IMPORTANT INFORMATION!
READ THIS BEFORE GOING TO THE S-OFF THREADS
This simple guide is aimed at giving you the best chance at achieving S-OFF on your device. Although not all of the steps listed below are 100% necessary if you are failing to achieve S-OFF or still receiving errors of any sort then you either cannot S-OFF your phone or you haven't followed the guide. In my opinion your best hope for S-OFF is by using RUMRUNNER. It supports the largest amounts of firmware and the support is great.
You should only use MOONSHINE/REVONE to S-Off if......
1. You are on or flash a STOCK Sense 5, Android 4.1 ROM! (NOTE: 4.2 Software may be OK however for your best chances use the oldest you possibly can!!)
2. Have an old un-patched 1.44 HBoot or If on T-Mob or AT&T and on Patched 1.44 HBoot you have downgraded using one of the guides provided at the bottom of this post. (NOTE: To my knowledge patched 1.44 HBoot's are most likely those dated from June 2013 onwards, to check this reboot to bootloader and find the date there.)
3. Use the up to date 0.2.1 revone (the older ones give false successes)
4. Are Rooted (Not necessary but seems to improve chances of success)
5. Have the correct Moonshine package for your exact firmware and software version! If your firmware is not on the site and there is no way of you getting a matching firmware then you can't use it!
6. Are not on stock 4.2 software upgraded via OTA. (NOTE: Custom 4.2 Software may be OK as long as your HBoot is still 1.44)
7. Are not using a GE ROM, 4.3 Rom or on stock 4.3 software
8. Are not on HBoot 1.54 or higher
9. Are NOT on HBoot 1.54 or higher
10. ARE NOT ON HBOOT 1.54 OR HIGHER
11. Are not an Idiot! (Most important of all)
Before you try RUMRUNNER you must.....
1. Ensure you are on 100% Stock firmware/software that is supported. (note:you may be rooted or have custom recovery they should not effect success)
2. Ensure that if your device is carrier branded you are running stock firmware/software for your carrier (i.e H3G = 2.24.771.3)
3. Have your bootloader unlocked!
4. Use the correct RumRunner package for your device firmware. If you are not then flash Stock software matching your correct carrier firmware before starting.
5. Have HTC Sync removed from your computer!
6. Have firewalls, antivirus and anything else turned off or un-installed! (Ensure to turn back on after completion )
7. Have read the RumRunner thread and Site HERE and know you can email them with your firmware version so maybe they can S-OFF your phone! But DO NOT pester them on their IRC channel, that is for support only!!
8. Have more then 40% battery life.....
9. Not be an idiot! (Always the most important point!)
Notes:
1. If it still isn't working try a different stock rom and re-flash your correct stock firmware and try RumRunner again
2. If RumRunner gets to pouring (5)... Or higher it's more then likely failed already.
3. Some branded firmware's might work with the international package i.e 2.24.111.3 works with the 2.24.401.1 rumrunner package.
Again as I stated earlier some of these may not apply but if you want to guarantee revone or moonshine to work then you should follow these rules! Also in addition to this. READ THE OP of the threads in question (and POST 2 of revone!) They are your bible and will tell you what to do.
If you aren't sure what S-OFF is, does, why you might need it or how to achieve it safely then you DO NOT NEED S-OFF. You could ruin your phone and you really should start with more basic things first!!
WARNING Going back to S-ON isn't necessary for warranty, just lock the bootloader and go back to a stock rom/recovery if you do decide to be crazy and go S-ON again you may receive back a non-s-offable device that isn't supported by any of the above methods... YOU HAVE BEEN WARNED
Error codes and what they mean (from my experience, and what I've read!) ;-
Error Code -1 = Potentially you need to try a different ROM or it could just be random and after a few tries and reboots it might work. A few people have reported that rebooting and using -p rather than -P has worked but I'm not convinced as -p isn't built as a command but you're free to try whatever you wish.
Error Code -2 = I've seen people report this but revone has actually worked so should you see this try and reboot and carry on, if not then try changing ROMs and try again.
Error Code -6 = More then likely you're on either a patched or a 1.54 HBoot and you're not going to be able to S-Off. If you reboot to bootloader and you're on 1.44 then you might be able to downgrade using one of the guides on xda. Xboarder's guide on rootzwiki for TMob is a good one. In addition you may be on the right 1.44 HBoot but the software/ROM you're running could be the issue. In any case run a stock RUU for your CID and you should be sorted.
Error Code 1 = I've had this myself and this basically means it's not ever going to work. I think it's a variant on the -6 Error. If you see this, you're out of luck IMO.
Link for T-Mobile Device HBoot Downgrade to enable S-OFF HERE
Link for AT&T Device HBoot Downgrade to enable S-OFF HERE
Additional Info (On Downgrading HBoot from 1.54 with S-ON)
If after reading this guide you're thinking OK so I need to downgrade my HBoot, then to clear things up here is a list of methods that categorically do not and will not work to downgrade your 1.54 HBoot to 1.44 HBoot if your device is S-ON regardless of how much you think it should work because it did on your old phone.
Note these methods WILL NOT WORK to downgrade HBoot from 1.54 to 1.44 while S-ON!
1. Running an old RUU for your device with a lower HBoot inside
2. Writing directly to any of the board or hboot partitions mmcblk0p4, mmcblk0p5, mmcblk0p12. This includes:-
a) dd'ing your hboot/board image, editing the version then dd'ing it back
b) dd'ing any other hboot/board image to your hboot partition mmcblk0p12
c) dd'ing anything to anything!! HBoot and board are WP from low boot and cannot be written to or modified at all unless S-OFF
d) chmodding mmcblk0p12, deleting it, editing it, or anything else you might thing could work
e) using recovery to flash to mmcblk0p12 using busybox and dd command.
f) anything else I missed (I hope you're getting the picture here anyway) Oh and note, if you try to dd and it says it worked.... It didn't!
3. Modifying and flashing an encrypted or decrypted rom.zip, firmware.zip, PN07IMG.zip or RUU.zip from recovery, fastboot or RUU mode
4. Flashing an old encrypted or decrypted rom.zip, firmware.zip, PN07IMG.zip or RUU.zip from recovery, fastboot or RUU mode
5. Using a Y-Cable with or without a goldcard to flash an old PN07IMG.zip
6. Using a Y-Cable with or without a goldcard to flash a modified PN07IMG.zip
7. Running a modified RUU with old or editied HBoot version
8. *Not totally proven yet* Trying to brick the phone by shutting it off during RUU.zip install at the HBoot writing stage. (This has only been tried once so far and didn't pay off, I would not advise trying this unless you are a "VERY" confident/crazy android user/dev)
I hope this helps clear things up, have a nice day and happy flashing
The War Horse said:
OK so following my post of pretty much exactly this on the revone thread it seems that a lot of people still aren't sure what's going on so here is my simple guide to follow BEFORE you try to S-OFF your phone or post in the Revone or Moonshine threads.
You should/can only use revone or Moonshine(potentially different as I am not as familiar but I'm pretty sure the same rule apply) to S-Off if;-
1. You are on or flash a STOCK Sense 5, Android 4.1 ROM before you try!
2. Have an old un-patched 1.44 HBoot or If on T-Mob or AT&T and on Patched 1.44 HBoot you have downgraded using one of the easy to find guides provided.
3. Use the up to date 0.2.1 revone (the older ones give false successes) <revone only>
4. Are Rooted (Not necessary but seems to improve chances of success) <revone only>
5. Have the correct Moonshine package for your exact firmware and software version! If your firmware is not on the site guess what..... You can't use it! <moonshine only>
6. Are not using a 4.2 ROM
7. Are not using a GE ROM
8. Are not on HBoot 1.54
9. Are not on HBoot 1.54
10. ARE NOT ON HBOOT 1.54
11. Are not an Idiot! (Most important of all)
Some of these may not apply but if you want to garuntee revone or moonshine to work then you should follow these rules! Also in addition to this. READ THE OP of the threads in question (and POST 2 of revone!) They are your bible and will tell you what to do.
Notes on Error codes (from my experience, and what I've read!) <revone only>;-
Error Code -1 = Potentially you need to try a different ROM or it could just be random and after a few tries and reboots it might work. A few people have reported that rebooting and using -p rather than -P has worked but I'm not convinced as -p isn't built as a command but you're free to try whatever you wish.
Error Code -2 = I've seen people report this but revone has actually worked so should you see this try and reboot and carry on, if not then try changing ROMs and try again.
Error Code -6 = More then likely you're on either a patched or a 1.54 HBoot and you're not going to be able to S-Off. If you reboot to bootloader and you're on 1.44 then you might be able to downgrade using one of the guides on xda. Xboarder's guide on rootzwiki for TMob is a good one.
Error Code 1 = I've had this myself and this basically means it's not ever going to work. I think it's a variant on the -6 Error. If you see this, you're out of luck IMO.
I hope this clears things up. Please feel free to post your error code findings should they be any different from what I have stated. Also anyone familiar with moonshine please feel free to add anything I might have missed. Cheers.
Sent by homing dragon......
Click to expand...
Click to collapse
Can I get s-off with HBOOT 1.54???????? (joking BTW lol)
cheers for this should stop certain muppets asking silly things
Aditional Information - SuperCID
On a separate note If you are on an updated HBoot but SuperCID (11111111) Then the above rules may not apply. If this is the case for you and you are SuperCID, S-ON on HBoot 1.54 or Higher then you may have to try a few different routes as SuperCID bypasses some things on occasions. You may well be able to downgrade your HBoot and S-OFF.
exocetdj said:
Can I get s-off with HBOOT 1.54???????? (joking BTW lol)
cheers for this should stop certain muppets asking silly things
Click to expand...
Click to collapse
Lets hope so. Mods moved it from the Origional Dev forum though and I have a feeling a lot of Muppets will totally bypass this forum and go there and still crack on blindly...... Maybe if this was a sticky then it would be missed less.... I dunno..... MODS?
The War Horse said:
Lets hope so. Mods moved it from the Origional Dev forum though and I have a feeling a lot of Muppets will totally bypass this forum and go there and still crack on blindly...... Maybe if this was a sticky then it would be missed less.... I dunno..... MODS?
Click to expand...
Click to collapse
Think maybe you should put the title of the thread entirely in capitals and surround it with *********s or ###s so not even the dumbest noob will miss it lol!
exocetdj said:
Think maybe you should put the title of the thread entirely in capitals and surround it with *********s or ###s so not even the dumbest noob will miss it lol!
Click to expand...
Click to collapse
HAHA, I did actually try this but it converted the lot to lowercase randomly.... I assume you're not allowed all capitals? lol
The War Horse said:
HAHA, I did actually try this but it converted the lot to lowercase randomly.... I assume you're not allowed all capitals? lol
Click to expand...
Click to collapse
damn i assume so!!!! anyway soz for clogging up ur thraed mate! Try the symbols ~~~ *** (it will look like you are swearing at em hahaha!)
exocetdj said:
damn i assume so!!!! anyway soz for clogging up ur thraed mate! Try the symbols ~~~ *** (it will look like you are swearing at em hahaha!)
Click to expand...
Click to collapse
No worries man. Just spread the word. I've asked a mod if it can be stickied so we'll see.
posted a friendly link to this thread in the soff ones lol!
just have a look:laugh:
The War Horse said:
No worries man. Just spread the word. I've asked a mod if it can be stickied so we'll see.
Click to expand...
Click to collapse
the noobs dont even notice the stickies, they will still answer questions
IINexusII said:
the noobs dont even notice the stickies, they will still answer questions
Click to expand...
Click to collapse
I know. I'm thinking that at least from now on noone has to answer the questions though. they can simply send them to this thread lol.
I'd be better if this was in the Orig Android Dev forum imo, that way when they jump in there head first they might see it!
The War Horse said:
I know. I'm thinking that at least from now on noone has to answer the questions though. they can simply send them to this thread lol.
I'd be better if this was in the Orig Android Dev forum imo, that way when they jump in there head first they might see it!
Click to expand...
Click to collapse
the ONLY way is for XDA to automatically redirect the noobs to this thread whenever they click on a S-OFF thread. otherwise they wont see it
IINexusII said:
the ONLY way is for XDA to automatically redirect the noobs to this thread whenever they click on a S-OFF thread. otherwise they wont see it
Click to expand...
Click to collapse
Now that would be something!!
1.54 s off
just go my phone s-off on 1.54 h boot,check fone fun shop.was only achieved today.
doohdah said:
just go my phone s-off on 1.54 h boot,check fone fun shop.was only achieved today.
Click to expand...
Click to collapse
S-Off via jtag or by an external paid source is completely different to revone or moonshine. For one they're a lot cheaper!
Also the company you mention has been offering S-Off on the one for while now.
Sent from my HTC One using Tapatalk 4
good!:good:
1.54.s off
The War Horse said:
S-Off via jtag or by an external paid source is completely different to revone or moonshine. Fit's the onlone they're a lot cheaper!
Also the company you mention has been offering S-Off on the one for while now.
Sent from my HTC One using Tapatalk 4
Click to expand...
Click to collapse
For your information the 1.54.s-off was only achieved yesterday and is.by java card,it my be more expensive than revone but its the only solution at this time.
doohdah said:
For your information the 1.54.s-off was only achieved yesterday and is.by java card,it my be more expensive than revone but its the only solution at this time.
Click to expand...
Click to collapse
But by java card it is always possible, that's how htc does it, even on for the one x some shops offer it....
doohdah said:
For your information the 1.54.s-off was only achieved yesterday and is.by java card,it my be more expensive than revone but its the only solution at this time.
Click to expand...
Click to collapse
It was achieved by java card the day the phone was made. Lol.... Java card isn't an exploit.
Sent from my HTC One using Tapatalk 4
Related
Its only going to be a matter of time before people will need to send phones back under warranty for whatever reasons so a guide for unrooting will be needed.
Any takers?
G2 already has one, but obviously we will need different rom/hboot etc to go back to our stock.
Not just unrooting, but going completely back to stock, i.e. S-ON and stock ROM.
As you say, we should be able to base it on this - http://forum.xda-developers.com/showthread.php?t=835971
Although we have several different stock ROMs, e.g. European, Asian, Vodafone UK, etc.
this is already covered in the FAQ (easy tutorial @ dev forum)
http://forum.xda-developers.com/showpost.php?p=9143411&postcount=2
gtrab said:
this is already covered in the FAQ (easy tutorial @ dev forum)
http://forum.xda-developers.com/showpost.php?p=9143411&postcount=2
Click to expand...
Click to collapse
That just says to use Visionary to turn off rooting. Or did I miss something ?
As I said, I think we need to cover how to return a phone completely to stock, and I don't think it includes all that you'd really need to do, or if you didn't use Visionary in the first place, e.g. the kind of stuff in the G2 post that I linked.
steviewevie said:
That just says to use Visionary to turn off rooting. Or did I miss something ?
As I said, I think we need to cover how to return a phone completely to stock, and I don't think it includes all that you'd really need to do, or if you didn't use Visionary in the first place, e.g. the kind of stuff in the G2 post that I linked.
Click to expand...
Click to collapse
It does say to flash an RUU to S-ON which in the past I would have said would work, but seeing how the G2 forums are not suggesting that its that simple my guess would be that its not that simple.
I had to flash the PC10img thing taken from the stock ROM to restore root and s-on. But no idea how to extract that PC10img thing, not that I have looked into it either.
That info was from one of the guides in the dev section I'm sure.
Sent from my HTC Vision using XDA App
What might work now will probably not work once an OTA update comes out for the DZ though, as per the problem on the G2 they've had which has led to quite a few semi-bricks (possibly full bricks in some cases ?).
Done some research, it would seem that flashing an RUU would work fine for those of us already rooted, if an OTA were to come out those who rooted after the OTA would have issues unless an RUU for the same OTA was released as well. (this is basically because the RUU's currently available will be older than the software the phone is on so the RUU would fail leaving you with a semi-bricked phone as described above, basically it would flash stock hboot and recovery then fail to flash the /system so you would be left with no root or recovery and no rom.
Flashing the ruu would give rise to accepting the OTA too, if you really wanted to do that, but it might block root.
you just need the RUU for your correct original phone version
OR use a gold card
eg. I have debranded mine from bell NAM 1.34.666.5 to euro generic 1.34.405.5
To go back to stock, I can:
1.- grab the bell 1.34.666.1 RUU (its slightly previous, but is the correct original version for my phone)
OR
2.- run the euro generic 1.34.405.5 with a golcard inserted
gtrab said:
you just need the RUU for your correct original phone version
Click to expand...
Click to collapse
Isn't that dangerous though once we get any OTAs, and could lead to this ?
http://forum.xda-developers.com/showthread.php?t=838484
Or am I missing something ?
steviewevie said:
Isn't that dangerous though once we get any OTAs, and could lead to this ?
http://forum.xda-developers.com/showthread.php?t=838484
Or am I missing something ?
Click to expand...
Click to collapse
Yes thats what I was getting at in my post above, any RUU you flash needs to be of the same or newer version of what your previously flashing. You cannot GoldCard to flash an RUU to S-ON or you get left with the semi-brick where you have stock recovery and hboot, but no rom installed.
So if an OTA comes out, you can't accept it, s-off then use an older RUU to s-on again. You would have to flash an RUU of that OTA version (if one is released).
Basically its best to not accept any OTA if you can avoid it and just wait for a custom rom of the same, that way we can always use the older RUU's to s-on if we need it.
I successfully downgraded my rooted/S-OFF'd phone to an earlier ROM last night. I simply followed this method - http://forum.xda-developers.com/showthread.php?t=832503
I'm of the firm belief that this is the onyl way to do it if you are at S-OFF. If you have S-OFF, then flashing an older RUU will probably brick your phone.
Well yesterday I perm root and s-off my european Desire Z with World/Euro generic 1.34.405.5. Somehow everything went bad after flashing recovery mode, so I decided to unroot it and bring it back to original settings.
I found there are 2 methods, one is to run the original ruu, and the other one was to copy the exact World/Euro generic 1.34.405.5 PC10img.zip to the root of my sd card.
Then entered to bootloader, and the phone recognize the archive, I simply apply it, and now I am back again to original stock.
However now I tried again and I am happily root, and S-Off following the amazing gtrab guide (http://forum.xda-developers.com/showthread.php?t=835777)
buzmay said:
I found there are 2 methods, one is to run the original ruu, and the other one was to copy the exact World/Euro generic 1.34.405.5 PC10img.zip to the root of my sd card.
Click to expand...
Click to collapse
That's the thing I keep saying though, flashing the original RUU worked for you because you weren't trying to downgrade the ROM, it was the same version that you already had on (just S-OFF etc). If you had a later version on your phone (e.g. via an OTA update) and were trying to flash to an earlier one, you would have bricked it trying the straight RUU method.
So what should be done is download and install an RUU - say 1.234.987, so you're on 1.234.987 - then root / S-OFF / custom ROM the phone. If anything goes wrong, reinstall the 1.234.987 RUU.
By the way - that's a fake RUU
DanWilson said:
So what should be done is download and install an RUU - say 1.234.987, so you're on 1.234.987 - then root / S-OFF / custom ROM the phone. If anything goes wrong, reinstall the 1.234.987 RUU.
Click to expand...
Click to collapse
During that process, if the stock HBOOT/recovery that is installed by that RUU decides that what you're trying to flash is "older" than your custom ROM, you're screwed though. That's why the "debranding" guide has extra steps in it, i.e. gold card and editing the misc partition.
steviewevie said:
During that process, if the stock HBOOT/recovery that is installed by that RUU decides that what you're trying to flash is "older" than your custom ROM, you're screwed though. That's why the "debranding" guide has extra steps in it, i.e. gold card and editing the misc partition.
Click to expand...
Click to collapse
I hate HTC.
Love the phones, love the Sense, hate the security.
Why not give us a command like the N1? WHY!?
So you should backup the system partition before S-OFF and so on? Like so a dd? (Following on from previous post)
DanWilson said:
So you should backup the system partition before S-OFF and so on? Like so a dd? (Following on from previous post)
Click to expand...
Click to collapse
The system partition isn't changed in S-OFF, that's the boot partition (just allows writing to the system partition).
The gold card and editing of the misc partition should work fine, as per this thread - http://forum.xda-developers.com/showthread.php?t=832503
It worked for me last night to flash to an older stock ROM (which also gave me S-ON again, removing my S-OFF).
steviewevie said:
The system partition isn't changed in S-OFF, that's the boot partition (just allows writing to the system partition).
The gold card and editing of the misc partition should work fine, as per this thread - http://forum.xda-developers.com/showthread.php?t=832503
It worked for me last night to flash to an older stock ROM (which also gave me S-ON again, removing my S-OFF).
Click to expand...
Click to collapse
Cool. Confused. I believe you though.
But you are saying just to make a gold card, and edit the misc partition?
Nice
DanWilson said:
Cool. Confused. I believe you though.
But you are saying just to make a gold card, and edit the misc partition?
Click to expand...
Click to collapse
Following that guide that I linked worked for me. Yes, I turned my SD card into a gold card and edited the misc partition. Then it is fooled into thinking you're restoring a ROM of the same version that it already is running, so it lets you do it.
Actually, I do wonder whether both steps are necessary (i.e. gold card *and* editing misc), because I thought the whole point of the gold card was that it avoided those checks, so perhaps you can do one or the other ? I am only thinking out loud here, and may well be missing something, so I don't suggest trying it other than as in that guide.
So, I rooted my fiances Mytouch 3G original and it's been so long I don't remember what I did. Now theres a one click methods, different numbers 32a and 32b and there's radios and all this other stuff I didn't have to worry about then (I think)
I updated her to the Betamod AOSP using the same method as I would do with my Vibrant and well it works, but the text messaging dictionary is in German and the battery life was horrible so I wanna take her to Yoshi 1.0 RC5.1, so I'm doing all this research to make sure I do it right (part of me wants to brick it so she'll get a new phone, she hates spending money on phones when they work) and she's overdue for a full upgrade.
I'm reading these guides and all these other things and I keep linking and linking and linking and it's kind of overwhelming. I think I had 6 or 7 tabs open before I decided to just start a thread. I wasn't sure if the threads I was reading applied to me. It was very confusing.
Can someone please just point me to the right direction.
I'm assuming with the research and reading I've done is that she needs the 32b roms and her radio and kernal I will have to look at when she gets home. I may need help finding that info, but please let me try and report it first.
I'm sorry if this is an annoying noob post, but if you guys can give me exactly what I need I will read about it.
vahdyx said:
So, I rooted my fiances Mytouch 3G original and it's been so long I don't remember what I did. Now theres a one click methods, different numbers 32a and 32b and there's radios and all this other stuff I didn't have to worry about then (I think)
I updated her to the Betamod AOSP using the same method as I would do with my Vibrant and well it works, but the text messaging dictionary is in German and the battery life was horrible so I wanna take her to Yoshi 1.0 RC5.1, so I'm doing all this research to make sure I do it right (part of me wants to brick it so she'll get a new phone, she hates spending money on phones when they work) and she's overdue for a full upgrade.
I'm reading these guides and all these other things and I keep linking and linking and linking and it's kind of overwhelming. I think I had 6 or 7 tabs open before I decided to just start a thread. I wasn't sure if the threads I was reading applied to me. It was very confusing.
Can someone please just point me to the right direction.
I'm assuming with the research and reading I've done is that she needs the 32b roms and her radio and kernal I will have to look at when she gets home. I may need help finding that info, but please let me try and report it first.
I'm sorry if this is an annoying noob post, but if you guys can give me exactly what I need I will read about it.
Click to expand...
Click to collapse
If it is a 32b you will need to update spl and radio but a link to a guide to that is in the ginger yoshi op. Everthing you need should be in the ginger yoshi op in fact. You can use Amon_Ra for the ext4 part, the thread for installing that is in the same forum as yoshi's just a few threads up. Hope that helps.
Get us the fastboot info and we'll get you taken care of. Is the phone still rooted?
Sent from my LG-P500 using Tapatalk
Thanks guys, here's her HBOOT info
32b and S-on
Hboot 1.33.0006
CPLD - 10
Radio 2.22.23.02
I don't know if you need anything else, but yes the phone is still rooted
I'll defer to DonJuan's expertise here but, I think you sould be fine following Yoshi's OP. Ginger Yoshi requires the new radio/spl combo but the steps are all there. If I understand correctly the ext partition is optional but highly recommended and will be required in future releases.
Okay before I proceed, I downloaded
update.Engineering-SPL-HBOOT-1.33.2010-signed
recovery-RA-sapphire-v1.7.0G
Ohsaka-SuperWipe_v2
radio
hboot
These are zips except the Recovery file. I'm gonna put them all on my SD card and flash them in recovery. Then I'm gonna flash the rom.
Good?
Superwipe first
Recovery second
hboot third
engineering hboot fourth
Radio 5th
Then the ROM
Wait, actually where did you get the hboot/radio files from? Need to make sure they're the right one's, but I actually think you may be on the right track.
If I'm not mistaken you shouldn't need the engineering spl if you are going to flash the radio and spl via recovery, you only need it if you are going to use fastboot to install them.
So (Again if I'm not mistaken):
1. Recovery
2. Superwipe
3. Radio
4. Hboot
5. Rom
The guide I used to upgrade my radio/spl seemed simplest, worked great. Sorry I'm not allowed to post links here yet but it is at cyanogenmod.com search for a thread called New radio dream +15MB EXTRA RAM! for HTC DREAM
Look for post by -Stevo- on page 2, he does "Amazing" work.
turkeyshark said:
If I'm not mistaken you shouldn't need the engineering spl if you are going to flash the radio and spl via recovery, you only need it if you are going to use fastboot to install them.
So (Again if I'm not mistaken):
1. Recovery
2. Superwipe
3. Radio
4. Hboot
5. Rom
Click to expand...
Click to collapse
Right, pending he has the right radio/SPL.
DonJuan692006 said:
Wait, actually where did you get the hboot/radio files from? Need to make sure they're the right one's, but I actually think you may be on the right track.
Click to expand...
Click to collapse
I got it from step number 3 from http://forum.xda-developers.com/showthread.php?t=909900
vahdyx said:
I got it from step number 3 from http://forum.xda-developers.com/showthread.php?t=909900
Click to expand...
Click to collapse
Should be all set then.
Well did the steps and bricked the phone, it's on an endless loop, it won't flash the ROM for some reason. So I'm happy, we're picking up a new HD7 tomorrow. LOL, I got my wish.
I booted into recovery, did a nandroid, flashed super wipe, flashed radio, flashed Hboot, flashed rom and rom gave me an error. Have no other rom on SD card so I can't do anything else. Nandroid restore doesn't do what I need it to do and won't fix the problem.
Here's what my Hboot says now
Sapphire PVT 32B Ship S-ON G
HBOOT 1.33.0013d
CPLD 10
Radio 2.22.27.08
Oct 21 2009
***Edit***
I forgot to wipe cache before installing ROM, dammit everything is fine! She's asleep now, so maybe I shouldn't tell her the mytouch is working now.
Posting this to get it out in the community for anyone who wants it. This is the shipping hboot 1.04 patched to give s-off identical to the current ENG hboot everyone is using as well as including the ENG commands and fastboot flash/erase support. Obviously if you have a perfectly running device there might be no reason to flash this. For those who are yet to flash a hboot you might choose this instead since it's newer and we don't know what flaws could have been fixed from the older ENG release.
This will likely accompany our official root release for the device when we finish it.
I have tested this to be working on my phone, as well as another developers device so it should be safe. You however take full responsibility for anything that goes wrong with this flash as with any aftermarket mod.
IMPORTANT NOTE:
For those not aware, the thunderbolt is not a true s-off device. The ENG hboot or this patched hboot give you fake s-off while the radio is screaming s-on... This doesn't mean much, but DO NOT flash a hboot that isn't patched or you'll be stuck.
UPDATE 8/1/2011: This has been updated to now block normal hboot flashing to make it much safer. It's still wise to not arbitrarily flash things but you should rest a little more at ease now.
Thread update (not a new version):
Here is the commands to re-flash hboot after installing this:
"fastboot oem mw 8d08ac54 1 31302E30"
"fastboot flash hboot whateverhbootfile.nb0"
where whateverhbootfile.nb0 is in your path, you can get this file by unzipping the PG05IMG.zip with a hboot in it
(BE CAREFUL WITH THIS, YOUR PHONE WILL FLASH TETRIS.EXE AS A BOOTLOADER IF YOU ASK IT TO)
Enjoy.
Sweet thanks
Sent from my ADR6400L using XDA Premium App
Thank you sir, I shall try this soon.
This is not newer than the ENG, its actually the same version number. The ENG one came from a 1.12.605.6 eng ruu (same as shipping)
Will this block hboot flashing like the alpharevx one (please say yes)
Shadowmite said:
Posting this to get it out in the community for anyone who wants it. This is the shipping hboot 1.04 patched to give s-off identical to the current ENG hboot everyone is using as well as including the ENG commands and fastboot flash/erase support. Obviously if you have a perfectly running device there might be no reason to flash this. For those who are yet to flash a hboot you might choose this instead since it's newer and we don't know what flaws could have been fixed from the older ENG release.
This will likely accompany our official root release for the device when we finish it.
I have tested this to be working on my phone, as well as another developers device so it should be safe. You however take full responsibility for anything that goes wrong with this flash as with any aftermarket mod.
IMPORTANT NOTE:
For those not aware, the thunderbolt is not a true s-off device. The ENG hboot or this patched hboot give you fake s-off while the radio is screaming s-on... This doesn't mean much, but DO NOT flash a hboot that isn't patched or you'll be stuck.
Enjoy.
Click to expand...
Click to collapse
Ah, I guess I was under the impression it was older from what I was told. Regardless I never ran that one. Currently it doesnt block hboot flash, but I'll look into that patch next. I guess we'd want to block hboot from zip files but not from fastboot flash in order to protect soff while still having a way to return to stock.
Shadowmite said:
Ah, I guess I was under the impression it was older from what I was told. Regardless I never ran that one. Currently it doesnt block hboot flash, but I'll look into that patch next. I guess we'd want to block hboot from zip files but not from fastboot flash in order to protect soff while still having a way to return to stock.
Click to expand...
Click to collapse
I ended up not releasing the older one, as I had both (im not sure if joshua was given both or not).
Once you add blocking hboot flash (artificially high version number does it i think??) would it be ok to place in my guide until (if/when) yall release a package? (I intend to remove mine once a reliable "auto" is out).
Flashed for fun and it works great.
Having another method of root may not mean much to Tbolt owners now but it will once devices start shipping with GB.
Great to have you guys working on this.
so this a a way to root in the future for GB owners? just want to make sure so i dont flash if i dont need to because i am already rooted
Shadowmite said:
Ah, I guess I was under the impression it was older from what I was told. Regardless I never ran that one. Currently it doesnt block hboot flash, but I'll look into that patch next. I guess we'd want to block hboot from zip files but not from fastboot flash in order to protect soff while still having a way to return to stock.
Click to expand...
Click to collapse
excellent! i personally would love a permanent s-off patch. ill be watching this thread,thank you kind sir.
thanks,Shadowmite
Shadowmite said:
Posting this to get it out in the community for anyone who wants it. This is the shipping hboot 1.04 patched to give s-off identical to the current ENG hboot everyone is using as well as including the ENG commands and fastboot flash/erase support. Obviously if you have a perfectly running device there might be no reason to flash this. For those who are yet to flash a hboot you might choose this instead since it's newer and we don't know what flaws could have been fixed from the older ENG release.
This will likely accompany our official root release for the device when we finish it.
I have tested this to be working on my phone, as well as another developers device so it should be safe. You however take full responsibility for anything that goes wrong with this flash as with any aftermarket mod.
IMPORTANT NOTE:
For those not aware, the thunderbolt is not a true s-off device. The ENG hboot or this patched hboot give you fake s-off while the radio is screaming s-on... This doesn't mean much, but DO NOT flash a hboot that isn't patched or you'll be stuck.
Enjoy.
Click to expand...
Click to collapse
Hey,
Might you guys post your IDB of this hboot? or send it to me via PM? or somehow. Id love to see the breakdown of the file you guys reversed.
and what patches. Thanks!
Thanks shadowmite. I followed your work way back in the 6600 days...
Sent from my ADR6400L using Tapatalk
running it now,no issues. used it to flash a recovery,and change my radios. also verified it has the same available fastboot commands.
feel free let me know if you need any kind of feedback,or help with testing. id be more thaN happy to help test a permanent patch
Ok, updated main post with new updated hboot. Now patched to block normal hboot flashes which should make it a lot safer. To test, flash the update, then try flashing it again. The second one should not take.
yes! thank you kind sir. so,if im understanding correctly,it will prevent the flash of any other hboot,including the original engineering one?
downloaded and about to flash
scotty1223 said:
yes! thank you kind sir. so,if im understanding correctly,it will prevent the flash of any other hboot,including the original engineering one?
downloaded and about to flash
Click to expand...
Click to collapse
Correct. I figure eventually someone might need to flash back to a original and ill eventually toss up instructions how to do this. For now, this should block everything we've seen for the device to date.
Is revolutionary working on root for the thunderbolt? Will it give us true s-off?
from the first post,no it will not give us true s-off. im running it now,tried flashing the stock s-on hboot and the old eng hboot and it blocked them both
next question: if one installed a stock recovery,and accepted an OTA... would this prevent hboot from being overwritten there as well?
Yes it should always block hboot unless they do something purposeful to overcome the block method. I'll post a command in the first post sometime next week that will allow you to overwrite hboot should you want to.
PermROOT said:
Hello Phateless do you remember me? lol I am always on diff name so ya.
But yes PD15IMG.zip is not the golden solution to everything. It all depends on how you originally rooted your MT4G as VISIONary+ (TempROOT) and root.sh (PermROOT). In that case your S=OFF security off flag is dependent on the eng hboot which was pushed to /dev/block/mmcblk0p18 during PermROOT.
Now since its not true security off once you have newer radio. You try to run PD15IMG.zip (Sense 2.2.1 Rom/Radio 26.03.02.26_M) after the first update which is stock hboot you would be locked due to it changing S=ON thus on next step it will fail due to the image being older than originally on which is currently flashed which would be the radio. In this case your in a point where you shouldn't be as you can be locked out and no way to reroot. which I am working on finding. This also goes for gfree radio s=off.
If you do want to go back download PD15IMG.zip (stock radio 26.03.02.26_M) and then flash it once that is done then you can revert back to stock rom/radio using standard PD15IMG.zip (Sense 2.2.1 Rom/Radio 26.03.02.26_M). Keep in mind unless the new PD15IMG.zip is out you can't revert it back if your locked out due to source being outdated than current image.
Click to expand...
Click to collapse
--------------------------
Found this post here in THE Bible. Trying to understand exactly what it means.
What is he saying here?
Can someone put this into noob terms please?
THANK!!!
I am not sure how to explain it furthermore as when I posted that it was clear to everyone, but ill try to simplify.
The original stock rom that came with our device was 2.2.1S and later we had GB2.3.X port and we mostly switched. Then came the radio rom which I hope I don't need to explain what the image does. So the standard stock radio that came with our device was 26.03.02.26_M. So later on as Panache came out we had leak to other radios which user could flash, thus changing it from stock radio to leaked radio. I hope it make sense up to there.
Now keep in mind we have 2 type of root meth as one is via TempROOT/PermROOT as I explained before via VISIONary+ which just push the eng_hboot and gives the illusion of S=OFF but the true security is not off as that is only done if you do the other rooting meth which is PermaROOT which disables the radio security completely.
Now the problem few users faced was when they flashed the leaked radio and they wanted to revert back to stock rom/radio via PD15IMG.zip for our MT4G (IDD15000). The installation would fail only for folks who had root via PermROOT as they never had true S=OFF thus once the eng_hboot is replaced with stock bootloader the security is disabled thus user can't complete the second part of the process which would be flashing the radio. So only solution was that they first revert back to stock radio or wait for newer radio because the source of the image inside PD15IMG.zip was older than the radio.img that was already flashed inside user's MT4G.
I hope it explains if not well IDK how to explain any better man :O
So if I'm understanding this all correctly, how I find out if this will affect me?
Where and what information should I provide you in order to find out if this will happen to me as well.
I'm getting ready to send my phone in for an exchange and was looking to flash PD15IMG.zip before doing this when I came across this post.
I rooted my phone with Visionary R14 and Terminal Emulator.
What other info do you need? Please let me know. Thank you.
At this point it wont affect you as thats obsolete due to TMoUS releasing newer stock rom/radio for our MT4G few months ago as Panache radio leak is older than the current stock rom/radio. As its GB2.3.4S which comes with the newest radio which is newer than any radio you flash. So the source of the PD15IMG.zip if you have the newest one then it will always be newer or equal to the radio.img already in device and it means in simple term it will flash the 2nd part. I hope it make sense as it should not affect anyone now. Even if it does all they have to do is run the current new PD15IMG.zip and it will fix the issue which user faced few months back.
nguyendqh said:
So if I'm understanding this all correctly, how I find out if this will affect me?
Where and what information should I provide you in order to find out if this will happen to me as well.
I'm getting ready to send my phone in for an exchange and was looking to flash PD15IMG.zip before doing this when I came across this post.
I rooted my phone with Visionary R14 and Terminal Emulator.
What other info do you need? Please let me know. Thank you.
Click to expand...
Click to collapse
If this is all about going back for an exchange, i recently did just this. Please see my post on the topic: http://forum.xda-developers.com/showthread.php?t=1241740
If all you did was the temproot/permaroot method via visionary+, and not the gfree method (gfree is actual s=off), then I believe some of the steps may be different. Specifically, you may be able to skip the whole bit about turning s=on again.
So which is it?
So rooted via Visionary R14 and being on Virtuous Unity (newest update)
I should be able to flash PD15IMG.zip from this link here: http://forum.xda-developers.com/showthread.php?t=863899
and have no problems yeah?
Sorry for all the questions. But yeah I'm only half to 75% following what you're saying.
I'm not advanced yet. =(
Thanks for the help again though.
Keep in mind PD15IMG.zip is the default system file for our device which is checked on the bootloader as our device ID is PD15000 thus getting the PD15IMG name. So PD15IMG.zip can be multi files as we have 2 of them 1 is 2.2.1 and newest one is 2.3.4 just look in the dev section you will find the newest PD15IMG.
http://forum.xda-developers.com/showthread.php?t=1059347
NEW-PD15IMG: PD15IMG_Glacier_Gingerbread_S_TMOUS_2.19.531.1_Radio_12.58.60.25_26.11.04.03_M_release_200756_signed
nicholasb said:
If this is all about going back for an exchange, i recently did just this. Please see my post on the topic: http://forum.xda-developers.com/showthread.php?t=1241740
If all you did was the temproot/permaroot method via visionary+, and not the gfree method (gfree is actual s=off), then I believe some of the steps may be different. Specifically, you may be able to skip the whole bit about turning s=on again.
So which is it?
Click to expand...
Click to collapse
I did not use the gfree method.
AggNA said:
Keep in mind PD15IMG.zip is the default system file for our device which is checked on the bootloader as our device ID is PD15000 thus getting the PD15IMG name. So PD15IMG.zip can be multi files as we have 2 of them 1 is 2.2.1 and newest one is 2.3.4 just look in the dev section you will find the newest PD15IMG.
http://forum.xda-developers.com/showthread.php?t=1059347
NEW-PD15IMG: PD15IMG_Glacier_Gingerbread_S_TMOUS_2.19.531.1_Radio_12.58.60.25_26.11.04.03_M_release_200756_signed
Click to expand...
Click to collapse
Thanks for all the help bro. I really really appreciate it.
Love all the help that the XDA community provides.
this guy definitely knows what he's talking about, provided help for me in the past
So i got bored and well decided to wonder off into the darker side of xda an xda i nvr visited but i found this! http://forum.xda-developers.com/showthread.php?t=2133336 it should make unlocking your bootloader easier! plz read the op ppl! hope this helps anyone trying to unlock their bootloader and achieve s-off! plz hit the op's thank button im only a messenger
Flowed Away From My Samsung GS2 E4GT
elzimmer said:
So i got bored and well decided to wonder off into the darker side of xda an xda i nvr visited but i found this! http://forum.xda-developers.com/showthread.php?t=2133336 it should make unlocking your bootloader easier! plz read the op ppl! hope this helps anyone trying to unlock their bootloader and achieve s-off! plz hit the op's thank button im only a messenger
Flowed Away From My Samsung GS2 E4GT
Click to expand...
Click to collapse
Sounds pretty cool, if it really works. Mabey i will try it out, after having a look at the scripts and what it actually does. It says not to do it if your s-off or not stock, but i dont see why it would matter.
As a rule of thumb, I detest scripts that grant you auto root, especially on a device that is pretty easy and painless to root. It's make the user lazy, plus how many people actually check the code? If it has a slight bug, or a slight incompatibilty with your device, there's a good chance to brick, and you really only have yourself to blame.
I looked at the code and found 1 issue. it runs the ruu to update hboot to 1.0.2, which is fine if your on hboot 0.92 and redundant and unnecessary if your already on 1.02. If your on hboot 1.07 already, it will fail and kill the script as hboot cant be downgraded if your not s-off. The script does no check to see what hboot your on, it just flashes it.
So the script will work if your on hboot 0.92 or 1.02. If on 1.07 it will not work unless the script is edited to remove the ruu flash part. As stated above, its not that hard to do manually. Hell you might even learn a little something, and become more familiar with adb and fastboot. And adb / fastboot can be a usefull thing to know. There are great step by step guides that can show you how here on xda.
cmlusco said:
I looked at the code and found 1 issue. it runs the ruu to update hboot to 1.0.2, which is fine if your on hboot 0.92 and redundant and unnecessary if your already on 1.02. If your on hboot 1.07 already, it will fail and kill the script as hboot cant be downgraded if your not s-off. The script does no check to see what hboot your on, it just flashes it.
So the script will work if your on hboot 0.92 or 1.02. If on 1.07 it will not work unless the script is edited to remove the ruu flash part.
Click to expand...
Click to collapse
Thanks for looking at it. A prime example of why I don't like these scripts.