Related
Hi. I just purchased the new flex 11 from BB NS-P11A100. It appears to have the exact same processor, chip, and GPU as another tablet I have used before. The Lenovo Tab3 8. The only difference I can see is the emmc size (Lenovo 16Gb & Insignia 32Gb respectively) and the screen sizes. The processor is the same however limited to 1Ghz on the Lenovo whereas I believe the 1.3Ghz is the base CPU speed (I think the European version of the Lenovo came with a 1.3Ghz speed). So out of curiosity would the finished Lenovo's TWRP recovery work on the Insignia? Just a thought. Also, in case of brick could you use the Lenovo's firmware to flash it (after modding the scatter file of course). I'm just a noob to development but have no problem getting my hands dirty (I have 2 Lenovo's both broken but modified heavily) It's good to see another tablet with the 64bit processor setup. Makes it so the 1Gb of RAM don't look so bad. Thanks in advance for any info provided.
i'm guessing this hasn't peaked interest yet? i just got this bad boy root would be awesome
So did any of you who have this tablet figure anything out?
I was walking down the street with my tablet and accidentally stumbled into fastboot. Stay tuned
Fastboot Achieved Need Custom Recovery
IDontKnowMang said:
I was walking down the street with my tablet and accidentally stumbled into fastboot. Stay tuned
Click to expand...
Click to collapse
Ya I was able to unlock the bootloader using the Fastboot Oem Unlock comand. I just havent gotten up the courage to try the twrp recovery I have that I used for my Lenovo. Seeing as i also cannot find a download to get the stock firmware or flash file to fix it if I encounter any bricks... If someone can rewrite the twrp for the lenovo tab3 8 to use the insignia's model number it should work seeing as they both use the same board and chipset. Any ideas from anyone?
Tofor said:
Ya I was able to unlock the bootloader using the Fastboot Oem Unlock comand. I just havent gotten up the courage to try the twrp recovery I have that I used for my Lenovo. Seeing as i also cannot find a download to get the stock firmware or flash file to fix it if I encounter any bricks... If someone can rewrite the twrp for the lenovo tab3 8 to use the insignia's model number it should work seeing as they both use the same board and chipset. Any ideas from anyone?
Click to expand...
Click to collapse
link me up ill give it a shot
Anyone know how to get this thing in download mode? As soon as i get a boot.img i can build us twrp
Any progress on this yet?
any progress, this tablet makes me want to just blow it up. any ideas on rooting it?
Ok. I apologize for not being too active on this... Before when I tried to boot to the twrp recovery that belonged to the Lenovo Tab 4 8 (fastboot boot recovery twrp.img) it would always tell me there was no file by that name. The same thing happened to me when I attempted a different twrp than what was for my new Lenovo Tab 4 10. I found out that the bootloader simply does not allow the ability to boot to twrp. I got balsy and attempted to flash my new Lenovo (fastboot flash recovery tewp.img) instead of trying to boot to it. It worked. However would not boot to recovery but back to fastboot, and when I attempted a regular boot to the OS it replaced the bad twrp with the stock recovery. Tried maybe 5 diff twrp recoveries and it always fixed it. I haven't tried this with the insignia flexx 11 yet and I still have it up and going strong on stock. Maybey it will work and we can have twrp and root on the insignia. BTW. Has anyone seen or found a stock firmware for this device yet? Twrp would be cake it I can get a stock boot and recovery from it.
Alguien puede decirme si es posible hacer algo con las licencias estas?modificarla para root?o solo es una simple info?
Tofor said:
Hi. I just purchased the new flex 11 from BB NS-P11A100. It appears to have the exact same processor, chip, and GPU as another tablet I have used before. The Lenovo Tab3 8. The only difference I can see is the emmc size (Lenovo 16Gb & Insignia 32Gb respectively) and the screen sizes. The processor is the same however limited to 1Ghz on the Lenovo whereas I believe the 1.3Ghz is the base CPU speed (I think the European version of the Lenovo came with a 1.3Ghz speed). So out of curiosity would the finished Lenovo's TWRP recovery work on the Insignia? Just a thought. Also, in case of brick could you use the Lenovo's firmware to flash it (after modding the scatter file of course). I'm just a noob to development but have no problem getting my hands dirty (I have 2 Lenovo's both broken but modified heavily) It's good to see another tablet with the 64bit processor setup. Makes it so the 1Gb of RAM doesn't look so bad. Thanks in advance for any info provided.
Click to expand...
Click to collapse
I have a temporary solution till I find a better way magisk 7.1 and MTK easy root I'm going to assume you have android nugat like mine and it has mtk processor like mine. Anyway you can find both of those downloads here on this site under apps if not let me know
First install mtk easy root then install magisk go back to easy root and install the app or manager what ever it prompts you to do then go to magisk it will prompt you for extra set up then reboot and go to mtk easy root click the boot button on the bottom of the screen after root success go to magisk and set it up poof you have root it takes a minute for mtk to root on its own so I hit the button instead of waiting but it
works till i can really root it
IDontKnowMang said:
Anyone know how to get this thing in download mode? As soon as i get a boot.img i can build us twrp
Click to expand...
Click to collapse
Tofor said:
Fastboot Achieved Need Custom Recovery
Ya I was able to unlock the bootloader using the Fastboot Oem Unlock comand. I just havent gotten up the courage to try the twrp recovery I have that I used for my Lenovo. Seeing as i also cannot find a download to get the stock firmware or flash file to fix it if I encounter any bricks... If someone can rewrite the twrp for the lenovo tab3 8 to use the insignia's model number it should work seeing as they both use the same board and chipset. Any ideas from anyone?
Click to expand...
Click to collapse
If you want to put that thing in download mode it power and volume down then you need a phone handy to translate the Chinese think it's the 3rd one down but I forgot I just use mtk fast root and majisk it works great on mine!
I am looking for a twrp for this tho any suggestions would be awesome!
MT8163__Insignia__NS-P10A8100__mid1023_ma__7.0__alps-mp-n0.mp102-V1.6_hcn8163.tb.wvl1.n_P14
MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.
www.mediafire.com
I finally found stock firmware
If I insert an SD card, I'm given a dialog box asking to confirm the switch between storage location from internal RAM to SD card, opening up all sorts of access. It gives me a full screen dialog that seems to bypass all of its walled in protections. With a Chrome apk on the SD card I can install it, run it, and download anything.
IDontKnowMang said:
Anyone know how to get this thing in download mode? As soon as i get a boot.img i can build us twrp
Click to expand...
Click to collapse
<Raising my hand> I do. Please see my previous answer.
Power and volume down
I might have found a quick and dirty Method to Port TWRP to the newest 7.2 shield experience. It's not guaranteed, but it's a chance im going to try. But as I didn't upgraded my own shield yet, I need some files from someone who has rooted his shield already.
1. Is an recovery.img
2. The build.prop
If I can get hands on these files I might be able to bring up a testing version asap
Enough. Seriously.....
Keep it clean, and on-topic... The rules are there for a reason. Don't remember them? HERE you go.
Adromir said:
I might have found a quick and dirty Method to Port TWRP to the newest 7.2 shield experience. It's not guaranteed, but it's a chance im going to try. But as I didn't upgraded my own shield yet, I need some files from someone who has rooted his shield already.
1. Is an recovery.img
2. The build.prop
If I can get hands on these files I might be able to bring up a testing version asap
Click to expand...
Click to collapse
If you want the files
Then can you please update your Sheild tv to the latest firmware for us 7.2.2
An back up the recovery.img
An back up your build.prob
Because I can't help you! I refuse!
Thx again have a great day
i hope you can port the twrp to nvidia sheild tv thx
Foster_e (Shield TV 2015 16GB) - 7.2.2 (30.7.130.7)
recovery.img + build.prop
https://drive.google.com/open?id=18E_u8as1E9dstmRtRwPb97hALdmsrdsc
The recovery is dumped directly from
Code:
/dev/block/platform/sdhci-tegra.3/by-name/SOS -> /dev/block/mmcblk0p16
No offense but quick and dirty does not do it on the new kernel.
You can port as much as you like and it might work for the older models but certainly not for the 2017 model.
And if you have no clue how to get the required files by simply exctracting the firmware files that you can download then I wonder how you will be able to actually modify the recovery image.
People with quite some experience tried and failed, so unless you compile TWRP from source he proper way it won't work (at least not on the 2017).
And even if compiled correctly there is no garantee it will be usable with the secure boot restrictions still in place.
You need a fully rooted device to fully use TWRP and you can not root the 7.2 in the simple way anymore.
Fully rooted the normal TWRP will work just fine.
Downunder35m said:
No offense but quick and dirty does not do it on the new kernel.
You can port as much as you like and it might work for the older models but certainly not for the 2017 model.
And if you have no clue how to get the required files by simply exctracting the firmware files that you can download then I wonder how you will be able to actually modify the recovery image.
People with quite some experience tried and failed, so unless you compile TWRP from source he proper way it won't work (at least not on the 2017).
And even if compiled correctly there is no garantee it will be usable with the secure boot restrictions still in place.
You need a fully rooted device to fully use TWRP and you can not root the 7.2 in the simple way anymore.
Fully rooted the normal TWRP will work just fine.
Click to expand...
Click to collapse
So if I understand you correctly the only way that a recent version of TWRP would work on 7.21 and above are if you have a "rooted" developer image? I have stayed with 7.1 (rooted with a flashed TWRP recovery) My expectation is that Ill stay with it until a stable version is released.
Odd thing is every OTA notification I get refuses to install. It just boots to TWRP without updating. I even opted in for the 7.2.2 beta updates and the shield refuses to update. Kinda thankful as others seem to have so many issues, just not worth it until 7.3 is released perhaps?
Any decent update is worth applying.
But if you ask if it is worth it for those really needing full root access then the answer is no.
The cummunity behind the shield might not be as big as behing Samsung devices but I am sure something will be figured out sooner or later.
@Downunder35m : As I mentioned in a deleted Post, I know how to get these Files from the recovery images. But they are Still 7.2.1 and as 7.2.2 already I didn't see a point in starting with already Outdated Files.
What kind of Things have you been trying already? My Approach was, that maybe TWRP hangs itself, because it can't find the Vendor and system Partition. After unpacking the recovery.img i found out, that the partitions still get mounted, but not over over the fstab anymore but single commands in some init scripts. So my Idea was to patch the kernel of the recovery image with a proper fstab and then use that to build a twrp around it, with the modified boot image. But sadly the resulting TWRP exceeded the Partitionsize. But i didn't set up the Source Tree to compile correctly, because I assumed that with such a breaking approach nvidia did at least moved onward to Android 8.1 ..
A real life job sadly limits my time far more than what I would like.
So maybe my failures are of use to you...
Lets start with the basics:
(All for the 2017 model!)
Firstly, the bootloader has changed and now enforces basically everything Google has on offer.
This means you can not just boot into a custom recovery because the bootloader does not accept it as genuine.
Lets say you get around this problem by, dor example, compiling TWRP from source and with the not yet realesed NVidia 7.2 sources.
There might be other ways but right now I think we can't get around compiling it from scratch.
Once you are able to somehow properly boot into TWRP there is more problems:
A lot if not all special rights and permissions are now handled almost exclusively by the DTB, or to be precise the DTS, which is compiled during boot.
By default TWRP does not make any use of the DTB but instead relies only on the FSTAB configuration.
And since TWRP is not an authorised service, task or app the bootloader won't provide the required rights.
The system partition stays invisible, the vendor part locked and since TWRP is required to copy or store at least some things somewhere this is detected as a possible intrusion.
As that the bootloader now marks the entire system as compromised - the dreaded corrupted system message appears and the system fails to boot.
You could tweak the init files, get the complete FSTAB info from the plat - and nonplat_file_contexts and even fiddle with the rest.
Then you get this happy feeling of a booting TWRP, pull a backup and think all is fine.
That it until you try to reboot and nothing works anymore.
The backup is useless as firstly you can not write it back and secondly it will be encrypted or otherwise corrupt.
To be able to use TWRP ADBD must be able to run in root mode, this is not possible by default on a user or release build, which NVidia now provides as a "developer" firmware.
A bootloader set to enforce all SeLinux and DM-Verity funtions will not allow any vital modifications to any vital part of the system.
In theory you must first at least free the bootloader (we can not do that) or destroy the safety, like by using a modified DTB.
Then you must make sure that you modifiy the prop files so full ADB and ADBD rights are available where they are needed.
After that TRWP will run just fine but it creates a cricle that first needs to be broken somehow
No root rights means no TWRP, no TWRP means no mods to the system.
Magisk currently fails to help us as it does not make use of DTB features at this stage.
And if you ask me then messing with the DTB can backfire badly.
Unlike normal firmwares we won't get a DTB partition included in the boot image or kernel image.
So once the dTB is stuffed too much it will be hard to impossible to install a genuine or custom firmware.
Once Pie comes out this will be worse.
Here the DTB too will be protected and generated/checked during boot.
Unless NVidia wakes up and removes these restrictions from the developer firmwares we will be locked out until someone finds a way to restore full root rights.
Right now I am hopin they will still release the full sources one day.
With a massive effors one could then just compile a normal userdebug firmware and all is fine once more.
Any luck yet? I upgraded one of my Shield TV to 7.2.2 from 7.2.1 dev root and want to install Magisk....
Thanks!
Here you go TWRP recovery for Shield TV 2017 running 7.2.3
UPDATE: Boots but not working correctly so removed links
leezaal said:
Here you go TWRP recovery for Shield TV 2017 running 7.2.3
https://www.androidfilehost.com/?fid=6006931924117905072
---------- Post added at 07:06 PM ---------- Previous post was at 07:05 PM ----------
Here you go TWRP recovery for Shield TV 2017 running 7.2.3
https://www.androidfilehost.com/?fid=6006931924117905072
Click to expand...
Click to collapse
Every time i open recovery it works, but after trying to reboot it bootloops at nvidia. I flash-all and it works again until i enter recovery (then botloops again on reboot). Am i missing something? (shield 2017 7.2.3 dev edition)
Here's twrp 3.3.1-0 for Shield TV. It seems to work properly on my shield pro running 7.2.3, I was able to flash magisk with it, but I don't have the 2017 model to test on. Please let me know how it works and report any errors in as detailed a manner as possible. As ever, this is experimental and you flash at your own risk :good:
https://drive.google.com/file/d/1BCfXg9pUpFm_3sPXp_nEwBlkNU9nelkg/view?usp=sharing
rootfan said:
Here's twrp 3.3.1-0 for Shield TV. It seems to work properly on my shield pro running 7.2.3, I was able to flash magisk with it, but I don't have the 2017 model to test on. Please let me know how it works and report any errors in as detailed a manner as possible. As ever, this is experimental and you flash at your own risk :good:
https://drive.google.com/file/d/1REnehReTaA5BamUBDe8XmBMyZG6zQkFB/view?usp=sharing
Click to expand...
Click to collapse
there is always the bug for 4k screen display?
rootfan said:
Here's twrp 3.3.1-0 for Shield TV. It seems to work properly on my shield pro running 7.2.3, I was able to flash magisk with it, but I don't have the 2017 model to test on. Please let me know how it works and report any errors in as detailed a manner as possible. As ever, this is experimental and you flash at your own risk :good:
https://drive.google.com/file/d/1REnehReTaA5BamUBDe8XmBMyZG6zQkFB/view?usp=sharing
Click to expand...
Click to collapse
Many thanks i renamed this to recovery.img and renamed magisk boot img to boot.img reflashed both as part of the whole 7.2.3 dev OS shield tv 2017 image.
booted into TWRP via adb from my pc it loads up fine on my LG 43" 4k tv no problem rebooted and got back into 7.2.3 also without any issues
UPDATE: TWRP will not let me wipe system / data or anything else or mount any partitions in order to wipe before trying to install anything making this sadly kinda useless right now
twrp seems complicated to be functional lately, the same on my mi max 3, but orange Fox might be better on Shield
leezaal said:
UPDATE: TWRP will not let me wipe system / data or anything else or mount any partitions in order to wipe before trying to install anything making this sadly kinda useless right now
Click to expand...
Click to collapse
Well that makes sense because I was overwriting the emmc fstab with the sata one. I've updated my original post with a link to a new twrp that should have this problem fixed. If you're still having issues please click on the menu button to the right of the home button in twrp and tell me what the log says. Do this when first booting into twrp before doing anything else. It should say something like the following with no mounting complaints if everything is working right.
Shield Debug: Hardware variant is darcy
Shield Debug: Using emmc fstab
Shield Debug: Found required fstab
rootfan said:
Well that makes sense because I was overwriting the emmc fstab with the sata one. I've updated my original post with a link to a new twrp that should have this problem fixed. If you're still having issues please click on the menu button to the right of the home button in twrp and tell me what the log says. Do this when first booting into twrp before doing anything else. It should say something like the following with no mounting complaints if everything is working right.
Shield Debug: Hardware variant is darcy
Shield Debug: Using emmc fstab
Shield Debug: Found required fstab
Click to expand...
Click to collapse
Thanks for the great feedback will DL the updated TWRP and give it a go will report back shortly
UPDATE: 100% working ! Amazing work all partitions mount etc no problem FULLY working TWRP on my 4k TV too
I see that there's some activity previously for various Blackview phones, Is it too much to hope for that someone will be able to do something for this phone?
Hi, I own one Blackview BV9900 (no Pro) and managed to do some work on it. Pro version has pretty the same hardware, so it should work on it too:
- root works with no problems with Magisk (just download stock boot.img, update it with MagiskManager app and flash),
- I've also managed to build working TWRP recovery ROM and I think I'll try to push it to twrp repositories when find some time.
Where am I to find the stock boot.img?
rollerce said:
Where am I to find the stock boot.img?
Click to expand...
Click to collapse
I found stock firmware officially shared on Blackview forum: http://bbs.blackview.hk/viewtopic.php?f=291&t=532819
Izzat going to work for the pro?
Can't say. Manufacturer haven't published firmware for pro version yet. It is likely to work since the hardware is similar to non-pro, but I've tested in only on non-pro version and it works.
It'll throw an error of it's not compatible, though?
Unfortunately it is not that simple. Even if it's not compatible it usually flashes successfully anyway and problems begin with boot from such partition (boot-loop etc.) and then you will need original ROM (or another compatible) to make device usable again.
Maybe try to ask on this Blackview forum if this non-pro images are compatible with pro version. I think there is huge chance for that.
Issues
Hey,
Have the BV9900 using Verizon. Since the 1st day using the phone I'm unable to receive calls from iPhones. Went to Verizon to see if they had a setting I missed. Nope. Had them dial my number from their iPhones and they all failed to connect. I can call out to iPhones. Contacted BV and was told to save an file and send it to them, which I did and the reply was no problem found.
They just pushed out an update, which after downloaded I now have an issue making ANY calls out. Sometimes it will connect for a few seconds and then fail. The only way to make a call now is be disabling the LTE Enhanced setting under Network. The side effect of doing that is nothing else works. No texts, news, anything!
I now see that someone else is also having the same issue.
This BV9900 replaced a BV9500 (the brick) and has zero issues with that phone. Yes its a different version of andriod, but still was able to receive and place any calls to anyone. I took the SIM out of the 9900 and put it in the 9500 and everything worked.
Not sure what to do as BV does not have an answer or appear to even care.
Thanks
Hi, finally managed to share my rooted boot and custom recovery images. Both have been successfully flashed into my BV9900 and worked fine. Maybe this can be useful to someone.
Recovery image with Twrp:
https://www.androidfilehost.com/?w=files&flid=313541
Boot image patched with Magisk (also you need to install MagiskManager app to manage root access in the system):
https://www.androidfilehost.com/?w=files&flid=313543
Can you assist me? When I restart into bootloader menu I get the annoying noise windows makes when you unplug something from USB, and the device manager window flashes. Fastboot devices returns with nothing even when phone is in fast boot mode.... GAH
I'm having the same problem with connecting in fastboot mode as well.
I'm using Ubuntu and didn't have any problems with connecting device via USB. Maybe try to install latest USB drivers (https://www.getdroidtips.com/download-blackview-bv9900-usb-drivers/) or run Ubuntu live (or install) and access device from it - it's really easy.
dzert127 said:
I'm using Ubuntu and didn't have any problems with connecting device via USB. Maybe try to install latest USB drivers (https://www.getdroidtips.com/download-blackview-bv9900-usb-drivers/) or run Ubuntu live (or install) and access device from it - it's really easy.
Click to expand...
Click to collapse
This is honestly a completely useless answer. "Just use ubuntu" is not helpful.
As far as drivers, I've tried so many different options to no effect.
dzert127 said:
Hi, I own one Blackview BV9900 (no Pro) and managed to do some work on it. Pro version has pretty the same hardware, so it should work on it too:
- root works with no problems with Magisk (just download stock boot.img, update it with MagiskManager app and flash),
- I've also managed to build working TWRP recovery ROM and I think I'll try to push it to twrp repositories when find some time.
Click to expand...
Click to collapse
I tried this before I saw this thread with the 9900 pro. The checksum or something doesn't add up with the flashed magisk edited boot.img and puts it in a boot loop.. I had to reflash the original boot.img. no root on my pro yet. Original IMG is 30ish megabytes and the patched one is 10mb. An I doing something wrong?
[Edit] I forgot to unlock bootloader. Did it with fastboot. The magisk edited boot.img flashed. Now that I have basic proof of rootability, I'll probably flash SuperSU instead.
Root for the BV9900 Pro?
pbsavages said:
I tried this before I saw this thread with the 9900 pro. The checksum or something doesn't add up with the flashed magisk edited boot.img and puts it in a boot loop.. I had to reflash the original boot.img. no root on my pro yet. Original IMG is 30ish megabytes and the patched one is 10mb. An I doing something wrong?
[Edit] I forgot to unlock bootloader. Did it with fastboot. The magisk edited boot.img flashed. Now that I have basic proof of rootability, I'll probably flash SuperSU instead.
Click to expand...
Click to collapse
So Im confused. Did this method work for you in the BV9900 Pro or not?
mattchapa said:
So Im confused. Did this method work for you in the BV9900 Pro or not?
Click to expand...
Click to collapse
The magisk root method works with the patched boot.img, though it is a systemless root only. I couldn't get a custom recovery to work yet but haven't look at it in a couple weeks. I was waiting for more people to get this device for it to gain momentum.
Thank you. I'll give it a go then.
I have the BV9900 PRO too and would love to get installed LineageOS GSI on it. Tried the unofficial TWRP 331 on my BV9900pro without success - boot loop. It looks like that the PRO is more different compared to the BV9900.
unofficialtwrp.com/blackview-bv9900-twrp-3-3-1-root/
still no successful Root/Recovery possible?
Can anyone help me to get TWRP recovery installed on the Blackview BV9900Pro, please ? Can't find a working TWRP for the Pro.
As written above, the version for the (non Pro) BV9900 doesn't work.
Thanks for any help!
Hi,
So, I bought an OTT X96 mini. Existing stock ROM crashes so often and goes to freezing and bootloops time to time (seems to coincide with when I sign into Google).
I like to try the ATV Experience. I used to flash custom ROMs often in early days on my phone.
The installation guide on the ATV Experience thread seems simple enough but I cannot find information on below,
1) How to connect device to PC if I brick it?
2) How to confirm if the ROM is compatible with my device? (I know it has S905w but what about the board?)
3) How to backup existing recovery and system (full ROM) before updating?
4) Did anyone experience similar stability issues or do I have a faulty unit?
nibras_reeza said:
Hi,
So, I bought an OTT X96 mini. Existing stock ROM crashes so often and goes to freezing and bootloops time to time (seems to coincide with when I sign into Google).
I like to try the ATV Experience. I used to flash custom ROMs often in early days on my phone.
The installation guide on the ATV Experience thread seems simple enough but I cannot find information on below,
1) How to connect device to PC if I brick it?
2) How to confirm if the ROM is compatible with my device? (I know it has S905w but what about the board?)
3) How to backup existing recovery and system (full ROM) before updating?
4) Did anyone experience similar stability issues or do I have a faulty unit?
Click to expand...
Click to collapse
1, usally just be flashing another firmware with USB burning tool, unless it gets properly bricked, then your option would be to short the NAND on the board to put it into flash mode, may also be a way using serial cable but im not too sure
2, Trial & Error, a lot of the time it will fail at 2% if you have firmware that is not right at all, if you have root you could extract the build prop and see what reference board it is based on (probably p281), so i would start by looking for a "universal p281 ROM thats supports ddr3&4 and should boot on most s905w devices, good place to start
3, im not sure, think it has to do with nanodroid backup usin a custom recovery but i personally just neverbacked up, probably a way to backup using ADB as well?
4, i dont have that device personally but it sounds like poor firmware, all these boxes are notorious for it, if you get atvXperience running well let me know as a would like to port my own rom to s905w devices
Only should work on Android 10 based ROMs
External wifi adapters need custom kernel compiling
I've suffered to get the Kali Nethunter working on custom ROMs
U need free storage available (not sure cuz I've formated data then installed and it's been a while but ig not less than 15 gbytes)
Here are the steps :
1.download the file from offensive security website
(Not sure if external links are allowed but here it is ) : https://www.offensive-security.com/kali-linux-nethunter-download/
(Just look for miui davinci file)
2.Download it and extract on whatever device u want the copy the extracted folder to the roo of the storage (of course not the "/" folder the "storage/emulated/0" one
3. Go into extractedFolder/data/app/
And make sure every app there is installed especially the nethunter.apk
4.copy the "kalifs-arm64-full.tar.xz" file to the root
"storage/emulated/0"
5.Open the Nethunter app and go into chroot manager and install chroot
5.Browse for the file location which you copied into the root "storage/emulated/0" and it will start installing it will take up too 10 to 15 minutes
6.You are done now but HID attacks aren't working
7.Go to USB arsenal and change "reset" into anything that has " hid" untill you see a successful toast message then save config to database
Done.
If it helped you hit the thanks button (your choice)
I'll be available asap if anyone has a question
how about monitor mode on wifi dongle? have you tested it?
yaro666 said:
how about monitor mode on wifi dongle? have you tested it?
Click to expand...
Click to collapse
Monitor mode works by default using the internal card
For external I don't have one to test it now
But I am sure it will work as long as it has a supported chip
batman957 said:
I've suffered to get the Kali Nethunter working on custom ROMs
U need free storage available (not sure cuz I've formated data then installed and it's been a while but ig not less than 15 gbytes)
Here are the steps :
1.download the file from offensive security website
(Not sure if external links are allowed but here it is ) :
(Just look for miui davinci file)
2.Download it and extract on whatever device u want the copy the extracted folder to the roo of the storage (of course not the "/" folder the "storage/emulated/0" one
3. Go into extractedFolder/data/app/
And make sure every app there is installed especially the nethunter.apk
4.copy the "kalifs-arm64-full.tar.xz" file to the root
"storage/emulated/0"
5.Open the Nethunter app and go into chroot manager and install chroot
5.Browse for the file location which you copied into the root "storage/emulated/0" and it will start installing it will take up too 10 to 15 minutes
6.You are done now but HID attacks aren't working
7.Go to USB arsenal and change "reset" into anything that has " hid" untill you see a successful toast message then save config to database
Done.
If it helped you hit the thanks button (your choice)
I'll be available asap if anyone has a question
Click to expand...
Click to collapse
i have a mi 9t with unlocked bootloader twrp also rooted using magisk, i flashed my nethunter kernel, but it gets stuck at the nethunter boot logo, how do i fix this, do i need a specific force encryption or something? ive restored the system couple times using mi flash, ive been trying for a couple days now, if you have any solutions please lmk a step by step guide, also is there a way i can do this without flashing it, but also get all the tools working?
Niksa2 said:
i have a mi 9t with unlocked bootloader twrp also rooted using magisk, i flashed my nethunter kernel, but it gets stuck at the nethunter boot logo, how do i fix this, do i need a specific force encryption or something? ive restored the system couple times using mi flash, ive been trying for a couple days now, if you have any solutions please lmk a step by step guide, also is there a way i can do this without flashing it, but also get all the tools working?
Click to expand...
Click to collapse
Sorry I wish I was able to help
But the tag says [CUSTOM ROM]
SO I HAVE No Idea
Maybe try this
Don't flash any thing just follow the procedure listed above and It may work
Just don't flash anything
It won't work, cuz you need kernel for monitoring for example wifi - stock kernels can't put wlan1 (internal or external) wifi to monitor mode, so you won't be able to pentest routers
batman957 said:
Sorry I wish I was able to help
But the tag says [CUSTOM ROM]
SO I HAVE No Idea
Maybe try this
Don't flash any thing just follow the procedure listed above and It may work
Just don't flash anything
Click to expand...
Click to collapse
Which custom ROM? Is it possible with AOSP based (I am on havoc 3.6 now)
hruaiapunte said:
Which custom ROM? Is it possible with AOSP based (I am on havoc 3.6 now)
Click to expand...
Click to collapse
Any whatever you want
I tested on evoX and titanium os
Niksa2 said:
i have a mi 9t with unlocked bootloader twrp also rooted using magisk, i flashed my nethunter kernel, but it gets stuck at the nethunter boot logo, how do i fix this, do i need a specific force encryption or something? ive restored the system couple times using mi flash, ive been trying for a couple days now, if you have any solutions please lmk a step by step guide, also is there a way i can do this without flashing it, but also get all the tools working?
Click to expand...
Click to collapse
Are you trying to install Nethunter onto stock miui rom?
If so, take a look at
https://forums.kali.org/showthread.php?48308-Xiaomi-Mi-9t-Not-Work-Hid-Monitor-Bad-USB
This worked for me
I'm running full Nethunter on Mi9t stock MiUi Global 11.0.4 rooted with Magisk.zip (via TWRP) and everything just works like a charm. No problems capturing packets, injection support is doing fine and HID seems to work (never tested it but NH App shows its working)
All i had to do was root the Mi9t with Magisk (flashed the zip via TWRP), after checking that everything went well ive booted back into TWRP and flashed the nethunter-2020.2-pre3-davinci-miui-ten-kalifs-full.zip downloaded at https://www.offensive-security.com/kali-linux-nethunter-download/
After that i had to reflash Magisk.zip again (directly after flashing the nethunter.zip without rebooting the device!) and thats it.
As the pre-build images you get at offensive-security allready come with the tweaked kernel u need for injection and monitor mode, theres no need to flash a 'nethunter kernel' afterwards...it works 'out of the box'
Flashing another nethunter kernel afterwards will most probably result in a bootloop... (tried myself a few times with hasty nethunter kernel)
Ive only tried this with the officiall pre-built images on a stock MiUi ROM.
If you want to flash NH on a Costum ROM, you should probably go with the Guide from OP
Happy Hunting
hello, after so many tests they managed like this:
1. twrp orange fox
2.format and wipe
3.flash: fw "miui_DAVINCIGlobal_V11.0.5.0.QFJMIXM_aaab5b40c7_1 0.0.zip" flash "AOSiP-10-Quiche-davinci-20200526-gapps.zip" flash "Magisk-v19.3.zip" flash "Disable_Dm-Verity_ForceEncrypt_03.04.2020.zip"
4.reboot
5.inizializza and upgrade Magisk (download update Magisk to phone)
6.download Busybox module (Magisk)
7.poweroff
8.twrp flash "nethunter-2020.2-davinci-miui-ten-kalifs-full.zip" flash (Magisk downloaded to phone) flash "Disable_Dm-rity_ForceEncrypt_03.04.2020.zip"
9.reboot
HardcodedString said:
Are you trying to install Nethunter onto stock miui rom?
If so, take a look at
https://forums.kali.org/showthread.php?48308-Xiaomi-Mi-9t-Not-Work-Hid-Monitor-Bad-USB
This worked for me
I'm running full Nethunter on Mi9t stock MiUi Global 11.0.4 rooted with Magisk.zip (via TWRP) and everything just works like a charm. No problems capturing packets, injection support is doing fine and HID seems to work (never tested it but NH App shows its working)
All i had to do was root the Mi9t with Magisk (flashed the zip via TWRP), after checking that everything went well ive booted back into TWRP and flashed the nethunter-2020.2-pre3-davinci-miui-ten-kalifs-full.zip downloaded at https://www.offensive-security.com/kali-linux-nethunter-download/
After that i had to reflash Magisk.zip again (directly after flashing the nethunter.zip without rebooting the device!) and thats it.
As the pre-build images you get at offensive-security allready come with the tweaked kernel u need for injection and monitor mode, theres no need to flash a 'nethunter kernel' afterwards...it works 'out of the box'
Flashing another nethunter kernel afterwards will most probably result in a bootloop... (tried myself a few times with hasty nethunter kernel)
Ive only tried this with the officiall pre-built images on a stock MiUi ROM.
If you want to flash NH on a Costum ROM, you should probably go with the Guide from OP
Happy Hunting
Click to expand...
Click to collapse
henghst69 said:
1. twrp orange fox
2.format and wipe
3.flash: fw "miui_DAVINCIGlobal_V11.0.5.0.QFJMIXM_aaab5b40c7_1 0.0.zip" flash "AOSiP-10-Quiche-davinci-20200526-gapps.zip" flash "Magisk-v19.3.zip" flash "Disable_Dm-Verity_ForceEncrypt_03.04.2020.zip"
4.reboot
5.inizializza and upgrade Magisk (download update Magisk to phone)
6.download Busybox module (Magisk)
7.poweroff
8.twrp flash "nethunter-2020.2-davinci-miui-ten-kalifs-full.zip" flash (Magisk downloaded to phone) flash "Disable_Dm-rity_ForceEncrypt_03.04.2020.zip"
9.reboot
Click to expand...
Click to collapse
Does Kali work with QFJEUXM 11.0.5?
By following the cited guide
https://forums.kali.org/showthread.php?48308-Xiaomi-Mi-9t-Not-Work-Hid-Monitor-Bad-USB
I don't see anything about:
- Format Data and wipe
Is it necessary?
-"AOSiP-10-Quiche-davinci-20200526-gapps.zip
Is it necessary to flash, maybe Kali breaks the stock built-in GApps?
-"Disable_Dm-rity_ForceEncrypt_03.04.2020.zip"
Is it also necessary to flash, Magisk cannot make it pass SafetyNet without?
Also, does installing Kali affect:
- Widevine L1 (dropping to L3)
- 4G/4G+ (by disabling some bands or carrier aggregation)?
One more question, what would be a procedure to go back to stock?
Manually updating to the stock Recovery/ZIP firmware from System update/Choose update package would be enough or flashing Fastboot/TGZ firmware by Mi Flash Tool will be needed?
zgfg said:
Does Kali work with QFJEUXM 11.0.5?
By following the cited guide
https://forums.kali.org/showthread.php?48308-Xiaomi-Mi-9t-Not-Work-Hid-Monitor-Bad-USB
I don't see anything about:
- Format Data and wipe
Is it necessary?
-"AOSiP-10-Quiche-davinci-20200526-gapps.zip
Is it necessary to flash, maybe Kali breaks the stock built-in GApps?
-"Disable_Dm-rity_ForceEncrypt_03.04.2020.zip"
Is it also necessary to flash, Magisk cannot make it pass SafetyNet without?
Also, does installing Kali affect:
- Widevine L1 (dropping to L3)
- 4G/4G+ (by disabling some bands or carrier aggregation)?
One more question, what would be a procedure to go back to stock?
Manually updating to the stock Recovery/ZIP firmware from System update/Choose update package would be enough or flashing Fastboot/TGZ firmware by Mi Flash Tool will be needed?
Click to expand...
Click to collapse
-Does Kali work with QFJEUXM 11.0.5?
Well, somewhere i've read that it should work with 11.0.5 too but dont remember where...would have to search for it again to provide a link to you...
- Format Data and wipe
Not sure if its necessary, but i did so. Its always a good thing to do before flashing any ROM.
Just try it without that step and you'll see...you can always reflash to stock if you get any errors, so just give it a shot mate
-"AOSiP-10-Quiche-davinci-20200526-gapps.zip
Nope, thats not necessary for sure. I'm using it with the stock built gapps and its working fine
-Disable_Dm-rity_ForceEncrypt_03.04.2020.zip
Thats pretty strange with that ForceEncrypt step, some say they had to others not. I did not flash it to be honest and everythings okay so far. But theres a Chance that you will have to! Maybe it belongs to which ROM you are using (global,eu,chinese) but cant tell for sure...
So this one you will have to figure out yourself, sry.
-4G and LTE is working good for me, so i'd say kali isnt affecting it
-About Widefine, well i dont know to be honest...im watching Prime and Sky Go on the Phone sometimes but for the Quality Prime just says 'optimal' and Sky Go 'HD'...it looks great for sure but i cant tell the exact Quality....if theres a way to check that, let me know and i'll be happy to do that for you
-One more question, what would be a procedure to go back to stock?
I would just do a wipe/format and flash the stock MiUI image or better, your backup via TWRP (or any other custom Recovery)
For me, Fastboot by MiFlashTool is always the last option. If nothing else works, Fastboot is a Livesaver but thats just 'my way' of doing it, there are probably many others who say otherwise!
Sometimes it needs a lot of testing to figure out the best way for your specific device, so always do a backup and flash a custom recovery before flashing Nethunter. That way, its always posible to get back to Stock if you encounter any bootloops/problems after the installation.
Its like always while playing around with any OS...if it wont work, you just have to "Try Harder"
Im happy to help anyway, if you got any more Questions just shout out mate
HardcodedString said:
-Does Kali work with QFJEUXM 11.0.5?
Well, somewhere i've read that it should work with 11.0.5 too but dont remember where...would have to search for it again to provide a link to you...
- Format Data and wipe
Not sure if its necessary, but i did so. Its always a good thing to do before flashing any ROM.
Just try it without that step and you'll see...you can always reflash to stock if you get any errors, so just give it a shot mate
-"AOSiP-10-Quiche-davinci-20200526-gapps.zip
Nope, thats not necessary for sure. I'm using it with the stock built gapps and its working fine
-Disable_Dm-rity_ForceEncrypt_03.04.2020.zip
Thats pretty strange with that ForceEncrypt step, some say they had to others not. I did not flash it to be honest and everythings okay so far. But theres a Chance that you will have to! Maybe it belongs to which ROM you are using (global,eu,chinese) but cant tell for sure...
So this one you will have to figure out yourself, sry.
-4G and LTE is working good for me, so i'd say kali isnt affecting it
-About Widefine, well i dont know to be honest...im watching Prime and Sky Go on the Phone sometimes but for the Quality Prime just says 'optimal' and Sky Go 'HD'...it looks great for sure but i cant tell the exact Quality....if theres a way to check that, let me know and i'll be happy to do that for you
-One more question, what would be a procedure to go back to stock?
I would just do a wipe/format and flash the stock MiUI image or better, your backup via TWRP (or any other custom Recovery)
For me, Fastboot by MiFlashTool is always the last option. If nothing else works, Fastboot is a Livesaver but thats just 'my way' of doing it, there are probably many others who say otherwise!
Sometimes it needs a lot of testing to figure out the best way for your specific device, so always do a backup and flash a custom recovery before flashing Nethunter. That way, its always posible to get back to Stock if you encounter any bootloops/problems after the installation.
Its like always while playing around with any OS...if it wont work, you just have to "Try Harder"
Im happy to help anyway, if you got any more Questions just shout out mate
Click to expand...
Click to collapse
Thank you a lot for your answer.
Btw, few days ago I upgraded to QFJEUXM v11.0.6 (so no more 11.0.5), which is newer than the Kali pre-built image, but according to v11.0.6 Changelog only Security patch was updated
I'm still tempting to try Kali (currently having new official TWRP v3.4.0, Magisk Canary 20416 and Hasty kernel)...
You can check your Widevine Security level (still interested if you have L1) by
https://play.google.com/store/apps/details?id=flar2.devcheck
https://play.google.com/store/apps/details?id=com.androidfung.drminfo
By going back to stock you said flashing MIUI. - so you mean flashing ZIP/Recovery firmware through TWRP?
zgfg said:
Thank you a lot for your answer.
Btw, few days ago I upgraded to QFJEUXM v11.0.6 (so no more 11.0.5), which is newer than the Kali pre-built image, but according to v11.0.6 Changelog only Security patch was updated
I'm still tempting to try Kali (currently having new official TWRP v3.4.0, Magisk Canary 20416 and Hasty kernel)...
You can check your Widevine Security level (still interested if you have L1) by
https://play.google.com/store/apps/details?id=flar2.devcheck
https://play.google.com/store/apps/details?id=com.androidfung.drminfo
By going back to stock you said flashing MIUI. - so you mean flashing ZIP/Recovery firmware through TWRP?
Click to expand...
Click to collapse
No problem, i'm happy to help wherever i can :good:
-Btw, few days ago I upgraded to QFJEUXM v11.0.6...
Yeah, im not surprised bout that...sorry for the late answer :/
Thank you for pointing out these two Apps mate!
I've checked my Widevine Security Level and both Apps showing Widefine L1 (Screenshots attached) so no downgrade after flashing Nethunter
Yes thats correct, to get back to stock you would have to flash the ZIP/Recovery firmware through TWRP.Only if that doesnt work you'd have to do it through Fastboot.
If you did a full backup (i.e. through TWRP) of your system before flashing Nethunter, you would be able to restore it by flashing the recovery,dtbo,boot and system images one by one through TWRP/Fastboot (not sure but i think it should be enough to just reflash the system.img, boot.img and dtbo.img to get your pre-Nethunter Setup/Specs back (English isnt my native Language so in case you dont get what im trying to explain...that means your stock 11.0.6 with TWRP v3.4.0, Magisk Canary 20416 and the Hasty kernel including all your Settings and Stuff)
You wouldnt have to flash a 'naked stock rom' if Nethunter doesnt work
If you're still not comfortable enough to install Nethunter onto your Device, just wait a few more Days.
I will try to get Nethunter running on the 11.0.6 ROM myself as soon as i have some more time!Will also try it with your Specs/Setup by then
Hi, i cant install chroot.
image transparente png
sinanlenfom said:
Hi, i cant install chroot.
image transparente png
Click to expand...
Click to collapse
Obviously you set the wrong Folder Name...just choose one of the three options from Screenshot 1!?
But to be honest, and i really dont want to offend you, if you couldnt figure that one out yourself you shouldnt install Nethunter at all...
@zgfg
Sorry mate, wasnt able to try it so far.....very busy at work atm! Will do the next few Days
HardcodedString said:
@zgfg
Sorry mate, wasnt able to try it so far.....very busy at work atm! Will do the next few Days
Click to expand...
Click to collapse
Thanks
HardcodedString said:
Sorry mate, wasnt able to try it so far.....very busy at work atm! Will do the next few Days
Click to expand...
Click to collapse
Ok, I installed NetHunter zip image for Davinci over QFJEUXM v11.0.6.0 and re-rooted with Magisk Canary v20419.
Ran NetHunter app and chroot.
I think it looks ok - screenshots attached
Btw, tried yesterday Wifite to 'break' three WPA WLANs (Private, not Enterprise) for whom I actually know passwords - their passwords are weak like vesna1970 or 136923457
Wifite was running for two or three hours, trying Pixie-Dust, NULL PIN, PIN Attack, Handshake capture but eventually failed for all three connections
I will set up a WEP AP at home next week to test again, but who nowadays still uses WEP. Almost everybody would be using WPA, and with stronger passwords than above
If so, I doubt it is of big (educational) use and I am suspect about YT movies where they successfully break WPA in 30 minutes (or more)
Receiving a notification to update NetHunter from Installed 2020.2 to 2020.2?!
But the Update fails with Error -110 - on screenshots
Btw, I have successfully updated (couple of times) packages from NetHunter app, currently there is nothing to update there
Edit:
Fixed the NH app update notification: open NetHunter Store, Settings, Expert mode and untick Privilege Extention.
Let it update the NetHunter app