Database Users

[LOKI] Bootloader Bypass

Massive props to @djrbliss for adding support in his Loki tool for our device! Loki bypasses the bootloader and enables patched recoveries to be flashed. Mainly a tool for developers.
Can be found here: https://github.com/djrbliss/loki
Instructions for use in the above link!
I have to return my device because of the blue line issue but when i get a (hopefully) working device i will see if i can get a recovery.img sorted!

the_crevis said:
Hi, any progress with unlocking/hacking our device's bootloader? Am I right in thinking that the g pads software is very similar to that of the g2? Could we not use the Loki method for that device? I just wanted to get some discussion going.
Here is the email I sent LG:
" Hi there,
I am enquiring on behalf of many other v500 (LG G Pad 8.3) users as to whether it would be possible for you to provide a way to unlock this device's bootloader. Many other manufacturers provide a way to do this (HTC, Sony etc) and I believe it would be positive for LG to likewise provide a tool. It certainly would please and greatly help users such as I, who like to contribute to open source Android and hence flash custom firmware.
Thank you in advance,
Ben."
Worth a try!
Update: We can use Loki to bypass the bootloader, we just need the dev to port the tool to our device! All that needs to be done is for someone to provide the build number and a copy of the aboot partition to him in this thread: http://forum.xda-developers.com/showthread.php?t=2358871 - will do this once my device has arrived (still in the post).
Click to expand...
Click to collapse
On behalf of all of us LG G Pad owners.... you are the man!

shampiaj said:
On behalf of all of us LG G Pad owners.... you are the man!
Click to expand...
Click to collapse
+1 :good:

New Update!Roustabout on android central has pulled the aboot.img from his device and submitted a request to the Loki dev on github, I added in the build information. So hopefully we should have a boot loader workaround soon! Then I can look at getting a custom recovery and cyanogenmod on this device! I am rather new at this stuff but I will give it a go!

Massive props to @djrbliss for adding support in his Loki tool for our device! Loki bypasses the bootloader and enables patched recoveries to be flashed. Mainly a tool for developers.
Can be found here: https://github.com/djrbliss/loki
I have to return my device because of the blue line issue but when i get a (hopefully) working device i will see if i can get a recovery.img sorted!

Any news about the tool guys?

pegox said:
Any news about the tool guys?
Click to expand...
Click to collapse
Loki has been out and working on this device for a while now. It is the only way we can have custom recoveries and roms
Sent from my LG-V500 using Tapatalk

joshuadjohnson22 said:
Loki has been out and working on this device for a while now. It is the only way we can have custom recoveries and roms
Sent from my LG-V500 using Tapatalk
Click to expand...
Click to collapse
Thank you sir
Inviato dal mio Galaxy Nexus utilizzando Tapatalk

v500 requires loki, which is a bootloader bypass achieved by patching various things, to load custom recoveries, kernels, roms. the v510 (GPE) does not require loki as you can simply unlock the BL via fastboot oem unlock... loki patched roms/kernels will not work on a v510 GPE. In order for these to work on the GPE, the loki patched portion of the rom, usually the kernel must not be loki patched...the hardware is similar enough between the two variants that it shouldnt be hard to make universal roms/kernels.

djkinetic said:
v500 requires loki, which is a bootloader bypass achieved by patching various things, to load custom recoveries, kernels, roms. the v510 (GPE) does not require loki as you can simply unlock the BL via fastboot oem unlock... loki patched roms/kernels will not work on a v510 GPE. In order for these to work on the GPE, the loki patched portion of the rom, usually the kernel must not be loki patched...the hardware is similar enough between the two variants that it shouldnt be hard to make universal roms/kernels.
Click to expand...
Click to collapse
Theoretically, wouldn't it be possible to flash the V510 bootloader on V500. Sorry if this is stupid question, but mostly nexus user here, so limited exposure to locked bootloader. Got my helmet on so go ahead with the bash if necessary.
Sent from my Nexus 5 using XDA Premium 4 mobile app

jonup said:
Theoretically, wouldn't it be possible to flash the V510 bootloader on V500. Sorry if this is stupid question, but mostly nexus user here, so limited exposure to locked bootloader. Got my helmet on so go ahead with the bash if necessary.
Sent from my Nexus 5 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
It would be possible, but not sure how successful it would be, as theres more to the Bootloader than just a single partition, you would manually have to DD sbl1/sbl2/sbl3 along with aboot.img, mentioned here: http://forum.xda-developers.com/showthread.php?t=2564149
Someone with a normal G Pad would have to give it a go as I decided to skip all that and just get a GPE.

jonup said:
Theoretically, wouldn't it be possible to flash the V510 bootloader on V500. Sorry if this is stupid question, but mostly nexus user here, so limited exposure to locked bootloader. Got my helmet on so go ahead with the bash if necessary.
Sent from my Nexus 5 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Same question here.. just like in Optimus G, we have the unlock bootlader, aboot, sbls of nexus 4. Wonder if it works with the G pad

How to use Loki?
Ok, I've never used Loki before, and the instructions on Git Hub are more confusing than anything else. If someone could please provide an explanation, that would be great. Like a detailed explanation of how to use Loki to unlock this device's bootloader, that would be great. Thanks.

TenderloinShadow said:
Ok, I've never used Loki before, and the instructions on Git Hub are more confusing than anything else. If someone could please provide an explanation, that would be great. Like a detailed explanation of how to use Loki to unlock this device's bootloader, that would be great. Thanks.
Click to expand...
Click to collapse
loki doesn't unlock bootloader, only bypasses the signing checks (i.e. you can force bootloader to load unsigned kernels)
http://forum.xda-developers.com/showthread.php?t=2292157
http://blog.azimuthsecurity.com/2013/05/exploiting-samsung-galaxy-s4-secure-boot.html
you need a device whose bootloader/aboot still contains the exploit (for loki to work), and a kernel/recovery with the loki code built-in
a pure end-user doesn't need to care, only a ROM/kernel builder/developer

Sorry if this has been aswered before, but I can't seem to find it...
Did anyone tested if the GPE (v510) bootloader works in GPAD v500? Right now we use 4.2 aboot.img + loki, but maybe there is a better solution.

Forget about the 510. It's too different for things to work on the v500.

[UNLOCK] Bootloader unlock for MotoX 2014 via Sunshine!

Greetings!
As of today there is a method to completely unlock the bootloader on all variants (yes, this includes the Verizon and AT&T models). The one stipulation is you need to have root.
DISCLAIMER #0: This is NOT MY WORK. I'm merely posting steps to use other peoples' work (with permission) in order to achieve an unlocked device. Do not donate to me for this. Any donations sent to me for this post will be promptly returned and you will be publicly shamed, most likely Game of Thrones style, for not reading the entire OP and following directions.
DISCLAIMER #1: Unlocking your device is dangerous! I am in no way responsible for anything that happens to you, your device, your significant other, or any random person that you feel the need to harm after this destroys your device! You are making the decision to run these tools and you alone are responsible for the consequences!
DISCLAIMER #2: As of right now this method has ONLY been tested on variants running kitkat (4.4) roms/bootloaders. Do not be the first to try it on a lollipop version without first understanding the risks. If you try and successfully use this method on lollipop (5.x) please let me know so I adjust this post accordingly.
DISCLAIMER #3: Do not attempt to re-lock your bootloader after using Sunshine. It is unclear how the device will act and you may end up with one of these.
PREFACE:
- You're going to want adb and fastboot set up on your computer. If you don't know what these are, or don't know how to set them up, google it. Having these tools is insanely helpful anyway for debugging and getting logs for developers later. You're going to want these in the long run.
- This method in the end is going to set you back $25. Sunshine is the tool used to unlock the bootloader and the people that develop this spend insane amounts of time developing/breaking/buying devices. Trust me, its worth it.
- Enable Unknown sources in Settings > Security before starting
STEP 1: Root (This root method only works on 4.4. If you are already rooted, say via mofo or another method, you may skip to step 2)
- You just skipped to this step didn't you? Go read the disclaimers and the preface. They are extremely important.
- Root your phone using KingRoot (obviously click the image with the little android guy on it) mirror
Code:
adb install -r <filename>.apk
- Run it from your app drawer and follow the prompts. I did have it fail a couple times, if that happens, try rebooting and running it again. I also had it say it failed a couple times, but still was able to gain root by typing 'su' in an adb shell.
- KingRoot is a temp root, which means upon a reboot, you will lose root and need to run it again. That's fine for our purposes here, it gives us the in we need for the bootloader exploit (see step 2)
STEP 2: Unlock That Bootloader
- This step involves running an app called Sunshine. Download the apk from there and install it:
Code:
adb install -r <filename>.apk
- Again, this unlock will cost you a one time fee of $25, more info on their FAQ. There seems to be a lot of animosity about this, but in the end the choice is yours. An extreme amount of development time goes in to these types of exploits and these guys do a fantastic job. It is worth it.
- Follow the prompts, get out the wallet, and enjoy an unlocked bootloader!
STEP 3: Install a custom recovery
- This could be considered an optional step, but there's really no reason to go through all of this if you don't plan to do some custom things. Custom recovery allows you to install/backup/restore ROMs on your phone.
- Follow the instructions here now that you have an unlocked bootloader in order to install TWRP.
STEP 4: Enjoy!
- You now have a completely unlocked phone! Start installing roms, enjoy yourself! Be careful though! Make sure you are only flashing things that are known to work on this device.

SunShine 3.1.16 is out, better support for MotoX 2014, including custom roms

Just ran Sunshine 3.1.17 on my 5.1 XT1097 rooted via MoFo, device is unlocked and working flawlessly.

invisiblek said:
(This root method only works on 4.4. If you are already rooted, say via mofo or another method, you may skip to step 2)
Click to expand...
Click to collapse
Kingroot is available for MX14 XT1085 (Chinese MX14) running 5.1. Do you think it will work on a MX14 XT1096 running 5.1?

JulesJam said:
Kingroot is available for MX14 XT1085 (Chinese MX14) running 5.1. Do you think it will work on a MX14 XT1096 running 5.1?
Click to expand...
Click to collapse
Only way to know is try if okay with the risks.
We talked about it in the general thread. Sometimes it even works on other devices running 5.1.1 (even not officially supported). I cannot assume the risk being my only phone to try.
Visi0nofExcellence2 said:
There are posts of it working for other devices. It will fail a couple of times and then just work. Also cases where the phone won't boot anymore. More of the latter now.
Not attempting and I suggest others dont either. Risk outweighs rewards with this being my main phone.
Click to expand...
Click to collapse
Visi0nofExcellence2 said:
jcase said:
Kingroot shouldnt cause the phone to stop booting, odd. Thanks for makign the thread btw
Click to expand...
Click to collapse
Not bootng is horribly ambiguous wording on my part.
chicodelta said:
My shield is running 5.1..1. I tried kingroot 4.5, since others have reported success and now my tablet won't boot past the nvidia screen. Anyone else encountered this issue?
Click to expand...
Click to collapse
http://forum.xda-developers.com/shield-tablet/general/root-kingroot-t3112722/page4
Click to expand...
Click to collapse

JulesJam said:
Kingroot is available for MX14 XT1085 (Chinese MX14) running 5.1. Do you think it will work on a MX14 XT1096 running 5.1?
Click to expand...
Click to collapse
I tried it (several times). It doesn't.
Sent from my XT1096 using Tapatalk

I did mofo yesterday and did SunShine today, worked great. I had 5.0 on my 1096.
Sent from my XT1096 using XDA Free mobile app

Any known root methods for 5.1 yet? AT&T Moto X via OTA.

I have tried both kingroot and mofo. Neither work for the xt1097 att variant on 5.1. However looking on some pages on xda noticed that the xt1097 from Brazil has the same specs as the att variant. The files look pretty much the same as well. Do you think it would be possible to flash the 5.1 Brazil to the att without bricking? Bootloader is also the same. Flash the Brazil over the att and then try Motorola unlock tool online

christopher68369 said:
I have tried both kingroot and mofo. Neither work for the xt1097 att variant on 5.1. However looking on some pages on xda noticed that the xt1097 from Brazil has the same specs as the att variant. The files look pretty much the same as well. Do you think it would be possible to flash the 5.1 Brazil to the att without bricking? Bootloader is also the same. Flash the Brazil over the att and then try Motorola unlock tool online
Click to expand...
Click to collapse
No
Sent from my XT1096 using Tapatalk

christopher68369 said:
I have tried both kingroot and mofo. Neither work for the xt1097 att variant on 5.1. However looking on some pages on xda noticed that the xt1097 from Brazil has the same specs as the att variant. The files look pretty much the same as well. Do you think it would be possible to flash the 5.1 Brazil to the att without bricking? Bootloader is also the same. Flash the Brazil over the att and then try Motorola unlock tool online
Click to expand...
Click to collapse
It won't work. You can't flash the firmware from other carriers with a locked bootloader. It will fail when you try.
Sent from my XT1095 using Tapatalk

Only firmware you can flash with a locked bootloader has to contain the same signature of the firmware your on, which is literally only that firmware. EG. ATT 5.1 sig does not match any other sig.

Yes I realised that after doing research. Butbim wondering if we were able to change the cid to lets say the Brazil variant if we would be able to flash the firmware. If we could maybe change the cid from dfs software or GSM tools software and then try to flash the firmware if it would work. If someone knew how to change the cid without root I wouldn't mind trying it out to see if it would work. I'm planning on buying the moto x pure edition that comes out on Sept 2 but i f I was able to unlock the bootloader then I wouldn't really mind waiting on a new phone for another year since the moto x 2014 is really a great phone and with root has alot of potential

Same problem, you can't do that either without root and bootloader unlocked. There is no way to do it until someone can find a vulnerability in the 5.1 firmware. For now you are stuck.
Sent from my XT1095 using Tapatalk

I don't understand. Motorola officially provides the way to unlock bootloaders. Why does this method exist? Does this method help unlock bootloaders of devices that cannot be unlocked or something like that?

Yes, this is only for the Verizon xt1096 and the AT&T xt1097. Those 2 models cannot unlock their bootloader from motorola's website. This is a method to get around that and unlock it anyway.
Sent from my XT1095 using Tapatalk

So I have a Verizon model XT1096 running 5.0.
From the searches I've performed and from what I've read so far, Root can be achieved via Mofo (kingroot failed) and then I can unlock the bootloader via sunshine and then flash TWRP, flash a 5.1.1 ROM and I'm good to go?
There are several threads with a little info here and there, so I apologize for the questions. I just want to get my ducks in a row.

You are correct.
Sent from my XT1095 using Tapatalk

Ed Murray said:
So I have a Verizon model XT1096 running 5.0.
From the searches I've performed and from what I've read so far, Root can be achieved via Mofo (kingroot failed) and then I can unlock the bootloader via sunshine and then flash TWRP, flash a 5.1.1 ROM and I'm good to go?
There are several threads with a little info here and there, so I apologize for the questions. I just want to get my ducks in a row.
Click to expand...
Click to collapse
Kingroot said that it failed for me but sunshine still worked normally afterwards. If you haven't already paid for mofo then you can just pay for sunshine
Sent from my XT1095 using Tapatalk

Moto X 2013 (Verizon and ATT) got root on 5.1 with locked bootloader. Maybe we can use the same exploit?
http://forum.xda-developers.com/moto-x/general/root-moto-x-att-xt1058-5-1-lpa23-12-21-1-t3164125

No Root For Now...Am still looking...

I got the v20 ,...i got the bootloader unlock h-918... looking for root..tried lg g5 method...didnt work may try tomorrow...other methods such as one click and kingo doesnt work at all....
i think its due to the newest security patches..I dont know but am still searching...Any thoughts

bountyman334 said:
I got the v20 ,...i got the bootloader unlock h-918... looking for root..tried lg g5 method...didnt work may try tomorrow...other methods such as one click and kingo doesnt work at all....
i think its due to the newest security patches..I dont know but am still searching...Any thoughts
Click to expand...
Click to collapse
Did u unlock bootloader using this method?
mingkee said:
You can do this:
Make sure you backup your data with LG Backup to memory card.
Enable Developer Options (hit build numbers in about phone few times).
Enable OEM Unlock and USB Debugging.
When hooking up with your host computer, check the phone screen to allow your host computer.
Open cmd
Locate your adb platform-tools folder
adb devices
adb reboot bootloader
fastboot oem unlock (doing such will erase your phone)
fastboot getvar unlock
fastboot boot TWRP.img (if you have compatible TWRP)
Click to expand...
Click to collapse

https://www.reddit.com/r/lgv20/comments/58568e/v20unlockable_bootloadervery_simplesame_as_g4g5/

bountyman334 said:
I got the v20 ,...i got the bootloader unlock h-918... looking for root..tried lg g5 method...didnt work may try tomorrow...other methods such as one click and kingo doesnt work at all....
i think its due to the newest security patches..I dont know but am still searching...Any thoughts
Click to expand...
Click to collapse

Wait...really? This is for real right? Haha jk...I did see your imgur pics OP....just a little surprised. (Double taking of the news....still sinking in...)

iunlock said:
Wait...really? This is for real right? Haha jk...I did see your imgur pics OP....just a little surprised. (Double taking of the news....still sinking in...)
Click to expand...
Click to collapse
I guess he's just priming the pump for the inevitable hundreds of threads asking if the bootloader is unlocked or the "HELP!!! I'VE BRICKED MY PHONE AND I CAN'T GET UP!!!" threads from the morons for whom reading is not fundamental.

Since the bootloader is unlocked, is it safe to assume at some point we will have root?

Are you able to use fastboot commands? Such as to write a new recovery img. After that getting root is usually a piece of cake.
Not sure if it's different in Nougat but I think with an unlocked bootloader it really is just a matter of time till we get what we want (root).
As a piece of reference on the T-Mobile G5 we were able to root the G5 only after getting a .TOT with TWRP as the recovery because T-Mobile had somehow removed all the fastboot commands on that device except fastboot OEM unlock. If that is the case with the V20 we need talk to @tungkick again to manufacture another .TOT for us again.
---------- Post added at 01:25 PM ---------- Previous post was at 01:20 PM ----------
thegameksk said:
Since the bootloader is unlocked, is it safe to assume at some point we will have root?
Click to expand...
Click to collapse
Yes I think so from my previous experience this is almost always the case.

With the V10 a user @tungkick created a .tot with root (SuperSU) patched into it. Then use LGUP to flash the .tot.
Once that is done flashing TWRP can be flashed using Flashfire by Chainfire.
Or instead of patching root maybe the .tot can be modified to have TWRP built in...?
Nvm...didnt read the previous comments.

Well. Someone in androiding.how is keeping track seems like it. According to what i read, quoting
"The root method for LG V20 will be a systemless root without doubt. Android Nougat comes with enhanced enforcing SELinux policy for better security on Android devices, so systemless root will be the way to go to get root access without compromising the device’s security."
So, if this is true, at least there is a path to follow.
Here is the link:
https://www.google.com/amp/androiding.how/lg-v20-root-status/amp/

joseguillen1994 said:
Well. Someone in androiding.how is keeping track seems like it. According to what i read, quoting
"The root method for LG V20 will be a systemless root without doubt. Android Nougat comes with enhanced enforcing SELinux policy for better security on Android devices, so systemless root will be the way to go to get root access without compromising the device’s security."
So, if this is true, at least there is a path to follow.
Here is the link:
https://www.google.com/amp/androiding.how/lg-v20-root-status/amp/
Click to expand...
Click to collapse
Systemless root is almost becoming the default now. And if we have TWRP is pretty much just flashing the systemless root and that's it. In the recent past systemless root has not been a problem.

joseguillen1994 said:
Well. Someone in androiding.how is keeping track seems like it. According to what i read, quoting
"The root method for LG V20 will be a systemless root without doubt. Android Nougat comes with enhanced enforcing SELinux policy for better security on Android devices, so systemless root will be the way to go to get root access without compromising the device’s security."
So, if this is true, at least there is a path to follow.
Here is the link:
https://www.google.com/amp/androiding.how/lg-v20-root-status/amp/
Click to expand...
Click to collapse
Interesting...thanks for the heads up.

Uff mine is coming on 24th! I really hope this beast get rooted. It could unleash its true potential!!!

joseguillen1994 said:
Uff mine is coming on 24th! I really hope this beast get rooted. It could unleash its true potential!!!
Click to expand...
Click to collapse
Great...tmo variant or international??
arjuna_ said:
Systemless root is almost becoming the default now. And if we have TWRP is pretty much just flashing the systemless root and that's it. In the recent past systemless root has not been a problem.
Click to expand...
Click to collapse
I used it on my g4...Android pay still didn't work.. But systemless root non the less
joseguillen1994 said:
Well. Someone in androiding.how is keeping track seems like it. According to what i read, quoting
"The root method for LG V20 will be a systemless root without doubt. Android Nougat comes with enhanced enforcing SELinux policy for better security on Android devices, so systemless root will be the way to go to get root access without compromising the device’s security."
So, if this is true, at least there is a path to follow.
Here is the link:
https://www.google.com/amp/androiding.how/lg-v20-root-status/amp/
Click to expand...
Click to collapse
Systemless is the way...I'll try to create a tot file..if they have released it yet
Double0EK said:
With the V10 a user @tungkick created a .tot with root (SuperSU) patched into it. Then use LGUP to flash the .tot.
Once that is done flashing TWRP can be flashed using Flashfire by Chainfire.
Or instead of patching root maybe the .tot can be modified to have TWRP built in...?
Nvm...didnt read the previous comments.
Click to expand...
Click to collapse
Time will tell..but unless I can figure it out tonight

bountyman334 said:
Great...tmo variant or international??
Click to expand...
Click to collapse
Im a tmobile guy lol. I have only used 3 carriers in my life in USA: lycamobile, metropcs, and tmobile (currently)

joseguillen1994 said:
Im a tmobile guy lol. I have only used 3 carriers in my life in USA: lycamobile, metropcs, and tmobile (currently)
Click to expand...
Click to collapse
... 1st ... ......

Confirmed: Fastboot flash commands do not work similar to T-Mobile LG G5. Successfully unlocked bootloader though so that is also confirmed for the 2nd time.

got my sprint v20 today. looking forward to root and xposed

nerys71 said:
got my sprint v20 today. looking forward to root and xposed
Click to expand...
Click to collapse
Sprint bl seems to be locked atm

Not sure if this means anything - but there is the oem unlock in developer options on sprint.

6.0.1 G900VVRU2DPG2 Root

Hi community,
Not sure if this goes against TOS of the forum or if this is even the correct forum to be posting this question in. What is preventing a root from being created for 6.0.1? What would help get a root created for this phone?
I am willing to pay someone to create a working root method; whether it be public or just for me. I have an adequate number of phones to help develop a root. Applicants must be a trusted member of the community with a high reputation.
Please no flame comments. Only serious responses.
Thanks,
Andrew

root on marshmellow requires a unlocked bootloader (this applies to ANY marshmellow device )
if you have a CID15 device you can flash back to PB1 unlock the bootloader and then flash whatever 6.01 rooted rom you want
if you have a a CID11 device with a non-unlockable boot-loader you are SOL its impossible to root marshmallow with dm-verity enabled and there is no way around that
dm-verity cryptographicly checks the block map of the /system partition if there is so much as a text file out of place it won't boot

Legitsu said:
root on marshmellow requires a unlocked bootloader (this applies to ANY marshmellow device )
if you have a CID15 device you can flash back to PB1 unlock the bootloader and then flash whatever 6.01 rooted rom you want
if you have a a CID11 device with a non-unlockable boot-loader you are SOL its impossible to root marshmallow with dm-verity enabled and there is no way around that
dm-verity cryptographicly checks the block map of the /system partition if there is so much as a text file out of place it won't boot
Click to expand...
Click to collapse
Thanks for the response. It was very informative. I'll check which chipset I have on the phones. Hopefully there are some that are downgradable.
Not sure if my terminology is correct but does samsung offer an option to register the device as unlocked? Similar to how HTC offers an option to unlock it? Where they send you the unlock key or something.

andrewr74 said:
Thanks for the response. It was very informative. I'll check which chipset I have on the phones. Hopefully there are some that are downgradable.
Not sure if my terminology is correct but does samsung offer an option to register the device as unlocked? Similar to how HTC offers an option to unlock it? Where they send you the unlock key or something.
Click to expand...
Click to collapse
no the only bootloader unlock we have is for s5's with samsung flash memory aka CID15 devices
you can check which you have with this https://play.google.com/store/apps/details?id=net.vinagre.android.emmc_check&hl=en
first two numbers if its a 15 you are good follow the root and unlock threads if its a 11 nope you are sol

Legitsu said:
no the only bootloader unlock we have is for s5's with samsung flash memory aka CID15 devices
you can check which you have with this
first two numbers if its a 15 you are good follow the root and unlock threads if its a 11 nope you are sol
Click to expand...
Click to collapse
Yeah, I checked a handful of my phones and 2 of the 5 were CID 15. I was successfully able to downgrade to 5.0 and root. Using an app to check every phone is very annoying since I have to sideload the apk and launch which takes too long. Do you know of anyway using ADB that I could determine the eMMc chipset?
I spoke with Samsung for a possible solution that is equivalent to a root and they suggested Nox Console. Where I can remove bloatware and disable certain features of the phone for $3ea. Which is alright for locking down the device but apps that require root to accomplish what I need... So not much help there.
In your opinion, what are the chances someone creates a root for CID 11? Impossible?

andrewr74 said:
Yeah, I checked a handful of my phones and 2 of the 5 were CID 15. I was successfully able to downgrade to 5.0 and root. Using an app to check every phone is very annoying since I have to sideload the apk and launch which takes too long. Do you know of anyway using ADB that I could determine the eMMc chipset?
I spoke with Samsung for a possible solution that is equivalent to a root and they suggested Nox Console. Where I can remove bloatware and disable certain features of the phone for $3ea. Which is alright for locking down the device but apps that require root to accomplish what I need... So not much help there.
In your opinion, what are the chances someone creates a root for CID 11? Impossible?
Click to expand...
Click to collapse
if you searched the forum before asking any of this you would know the answer to that No not gonna happen extensive research was done it s impossible with the current method we have
for locked devices if you simply wanna turn apps off or block ota's I recommend this app
https://play.google.com/store/apps/details?id=com.ospolice.packagedisablerpro&hl=en
cat /sys/block/mmcblk0/device/cid
will return the cid from a shell
CID11's can be downgraded to 5.01 and then you can get root but NOT marshmallow and higher
oncid 15 devices you can unlock the bootloader https://forum.xda-developers.com/ve...t/rd-unlocking-galaxys-s5-bootloader-t3337909
and flash a rooted marshmallow rom if you already have root you can skip right to method 2

Legitsu said:
if you searched the forum before asking any of this you would know the answer to that No not gonna happen extensive research was done it s impossible with the current method we have
for locked devices if you simply wanna turn apps off or block ota's I recommend this app
https://play.google.com/store/apps/details?id=com.ospolice.packagedisablerpro&hl=en
cat /sys/block/mmcblk0/device/cid
will return the cid from a shell
CID11's can be downgraded to 5.01 and then you can get root but NOT marshmallow and higher
oncid 15 devices you can unlock the bootloader https://forum.xda-developers.com/ve...t/rd-unlocking-galaxys-s5-bootloader-t3337909
and flash a rooted marshmallow rom if you already have root you can skip right to method 2
Click to expand...
Click to collapse
That emmc command worked perfectly!
I don't load any custom roms so only getting root on stock 5.0 is exactly what I want. I was unaware CID11 was downgradable, the other post were a tad confusing in regards to the CIDs. I guess it was the terminology that I did not understand.
Thank you for the help!

andrewr74 said:
That emmc command worked perfectly!
I don't load any custom roms so only getting root on stock 5.0 is exactly what I want. I was unaware CID11 was downgradable, the other post were a tad confusing in regards to the CIDs. I guess it was the terminology that I did not understand.
Thank you for the help!
Click to expand...
Click to collapse
https://forum.xda-developers.com/ve...ow-to-flash-custom-6-0-1-roms-locked-t3393943
PB1 = 5.0

Need help to root H91810k

Hello,
First off, thank you for clicking on this post. I'm new on XDA and rooting LG phones. However, I've searched help on posts and other sites on how to root LG V20 H19810k (T-Mobile Variant) and many told me to downgrade first and then root. But none exactly gave any instruction or step by step on how to do it.
My worries are these ARB (Anti-Roll Back) software updates and if you were to downgrade, you will brick your phones and things like that, it's LG (I mean like there are a lot of complains about hardware faulty after phone updates and lawsuits about it), and different steps on each variants. I bought this phone like 2 or 3 months ago, and my thought on this phone's software is sucks so bad. It's so bad, I've had many problems like my mobile data often times stopped working (no network) even though signal is full bar, my live pixel background suddenly gone after playing this specific game, serious low fps in some games, RAM is full all the time, and many more. The phone itself has amazing hardware and specs, but damn why is the software so bad?
Right, so all my problems aside, I think switching ROM or downgrade probably a good idea and rooting for removing bloatwares. But many had problems installing twrp recovery to root and risks like bricking and bootlooping. And in this post, I'm hoping for help to downgrade and root H91810k.

ignoll said:
Hello,
First off, thank you for clicking on this post. I'm new on XDA and rooting LG phones. However, I've searched help on posts and other sites on how to root LG V20 H19810k (T-Mobile Variant) and many told me to downgrade first and then root. But none exactly gave any instruction or step by step on how to do it.
My worries are these ARB (Anti-Roll Back) software updates and if you were to downgrade, you will brick your phones and things like that, it's LG (I mean like there are a lot of complains about hardware faulty after phone updates and lawsuits about it), and different steps on each variants. I bought this phone like 2 or 3 months ago, and my thought on this phone's software is sucks so bad. It's so bad, I've had many problems like my mobile data often times stopped working (no network) even though signal is full bar, my live pixel background suddenly gone after playing this specific game, serious low fps in some games, RAM is full all the time, and many more. The phone itself has amazing hardware and specs, but damn why is the software so bad?
Right, so all my problems aside, I think switching ROM or downgrade probably a good idea and rooting for removing bloatwares. But many had problems installing twrp recovery to root and risks like bricking and bootlooping. And in this post, I'm hoping for help to downgrade and root H91810k.
Click to expand...
Click to collapse
Search this forum there's numerous threads on how to root
Sent from my LG-H910 using XDA Labs

Downgrade to 10j and use DirtySanta, or use lafsploit.
IMHO they are about equally difficult. In the lafsploit thread, I state that you have to be on 10p or 10q, but I will update the post stating that you need to be on 10q or LOWER.
DirtySanta doesn't require you to use FWUL, so it does have that advantage.
Bottom line though, you can't stay on ARB 0 firmware and use any of the current ROMs -- they all require 10p or higher firmware.
-- Brian

cnjax said:
Search this forum there's numerous threads on how to root
Sent from my LG-H910 using XDA Labs
Click to expand...
Click to collapse
Thank you for the reply,
Seems I got it a little bit. So what I've been looking at this dirtythis and that unlock stuff for quite a while. I've been wondering if anyone asked about H918. I just realized that this dirtysanta bootloader is an exploit for other variants that don't support unlocking via fastboot.
So then I proceed to unlock my device and it successfully unlocked. (Follow this post to unlock).
I will try downgrading my device via lgup and will follow this post to flash and root.

ignoll said:
Thank you for the reply,
Seems I got it a little bit. So what I've been looking at this dirtythis and that unlock stuff for quite a while. I've been wondering if anyone asked about H918. I just realized that this dirtysanta bootloader is an exploit for other variants that don't support unlocking via fastboot.
So then I proceed to unlock my device and it successfully unlocked. (Follow this post to unlock).
I will try downgrading my device via lgup and will follow this post to flash and root.
Click to expand...
Click to collapse
Be careful about your rolling back to root, check your current software version and and if you're arb 1 you'll brick. If you're arb look up the laf exploit thread
Sent from my LG-H910 using XDA Labs

He said he is on 10k, so he is safe to rollback to 10j which can use recowvery.
@ignoll Whatever you do, DO NOT flash the engineering aboot, or you will brick your phone. Follow the procedure in the post you linked, and you will be fine. DirtyCow gets you a temp root shell that will allow you to dd TWRP onto the recovery partition. If you get an error when you do run-as con, then you are NOT on 10j or lower. If you try to downgrade and you get an error about ARB, then you are NOT on 10k.
Just keep all that in mind and you will be fine.
-- Brian

runningnak3d said:
He said he is on 10k, so he is safe to rollback to 10j which can use recowvery.
@ignoll Whatever you do, DO NOT flash the engineering aboot, or you will brick your phone. Follow the procedure in the post you linked, and you will be fine. DirtyCow gets you a temp root shell that will allow you to dd TWRP onto the recovery partition. If you get an error when you do run-as con, then you are NOT on 10j or lower. If you try to downgrade and you get an error about ARB, then you are NOT on 10k.
Just keep all that in mind and you will be fine.
-- Brian
Click to expand...
Click to collapse
Thank you for the reply,
Just to make sure, 10k is the software version which you can find in the software info inside the settings app, right? This software info will show stuff about "Android version", and down on the list, there's the "Software version" and below it is the 10k coming from (H918xxx). Or, check it via svc menu and version info through the dialer app. All that is to check whether I'm in the correct version or not, yes? (Sorry for this silly question, I just want to make sure. I'm really new to this)
And yes, I won't flash this engineering aboot, just follow the instruction and I'll be good. But just to make sure again, there's no this "engineering aboot" thing in the post that will brick my device, yes?
That said, I really appreciate for your warning and advice.

stuff about "Android version", and down on the list, there's the "Software version" and below it is the 10k
Click to expand...
Click to collapse
Yep, that means you are on 10k, so you are safe to rollback.
-- Brian

runningnak3d said:
Yep, that means you are on 10k, so you are safe to rollback.
-- Brian
Click to expand...
Click to collapse
Please, i am also stuck and confused, as i understand LG devices, downgrading may cause device to go dead completely, i want to be sure before i begin this process. Here is my device Software Info:
Software Version: H91810K
Build Number: NRD90M
My device is locked to T-mobile, and i want to unlock using Octopus Box as i have credits. Unlocking requires root, is it possible to downgrade to the mentioned version 10j and not brick device? Any one can help me on this.

kenneth excellence said:
Please, i am also stuck and confused, as i understand LG devices, downgrading may cause device to go dead completely, i want to be sure before i begin this process. Here is my device Software Info:
Software Version: H91810K
Build Number: NRD90M
My device is locked to T-mobile, and i want to unlock using Octopus Box as i have credits. Unlocking requires root, is it possible to downgrade to the mentioned version 10j and not brick device? Any one can help me on this.
Click to expand...
Click to collapse
If you root your phone it will be unlocked no need to use an octopus box.
Sent from my LG-H910 using XDA Labs

That is only true if the engineering bootloader is used. The H918 still needs work to get it carrier unlocked.
-- Brian

cnjax said:
If you root your phone it will be unlocked no need to use an octopus box.
Sent from my LG-H910 using XDA Labs
Click to expand...
Click to collapse
Are you serious? If this is possible how do i root since i am on H91810K Software version?

cnjax said:
If you root your phone it will be unlocked no need to use an octopus box.
kenneth excellence said:
Are you serious? If this is possible how do i root since i am on H91810K Software version?
Click to expand...
Click to collapse
Click to expand...
Click to collapse
He is serious, but incorrect.
runningnak3d said:
That is only true if the engineering bootloader is used. The H918 still needs work to get it carrier unlocked.
-- Brian
Click to expand...
Click to collapse
You need to pay attention to runningnak3d when he says something about root and the V20.
Cheers