:
Can't we just flash a recovery-that can disable dm-verity using SP Flash and root the phone that way?
I am guessing not because no one has said it works
I'm getting rly impatient because I still havent got my bootloader unlock request approved yet lol
Click to expand...
Click to collapse
No because dm-verity is enabled/set in the kernel (ramdisk on boot partition), and if you modify the boot partition with a locked bootloader then it won't boot
Locked bootloader = prevents boot partition from being tampered with
dm-verity = set in boot partition, prevents system partition from being tampered with
So you simply need to unlock bootloader, there is just no other way to exploit the device (no possible attack vector). The device is very secure, like all Marshmallow devices.
So what is this false EU firmware you speak of? Obviously not the xiaomi.eu one because that requires unlocked bootloader.
You can flash global stable via SP Flash Tool, that's your best bet while waiting for bootloader unlock. If it's taking more than 1 week then you can contact official support or something via en.miui.com forum (its down at the moment for some reason).
CosmicDan said:
No because dm-verity is enabled/set in the kernel (ramdisk on boot partition), and if you modify the boot partition with a locked bootloader then it won't boot
Locked bootloader = prevents boot partition from being tampered with
dm-verity = set in boot partition, prevents system partition from being tampered with
So you simply need to unlock bootloader, there is just no other way to exploit the device (no possible attack vector). The device is very secure, like all Marshmallow devices.
So what is this false EU firmware you speak of? Obviously not the xiaomi.eu one because that requires unlocked bootloader.
You can flash global stable via SP Flash Tool, that's your best bet while waiting for bootloader unlock. If it's taking more than 1 week then you can contact official support or something via en.miui.com forum (its down at the moment for some reason).
Click to expand...
Click to collapse
have you atempted to see what actually happens when a bootloader is unlocked? Like what does the miunlocker do/flash on the phone?
---------- Post added at 05:20 AM ---------- Previous post was at 05:04 AM ----------
CosmicDan said:
No because dm-verity is enabled/set in the kernel (ramdisk on boot partition), and if you modify the boot partition with a locked bootloader then it won't boot
Locked bootloader = prevents boot partition from being tampered with
dm-verity = set in boot partition, prevents system partition from being tampered with
So you simply need to unlock bootloader, there is just no other way to exploit the device (no possible attack vector). The device is very secure, like all Marshmallow devices.
So what is this false EU firmware you speak of? Obviously not the xiaomi.eu one because that requires unlocked bootloader.
You can flash global stable via SP Flash Tool, that's your best bet while waiting for bootloader unlock. If it's taking more than 1 week then you can contact official support or something via en.miui.com forum (its down at the moment for some reason).
Click to expand...
Click to collapse
I'm gonna try to flash a twrp recovery using this guide http://en.miui.com/thread-371349-1-1.html
and replace the recovery file with TWRP. Will report if it works
Yea it doesnt work haha
CosmicDan said:
No because dm-verity is enabled/set in the kernel (ramdisk on boot partition), and if you modify the boot partition with a locked bootloader then it won't boot
Locked bootloader = prevents boot partition from being tampered with
dm-verity = set in boot partition, prevents system partition from being tampered with
So you simply need to unlock bootloader, there is just no other way to exploit the device (no possible attack vector). The device is very secure, like all Marshmallow devices.
So what is this false EU firmware you speak of? Obviously not the xiaomi.eu one because that requires unlocked bootloader.
You can flash global stable via SP Flash Tool, that's your best bet while waiting for bootloader unlock. If it's taking more than 1 week then you can contact official support or something via en.miui.com forum (its down at the moment for some reason).
Click to expand...
Click to collapse
Hey can you upload you miunlock tool folder here? Want to see if the miunlock tool downloaded anything that enabled the bootloader unlock
asusm930 said:
Hey can you upload you miunlock tool folder here? Want to see if the miunlock tool downloaded anything that enabled the bootloader unlock
Click to expand...
Click to collapse
You can download it for free, just search for MiFlash - it's not a secret tool or anything.
Attempting to see what actually happens...? Even if I had the skills to reverse engineer MediaTek security, I wouldn't do it.
You're trying to do such simple things to trick the system but you need to realize that this hardware has been verified by Google themselves as secure and safe enough for Android Pay and SafetyNet and such. It *can not* be easily cracked, accept it.
Replacing recovery.img with TWRP? Seriously? How dumb do you think these companies are? Sorry for being rude but you really are just being silly.
You are wasting your own time, and now mine too... Sorry but I'm going to unsubscribe now because these questions are just getting silly.
Sent from my Redmi Note 4 using Tapatalk
CosmicDan said:
You can download it for free, just search for MiFlash - it's not a secret tool or anything.
Attempting to see what actually happens...? Even if I had the skills to reverse engineer MediaTek security, I wouldn't do it.
You're trying to do such simple things to trick the system but you need to realize that this hardware has been verified by Google themselves as secure and safe enough for Android Pay and SafetyNet and such. It *can not* be easily cracked, accept it.
Replacing recovery.img with TWRP? Seriously? How dumb do you think these companies are? Sorry for being rude but you really are just being silly.
You are wasting your own time, and now mine too... Sorry but I'm going to unsubscribe now because these questions are just getting silly.
Sent from my Redmi Note 4 using Tapatalk
Click to expand...
Click to collapse
Man, I did not know that xiaomi actually put that much effort on making their mediatek phones actually google levels of secure.
Was always under the impression that they sorta skimped out on their mediatek lines (as they had before).
Now I'll just not try to unlock it unofficially lol
asusm930 said:
Man, I did not know that xiaomi actually put that much effort on making their mediatek phones actually google levels of secure.
Was always under the impression that they sorta skimped out on their mediatek lines (as they had before).
Now I'll just not try to unlock it unofficially lol
Click to expand...
Click to collapse
They had before sure, but in the recent year or so (since they started actually locking bootloaders) things changed - they want to target international market too.
Only reason the devices are not sold globally is because of some Mediatek patent/legal battle or something, not too sure (it's literally the only reason why they have snapdragon "pro" versions). But the device has a global firmware sold in Taiwan and some other places, and it is Google CTS certified (preinstalled with Google Play) and, since it's Marshmallow, requires all kinds of Google-approved security measures these days, which a lot of countries need legally too, so yeah.
Glad you understand. I read that if it takes too long to get unlock code, you should try/already be flashed on China dev ROM - so do that if you have not already.
Have you tried the unlocking link on this link? http://xiaomi-mi.com/redmi-note-4/
I have access to an engineering bootloader for the Tmo Note8 and I would like to know how to test if it is unlocked.
Is there a specific process to determine if the bootloader is locked? Are there steps to permanently unlock the bootloader from an engineering bootloader?
I've searched all the Note8 forums and haven't found any answers.
Sent from my SM-G892U using Tapatalk
reukiodo said:
I have access to an engineering bootloader for the Tmo Note8 and I would like to know how to test if it is unlocked.
Is there a specific process to determine if the bootloader is locked? Are there steps to permanently unlock the bootloader from an engineering bootloader?
I've searched all the Note8 forums and haven't found any answers.
Click to expand...
Click to collapse
Flashing it and then checking if you can unlock it would be how to go about it. Except you can't flash unsigned images without unlocking so it's a catch 22 really. And it may just brick your phone even if you flashed it successfully. No way of knowing if that bootloader will even boot your device or play nice with the other partitions.
Gizmoe said:
Flashing it and then checking if you can unlock it would be how to go about it. Except you can't flash unsigned images without unlocking so it's a catch 22 really. And it may just brick your phone even if you flashed it successfully. No way of knowing if that bootloader will even boot your device or play nice with the other partitions.
Click to expand...
Click to collapse
The eng bootloader is signed, so there is no problem flashing the eng bootloader. I just do not know how to test if it is unlocked, as I can't find a recovery image to flash, and I do not know how to create one myself.
Sent from my SM-G892U using Tapatalk
reukiodo said:
The eng bootloader is signed, so there is no problem flashing the eng bootloader. I just do not know how to test if it is unlocked, as I can't find a recovery image to flash, and I do not know how to create one myself.
Sent from my SM-G892U using Tapatalk
Click to expand...
Click to collapse
probably just the combo files that are used for samfail imo. if you want to upload and have me check them lmk but more then likely all you have is the combo firmware we have been using since day one
Team DevDigitel said:
probably just the combo files that are used for samfail imo. if you want to upload and have me check them lmk but more then likely all you have is the combo firmware we have been using since day one
Click to expand...
Click to collapse
https://drive.google.com/file/d/1PIVZs-uB8kKb9YbY_fAcYJCGIfdb27W5/view?usp=drivesdk
This might only work on the T-Mobile version.
reukiodo said:
https://drive.google.com/file/d/1PIVZs-uB8kKb9YbY_fAcYJCGIfdb27W5/view?uk
This might only work on the T-Mobile version.
Click to expand...
Click to collapse
Do you have the boot.img that matches this?
Unable to check the rest without as it won't boot the combo img.
Yes it is a eng img.
We are on multi csc devices so all are same for flashing sake, as long as it's not the exynos.
Please remove the public link and we can move to pm/telegram and speak further
Team DevDigitel said:
Do you have the boot.img that matches this?
Unable to check the rest without as it won't boot the combo img.
Yes it is a eng img.
We are on multi csc devices so all are same for flashing sake, as long as it's not the exynos.
Please remove the public link and we can move to pm/telegram and speak further
Click to expand...
Click to collapse
I disabled the link, though not sure why I should? I haven't gotten telegram yet. I just want to know if it is unlocked for flashing custom recovery such as TWRP.
reukiodo said:
I disabled the link, though not sure why I should? I haven't gotten telegram yet. I just want to know if it is unlocked for flashing custom recovery such as TWRP.
Click to expand...
Click to collapse
No one has compiled twrp for snapdragon because we dont have a unlocked bl. Removing link is primarily to avoid people flashing this or reposting it with incorrect info and causing confusion.
If I can get the boot.img as well that is compiled for this bootloader I can get a running system and see if it can be unlocked. Otherwise without it there's no way to determine some of the important factors here. Just flashing against device to test is quite risky.
The bl is compatible with all snapdragon and does install correctly but it won't boot with the combo imgs we use for samfail or a stock img.
Link is still active fyi and I've sent you a pm with telegram info. It's a group for us and a few other devs that can work with us to get things sorted.
I used the engineering bootloader with Odin, after it flashed showed it as an eng boot loader not user, says Samsung official and is still locked. I booted with a binary .img booted and oem option from the settings was there, showed the same unlocked img on boot as samfail also. But I didn't do much other than check those things. I tried to load samfail system but it didn't load I figured as much seeing samfail boot.img is user-test not user-release and has custom binary but I don't know that much
I am wondering if we don't have to leave the eng boot loader on and oem toggled for a week like exyos versions before we can flash custom binary
DroidisLINUX said:
I used the engineering bootloader with Odin, after it flashed showed it as an eng boot loader not user, says Samsung official and is still locked. I booted with a binary .img booted and oem option from the settings was there, showed the same unlocked img on boot as samfail also. But I didn't do much other than check those things. I tried to load samfail system but it didn't load I figured as much seeing samfail boot.img is user-test not user-release and has custom binary but I don't know that much
I am wondering if we don't have to leave the eng boot loader on and oem toggled for a week like exyos versions before we can flash custom binary
Click to expand...
Click to collapse
I'm wondering if after flashing this engineering bootloader we can root phone just by simply using command prompt and sideloading root files. Any ideas? I don't know enough to do this.
Sent from my [device_name] using XDA-Developers Legacy app
Eudeferrer said:
I'm wondering if after flashing this engineering bootloader we can root phone just by simply using command prompt and sideloading root files. Any ideas? I don't know enough to do this.
Click to expand...
Click to collapse
I don't believe so, until we can get it unlocked, when in download mode it says the boot loader is still locked and says system secure in red and official binaries but if we can get the boot loader to say unlocked then I believe it will probably be possible. At least it says eng boot loader and tells us it's locked and that means it can be unlocked it's just a matter of time until someone gets it unlocked now
I am glad I haven't updated to boot loader 3 now, this is bootloader 2 so if you go to oreo you won't be able to use this when and if it's unlocked
DroidisLINUX said:
I don't believe so, until we can get it unlocked, when in download mode it says the boot loader is still locked and says system secure in red and official binaries but if we can get the boot loader to say unlocked then I believe it will probably be possible. At least it says eng boot loader and tells us it's locked and that means it can be unlocked it's just a matter of time until someone gets it unlocked now
I am glad I haven't updated to boot loader 3 now, this is bootloader 2 so if you go to oreo you won't be able to use this when and if it's unlocked
Click to expand...
Click to collapse
Has anyone tried the same procedure/comands used to unlock the Pixel XL? Would they even work I this phone if it had this eng bootloader? I wish I knew enough about this stuff to try it out or even know if it would work.
Sent from my [device_name] using XDA-Developers Legacy app
DroidisLINUX said:
I used the engineering bootloader with Odin, after it flashed showed it as an eng boot loader not user, says Samsung official and is still locked. I booted with a binary .img booted and oem option from the settings was there, showed the same unlocked img on boot as samfail also. But I didn't do much other than check those things. I tried to load samfail system but it didn't load I figured as much seeing samfail boot.img is user-test not user-release and has custom binary but I don't know that much
I am wondering if we don't have to leave the eng boot loader on and oem toggled for a week like exyos versions before we can flash custom binary
Click to expand...
Click to collapse
you could test,
but if you look under the info on the boot up screen, secure boot is still set to : enabled
IE: each and every boot it checks for a modified boot.img and if found it fails secure check.
I never tested the oem unlock options etc, or waiting any time frame, just mostly seeing what we could use with it.
The phone wont boot a modified system as well. has to be unrooted stock system + stock boot.img to boot with the eng bootloader.
Unfortunately i havent heard anything back, was hoping we could get the boot.img that is ENG so we can boot the entire setup and go.