There is an updated thread now for rooting the AFTV2 that supports both 5.0.3.1 and 5.0.4 and maybe others in the future, see http://forum.xda-developers.com/fire-tv/general/root-amazon-fire-tv-2-updated-t3277556. The new method is simpler than this method and requires less to download and less steps to run.
To be safe run checkver.py every time you handshake since 5.0.4 is starting to roll out! Checkout the 5.0.3.1 tag in order to use this older method.
If you were able to root your AFTV2 we'd appropriate if you report your success on the poll located here.
NOTE: Root was obtained a few weeks ago so... this procedure is not the most time efficient, but it is just a few simple steps that anyone with a technical background can follow. There are ideas and some work in progress to make it easier. It depends also on serial port stability, which is somewhat random luck. Linux experience will be beneficial. The usual disclaimers apply, which means this rooting procedure comes with some risks and the scripts involved haven't been tested in all environments. Any harm that may come from rooting your device using this procedure is at your own risk and I assume no responsibility for any damage it may cause. I will do my best to help you get through it and recover if possible.
Root the Device
It's taken quite a bit of effort, but I've finally managed to create a pre-rooted system image (as well as backup the original) and provide a semi-efficient way to flash the rooted system image. Before attempting any of the steps listed below YOU MUST BE RUNNING 5.0.3.1. You should also have a unmodified/pristine system partition. You would probably know if you had any modifications and at this point that would be uncommon. If the patching fails for some reason just power off the device, reboot your computer (resets the serial port buffer), start the handshake script, then turn on the device. Once the handshake completes run the patching command again. There is no harm running the patching command two or more times. If it keeps hanging try a different computer.
To get started you will need a system that meets the following requirements:
Linux (Mac OS X or Windows w/ changes)
Python 3.x
PySerial
sudo yum install python3-pyserial # Fedora or RedHat
sudo apt-get install python3-serial # Ubuntu or Debian
USB Male A to Male A cable
R/W access to /dev/ttyACM0 (or use sudo)
ADB USB access (optional, but helpful)
Stop ModemManager (if you have it setup, which blocks handshaking)
Now run the following sequence of commands:
Code:
git clone --branch 5.0.3.1 https://gitlab.com/zeroepoch/aftv2-tools.git
cd aftv2-tools
wget http://download.zeroepoch.com/aftv2/5.0.3.1/system.root.img.gz
wget http://download.zeroepoch.com/aftv2/5.0.3.1/system.diff.gz
gunzip system.root.img.gz
gunzip system.diff.gz
adb reboot ; ./handshake.py # or restart but run ./handshake.py first
./checkver.py # STOP if it reports NO!
./patch_mmc.hs 0x00000000058e0000 system.root.img system.diff # takes ~2 hours
# last address is 0x50dce600
For Macs (see post #115, thanks @ians325) to satisfy the requirements above you will need to install python 3.5.0 for Mac OS X from python.org then run "sudo pip3 install pyserial" to install pyserial. Instead of "wget $URL" use "curl -O $URL".
Windows is working now, but it's constantly improving to make it easier for novice users. The bash script has been ported to a batch file (no cygwin needed) and the serial port has some auto-detection built in now. The files needed for Windows have already been added to the repo but the README is constantly evolving. @ImCoKeMaN (big thanks) and myself are working to improve the process and make it easier for Windows users.
Anyone interested in rooting using an Ubuntu VM should watch the YouTube video by @ultimate_spy_binns, https://www.youtube.com/watch?v=CZQqLoO6ojM. There is also a script to help automate the process if you are doing this on an Ubuntu live CD/USB found here (by @BagiMT).
To test that root is working you should first connect to adb shell and then run the command "su". You will need to accept a prompt on the screen (HDMI port) at least once. The shell should change from a dollar-sign ($) prompt to a hash (#) prompt.
If you would like to disable updates after rooting you can use the following commands:
Code:
adb shell
su
pm disable com.amazon.device.software.ota
To go back to stock in case you want to update or for whatever other reason:
Code:
wget http://download.zeroepoch.com/aftv2/5.0.3.1/system.orig.img.gz
gunzip system.orig.img.gz
adb push system.orig.img /data/local/tmp
adb shell
su
pm enable com.amazon.device.software.ota
dd if=/data/local/tmp/system.orig.img of=/dev/block/platform/mtk-msdc.0/by-name/system bs=1m
sync
reboot
I don't always have the best luck transferring large files over ADB so another option is to copy the uncompressed image file to a microSD card and changing the path to /storage/sdcard1/system.orig.img. Be extremely careful that you have the right path, that the file you are reading exists, and that the file is around 1.2 GB in size. Otherwise you may potentially trash your system.
Background Info
This root method works by rebooting the device and halting the boot process at the MediaTek preloader. Once halted at the preloader we can use the preloader binary API to send a series of MMC commands to the flash chip which allows 512 byte blocks to be read and written using a simple FIFO. Since we have both the original and modified system images we can generate a list of blocks that are different between the two images and only patch those blocks. This means we need to write less than 10 MB instead of 1.2 GB. If we had to send the entire system image at the speeds the preloader is limited to it would take about 2 weeks. If for some reason the system partition becomes unbootable that would be your only option to recover right now. By sending just the differences the patching only takes about 2 hours. There are ways to speed this up (about 5-10 minutes instead), but you'd need to obtain limited root access first using a much much more complicated procedure. I choose to provide instead a slower but much simpler series of commands.
The MT preloader is a process that runs before the regular bootloader (lk/fastboot) and of course before the kernel boots. It only shows up for about 3 seconds. Unfortunately the preloader is writable and could potentially be updated. The entire boot chain is cryptographically signed from what I've been able to inspect including the preloader. An unlocked bootloader would most likely be needed to flash a custom kernel (no kexec built-in of course, but modules/device drivers can be loaded) and create ROMs not based on stock. @rbox has been working on getting kexec working as a module but no ETA yet. So in conclusion the tools here allow you to modify the flash contents and using these facilities we have add SuperSU binaries to the system partition.
Anyone interested in how root was obtained should look at the history starting with this post. You should also read the README file from the aftv2-tools git repo. Also feel free to PM me if you have any questions.
Tips
If you want to disable the pop-up message when becoming root you can change notify=1 to notify=0 in /data/data/eu.chainfire.supersu/files/supersu.cfg. You need to reboot the device after making this change. It's also suggested to make the file read-only because it seems to get reset sometimes. (Thanks @ultimate_spy_binns)
Special Thanks
@qwertytical
@budokaiboy
great news
i never powered on my unit - awaiting root
can we have a 5.0.3.1 image to safely flash before root
otherwise the system might update to different version
now that rooting is out
amazon might be quick ...
reiteravi said:
great news
i never powered on my unit - awaiting root
can we have a 5.0.3.1 image to safely flash before root
otherwise the system might update to different version
now that rooting is out
amazon might be quick ...
Click to expand...
Click to collapse
Yeah, mine pre-ordered one is still in a box so I'd need to update it too. I guess I can do that tonight before a new version comes out.
reiteravi said:
great news
i never powered on my unit - awaiting root
can we have a 5.0.3.1 image to safely flash before root
otherwise the system might update to different version
now that rooting is out
amazon might be quick ...
Click to expand...
Click to collapse
Unfortunately you will need to do a normal update first before patching the system partition. It just takes too long to flash a full system image, original or modified, using the methods we have available to us now. Also the boot partition and other partitions are updated with each OTA. I hope we can continue to provide rooted versions of updated system images, but as you know there is no guarantee of that. I'd update now before there is any new updates and then root it. We could in theory root the older versions as well and even before first boot, but without the OTA updates and applying them in reverse I can't go back and patch the older releases. I strongly think the method used to write the system partition can not be fixed since I believe the preloader code is in a ROM.
Mac Update
A few notes for Mac users willing to experiment a little:
I installed python 3.5.0 for Mac OS X from python.org and then ran "sudo pip3 install pyserial" to install pyserial for python 3.x. The final change I needed to make was to change PORT in handshake.py and read_mmc.py/write_mmc.py (only tested reading the boot partition, but everything else should work). In my case the PORT was /dev/cu.usbmodem1430. The device filename seems to be based on the USB port it's connected to. I'm not sure if there is an easier way to find the device filename besides scanning /dev and looking for new devices matching a given pattern. Maybe others on this forum have some better ideas. The final caveat was I need to unplug and replug the USB cable after the handshake completed otherwise the read_mmc.py script would hang on the first read.
I succeeded in rooting mine! For comparison purposes, here's the md5sums of my partitions:
Code:
0e450c032ddce170667ba3ddc26cb960 DKB
a3ad800f012a153953b403ef1fa36e14 EXPDB
d693da95eb68b40e4315333bcf74918b KB
50f24ce4c7ac388b33310bff6f79636a LOGO
59071590099d21dd439896592338bf95 MISC
f9b5ef697fde92c42bbbec35e5a6cad4 PRO_INFO
8a9d058f87711c2e8ccc698647f5026b TEE1
eda2733e1d0214873d9cb9d78c68425f TEE2
97a2ccdb7a02838b26b9a57e4f31d51d boot
fbd20aa58cd63c07392080cad7627e18 lk
74f0bac463bae8141acf20594987a559 recovery
a06c3d6a8c73923ed5c38b479c4410d3 system
So my DKB, KB, and system partitions are different from yours.
NaturalBornHaxor said:
I succeeded in rooting mine! For comparison purposes, here's the md5sums of my partitions:
Code:
0e450c032ddce170667ba3ddc26cb960 DKB
a3ad800f012a153953b403ef1fa36e14 EXPDB
d693da95eb68b40e4315333bcf74918b KB
50f24ce4c7ac388b33310bff6f79636a LOGO
59071590099d21dd439896592338bf95 MISC
f9b5ef697fde92c42bbbec35e5a6cad4 PRO_INFO
8a9d058f87711c2e8ccc698647f5026b TEE1
eda2733e1d0214873d9cb9d78c68425f TEE2
97a2ccdb7a02838b26b9a57e4f31d51d boot
fbd20aa58cd63c07392080cad7627e18 lk
74f0bac463bae8141acf20594987a559 recovery
a06c3d6a8c73923ed5c38b479c4410d3 system
So my DKB, KB, and system partitions are different from yours.
Click to expand...
Click to collapse
That is awesome news! The first confirmed case I've heard of someone else repeating my success
About the DKB and KB partitions being different it makes me wonder what those partitions are for? I didn't include cache and userdata in the MD5SUM of course, which you noticed, because those change all the time. NVRAM when I looked inside appeared to have a few things that looked to be device specific. The system partition being different is actually expected because I found every time I rebooted my system partition changed checksums. Also that is the MD5SUM of the unmodified system partition. I noticed this weird MD5SUM behavior when I was first gaining root and doing some sanity checks. It happens right after daemonsu is started. My best guess is that the SuperSU tools mount the system r/w quickly and that causes the last mounted timestamp to change. Don't know for sure what causes it, but don't worry that's not unexpected. The main reason I kept those hashes in the repo was so when the next version comes out I know which partitions were changed and need to be updated by users who wish to maintain root.
------------------SOLVED-----------------
Please read on if you have problems with handshake script looping forever...
-----------------------------------------------
Hi zeroepoch,
meanwhile I received my Fire TV 2 and tried your scripts but unfortunately without success.
As far as I can see, there are 2 problems:
- The /dev/ttyACM0 device appears on rebooting the Fire TV, but only for some 100th of a second, then it disconnects again.
- If I give it another try, the device will appear as /dev/ttyACM1, next time /dev/ttyACM2, aso.. So I either have to update the handshake script for every try or reboot my computer (then it starts with /dev/ttyACM0 again).
When I first tried it, the handshake-script ran forever, it just missed the short time of availability of /dev/ttyACM0. So I reduced the sleep-timeout in the script from 0.25 to 0.001. Now the handshake script detects the serial device but runs into an I/O Error during one of the next steps (each time different, seems to be a "race condition").
Can you offer any advice? Could my Laptop be too slow somehow or is there some trick to make the Fire TV keep the port open for a longer time?
Greetings, Christian
Code:
shell:
[email protected]:~/aftv2-tools# adb reboot ; ./handshake.py
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
Traceback (most recent call last):
File "./handshake.py", line 17, in <module>
dev = serial.Serial(PORT, BAUD)
File "/usr/lib/python3/dist-packages/serial/serialutil.py", line 261, in __init__
self.open()
File "/usr/lib/python3/dist-packages/serial/serialposix.py", line 282, in open
self._reconfigurePort()
File "/usr/lib/python3/dist-packages/serial/serialposix.py", line 413, in _reconfigurePor t
termios.tcsetattr(self.fd, TERMIOS.TCSANOW, [iflag, oflag, cflag, lflag, ispeed, ospeed , cc])
termios.error: (5, 'Input/output error')
Code:
/var/log/syslog;
Nov 11 11:25:41 DeepThought systemd[1111]: Reached target Default.
Nov 11 11:25:41 DeepThought systemd[1111]: Startup finished in 15ms.
Nov 11 11:27:28 DeepThought kernel: [ 217.460463] usb 8-2: USB disconnect, device number 2
Nov 11 11:27:31 DeepThought kernel: [ 220.608049] usb 8-2: new high-speed USB device number 3 using ehci-pci
Nov 11 11:27:31 DeepThought kernel: [ 220.741857] usb 8-2: New USB device found, idVendor=0e8d, idProduct=2000
Nov 11 11:27:31 DeepThought kernel: [ 220.741860] usb 8-2: New USB device strings: Mfr=1, Product=2, SerialNumber=0
Nov 11 11:27:31 DeepThought kernel: [ 220.741862] usb 8-2: Product: MT65xx Preloader
Nov 11 11:27:31 DeepThought kernel: [ 220.741864] usb 8-2: Manufacturer: MediaTek
Nov 11 11:27:31 DeepThought mtp-probe: checking bus 8, device 3: "/sys/devices/pci0000:00/0000:00:1d.7/usb8/8-2"
Nov 11 11:27:31 DeepThought mtp-probe: bus: 8, device: 3 was not an MTP device
Nov 11 11:27:31 DeepThought kernel: [ 220.855737] cdc_acm 8-2:1.1: ttyACM0: USB ACM device
Nov 11 11:27:31 DeepThought kernel: [ 220.884047] usbcore: registered new interface driver cdc_acm
Nov 11 11:27:31 DeepThought kernel: [ 220.884050] cdc_acm: USB Abstract Control Model driver for USB modems and ISDN adapters
Nov 11 11:27:31 DeepThought kernel: [ 220.924931] usb 8-2: USB disconnect, device number 3
Nov 11 11:27:31 DeepThought ModemManager[511]: <warn> (ttyACM0): tcgetattr() error: 5
Nov 11 11:27:31 DeepThought ModemManager[511]: <warn> (ttyACM0): port attributes not fully set
Nov 11 11:27:31 DeepThought kernel: [ 220.928861] cdc_acm 8-2:1.1: failed to set dtr/rts
Nov 11 11:27:31 DeepThought ModemManager[511]: <info> (tty/ttyACM0): released by modem /sys/devices/pci0000:00/0000:00:1d.7/usb8/8-2
Nov 11 11:27:31 DeepThought ModemManager[511]: <warn> (Plugin Manager) (Cinterion) [ttyACM0] error when checking support: '(Cinterion) Missing port probe for port (tty/ttyACM0)'
Nov 11 11:27:31 DeepThought ModemManager[511]: <warn> (Plugin Manager) (Nokia) [ttyACM0] error when checking support: '(Nokia) Missing port probe for port (tty/ttyACM0)'
Nov 11 11:27:31 DeepThought ModemManager[511]: <warn> (Plugin Manager) (Iridium) [ttyACM0] error when checking support: '(Iridium) Missing port probe for port (tty/ttyACM0)'
Nov 11 11:27:31 DeepThought ModemManager[511]: <warn> (Plugin Manager) (Generic) [ttyACM0] error when checking support: '(Generic) Missing port probe for port (tty/ttyACM0)'
Nov 11 11:27:33 DeepThought ModemManager[511]: <warn> Couldn't find support for device at '/sys/devices/pci0000:00/0000:00:1d.7/usb8/8-2': not supported by any plugin
Nov 11 11:27:35 DeepThought wpa_supplicant[837]: nl80211: send_and_recv->nl_recvmsgs failed: -33
Nov 11 11:27:36 DeepThought kernel: [ 226.092142] usb 8-2: new high-speed USB device number 4 using ehci-pci
Nov 11 11:27:37 DeepThought kernel: [ 226.225936] usb 8-2: New USB device found, idVendor=1949, idProduct=0241
Nov 11 11:27:37 DeepThought kernel: [ 226.225945] usb 8-2: New USB device strings: Mfr=2, Product=3, SerialNumber=4
Nov 11 11:27:37 DeepThought kernel: [ 226.225951] usb 8-2: Product: FireTV
Nov 11 11:27:37 DeepThought kernel: [ 226.225956] usb 8-2: Manufacturer: Amazon
Nov 11 11:27:37 DeepThought kernel: [ 226.225961] usb 8-2: SerialNumber: G070GV05544205DE
Nov 11 11:27:37 DeepThought mtp-probe: checking bus 8, device 4: "/sys/devices/pci0000:00/0000:00:1d.7/usb8/8-2"
Nov 11 11:27:37 DeepThought mtp-probe: bus: 8, device: 4 was an MTP device
After taking a closer look at my syslog and doing some research on problems with /dev/ttyACM0, I finally found the problem. It's the modemmanager. That service immmediately "grabs" the device and tries to do some invalid settings, which leads to an near immediate disconnect.
After I uninstalled the modemmanger (which seemed preinstalled in debian jessie, at least I never installed it on purpose) with
Code:
apt-get remove modemmanager
both of my problems were gone. The device stayed up for 3 seconds and after reboot of the Fire TV it had the same devicename /dev/ttyACM0 again. So I could undo my changes to the handshake script and had instant success with it.
Now I'll try rooting. WHOOT!
Thank you very much for your efforts!
I'd just like to check my understanding - are the instructions you posted comprehensive to obtaining root from absolute scratch?
I know soldering of eMMC and such things were used in development, but that is not needed now after you've done the hard work, correct?
I can just follow your steps above and root the FTV2?
gu3stZA said:
Thank you very much for your efforts!
I'd just like to check my understanding - are the instructions you posted comprehensive to obtaining root from absolute scratch?
I know soldering of eMMC and such things were used in development, but that is not needed now after you've done the hard work, correct?
I can just follow your steps above and root the FTV2?
Click to expand...
Click to collapse
Yes, you're right. No need to solder anything. You just need the tools stated in the instructions.
Hardware:
- a computer running Linux (or something very close)
- a A to A USB cable
Software:
- python3 and python3-serial packages
- adb package (not necessary but recommended)
- zeroepochs scripts and patchfiles
That said, a certain amount of base knowledge regarding Linux doesn't hurt .
Thanks! I've played around with Linux but would definitely classify myself as a beginner. I guess we'll see how user-friendly the instructions are
This is good news, definitely progress, could this be integrated into ADBFire for windows
Jay794 said:
This is good news, definitely progress, could this be integrated into ADBFire for windows
Click to expand...
Click to collapse
This would be perfect. Or even adb. I've just never used Linux
zeroepoch said:
It has only been tested on a US device and I don't know at this point if non US devices are different, maybe not.
Click to expand...
Click to collapse
Hi zeroepoch,
I just used your rooting scripts successfully on a non US (in my case German) version of the Fire TV 2!
Greets,
Christian
skyball2 said:
Hi zeroepoch,
I just used your rooting scripts successfully on a non US (in my case German) version of the Fire TV 2!
Greets,
Christian
Click to expand...
Click to collapse
Thanks for the feedback. Glad to hear it worked!
Successful root under arch Linux! Thanks for your hard work.
By any chance does this root work for the original fire TV ?
Sent from my SM-N910F using Tapatalk
Savage13 said:
By any chance does this root work for the original fire TV ?
Click to expand...
Click to collapse
No. It's MediaTek specific. It may work on most MediaTek devices though.
how can u tell handshake is ok and start patching ?
reiteravi said:
how can u tell handshake is ok and start patching ?
Click to expand...
Click to collapse
It will print "Handshake Complete". Also the serial device will remain present rather than disappear after a few seconds.
Related
Have any of you got the Ubuntu 13.04 (raring ringtail) daily builds for the N7 grouper to successfully boot?
I tried the recent 20130421 and 20130420.2 builds - the kernel boots successfully but only stays alive for about 7 seconds. (I was able to observe a little bit of /proc/last_kmsg by quickly booting to a custom recovery after the failed boot).
Don't know if it makes any difference or not, but I installed by flashing the system .zip file
raring-preinstalled-armel+grouper.zip
and manually installing the boot image (raring-preinstalled-boot-armel+grouper.img) using "dd" to the LNX partition (via TWRP's command-line UI).
Yes, I did both a factory reset and a wipe of /system in TWRP prior to flashing. (Even checked the health of /data, /system, and /cache using "e2fsck" after flashing - no problems there, either).
I suppose I could try the quantal quetzal (12.04) daily builds next. Just thought I would ask though.
I did successfully flash an Ubuntu Touch Preview build through ClockworkMod Recovery. To be honest, it wasn't worth it. It's a nice little demo of the basics of the UI, but almost every app was just a placeholder image. There's nothing about it you can't pick up from watching a video of it. Restored backup to Android in ~20 minutes.
Sent from my Nexus 7 using xda app-developers app
Thanks. Yeah, I looked at a video review that gave me the same impression. That's why I tried the 13.04 nightly - iirc, the demo released mid-February was based on quantal (12.04) - I was sort of curious as to whether there was new progress in the last month. Never thought it would become a daily driver, though.
Also, it looks like the builds I referenced are something different - substantially smaller than the "desktop" release of the original ubuntu touch demo for the Nexus 7.
Probably if I spend a little more time with it, I can figure things out. (I thought maybe that these builds needed a multi-boot (kexec) loader or something.)
Kind of strange - one of the boots that I was able to recover a legible /proc/last_kmsg from seemed to be complaining that it wanted to reboot because of the USB cable state. That seems rather odd, but the boot crash was also happening from a disconnected state as well. The thing is, 7-8 seconds is pretty late in the boot process (most of the kernel drivers have initialized) - in fact, there were files with new timestamps in the /data partition suggesting some userland activity had already started up before the kernel decided it wanted to restart.
tail end of /proc/last_kmsg:
Code:
[ 7.628940] kernel_power_off: go to charger mode!
[ 7.629505] max77663-rtc max77663-rtc.0: rtc_shutdown: clean alarm
[ 7.656123] cable_detection_work_handler(): vbus_active = 0 and is_active = 1
[ 7.656235] The USB cable is connected
[ 7.656299] elan-ktf3k 1-0010: Update power source to 1
[ 7.658498] bq27541_shutdown +
[ 7.658560] bq27541_shutdown -
[ 7.659787] smb347_shutdown+
[ 7.661882] smb347_shutdown-
[ 7.662052] Restarting system with command 'chrager-mode'.
[ 7.662114]
[ 7.662174] Restarting Linux version 3.1.10-g06b7e9c ([email protected]) (gcc version 4.6.x-google 20120106 (prerelease) (GCC) ) #1 SMP PREEMPT Sun Apr 21 08:23:03 UTC 2013
[ 7.662183]
32 Corrected bytes, 0 unrecoverable blocks
Any one tried flashing using Linux version of SP flash tool? . I tried but seems the device not recognized by pc.
hohassan444 said:
Any one tried flashing using Linux version of SP flash tool? . I tried but seems the device not recognized by pc.
Click to expand...
Click to collapse
Do you mind providing a link to the linux version so that i can test?
kirito9 said:
Do you mind providing a link to the linux version so that i can test?
Click to expand...
Click to collapse
http://www.needrom.com/download/sp-flash-tool-v5-1424-00/
note: currently latest version on that page actually is SP Flash Tool v5.1520.00
Nofan Tasi said:
http://www.needrom.com/download/sp-flash-tool-v5-1424-00/
note latest version on that page actually is SP Flash Tool v5.1520.00
Click to expand...
Click to collapse
Alright, thanks
I found a solution for S_BROM_CMD_JUMP_DA_FAIL (2035) here:
The “modemmanager” package integrated by default on your computer it is not compatible with the MTK Flash Tool for the Linux (14.04 and 14.10) latest versions, and must be uninstalled beforehand. This package is used as a protective USB modem device. Any user configuration file will remain after you uninstall and install the package. Though, we can reinstate our current configuration if necessary, after using the tool.
The following steps will be necessary for the latest versions of Ubuntu:
º Uninstall the designated package using the following commands:
♦sudo apt*-get remove modemmanager
♦sudo service udev restart
Udev restart the service without restarting the computer
Udev restart the service without restarting the computer
This may have the side effect of removing the kernel module “cdc_acm”. To check if so, run the following command:
♦lsmod | grep cdc_acm
Check kernel module
Check kernel module
º If it gives you an empty list in return, you must install the following module:
♦sudo modprobe cdc_acm
Click to expand...
Click to collapse
After this, the tool connected to my phone without errors.
I reinstalled modemmanager after flashing:
Code:
sudo apt-get install modemmanager
I slightly modified Sergio Riveros excellent! marvellous! perfect! tutorial and translated it into German for android-hilfe.de
I will post an English version here within the next couple of days...
I finally can put the ancient XP netbook back where it came from to (hopefully) never have to come out again.
The linux SP flash tool works just fine and, yes: cdc_acm module is needed as dmesg shows:
--
usb 1-5: new high-speed USB device number 6 using ehci-pci
usb 1-5: New USB device found, idVendor=0e8d, idProduct=2000
usb 1-5: New USB device strings: Mfr=1, Product=2, SerialNumber=0
usb 1-5: Product: MT65xx Preloader
usb 1-5: Manufacturer: MediaTek
cdc_acm 1-5:1.1: ttyACM0: USB ACM device
usbcore: registered new interface driver cdc_acm
cdc_acm: USB Abstract Control Model driver for USB modems and ISDN adapters
--
Please answer the poll, and if you'd like to provide more info (or even get help) post the following info:
OS and version:
FireTV model and OS version:
Brief description:
If you are trying to root:
Log of root output pasted in CODE tags.
If not:
Why don't you want to root your device?
Example:
OS and version: Win 7
FireTV model and OS version: AFTV2 - rooted, AFTV1 rooted also
Brief description:
root all the things!
Log:
Code:
Done!
Press any key to continue...
OS and version: Mac OS X Mavericks 10.9.5
FireTV model and OS version: AFTV2 OS Version 5.0.3.1 (534011720)
OS and version: Windows 10 (64 bit)
FireTV model and OS version:
AFTV2 OS Version 5.0.3.1 (534011720)
AFTV1 rooted also
OS and version: Mac OS X 10.11.1 / Ubuntu 14.04 (virtual)
FireTV model and OS version: AFTV2 - 5.0.3.1
Brief description:
Tried using OS X (SIP disabled with a more current version of adb that works with El Capitan) but no matter what I did it would stop patching after about the 5th or 6th patch, once it went further but still hung.
So I used my VM of Ubuntu 14 ... This was quite a bit slower to run to completion (this may be due to my VM being configured with very few resources) it was 2.5 hours before it got to the largest patch section so I have to think it took 5 or 6 hours to complete.
I did end up with a loss of ability to remount /system as rw after installing the "system tools" via adbFire but this was fixed after rebooting the FireTV.
Ludacrisvp said:
OS and version: Mac OS X 10.11.1 / Ubuntu 14.04 (virtual)
FireTV model and OS version: AFTV2 - 5.0.3.1
Brief description:
Tried using OS X (SIP disabled with a more current version of adb that works with El Capitan) but no matter what I did it would stop patching after about the 5th or 6th patch, once it went further but still hung.
So I used my VM of Ubuntu 14 ... This was quite a bit slower to run to completion (this may be due to my VM being configured with very few resources) it was 2.5 hours before it got to the largest patch section so I have to think it took 5 or 6 hours to complete.
I did end up with a loss of ability to remount /system as rw after installing the "system tools" via adbFire but this was fixed after rebooting the FireTV.
Click to expand...
Click to collapse
Awesome to see the feedback thanks guys!
That's interesting that it was failing in your OS part way through the serial transfer, but a VM actually worked for you on the same hardware. This is something that may be an ugly workaround for @playingmax too.
OS and version: Win 7
FireTV model: AFTV2
using windows 7 64bit. have been tying to root for the pass 3 days with no success. it just keeps hanging after about 5 mins of flashing.
last Log:
HTML:
C:\Users\Morris\Desktop\aftv2-tools>patch_mmc_win.bat
Patching patch_400.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 1024
512+0 records in
512+0 records out
Addr: 0x58e0400
Patching patch_1000.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 4096
512+0 records in
512+0 records out
Addr: 0x58e1000
Patching patch_52000.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 335872
512+0 records in
512+0 records out
Addr: 0x5932000
Patching patch_53000.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 339968
512+0 records in
512+0 records out
Addr: 0x5933000
Patching patch_53a00.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 342528
512+0 records in
512+0 records out
Addr: 0x5933a00
Patching patch_59800.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 366592
512+0 records in
512+0 records out
Addr: 0x5939800
Patching patch_5a200.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 369152
1024+0 records in
1024+0 records out
Addr: 0x593a200
Addr: 0x593a400
Patching patch_5e800.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 387072
512+0 records in
512+0 records out
Addr: 0x593e800
Patching patch_66400.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 418816
512+0 records in
512+0 records out
Addr: 0x5946400
Patching patch_9ae00.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 634368
512+0 records in
512+0 records out
Addr: 0x597ae00
Patching patch_cc600.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 837120
512+0 records in
512+0 records out
Addr: 0x59ac600
Patching patch_cce00.img...
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin <[email protected]>
This program is covered by terms of the GPL Version 2.
skip to 839168
3584+0 records in
3584+0 records out
Addr: 0x59ace00
Addr: 0x59ad000
OS and version:
Raspbian (Updated to latest) on Raspberry Pi 2
FireTV model and OS version:
Fire TV 2 v5.0.3.1 (534011720)
Brief description:
Nothing else was installed on Raspbian to enable rooting to be carried out (Simply the commands originally posted by zero epoch).
To test root and restore of the AFTV2 I also had to learn how to compile ADB on the Pi 2.
I used a 3m USB 3.0 A to A lead (Purchased from Maplin here in UK) to carry out the rooting procedure.
OS and version:
Fedora 22 (x86_64)
FireTV model and OS version:
Fire TV 2 5.0.3.1
Brief description:
I used a cheap $3 cable from the local store Fry's Electronics. I also tested the procedure on RHEL 6.5 with a custom build of python 3.5.0. I found that my Fedora 22 desktop was a bit more reliable than my Lenovo laptop, but still after repeated experimenting I sometimes had to reboot the desktop to fix the serial port buffer.
AFTV2 - 5.0.3.1
Rooted through Ubuntu 14.04 Live CD, just followed steps as given (although had to enable universal sources to load python3-serial), and worked first time like a charm!
gu3stZA said:
AFTV2 - 5.0.3.1
Rooted through Ubuntu 14.04 Live CD, just followed steps as given (although had to enable universal sources to load python3-serial), and worked first time like a charm!
Click to expand...
Click to collapse
Laptop or desktop? Seems like people with laptops are having problems, although Linux has much higher success rates than Windows or Mac OS X for some reason due to hanging.
zeroepoch said:
Laptop or desktop? Seems like people with laptops are having problems, although Linux has much higher success rates than Windows or Mac OS X for some reason due to hanging.
Click to expand...
Click to collapse
5 year old laptop with a cheap 0.5m USB A-A cable.
No problems this side
ImCoKeMaN said:
Awesome to see the feedback thanks guys!
That's interesting that it was failing in your OS part way through the serial transfer, but a VM actually worked for you on the same hardware. This is something that may be an ugly workaround for @playingmax too.
Click to expand...
Click to collapse
Rooted another FireTV2 today using the same Linux VM ... ran it with the time command (and bumped the specs on the VM to 4 cores and 2Gb ram - had 1 core and 128Mb ram).
Took 218 minutes (3.6 hours) to complete root.
Code:
real 218m20.219s
user 5m28.768s
sys 1m53.503s
OS and version:
Ubuntu Live CD 14.04.3 LTS
FireTV model and OS version:
Fire TV 2 5.0.3.1
Brief description:
Used the Live CD (on USB thumbdrive) on a laptop. Had to try different USB ports but besides that no issues at all.
Rooted another under windows 7 desktop. Was having connection problems with laptop.
Sent from my ASUS_Z00AD using Tapatalk
I had great success rooting with a virtual machine running Ubuntu, Under Windows 10 operating system.
Rooted with Ubuntu 14.04 Live USB
Fire TV 2 Rooted
Ubuntu Desktop 14.04.3 on a Live USB
1) I used the instructions on YouTube to install Ubuntu Desktop 14.04.3 to a USB (search YouTube for "How to install Ubuntu 14.04 LTS on a USB drive"). About 2:20 into the video, you get to set the storage size of the Live OS. Although the video uses 2gb, I would recommend 3gb so you won't run into space constraints while following the steps below.
2) I then booted into Ubuntu (you can figure out how to boot from a USB key by googling either how to change boot order or how to enter the BIOS for your computer),
3) In the FireTV 2's settings, I went to Developer Options and turned ON all three options: ADB Debugging, USB Debugging, Apps from Unknown Sources
4) I connected my laptop to the FireTV with a USB Male-to-Male cable and on the laptop, started Terminal (command-line interface)
5) I entered one at a time, the commands from gitlab.com/zeroepoch/aftv2-tools/snippets/11117
6) After running the command "adb reboot ; sudo ./handshake.py", the Terminal just showed "Waiting for preloader" while the FireTV rebooted all the way to the Amazon start screen, so I knew the handshake script had not been successful.
7) I just unplugged the FireTV and plugged it back in (devices are still connected via USB). This time, within a few seconds, Terminal showed "handshake complete!"
8) I then continued with the next command from the script: "sudo ./patch_mmc.sh 0x00000000058e0000 system.root.img system.diff". This does the actual patching and took 2hrs.
9) Finally I skipped the next 3 lines "echo", "echo" and "read" lines and entered the last 3 commands in order to disable updates.
10) I then unplugged the USB, unplugged and replugged the FireTV, and that's it!
Thanks to zeroepoch for getting the ball rolling on opening up this device, and for sharing his work openly with the rest of us!
OS and version: Windows 10 (64 bit) on my Laptop using the pre-configured Virtual Machine (by ultimate_spy_binns).
FireTV model and OS version:
AFTV2 OS Version 5.0.3.1 (534011720)
Thanks to all who made this possible
windows 32bit
Hi i only have a windows 32 bit laptop, would i be able to use this to root aftv 2. ? TIA
raider0 said:
Hi i only have a windows 32 bit laptop, would i be able to use this to root aftv 2. ? TIA
Click to expand...
Click to collapse
Other than needing to install the 32bit Windows driver it should work. Not sure about if the VM image is 64bit or not if you go that route.
zeroepoch said:
Other than needing to install the 32bit Windows driver it should work. Not sure about if the VM image is 64bit or not if you go that route.
Click to expand...
Click to collapse
ok thanks for info and quick responce
First of all - this is works only if you bricked on firmware <=1314.3.2.6.
So it don't works for "rollbacked 3.2.8(7)" bricks(
Sorry but need leak of newest version of flash programmer for higher sw.
I understand that there is not many people with this type of bricks but it is better that nothing=)
Of course you can try - you can not do worse=) I test this method on 13.3.2.3 and 13.3.2.4.
Apollo users should read post to the end before doing anything!
Manual in progress. Additions and comments are appreciated.
Logs of flasher to examine errors locates at C:\Program Files(X86)\Xiaomi\MiPhone\
My English isn't perfect) - PM me with OP corrections.
1. Download archive - https://drive.google.com/file/d/0B2twXJIOgv-UR0dZTVJUeFFsVU0/view?usp=sharing and unpack it. Two folders inside - fw and tools.
2. Install ./tools/MiPhone2015731.exe
2a. For x64 system you need disable drivers signature verification before installing. Google it.
3. Start and setup Miflash:
3a. Press 'Browse' and select folder "fw" from archive. Press OK.
3b. Press down arrow on this button, Press "Advanced" and fill fields with files in folder 'fw' by "Browse" :
- flashprogrammer - .\fw\prog_emmc_firehose_8974.mbn
- raw xml file - .\fw\rawprogram0.xml
- patch xml file - .\fw\patch0.xml
- other fields no need to touch
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
4. Ok. Now you need put your device in QHSUSB Bulk - mode and install Drivers.
4a. Your device can be in this state already. Just connect it to PC.
4b. If you have working adb (who knows) - type "adb reboot oem-2" or "adb reboot emergency" in cmd (i suppose you know that is adb drivers and adb). This is reboot kindle into emergency mode Qdloader 9008.
4c. Your device is stucked at greylogo or bootlooping without adb access. You need fastboot cable. Reboot device with plugged fastboot-cable.
5. Navigate to device manager and check for new device named QHSUSB_BULK . Drivers will install automatically or you need install it manually from .\tools\QualcommDrv.
In device manager at COM-Ports section you must obtain HS-USB Qdloader 9008 (COMx) without exclamation!
6. Go to Miflash , press Refresh, you should see your com port and empty bar under "progress" section.
7. Press "Flash". You should see messages like "WriteFile position 0x00000000840000, size 131072"
8. If all gone successfully disconnect kindle from PC and reboot it by holding power+vol up.
8a. If unsuccessful - reboot device and start over. In this mode for reboot sometimes needs above 5 min holding of power button.
If you get "Opening port" after some loading - you probably have > 1314.3.2.6 fw version.
9. Grats. You are in TWRP. You could flash stock 1314.3.2.3 firmware renaming bin to zip. Do not forget to block OTA immediately!
10. BTW you aboot partition is 13.3.2.3 version so you can do procedure of unlock without downgrading to 13.3.2.3 - http://forum.xda-developers.com/kindle-fire-hdx/general/multi-platform-1-click-bootloader-t3241014
Apollo users !!! - you need to replace recovery.img and emmc_appsboot.mbn with these (rename twrp and aboot_vuln).
CREdits:
bournezhang - for leaked programmer.
FSmp - for testing at 13.3.2.4
For advanced users - this works with any unlocked devices too (aboot<= 13.2.3.2).
By filling "filename" at rawprogram0.xml you can flash any partition to your device. Big partition like system.img must be sparsed I assume and rawprogram0 need to correct.
Of course all of it could be done with dd or maybe with fastboot. But just FYI.
ps. Anyone who knows something about newest version of emmcbld.mbn or lab126 insiders =) feel free to send anonymous e-mail to 2457678atgmaildotcom. Thank you.
Reserved
sorry,I don't have the newest version.
i think we can only get it from lab126 or amazon.
by the way, in factory ,they have to flash the device to a special mode, and then reflash all the system images.
ONYXis said:
Reserved
Click to expand...
Click to collapse
Hope these files can help you. they are old version
bournezhang said:
Hope these files can help you. they are old version
Click to expand...
Click to collapse
Thank you. I already have it. Nothing interesting.
bournezhang said:
by the way, in factory ,they have to flash the device to a special mode, and then reflash all the system images.
Click to expand...
Click to collapse
there is no any difference, i use same protocol as Amazon. i can make fullflash instructions with system, cache, userdata, but I see no sense of this. just bigger download size - approx 2.5 GB.
With twrp you can flash what you want by yourself.
But most user's version is 4.5.2 or higher now .
Look forward this issue be solved.
really nice job
@FotixChiang , thanks. btw maybe "our friend" with that dev 4.1.1 firmare has this file for 4.x ?
I just followed your steps, but when I flashed the program failed. I then reset my device, but it no longer recognizes it as QHUSB BULK. All it says is "Unknown USB Device (Descriptor Request Failed)". Any ideas on how to get it back into QDLoader mode for another shot at flashing?
Hold power button long. Above 5 min sometimes. It always works.
ONYXis said:
First of all - this is works only if you bricked on firmware <=1314.3.2.6.
So it don't works for "rolbacked 3.2.8(7)" bricks(
Sorry but need leak of newest version of flash programmer for higher sw.
I understand that there is not many people with this type of bricks but it is better that nothing=)
Of course you can try - you can not do worse=) I test this method on 13.3.2.3 and 13.3.2.4.
Apollo users should read post to the end before doing anything!
Manual in progress. Additions and comments are appreciated.
Logs of flasher to examine errors locates at C:\Program Files(X86)\Xiaomi\MiPhone\
My English isn't perfect) - PM me with OP corrections.
1. Download archive - https://drive.google.com/file/d/0B2twXJIOgv-UR0dZTVJUeFFsVU0/view?usp=sharing and unpack it. Two folders inside - fw and tools.
2. Install ./tools/MiPhone2015731.exe
2a. For x64 system you need disable drivers signature verification before installing. Google it.
3. Start and setup Miflash:
3a. Press 'Browse' and select folder "fw" from archive. Press OK.
3b. Press down arrow on this button, Press "Advanced" and fill fields with files in folder 'fw' by "Browse" :
- flashprogrammer - .\fw\prog_emmc_firehose_8974.mbn
- raw xml file - .\fw\rawprogram0.xml
- patch xml file - .\fw\patch0.xml
- other fields no need to touch
4. Ok. Now you need put your device in QHSUSB Bulk - mode and install Drivers.
4a. Your device can be in this state already. Just connect it to PC.
4b. If you have working adb (who knows) - type "adb reboot oem-2" or "adb reboot emergency" in cmd (i suppose you know that is adb drivers and adb). This is reboot kindle into emergency mode Qdloader 9008.
4c. Your device is stucked at greylogo or bootlooping without adb access. You need fastboot cable. Reboot device with plugged fastboot-cable.
5. Navigate to device manager and check for new device named QHSUSB_BULK . Drivers will install automatically or you need install it manually from .\tools\QualcommDrv.
In device manager at COM-Ports section you must obtain HS-USB Qdloader 9008 (COMx) without exclamation!
6. Go to Miflash , press Refresh, you should see your com port and empty bar under "progress" section.
7. Press "Flash". You should see messages like "WriteFile position 0x00000000840000, size 131072"
8. If all gone successfully disconnect kindle from PC and reboot it by holding power+vol up.
8a. If unsuccessful - reboot device and start over. In this mode for reboot sometimes needs above 5 min holding of power button.
If you get "Opening port" after some loading - you probably have > 1314.3.2.6 fw version.
9. Grats. You are in TWRP. You could flash this stock 1314.4.5.5 image - http://forum.xda-developers.com/kindle-fire-hdx/development/twrp-flashable-stock-images-t3194914
10. BTW you aboot partition is 13.3.2.3 version so you can do procedure of unlock without downgrading to 13.3.2.3 - http://forum.xda-developers.com/kindle-fire-hdx/general/multi-platform-1-click-bootloader-t3241014
Apollo users !!! - you need to replace recovery.img at folder "fw" with this one - https://drive.google.com/file/d/0B2twXJIOgv-UYzhORVczQ3E3cWM/view?usp=sharing
CREdits:
bournezhang - for leaked programmer.
FSmp - for testing at 13.3.2.4
For advanced users - this works with any unlocked devices too (aboot<= 13.2.3.2).
By filling "filename" at rawprogram0.xml you can flash any partition to your device. Big partition like system.img must be sparsed I assume and rawprogram0 need to correct.
Of course all of it could be done with dd or maybe with fastboot. But just FYI.
ps. Anyone who knows something about newest version of emmcbld.mbn or lab126 insiders =) feel free to send anonymous e-mail to 2457678atgmaildotcom. Thank you.
Click to expand...
Click to collapse
Great job bro. About one year ago I was reading many posts on this forum to get enough information to unbrick my Kindle Fire HDX (stuck on grey logo). by reading most of the posts related to Kindle Fire HDX I found out that the only way to unbrick it was a FactoryCable/ FastbootCable. so I made a factory cable and got my Kindle be recognised by my PC as Qdloader 9008 or Qcomm HS-USB Bulk or something like that. but after that I did not know how to flash files on it so my KFHDX was taking rest till today
thanks to you that I am able to revive it now thanks again. I have a lot of usefull files and information including some interesting drivers which might help you create tools or find other methods to unbrick the KFHDX. if you need some help or files just drop me a message to my inbox. I will be checking it frequently thank you
it's really worked method!
I restored gray logo (QHUSB_BULK) 3rd HDX 8.9 Apollo. I have been waiting this for 2 years))
the only thing I have not load the firmware http://forum.xda-developers.com/kindle-fire-hdx/development/twrp-flashable-stock-images-t3194914 - it's not loaded
http://forum.xda-developers.com/kin...ent/rom-cm-12-unofficial-apollo-thor-t3050199 - it's work
BIG THX!
Thanks for response. I'll edit manual soon.
ONYXis said:
Thanks for response. I'll edit manual soon.
Click to expand...
Click to collapse
I congratulate you for your work and effort.
you are very good
need help.. I did the roll back, re-installed 4.5.2. 4.5.2 is now rooted. I followed the disable OTA instructions in the forum, (rename the file etc...)..
However that information may not be totally correct, because as soon as I connected to Wi Fi , kindle fire stated downloading 4.5.4. I shut the Wi Fi off, found another tutorial on disabling OTA updates. This one worked. However, I have a 100% downloaded update, and I'm fearful it will try to install itself. I need to know where to go with ES File Explorer to Delete this update file, so it does not install itself.
Thanks to all who can help.
why are you posted this here?
anyway, update file locates in /cache. need root to navigate there.
please do not offtop in this thread. thank you.
rlkellyjr said:
need help.. I did the roll back, re-installed 4.5.2. 4.5.2 is now rooted. I followed the disable OTA instructions in the forum, (rename the file etc...)..
However that information may not be totally correct, because as soon as I connected to Wi Fi , kindle fire stated downloading 4.5.4. I shut the Wi Fi off, found another tutorial on disabling OTA updates. This one worked. However, I have a 100% downloaded update, and I'm fearful it will try to install itself. I need to know where to go with ES File Explorer to Delete this update file, so it does not install itself.
Thanks to all who can help.
Click to expand...
Click to collapse
Third duplicate post in as many threads. Great way NOT to get noticed next time you need help.
I guess I should say thanks for the point in the right direction, but you coming across and telling me in different areas is not a way to get help. I posted in the wrong area to start with, and was told so. So thanks for the help.
---------- Post added at 11:33 PM ---------- Previous post was at 11:32 PM ----------
[/COLOR]
Davey126 said:
Third duplicate post in as many threads. Great way NOT to get noticed next time you need help.
Click to expand...
Click to collapse
Ali Ejea Mc said:
Great job bro. About one year ago I was reading many posts on this forum to get enough information to unbrick my Kindle Fire HDX (stuck on grey logo). by reading most of the posts related to Kindle Fire HDX I found out that the only way to unbrick it was a FactoryCable/ FastbootCable. so I made a factory cable and got my Kindle be recognised by my PC as Qdloader 9008 or Qcomm HS-USB Bulk or something like that. but after that I did not know how to flash files on it so my KFHDX was taking rest till today
thanks to you that I am able to revive it now thanks again. I have a lot of usefull files and information including some interesting drivers which might help you create tools or find other methods to unbrick the KFHDX. if you need some help or files just drop me a message to my inbox. I will be checking it frequently thank you
Click to expand...
Click to collapse
Good evening: I have an Apollo HDX that is an continuous gray and yellow splash screen when booted.
I have no idea what OS version it is running since it has been a long while setting in my junk pile.
I also do not know the history of the HDX since I acquired the unit second hand.
It sounds like there is some hope for recovery?
Can someone point me in the right direction for getting this unit resurrected?
On my LINUX workstation I do not see any logging when plugged in using a standard USB cable:
However, when a Kindle fire HD factory cable (2012 HD Fastboot cable) is used to connect to the HDX, I receive this logging:
Jan 31 20:38:43 me-9100 kernel: [193518.636064] usb 1-4: new high-speed USB device number 12 using ehci-pci
Jan 31 20:38:43 me-9100 kernel: [193518.768771] usb 1-4: New USB device found, idVendor=05c6, idProduct=9008
Jan 31 20:38:43 me-9100 kernel: [193518.768779] usb 1-4: New USB device strings: Mfr=1, Product=2, SerialNumber=0
Jan 31 20:38:43 me-9100 kernel: [193518.768784] usb 1-4: Product: QHSUSB__BULK
Jan 31 20:38:43 me-9100 kernel: [193518.768789] usb 1-4: Manufacturer: Qualcomm CDMA Technologies MSM
Jan 31 20:38:43 me-9100 kernel: [193518.769693] qcserial 1-4:1.0: Qualcomm USB modem converter detected
Jan 31 20:38:43 me-9100 kernel: [193518.769908] usb 1-4: Qualcomm USB modem converter now attached to ttyUSB0
Jan 31 20:38:43 me-9100 mtp-probe: checking bus 1, device 12: "/sys/devices/pci0000:00/0000:00:04.1/usb1/1-4"
Jan 31 20:38:43 me-9100 mtp-probe: bus: 1, device: 12 was not an MTP device
Jan 31 20:38:43 me-9100 kernel: [193518.636064] usb 1-4: new high-speed USB device number 12 using ehci-pci
Jan 31 20:38:43 me-9100 kernel: [193518.768771] usb 1-4: New USB device found, idVendor=05c6, idProduct=9008
Jan 31 20:38:43 me-9100 kernel: [193518.768779] usb 1-4: New USB device strings: Mfr=1, Product=2, SerialNumber=0
Jan 31 20:38:43 me-9100 kernel: [193518.768784] usb 1-4: Product: QHSUSB__BULK
Jan 31 20:38:43 me-9100 kernel: [193518.768789] usb 1-4: Manufacturer: Qualcomm CDMA Technologies MSM
Jan 31 20:38:43 me-9100 kernel: [193518.769693] qcserial 1-4:1.0: Qualcomm USB modem converter detected
Jan 31 20:38:43 me-9100 kernel: [193518.769908] usb 1-4: Qualcomm USB modem converter now attached to ttyUSB0
Jan 31 20:38:43 me-9100 mtp-probe: checking bus 1, device 12: "/sys/devices/pci0000:00/0000:00:04.1/usb1/1-4"
Jan 31 20:38:43 me-9100 mtp-probe: bus: 1, device: 12 was not an MTP device
When USB is disconnected:
Jan 31 20:40:16 me-9100 kernel: [193612.201809] usb 1-4: USB disconnect, device number 12
Jan 31 20:40:16 me-9100 kernel: [193612.202101] qcserial ttyUSB0: Qualcomm USB modem converter now disconnected from ttyUSB0
Jan 31 20:40:16 me-9100 kernel: [193612.202128] qcserial 1-4:1.0: device disconnected
Is the factory cable mentioned in this post the same factory cable used on the 2012 Kindle Fire HD?
I have worked on hundreds of the 2012 HD fires but, don't do anything with the HDX devices since they can't be bootloader unlocked. However, I would like to bring the HDX back to life it is possible. The tools for the HDX I see in this and other posts are for windows I presume and not LINUX?
Any help and direction would be helpful:::
Regards
Hi all! I am attempting at the end of this project to have Dirty Unicorns running on my device, but I am having a rough time just trying to get the boot loader unlocked.
1st OS: Ubuntu 16.04
I had android-tools-fastboot and adb installed. The phone has developer options and USB debugging turned on.
I started the phone in fastboot(volume down + power), I see the droid bot with the 'hood open' It states to connect the USB cable. I have the USB cable connected to a USB 2.0 port.
Phone states that the USB is connected. From the computer's log:
[Thu Dec 27 11:13:50 2018] usb 1-1: new high-speed USB device number 10 using ehci-pci
[Thu Dec 27 11:13:50 2018] usb 1-1: New USB device found, idVendor=22b8, idProduct=2e80
[Thu Dec 27 11:13:50 2018] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[Thu Dec 27 11:13:50 2018] usb 1-1: Product: Fastboot potter S
[Thu Dec 27 11:13:50 2018] usb 1-1: Manufacturer: Motorola Inc.
[Thu Dec 27 11:13:50 2018] usb 1-1: SerialNumber: ZY224G4BVW
So it is seeing it.
When I run sudo adb devices(ran with and without sudo) all I get is "List of devices attached" with nothing listed.
Did some searching(most of the posts are about WIndows) and found this
I implemented those rules and restarted the services, but the permissions never changed. - and yes I changed OWNER= to my username.
So I say, let's try Windows. I have a Win10 machine here. I first go here to download the driver, but when I click on either link at the bottom of the Windows column(32bit or 64bit) It sends me to a page that states "There has been an error with your request." If I click the Mac link, it starts a download. Could you try to test the download link?
I contacted Moto about this and the reply was that I needed to be using Chrome. I have tried FF, Chrome, Opero, IE and Egde. I have tried it from home, work and mobile data, all with the same result.
Could someone help me out here? These pretzels are making me thirsty!
Thanks!
Don't worry about
Code:
adb devices
not showing, you will be using fastboot for the unlocking steps. Type
Code:
fastboot devices
and it should show your devices #. You can then follow the steps for getting unlock code and unlock the bootloader.
[email protected] said:
Don't worry about
Code:
adb devices
not showing, you will be using fastboot for the unlocking steps. Type
Code:
fastboot devices
and it should show your devices #. You can then follow the steps for getting unlock code and unlock the bootloader.
Click to expand...
Click to collapse
Appreciate the reply.
fastboot devices also returns nothing
TheFlashNewb said:
Don't worry about not showing, you will be using fastboot for the unlocking steps. Type
Appreciate the reply.
fastboot devices also returns nothing
Click to expand...
Click to collapse
You need to install Motorola driver to get device. Here is the link from my gdrive to download it:-https://drive.google.com/file/d/1silF8KibEfODhRt7j0twUNI_GLsnKvOW/view?usp=drivesdk
Then all command will run and you need to enable OEM unlock in developers options. So you can unlock your bootloader.
TheFlashNewb said:
Hi all! I am attempting at the end of this project to have Dirty Unicorns running on my device, but I am having a rough time just trying to get the boot loader unlocked.
1st OS: Ubuntu 16.04
...................................
...................................................
Could someone help me out here? These pretzels are making me thirsty!
Thanks!
Click to expand...
Click to collapse
On a Linux distro, like my Debian, we must add "rules" to udev to make your devices discoverable:
1) create a new file in /etc/udev/rules.d called "51-android.rules".
2)copy the following content:
Code:
#adb mode
SUBSYSTEM=="usb", ATTR{idVendor}=="04e8", ATTR{idProduct}=="685c", MODE="0666", GROUP="plugdev"
#fastboot mode
SUBSYSTEM=="usb", ATTR{idVendor}=="04e8", ATTR{idProduct}=="685c", MODE="0666", GROUP="plugdev"
3) Replace 04e8 and 685c with your usb address. Run the command
Code:
lsusb
TWICE!!
The first time with adb debug ON (grab the usb address, the second time in the fastboot mode).
You'll get 2 different usb address.
4) make sure your user is in the group "plugdev".
5) restart udev as root with:
Code:
service udev restart
6) Then try with usual commands:
Code:
adb devices or fastboot devices
1st off I appreciate all of your input and help!
On a third computer with Lubuntu installed I finally got it to work! Had to use sudo (which did not work on the Ubuntu install).
Well here I go, wish me luck!
Just for a refresher:
#1 - Unlock through Motorola(no backup needed - phone has never been used)
#2 - Install TWRP
#3 - Reboot into recovery - if I don't I will have to reinstall TWRP
#4 - Flash ROM(Dirty Unicorns potter), then flash gapps
(Question - Should I use the Gapps package from the OpenGapps website or the one on the Dirty Unicorns page?)
#5 - Have fun!
Thanks!
TheFlashNewb said:
1st off I appreciate all of your input and help!
On a third computer with Lubuntu installed I finally got it to work! Had to use sudo (which did not work on the Ubuntu install).
Well here I go, wish me luck!
Just for a refresher:
#1 - Unlock through Motorola(no backup needed - phone has never been used)
#2 - Install TWRP
#3 - Reboot into recovery - if I don't I will have to reinstall TWRP
#4 - Flash ROM(Dirty Unicorns potter), then flash gapps
(Question - Should I use the Gapps package from the OpenGapps website or the one on the Dirty Unicorns page?)
#5 - Have fun!
Thanks!
Click to expand...
Click to collapse
You can use opengapps they recommend to use stock gapps as it doesn't have inbuilt AOSP apps. Means it doesn't have dialer , contacts , message , clock , calculator , default browser app.
sinchan_nohara said:
You can use opengapps they recommend to use stock gapps as it doesn't have inbuilt AOSP apps. Means it doesn't have dialer , contacts , message , clock , calculator , default browser app.
Click to expand...
Click to collapse
Thanks for the reply!
On wiping, which partitions should I wipe before installing the ROM? The phone is currently stock and updated to 8.1.
TheFlashNewb said:
Thanks for the reply!
On wiping, which partitions should I wipe before installing the ROM? The phone is currently stock and updated to 8.1.
Click to expand...
Click to collapse
Cache , dalvic cache , system and data. But before doing anything take backup of efs and persist and keep it safe somewhere in cloud or your PC or both. It would be helpful in future if by chance you messed up your device and lost IMEI.
sinchan_nohara said:
Cache , dalvic cache , system and data. But before doing anything take backup of efs and persist and keep it safe somewhere in cloud or your PC or both. It would be helpful in future if by chance you messed up your device and lost IMEI.
Click to expand...
Click to collapse
Oh wow thanks! Does the stock TWRP for potter(from the TWRP website) have an option to backup those partitions? I cannot find an answer. V 3.2.3-1-potter
Also, does it need to be rooted in order to backup EFS and persist?
TheFlashNewb said:
Oh wow thanks! Does the stock TWRP for potter(from the TWRP website) have an option to backup those partitions? I cannot find an answer. V 3.2.3-1-potter
Also, does it need to be rooted in order to backup EFS and persist?
Click to expand...
Click to collapse
Yes twrp has option to backup efs and persist. You don't need root for this.