Database Users

[TUT] THE guide to modding and tweaking your Arc

This guide is now dormant as of the 25th of September and will not be updated again.
The information contained within still holds true, the guides to the likes of unlocking your bootloader, flashing using FlashTool etc are all still correct even with the release of newer firmware updates but I won't be adding anything further to it.
Purpose:This thread is my personal attempt to provide Arc owners with a guide to getting the most out of the handset.
It draws upon the combined expertise of the Arc userbase here on XDA-devs and collates it in a simple, easy-to-follow format.
I am in no way claiming this as all my own work, full credit is given where due and my thanks go out to all of the wonderful, knowledgeable contributors whose work I am honoured to be able to showcase here.​
Words of warning::As with any modding or tweaking of a mobile phone, there is always a risk attached that you end up bricking, killing, blowing up, disintegrating, shrinking, beaming your handset to an alternate dimension or sending it forwards or backwards through time.
The risks are slight, countless people have undertaken the procedures listed in this thread with no problems at all - I myself have unlocked the bootloader on my Arc, rooted it using Bin4ry's image-flashing method, deleted some of the pre-loaded apps, flashed the 2.3.3 update using FlashTool are re-rooted again using Bin4ry's method... and my Arc is absolutely fine.
However, if you somehow manage to mess up or break your phone in any way, neither myself nor the authors of any other threads or resources I link to accept any responsibility or blame for what happens.
No-one is forcing you to do any of this, it's your own decision. If you're uneasy or nervous, just don't do it.
Also, whilst unlocking the bootloader is supported to a degree by Sony Ericsson, rooting, flashing custom ROMs, all the rest of it is not and there is always a chance you'll end up voiding you warranty.
As above, no-one else accepts any responsibility for your decisions and actions.​
Also, on a personal note, please don't PM me asking for help.
I don't wish to sound rude or ungrateful but I'm not a developer, I'm not coming up with new tweaks/mods/ROMs or anything like that, everything I know is laid out in this guide in a manner that should be plain and simple to follow, if there's something that isn't covered here chances are I don't know either.
There is a whole section here for the Arc literally teeming with people happy and willing to answer any/all questions you might have, so you'd probably find your question answered quicker that way than if you were to contact and individual and ask for help.

Contents
The bootloader:
Unlocking
Relocking
Rooting:
GingerBreak (inc how to use GingerBreak to root a handset running 2.3.3)
Bin4ry's flashing method
Recovery update method
Recoveryhttp://forum.xda-developers.com/showthread.php?p=13340438#post13340438http://forum.xda-developers.com/showthread.php?p=13340438#post13340438
Updating firmware/flashing ROMs:
SEUS
Flashtool
Wotan
Theming using UOT Kitchenhttp://forum.xda-developers.com/showthread.php?p=13967176#post13967176http://forum.xda-developers.com/showthread.php?p=13967176#post13967176

Bootloader - Unlocking
What you need:A factory-unlocked Xperia Arc
Your handset's unlocking code from the SE unlocking webpage
Fastboot and drivers (if necessary)​
What you need to know:Handsets with unlocked bootloaders cannot be updated via SEUS.
Though if you re-lock your bootloader, you will regain this ability.
Handsets that have their bootloader unlocked will stop working with SE's various music-related services (TrackID and the Facebook-inside 'like music' function).
This is due to the unlocking process rendering DRM function inoperable and cannot be recovered by re-locking the bootloader​
How to do it:
Back up any important information from your handset - unlocking the bootloader wipes the handset
Download Fastboot and, if necessary, x86/x64 Windows drivers
Retrieve your unlocking key from Sony Ericsson's website:
Follow the link
Click 'Continue'
Click 'Yes, I'm sure'
Agree-to/accept the terms and conditions
Enter your name, e-mail address and first 14 digits of your IMEI, not the whole thing
Copy the code into a text file or similar for use later
Extract the contents of the fastboot rar file you dowloaded in step 2 and open the folder that is extracted
Open a command prompt and change directory to the folder that fastboot.exe is in (in Windows, the easiest way to do this is to hold shift and right-click on the background of the folder and select 'Open command window here')
Connect your phone:
Switch it off
Press and hold the Menu key (the right-most of the three)
Connect the USB cable whilst still holding the Menu key
The indicator LED next to the USB port should turn blue to indicate your are in fastboot mode - if it doesn't, then try again; if it completely refuses to enter fastboot mode, then you may well have a locked/branded handset in which case you cannot unlock your bootloader
If your computer fails to find or install the drivers automatically, download and install the drivers included in step 2
Once your phone is connected in fastboot mode and any driver installation has finished, type fastboot.exe -i 0x0fce getvar version into the command prompt you opened in step 5 - this should return a value such as 0.3 or similar, if it doesn't then the phone is not connected properly, start again from step 5
If step 8 worked, then type fastboot.exe -i 0x0fce oem unlock 0x[key] into the command prompt, [key] being substituted for the unique unlocking key you retrieved in step 3 (I told you you'd need to keep it safe...)
You should see some text output by the command prompt stating that it is erasing certain blocks and then that it is finished - congratulations, your bootloader is unloked
Credits:lollylost100 - Source thread​

Bootloader - Re-locking
What you need:An Arc with an unlocked bootloader
FlashTool
Blagus' relocking ftf​
What you need to know:Relocking will allow you to use SEUS to update firmware and restore your handset.
You will still be able to use FlashTool to update firmware if you wish though.
Re-locking the bootloader won't reactivate the DRM-based music features like TrackID, they're permanently gone​
How to do it:
Download and install FlashTool (for those of you who don't speak French, you want to click the 'Extraire' button)
Download Blagus' re-locking ftf and place it in the /firmwares sub-directory of where you extracted FlashTool to
Download this file, rename it to LT15.sin and place it in the /loaders sub-directory
Switch your handset off
Run FlashTool
Press the 'Flash' button and select the .ftf file you wish to flash
When prompted, connect your handset in 'flash mode' - FlashTool should explain exactly how to do this but just in case, press and hold the 'back' button while connecting the USB cable
FlashTool should automatically detect your handset and start flashing it - if it doesn't however:
Disconnect your handset (it should remain switched off)
Close FlashTool
Go to the /drivers sub-directory and run/install ggsetup-2.2.0.10.exe
Now go back to step 6 and follow the instructions once more, everything should work ok this time
When FlashTool finishes, disconnect your phone and switch it on - don't worry if it's a little slow the first time it boots after flashing
Credits:Blagus - Source thread​

Rooting - GingerBreak
What you need:An Arc running 2.3.2 - and with a locked bootloader if you wish to update to 2.3.3 OTA
GingerBreak​
What you need to know:GingerBreak will not directly root 2.3.3 (or later) ROMs. The exploit it uses, which was patched by Google in the vanilla 2.3.4 release was patched by SE in their 2.3.3 release.
This is not a deliberate attempt to prevent rooting, the exploit in question was to the best of my knowledge the same exploit that led to the widely-publicised security hole through which personal information could be intercepted on unsecured wi-fi connections - Google and SE are just looking out for us, it's merely an unfortunate coincidence that they 'broke' GingerBreak.
As it happens, there is an indirect way to root 2.3.3 using GingerBreak but I'll come back to that.
Do not follow steps 5 and 6 if you have an unlocked bootloader - updating a handset with an unlocked bootloader OTA is fraught with issues.
If you have a handset with an unlocked bootloader, follow these instructions instead​
How to do it:
Download GingerBreak v1.2 (older versions are also availablehttp://forum.xda-developers.com/showthread.php?p=13230331#post13230331)
Transfer the apk file to your phone's memory card
Install
Optional:
Download and run BusyBox installer
To get your 2.3.3 bootloader-locked handset rooted using GingerBreak, follow steps 1-3 then...
Prepare your handset:
Make sure you've got a decent charge or better yet connect the handset to a charger
If possible, connect to wi-fi for best data speeds and to avoid the signal dropping out
Update your handset to 2.3.3 OTA:
Menu > Settings > About phone > Software update > Update now
NB: as mentioned in the 'what you need' and 'what you need to know' segments above, GingerBreak will only root 2.3.2 handsets so if you've already updated to 2.3.3 you'll need to revert back to 2.3.2 prior to following these instructions - this can be done using either FlashTool or Wotan
Also, some people have reported issues with the OTA updates if they have modded their handsets, again this can be sorted by flashing back to stock 2.3.2 immediately prior to following these instructions.
Credits:Chainfire - source thread
kistigun - source thread​

Rooting - Bin4ry's flashing method
What you need:An Arc with an unlocked bootloader
Fastboot and drivers (if necessary)
The appropriate image file based on your handset's firmware version - available from here and/or here​
What you need to know:Only compatible with handsets with unlocked bootloader (obviously)
You must ensure the image file you flash is the correct one for the ROM you're running, if you flash the wrong one you'll end up stuck in a boot-loop​
How to do it:
Unlock your bootloader (in doing so, you will have downloaded and installed fastboot and, if necessary, the drivers)
Download the correct image file and move it to the same folder as fastboot.exe
Open a command prompt and change directory to the folder that fastboot.exe is in (in Windows, the easiest way to do this is to hold shift and right-click on the background of the folder and select 'Open command window here')
Connect your phone:
Switch it off
Press and hold the Menu key (the right-most of the three)
Connect the USB cable whilst still holding the Menu key
The indicator LED next to the USB port should turn blue to indicate your are in fastboot mode
Type the following into the command prompt:
Windows: fastboot flash system [image file]
Linux: fastboot -i 0x0fce flash system [image file]
Mac: fastboot-mac -i 0x0fce flash system [image file]
...where [image file] is the full filename of the image file you downloaded in step 2 - including the '.img' at the end
Optional:
Download and run BusyBox installer
Credits:Bin4ry and zdzihu - source thread
kanzone - source thread​

Rooting - Recovery update method
What you need:An Arc with recovery
Bin4ry's root zip file​
What you need to know:Recovery is still in beta, not all functions work fully - use of the recovery solution is very much at the user's own risk​
How to do it:
Download Bin4ry's root zip file and save it to your handset's memory card
Boot into recovery
Install the root zip:
Select 'install zip from sdcard'
Select 'choose zip from sdcard'
Navigate to where the zip file is on you handset's memory card and select it
Confirm you wish to install the zip
Optional:
Download and run BusyBox installer
Credits:Bin4ry - source thread​

Recovery
What you need:An Arc with an unlocked bootloader
Fastboot and drivers (if necessary)
Bin4ry's beta recovery image​
What you need to know:Recovery is still in beta, not all functions work fully - use of the recovery solution is very much at the user's own risk
DO NOT flash the image file, follow the instructions exactly as listed.​
How to do it:
Unlock your bootloader (in doing so, you will have downloaded and installed fastboot and, if necessary, the drivers)
Download the recovery image file
Open a command prompt and change directory to the folder that fastboot.exe is in (in Windows, the easiest way to do this is to hold shift and right-click on the background of the folder and select 'Open command window here')
Connect your phone:
Switch it off
Press and hold the Menu key (the right-most of the three)
Connect the USB cable whilst still holding the Menu key
The indicator LED next to the USB port should turn blue to indicate your are in fastboot mode
Type 'fastboot boot recoveryARC.img' into the command prompt
Your handset will now boot into recovery
To navigate through the menus, use the volume keys to scroll up and down and the power key to select an option
Credits:Bin4ry and the rest of the FreeXperia Team - source thread​

Updating firmware/flashing ROMs - SEUS
Handsets that still have their bootloader locked are able to perform software updates using SE's own updating program, SEUS - Sony Ericsson Update Service (link included system requirements - Windows only).
However, handsets that have had their bootloaders unlocked cannot use SEUS.
Also, obviously, as SEUS is Sony Ericsson's official update program, it can only be used to flash official SE updates - no custom ROMs.

Updating firmware/flashing ROMs - Flashtool
What you need:An Arc
FlashTool
The ftf file you wish to flash​
What you need to know:Not much to be honest.
FlashTool is, to the best of my knowledge, compatible with pretty much any Arc.​
How to do it:
Download and install FlashTool (for those of you who don't speak French, you want to click the 'Extraire' button)
Download this file, rename it to LT15.sin and place it in the /loaders sub-directory of where you extracted FlashTool to
Download the firmware you wish to flash to the /firmwares sub-directory
Switch your handset off
Run FlashTool
Press the 'Flash' button and select the .ftf file you wish to flash
When prompted, connect your handset in 'flash mode' - FlashTool should explain exactly how to do this but just in case, press and hold the 'back' button while connecting the USB cable
FlashTool should automatically detect your handset and start flashing it - if it doesn't however:
Disconnect your handset (it should remain switched off)
Close FlashTool
Go to the /drivers sub-directory and run/install ggsetup-2.2.0.10.exe
Now go back to step 6 and follow the instructions once more, everything should work ok this time
When FlashTool finishes, disconnect your phone and switch it on - don't worry if it's a little slow the first time it boots after flashing
Credits:Androxyde and Bin4ry - source thread
itskapil
Nimche​

Updating firmware/flashing ROMs - Wotan
What you need:An Arc with a locked bootloader
Wotan Client
A Wotanserver account​
What you need to know:Whilst it is free to register a WotanServer account as I am writing this, that may change in the future.
Honestly, IMO, you're better off using FlashTool (which is a free, community-developed program) but I've included this in my guide for the sake of 'completeness'.
If you are flashing back to 2.3.2 so that you can root using GingerBreak then update OTA, obviously you'll have to flash a 2.3.3 firmware.
Prior to doing so, check that there is a 2.3.3 firmware available for the same CDA otherwise you won't be able to update OTA after rooting​
How to do it:
Download Wotan Client
Register a WotanServer Account
Run Wotan Client
Connect your handset as per the on-screen instructions
Check 'Enabled advanced settings'
Select your preferred CDA/firmware combination and click 'Next'
Login with your WotanServer account and click 'Next'
Wotan Client will then download and flash the necessary file(s)
When Wotan Client is finished, close it, disconnect your handset and switch it on
Credits:PhyzX - source thread​

Theming using UOT Kitchen
Foreword - I never really quite got round to writing this bit up as nicely as I'd hoped, my apologies for not revising this to match the rest of my guide.
NB: this more than any other part of my guide you do at your own risk as I cannot guarantee which parts of the kitchen are compatible with the Arc and which will result in boot-loops.
One of the easiest ways of theming/customising your Arc (beyond the basic wallpaper, widgets etc) is to use the excellent Ultimate Online Theme Kitchen - a brilliant free site that allows users to change battery icons, status/notification bar icons, the status-bar/notification area background amongst other things.
First you need to extract the framework-res and SystemUI apk files from your handset.
framework-res is found in the /system/framework folder and SystemUI.apk is in the /system/app folder.
To extract both of these you need a file manager program with root access, for this I strongly recommend Root Explorer - unfortunately it's not free but it works where others fall down, so it's well worth the money.
Once you've extracted the two files, you need to upload them to the Kitchen ('File upload' tab, second from the end).
The third file is for CM7 handsets only so as of writing Arc users should just leave it blank.
As for the settings down the left hand side, everything should be left as is:
Edify scripting, not Amend scripting
Type MTD (default) not Type EMMC
Use script to flash files... - unchecked
Use automated images fixing - checked
Generate preview... - checked
The Kitchen will eventually spit out a zip file for you to download from the pick-up page - don't worry if this takes a while, when the Kitchen is busy it can take nearly an hour for files to appear.
This zip file is designed to be flashed using recovery but since there is no recovery solution available for the Arc just now, we have to resort to 'ghetto' measures...
If you extract the zip you'll find a number of folders which will contain, amongst other things, your modified framework-res and SystemUI apk files.
You then need to manually copy these files back into the appropriate directories on your handset, being sure to change the permissions on each one.
For framework-res.apk, the permissions need to be rw-r--r--. I'm pretty certain they're the same for SystemUI.apk but I'll check this.
This is where apps other than Root Explorer start to fall down - I tried a couple such as Super Manager and none of them were able to correctly set the permissions on the apks, leading to my handset boot-looping.
It should also be possible to flash the zip files using Bin4ry's recovery for the Arc

Hi guys, I have a question about the term "sim-free" phone.
does the unlock-code purchased from anywebsite gives you the "sim-free" phone, which will enable the fastboot mode?
Thanks!

stevencxr said:
Hi guys, I have a question about the term "sim-free" phone.
does the unlock-code purchased from anywebsite gives you the "sim-free" phone, which will enable the fastboot mode?
Thanks!
Click to expand...
Click to collapse
sorry for the question post in here =( don't know how to delete this ....

stevencxr said:
does the unlock-code purchased from anywebsite gives you the "sim-free" phone, which will enable the fastboot mode?
Click to expand...
Click to collapse
No.
If your handset won't enter fastboot mode, then as things stand there's no way to enable that - having the handset unlocked makes no difference.
edit: scratch that. it seems there is a way using SEtool but that requires purchasing specific hardware.

Step666 said:
What you need:An Arc with an unlocked bootloader
Fastboot and drivers (if necessary)
Bin4ry's beta recovery image​
What you need to know:Recovery is still in beta, not all functions work fully - use of the recovery solution is very much at the user's own risk
DO NOT flash the image file, follow the instructions exactly as listed.​
How to do it:
Unlock your bootloader (in doing so, you will have downloaded and installed fastboot and, if necessary, the drivers)
Download the recovery image file
Open a command prompt and change directory to the folder that fastboot.exe is in (in Windows, the easiest way to do this is to hold shift and right-click on the background of the folder and select 'Open command window here')
Connect your phone:
Switch it off
Press and hold the Menu key (the right-most of the three)
Connect the USB cable whilst still holding the Menu key
The indicator LED next to the USB port should turn blue to indicate your are in fastboot mode
Type 'fastboot boot recoveryARC.img' into the command prompt
Your handset will now boot into recovery
To navigate through the menus, use the volume keys to scroll up and down and the power key to select an option
Credits:Bin4ry and the rest of the FreeXperia Team - source thread​
Click to expand...
Click to collapse
Quick question about recovery:
The command 'fastboot boot recoveryARC.img' boots the phone into recovery, right? How do I install it then?
I mean, like those in X10, you reboot the phone, then press back button to get into recovery.
I'm sorry if I missed to spot if it's already in your guide .

prathaban said:
The command 'fastboot boot recoveryARC.img' boots the phone into recovery, right? How do I install it then?
Click to expand...
Click to collapse
Yes, that command boots you into recovery.
You don't install it, you can only access it by using fastboot to boot into it.

Step666 said:
Yes, that command boots you into recovery.
You don't install it, you can only access it by using fastboot to boot into it.
Click to expand...
Click to collapse
Got that . So how do I install it or isn't possible at this moment?

It's not possible, if you try and install it, you'll end up with bootloops.
But to be honest, how often do you need to get into Recovery when you're not at your computer?

Step666 said:
It's not possible, if you try and install it, you'll end up with bootloops.
But to be honest, how often do you need to get into Recovery when you're not at your computer?
Click to expand...
Click to collapse
Honestly don't know yet for Arc! But when I had X10, I flash lot of themes, quite often.
Anyway, thanks for the info.

[GUIDE] Sony Xperia Z5 - UNLOCK / ROOT / TWEAKS - OS 5.1.1 / 6.0

[GUIDE] Sony Xperia Z5
DISCONTINUED - SEE NEWS !
Last update: 20.06.2016​
This guide will help you to root your phone, install new firmwares, unlock your bootloader and much more. Its splitted into 3 sections: StockRom, CustomROM and Tweaks so you should find things easily. I think if you understood this guide you can easily flash different firmwares, kernels and so on. And now - have fun
NEWS
I have to much work to do at the moment to continue this guide. But, the main work is done, now its all about updating the links. If there is something remarkable new, I will add it to my guide.
20.06.2016
- updated links
- minor changes
23.04.2016
- updated download links
- added custom rom (CyanogenMod13)
- some small changes
09.04.2016
- I'm very busy at the moment (exams and hard work). So I cant help you guys that much and cant try new kernels and that kind of stuff Plese ask @gm007 or @zacharias.maladroit if you have problems. I will come back as fast as I can
- updated download links
28.03.2016
- updated download links
12.03.2016
- Android 6.0 compatibility check
- updated download links
- graphical revision
14.02.2016
- updated guide to make it more understandable
QUESTION & ANSWER
Which devices are supported by this guide?
- Sony Xperia Z5
- Model number: E6653 / E6603 (for other models use different kernel)
- OS version: Stock Xperia Android 5.1.1 / 6.0
Whats important to know before I start?
- I´m NOT responsible for any damage.
- Keep in mind that unlocking the bootloader can void your warrenty.
- Save your data, all settings and files will be deleted during this process.
- READ THE ENTIRE GUIDE FIRST!
[GUIDE] GENERAL
FASTBOOT
1) POWER OFF phone
2) Hold VOLUME UP
3) Connect to PC via USB
4) LED turns blue
FLASHMODE
1) POWER OFF phone.
2) Hold VOLUME DOWN
3) Connect to PC via USB
4) LED turns green
RECOVERY
a) You can enter TWRP while booting. If the LED turns yellow, hold VOLUME DOWN till it gets orange.
b) Use this command in Minimalistic ADB and FASTBOOT to reboot to recovery:
Code:
adb reboot recovery
BOOTLOOP / EMERGENCY POWER OFF
1) Hold POWER OFF and VOLUME UP
2) Device vibrates 3 times
DEVELOPER MODE AND UNNOWN SOURCES]
1) settings -> about phone -> touch build number several times
2) settings -> developer options -> enable USB debugging
3) settings -> security -> enable Unknown sources
PC PERMISSIONS
1) Run Minimalistic ADB and FASTBOOT and FLASHTOOL with admin permissions.
2) Use USB 2.0 ports, sometimes 3.0 ports doesnt work.
[GUIDE] StockROM
# BUGS / ISSUES
E6653_32.1.A.1.163
- camera apps (AR Effect,...) do force close
- filesystem (external SD card) does not refresh automatically, so you cant transfer files you copied to sd card via MTP to PC. Solved via restart. --> also on STOCK ROM
# DIRECT DOWNLOAD LINKS
E6653
Kernel
Z5_AndroPlusKernel_Permissive_v30 (for firmware .163 and .185)
Z5_AndroPlusKernel_Permissive_v31 (for firmware .224)
Recovery
twrp-3.0.2-0-E6653-20160417.img
SuperSu
SuperSU (beta but stable)
# DOWNLOAD LINKS
Windows programs
Sony PC Companion
Minimal ADB and Fastboot
Flashtool + patch file
µTorrent (for downloading Flashtool)
Android
AndoPlusKernel
TWRP
# GUIDE
BOOTLOADER STATUS
The bootloader loads the kernel. If unlock isnt allowed, the bootloader will prevent loading a custom kernel.
1) type *#*#7378423#*#* into dialer / phone app
2) service info --> configuration --> rooting status
3) if bootloader unlock allowed says YES, you can continue. If bootloader unlock isnt allowed you CAN NOT root your phone.
INSTALLING PROGRAMS
Flashtool
1) install µTorrent
2) download torrent file from Flashtool website
3) run downloaded torrent file via µTorrent
4) download Flashtool via µTorrent
! You can close and or delete µTorrent now, you will not need it anymore
5) install Flastool
6) open install directory from flashtool and replace x10flasher.jar with new patch
OTHER
1) install all other programs
INSTALL / CHECK DRIVERS
Windows 7 and lower
1) open Flashtool install directory
2) open driver folder
3) run Flashtool-drivers.exe
4) install Flashmode and Fastboot drivers
Windows 8 and higher
1) restart computer with digital driver signature disabled (you have to do this every time you restart your pc)
http://www.howtogeek.com/167723/how...8.1-so-that-you-can-install-unsigned-drivers/
2) open Flashtool install directory
2) open driver folder
3) run Flashtool-drivers.exe
4) install Flashmode and Fastboot drivers
! There are no Z5 drivers yet, that’s why you need Sonys PC Companion!
! Flashtool drivers were updated, try the new Z5 drivers before installing Sony PC Companion.
Sony PC Companion
1) run Sony PC Companion
2) connect your Xperia Smartphone
3) wait till it has been detected
4) close Sony PC Companion, you dont need it anymore
ADB driver check
1) enable Developer options and Unknown sources
2) run Minimal ADB and Fastboot
3) type
Code:
adb devices
4) allow dialog on your phone
5) check if your device is shown in command window
fastboot driver check
1) run Minimal ADB and Fastboot
2 put device in FASTBOOT mode
3) type
Code:
fastboot devices
in Minimal ADB and Fastboot
4) check if your device is shown in command window
! When connecting phone in flashmode or fastboot additional drivers will be installed automatically.
! Installing drivers twice can solve problems.
UNLOCK BOOTLOADER
1) open Flashtool
2) click on BLU (Bootloader Unlock)
3) follow the instructions shown by Flashtool
4) you will be forwarded to a Sony website
5) follow the instructions there
6) at the end you will receive a key
7) save this key carefully!
8) enable Enable OEM unlock in developer options
9) copy KEY into Flashtool prompt and click unlock
! You can try to use Flashtool for unlocking first, or continue with step 10.
10) open Minimal ADB and Fastboot
11) your phone has to be in Fastboot mode
12) check if your phone is shown by
Code:
fastboot devices
13) enter the following code:
Code:
fastboot –i 0x0fce oem unlock 0xKEY_FROM_SONY
14) reboot (that can take a long time, so dont worry)
DOWNLOAD XPERIA FIRMWARE - OPTIONAL
If you want to update, upgrade or reset your ROM.
1) open Flashtool
2) click on XperiFirm
3) downloading…..
4) in XperiFirm select your device then choose your preferred firmware (e.g. Z5 --> E6653 ---> Customized DE --> 32.0.A.6.200 R12B)
5) in the right column double click the latest firmware and start download
6) Unpack automatically has to be checked
7) after downloading close download window and XperiFirm
8) now Flashtool should start doing things
! You can identify your phone model by: Settings -->About phone--> Diagnostics
FLASH NEW FIRMWARE - OPTIONAL
If you want to update, upgrade or reset your ROM.
1) in Flashtool click on Flash device and choose your firmware
2) under "Wipe", check all (APPS_LOG, DIAG, SSD, USERDATA)
3) click flash and follow the instructions
4) after successful installation reboot phone (that can take a long time, so dont worry)
! You can flash a new ROM without unlocking your bootloader.
FLASH KERNEL
The kernel has direct control of the hardware.
1) download latest Kernel from download section (AndroPlusKernel is only for E6653 models)
2) extract ZIP
3) put boot.img from zip into your root directory from Minimal ADB and Fastboot
4) put phone into fastboot mode
5) run Minimal ADB and Fastboot and check with
Code:
fastboot devices
6) type in:
Code:
fastboot flash boot boot.img
7) restart phone and look if its working
! If you end up in a bootloop with the LED flashing 3-4 times try to flash Kernel and Recovery again. If this doesnt help, reflash firmware, kernel and recovery.
FLASH RECOVERY
The recovery is something like the boot menu you may know from windows. Its mainly used to install programs and apps.
1) download latest TWRP from download section
2) put twrp.img into your root directory from Minimal ADB and Fastboot
4) put phone into fastboot mode
5) run Minimal ADB and Fastboot and check with
Code:
fastboot devices
6) type in:
Code:
fastboot flash recovery twrp.img
! You can rename twrp image to twrp.img or something shorter if you want.
7) after the first boot - do a reboot into recovery. Otherwise the partitions won't be mounted correctly & flashing will run into trouble. It takes several seconds (or a few minutes) to reboot into recovery - but then you're good to go.
ROOT
Some apps need more permissions than normal. You can compare root with administrator rights on windows.
1) download UPDATE-SuperSU-v2.67.zip
2) copy UPDATE-SuperSU-v2.67.zip to your internal memory
3) enter TWRP
4) click Install
5) navigate through folder structure
6) tap UPDATE-SuperSU-v2.67.zip
7) "Swipe to confirm flash"
8) reboot
RESTORE DRM KEYS
Unlocking the bootloader disables a partition on your phone where software keys are saved. Without this keys xReality, BIONZ, audio processing arent available. This program will restore this features.
! Take a look if xReality is already working before installing DRM keys.
1) download DRM RESTORE (drmrestore.zip) from download section
2) copy drmrestore.zip to your external sd card
3) enter TWRP
4) click Install
5) navigate through folder structure
6) tap drmrestore.zip
7) "Swipe to confirm flash"
8) reboot
! Unfortunately, there is no way to save the original TA partition at the moment.
[GUIDE] CustomROM
# CyanogenMod 13_Alpha for E6653 and E6603
CyanogenMod is a free, community built, aftermarket firmware distribution of Android 6.0 (Marshmallow), which is designed to increase
performance and reliability over stock Android for your device.
### XDA Z5_CyanogenMod 13 Link ###
# AromaROM with Installer for Z5 E6853 / E6883 / E6653
AROMA is a custom ROM with nice tweaks, but it has some serious bugs. I used it for 2 month and there are several issues: random reboot, screen turn off during calling and does not turn on again, problems with notification bar, ... .
### XDA ROMAur Link ###
1) install stock lollipop rom
3) for E68xx models install recovery and kernel for your device
4) For E66xx models install twrp-2.8.7.0-E6653-20151130_material.img and kernel for your device
5) copy ROMAur to your external sd card
6) enter recovery
7) make a full wipe (Wipe --> Factory reset)
8) install ROMAur
9) Reboot
[TWEAKS]
XPOSED
ONLY FOR 5.1.1: When you want to install Xposed you have to deodex your system or install an already deodexes ROM. Without this procedure the camera and other apps wont work. Use this guide to solve this: http://forum.xda-developers.com/crossdevice-dev/sony/z4-z5-z5c-fix-camera-fc-installing-t3246962
XDA Thread: http://forum.xda-developers.com/showthread.php?t=3034811
1) download xposed-v85-sdk23-arm64.zip and XposedInstaller_3.0_alpha4.apk [Android 6.0 versions]
2) copy xposed-v79-sdk23-arm64.zip and XposedInstaller_3.0_alpha4.apk to your internal memory
3) enter TWRP
4) click Install
5) navigate through folder structure
6) tap xposed-v79-sdk23-arm64.zip
7) "Swipe to confirm flash"
8) reboot
9) install XposedInstaller_3.0_alpha4.apk
10) reboot
useful Xposed Moduless
APM+
Xperia / AOSP NavBar Buttons
OGYoutube + OGYoutube Xposed Login Fix
Flat Style Colored Bars
DISABLE SmallApps
SmallApps is that little bar in the overview screen.
1) power on phone
2) unlock your phone (open homescreen)
3) open Minimal ADB and Fastboot
4) type:
Code:
adb shell
pm hide com.sony.smallapp.launcher
pm hide com.sony.smallapp.app.widget
exit
5) after this, type:
Code:
adb reboot
! If you know what youre doing, you can simply delete all the SmallApp stuff via ROOT Uninstaller.

Thanks for quite a nice guide.
I have done rooting on various devices but this seems to be most complicated ever. [emoji14]
Sent from my E6683 using Tapatalk

It has been before this guide. Basically what I did was unlocking the bootloader, booting recovery, flashing kernel, flashing root, wipe, restore DRM fake, done.
Firmware wasn't necessary for me and I've made bad experiences with alternate firmwares / radios and so on in the past.

Hi. Do I have to backup my TA partition ?

there no way to backup your TA partition hopefully for now.

How to increase volume of both speakers
I have rooted z5 but don't know how to edit mixer path.xml

Siudzix said:
Hi. Do I have to backup my TA partition ?
Click to expand...
Click to collapse
Actually there is no need for it, imho. The fake DRM keys are doing a really good job. X-reality back, after picture processing back. It's also currently not possible to backup them afaik.

DeathStroke said:
Thanks for quite a nice guide.
I have done rooting on various devices but this seems to be most complicated ever. [emoji14]
Sent from my E6683 using Tapatalk
Click to expand...
Click to collapse
Mate I see you have Z5 E6683 which is dual sim. Were you able to get your phone rooted using this guide?
Many thanks.

I have XPERIA Z5 Dual Sim (E6633) - will this guide work ?

Siudzix said:
I have XPERIA Z5 Dual Sim (E6633) - will this guide work ?
Click to expand...
Click to collapse
Yes and no. You need a different kernel and mybe recovery. Everything else is the same. I will include a link in my guide if I find a working kernel.

Rooting Z5
Hi all,
Shall i root the phone without unlocking the Bootloader.I dont want to Unlock the bootloader.So please advise me is this root method is work on Locked Bootloader.
Thanks in advance

ramprasaathks said:
Hi all,
Shall i root the phone without unlocking the Bootloader.I dont want to Unlock the bootloader.So please advise me is this root method is work on Locked Bootloader.
Thanks in advance
Click to expand...
Click to collapse
For now, you have to unlock your bootloader to gain root access. There is no other method at the moment. So in conclusion: locked bootloader = no root.

how i root z5 dual 6683

parteek.dandyan said:
how i root z5 dual 6683
Click to expand...
Click to collapse
Follow the guide and do it. Its written there.
Sent from my E6683 using Tapatalk

DeathStroke said:
Follow the guide and do it. Its written there.
Sent from my E6683 using Tapatalk
Click to expand...
Click to collapse
Dont blame him. I added this guide for E6683 today. I cant try it myself because I have no E6683, but I hope it will work

alphatact1cs said:
Dont blame him. I added this guide for E6683 today. I cant try it myself because I have no E6683, but I hope it will work
Click to expand...
Click to collapse
I was not blaming, I didn't know that you updated today. Would be great in future if you do any update, add the date and following update.
Thank you.
One thing I noticed while reading your guide was TWRP is not for E6683. Will there be any problem? I haven't yet tried your guide because I was in doubt.
Sent from my E6683 using Tapatalk

DeathStroke said:
One thing I noticed while reading your guide was TWRP is not for E6683. Will there be any problem? I haven't yet tried your guide because I was in doubt.
Click to expand...
Click to collapse
The new Kernel from monx includes TWRP, so you dont need to flash Recovery...normally. I know that my guide works, but only for E6653. I included a link for E6683, but I also wrote that I cant try it because I havent a Z5 E6683. Anyway, TWRP for E6653 should work for E6683 devices. The main difference is the Kernel.

Guys, what about E6633 ? Is it really bad ?

Siudzix said:
Guys, what about E6633 ? Is it really bad ?
Click to expand...
Click to collapse
You can try it at your own risk. Someone said that it will work, but I would be careful.
pesonic said:
Should this be working on E6633 too?
Click to expand...
Click to collapse
arismelachrinos said:
+1
Click to expand...
Click to collapse

@alphatact1cs are you open to suggestions??
we are currently trying to unify devices index here at xda..
would you like to follow what our fellow brother @kuzibri and @sd_shadow has implemented?
http://forum.xda-developers.com/general/about-xda/public-index-program-project-t3147245

[Guide] Safe bootloader unlock, restore DRM, custom recovery, root, bootloader relock

** DISCLAIMER: I AM NOT A DEV AND THIS IS MY HOBBY. I ASSUME NO RESPONSIBILITY IF THIS BREAKS YOUR DEVICE **​The following is tested on model SGP-771. For Wifi-only model the procedure is the same but you should use the files and kernels for the Wifi model. Do not flash the ftf and kernel files intended for the cellular model on a Wifi-only tablet.​I am not taking credit for any of the tools and kernels here. They are all developed by others. I am only telling you how to use them.
Credits: @zxz0O0, @AndroPlus, @tobias.waldvogel
0- Prerequisites
You need to have a functioning installation of adb and fastboot tools. You need to have proper Sony drivers installed on your PC to detect your tablet when it is connected to the PC. You should be able to flash an ftf file using flashtool. If any of these sound unfamiliar to you, stop reading, go learn about them, and then come back.
1- How to unlock your bootloader without losing the DRM keys
Sony has designed this tablet such that if you unlock your bootloader you lose your TA partition PERMANENTLY which includes some of the Xperia features and licenses that have to do with image processing etc. forever. You will also no longer receive OTAs. So in theory, without a copy of this TA partition (which is unique to each tablet and cannot be copied over from another tablet) unlocking the bootloader results in an irreversible loss of some of your tablet's features. Relocking the bootloader will not bring them back.
A hack exists that allows you to backup the TA partition before you unlock the bootloader. This backup will make the process completely reversible so if you ever need to send the tablet to Sony for repair or just want to return it to its original state you have a way. Follow these instructions carefully:
1.0- Before you begin keep in mind that this procedure, especially the unlocking step, completely erases your tablet. Disable myXperia and remove your google account before proceeding. The following will likely not work well with encryption.
1.1- Start by clean flashing any 28.0.A.8.260 firmware, For this tutorial I used SGP771_Customized HK_1296-4830_28.0.A.8.260_R10A. You can download it from https://mega.nz/#!YsUWwY5Y!0775_vLpjV9-UkoGjMWP6-Yu8L31LkJVHEyUwA7X9NA. For the wifi only model SGP712 use
https://mega.nz/#!wlIl0JDa!DR0lRL6dDn5Y-K_4768oJnLGWQyrxNV0xLHgKVVesFw (thanks to @kuroneko007)
1.2- Enter service Mode by dialing *#*#7378423#*#* -> Service info -> configuration, and make sure the device is unlockable. (To access service menu on SGP712 (Wi-Fi only model) see: http://forum.xda-developers.com/showpost.php?p=66164176&postcount=5) Also check -> Service Tests -> Security and you will see a bunch of "active" and "OK" attributes. You can take screenshots for your reference.
1.3- Turn on usb debugging mode on your tablet.
1.4- Download iovyroot zip v0.4 or higher from here.
1.5- Unzip this zip file into a folder of your choice and open a command terminal there.
1.6- Connect the tablet which is now in USB debugging mode to your PC and answer yes when it asks to authorize the PC to access the tablet in USB debugging mode. You can check that the PC indeed sees the tablet by running this command
Code:
adb devices
1.7- Run the following command:
Code:
tabackup
1.8- VERY IMPORTANT: Make sure the command completes with no errors. If all goes well you will have a file with a name like TA-07102015.img (the name may be different for you) with a size of 2MB in your folder.
1.9- Save this file in a very safe place. Save it on your hard disk, AND email it to yourself, AND put it on your google drive. If you lose this file you can never reverse the bootloader unlocking process.
1.10- Reboot the device.
1.11- Now you can unlock the bootloader. Follow the instructions at Sony's official website at http://developer.sonymobile.com/unlockbootloader Also save your unlock code that you obtain in this step somewhere. You may need it some day.
1.12- Reboot the device and it will briefly enter recovery and then start the tablet initial setup.
1.13- (Optional) you can easily verify that your bootloader is unlocked by entering the fastboot mode, obtaining any boot image, and running the following command to boot your tablet with that image:
Code:
fastboot boot boot.img
1.14- (Optional) you can see that the DRM keys are erased from your tablet by repeating step 1.2 but this time you will see a bunch of errors under Service Tests -> Security.
1.15- As a side effect of unlocking the bootloader you lose the ability to receive OTA updates. Clean flash a Marshmallow ftf to continue. For this tutorial I used Marshmallow 6.0 SGP771_Customized DE_1295-6955_32.1.A.1.185_R4C (the latest firmware at the time of this writing.)
2- How to emulate DRM keys and/or root after unlocking the bootloader.
A hack exists that can emulate the DRM keys:
2.1- Obtain a kernel boot image. If you want to stick with the stock kernel you need to extract kernel.elf from the ftf that you flashed in step 1.15. If you want a custom kernel you can download one from https://kernel.andro.plus/kitakami.html Note that whatever kernel you are using in this step must match the firmware version currently installed on your system. For this example I downloaded Z4T_SGP771_AndroPlusKernel_v27.zip and extracted the boot.img file from the zip, which matches Marshmallow 32.1.A.1.185.
2.2- Download rootkernel_v4.42_Windows_Linux.zip (or a higher version) from http://forum.xda-developers.com/xperia-z5/development/root-automatic-repack-stock-kernel-dm-t3301605 and unzip it in a folder of your choice.
2.3- Copy the kernel (e.g. boot.img) to this folder. If you want root, place SuperSU 2.71 (or higher) in this folder as well. Make sure the name of the SuperSU zip starts with letters "SuperSU". The latest SuperSU can be obtained from: http://forum.xda-developers.com/apps/supersu/2014-09-02-supersu-v2-05-t2868133
2.4- Open a command terminal in this folder and run the rootkernel script. Your command should look similar to this:
Code:
rootkernel.cmd boot.img boot-patched.img
When prompted, answer as follows:
- Sony RIC is enabled. Disable? [Y/n] Y
- Install TWRP recovery? [Y/n] N
- Found SuperSU-v2.71-20160331103524.zip. Install? [Y/n] Y (if you want root)
- Install DRM fix? [Y/n] Y (if you want DRM emulation)​This will create a new kernel image called boot-patched.img which you will now flash on your tablet.
2.5- Boot the tablet in the fastboot mode and flash your patched image using the following fastboot command:
Code:
fastboot flash boot boot-patched.img
2.6- (Optional) You can reboot the tablet and see that the DRM keys are indeed retrieved by repeating step 1.2. You can also open settings -> display, and look under Image Enhancement. If the DRM emulation is succesfull you will see this but if it hasn't been successful you will see this.
3- How to flash a custom or stock kernel
3.1- Whether you want to use a custom kernel or stock, and whether you have done the DRM patch described above or not, to flash it on your tablet you need to restart the tablet in fastboot mode.
3.2- To flash the kernel use this command:
Code:
fastboot flash boot [I]name_of_your_kernel[/I]
You will replace name_of_your_kernel with whatever your kernel is called (e.g. boot.img, kernel.elf, etc.)
4- How to flash recovery
4.0- To install TWRP recovery you need to flash AndroPlus kernel first (see sections 2.1 and 3).
4.1- Download a TWRP image from the same webpage. For this tutorial I used TWRP-3.0.2-0-20160417.img.
4.2- Reboot into fastboot mode and run this command:
Code:
fastboot flash recovery TWRP-3.0.2-0-20160417.img
4.3- Reboot the tablet. To enter recovery touch the volume keys when the LED turns yellow during the boot splash screen.
5- How to relock bootloader and return it to original factory state
5.0- To relock the bootloader along with restoring the DRM keys the tablet must have unmodified stock firmware.
5.1- Repeat step 1.1
5.2- Repeat steps 1.3, 1.4, and 1.5
5.3- Copy the TA backup image that you had obtained in section 1 in the iovyroot folder and use the tarestore command to flash the TA partition back onto the tablet. The command will look similar to this:
Code:
tarestore TA-07102015.img
Make sure the command completes with no error. If it fails the first time try again. Reboot the tablet. Your bootloader is now locked and your DRM keys restored.
5.4- (Optional) You can verify that you are back to the original locked state by repeating step 1.2.

Reserved
For FAQ, etc.

Thanks for this great guide.
My question is this. Since it would be easier to avoid all this, can this tool help us do it without having to downgrade?
http://www.xda-developers.com/chainfires-flashfire-can-now-create-fastboot-flashable-backups/
I mean would it also backup the DRM keys? Has anyone tried (preferably with a TA backup already in place so that he may not lose the keys in case that this won't work)...

Stevethegreat said:
Thanks for this great guide.
My question is this. Since it would be easier to avoid all this, can this tool help us do it without having to downgrade?
http://www.xda-developers.com/chainfires-flashfire-can-now-create-fastboot-flashable-backups/
I mean would it also backup the DRM keys? Has anyone tried (preferably with a TA backup already in place so that he may not lose the keys in case that this won't work)...
Click to expand...
Click to collapse
No. This tool cannot help you and trust me there is no shortcut to avoid all of this.
Flashfire (the tool you mentioned) only works if you already have root access. There is no root available for this tablet without unlocking the bootloader, and unlocking the bootloader means you lose the TA partition immediately. So by the time you get this tool to work your TA partition will have been long erased.

Hi. Does this solution suit only for people who have not erased drm keys yet and are be able to backup it? For those who lost, no up-to-date solution except for that http://forum.xda-developers.com/xperia-z5/development/sony-credentials-restore-unlocking-t3296383 ?

Correct.

Not understand step:
1.1- Start by clean flashing any 28.0.A.8.260 firmware
without this step temporary root not work...
But how flash firmware if device has still locked bootloader? What tool using for this step?

mrdarek said:
Not understand step:
1.1- Start by clean flashing any 28.0.A.8.260 firmware
without this step temporary root not work...
But how flash firmware if device has still locked bootloader? What tool using for this step?
Click to expand...
Click to collapse
You can download a tool called flashtool from http://www.flashtool.net/index.php and flash an unmodified ftf firmware. Because the firmware is unmodified the bootloader doesn't have to be unlocked. Many tutorials are available on xda and elsewhere about using this tool, which you can find by doing a Google search. As I said in the prerequisite section, "You should be able to flash an ftf file using flashtool. "

anybody successfully tried this guide?

I learned how flash and succesfully do my first flash.
Currently I have problem with iovyroot
It always say
Error: Device not supported
rm: /data/local/tmp/tabackup/TA-*.img: No such file or directory
My current software is:
SGP771_28.0.A.8.251_R15A_UK Generic_1295-4697
and it earlier then december 2015 like need iovyroot
I can't find software *.260 like in guide, I don't know if this created that problem...
Maybe najoor version work because it was "customized" - it mean - with patched kernel. But if locked bootloader allow me flash customized firmware?

mrdarek said:
I learned how flash and succesfully do my first flash.
Currently I have problem with iovyroot
It always say
Error: Device not supported
rm: /data/local/tmp/tabackup/TA-*.img: No such file or directory
My current software is:
SGP771_28.0.A.8.251_R15A_UK Generic_1295-4697
and it earlier then december 2015 like need iovyroot
I can't find software *.260 like in guide, I don't know if this created that problem...
Maybe najoor version work because it was "customized" - it mean - with patched kernel. But if locked bootloader allow me flash customized firmware?
Click to expand...
Click to collapse
As you said it, the problem was that you didn't flash the 260 version, not that it wasn't customized.
If you can't find the right version I upload it and post a link in the OP. It takes a little time so check this thread again in about 5 hours.

I found "260" firmware and magically all start work . I finished all job and have now root and recovery .
It worth add tips about fastboot - you can check connection by command but also you can see - if LED on device is blue - connection in fastboot work (if not - try again)
My last question is about how check that DRM emulation work - under security after phone code is still errors. I 100% patched kernel and flash it properly.
Thanks for tutorial and support
Something just not work... Someone can check sizes ?:
boot.img - original kernel androplus 2.5: 17 756 160
andropatched.img - patched with my drm keys: 17 760 256
keys: 2 097 152

mrdarek said:
I found "260" firmware and magically all start work . I finished all job and have now root and recovery .
It worth add tips about fastboot - you can check connection by command but also you can see - if LED on device is blue - connection in fastboot work (if not - try again)
My last question is about how check that DRM emulation work - under security after phone code is still errors. I 100% patched kernel and flash it properly.
Thanks for tutorial and support
Something just not work... Someone can check sizes ?:
boot.img - original kernel androplus 2.5: 17 756 160
andropatched.img - patched with my drm keys: 17 760 256
keys: 2 097 152
Click to expand...
Click to collapse
The sizes sound about right. What errors are you getting?
You can try to relock the bootloader using the instructions and see if your TA backup works. If that works then we can see why the kernel is patched correctly.

Hi - I succesfully restored bootloader (=locked it, and no errors in service) - so I'm sure - my keys are OK. It was very hard - 3x flash, 3 x try use restore (still was errors), and at last success!!!
Now all procedure again, almost from start - but I also more try if need - I send info tomorrow
---------------------------------------
Hmmm not work... Tested original marsmallow germany kernel and androkernel 2.4. Image test described in step 2.6 fail
Under security is: Blobs : generic error!
HUK: generic error!
Flashed kernels names are properly recognized under settings. root work. I not have idea where is bug. It must be during creating andropatched image - but no errors here:
C:\rootkit>drmonly boot.img andropatched.img TA-07102015.img
- Unpacking kernel
Found android boot image
Kernel version: 3.10.84
- Detected vendor: somc (Sony), device: karin, variant: row
- Unpacking initramfs
- Detected platform: 64-bit
- Detected Android version: 6.0
- Skipping drmfix. Unsuppported/untested for model karin
- Creating new initramfs
- Creating boot image
- Cleaning up
Done
C:\rootkit>
--------------------Maybe that line is wrong!!!!!!!!
Skipping drmfix. Unsuppported/untested for model karin
but how fix it?

mrdarek said:
Hi - I succesfully restored bootloader (=locked it, and no errors in service) - so I'm sure - my keys are OK. It was very hard - 3x flash, 3 x try use restore (still was errors), and at last success!!!
Now all procedure again, almost from start - but I also more try if need - I send info tomorrow
---------------------------------------
Hmmm not work... Tested original marsmallow germany kernel and androkernel 2.4. Image test described in step 2.6 fail
Under security is: Blobs : generic error!
HUK: generic error!
Flashed kernels names are properly recognized under settings. root work. I not have idea where is bug. It must be during creating andropatched image - but no errors here:
C:\rootkit>drmonly boot.img andropatched.img TA-07102015.img
- Unpacking kernel
Found android boot image
Kernel version: 3.10.84
- Detected vendor: somc (Sony), device: karin, variant: row
- Unpacking initramfs
- Detected platform: 64-bit
- Detected Android version: 6.0
- Skipping drmfix. Unsuppported/untested for model karin
- Creating new initramfs
- Creating boot image
- Cleaning up
Done
C:\rootkit>
--------------------Maybe that line is wrong!!!!!!!!
Skipping drmfix. Unsuppported/untested for model karin
but how fix it?
Click to expand...
Click to collapse
You need to follow the instructions to the letter:
1- flash the esaxt same firmware that you made the TA backup with.
2- Restore TA backup.
I guarantee you it will work or l will help you debug it.

Not very understand. It was done. TA backup was done with "260" firmware. I'm able lock that firmware again, so it work. but it only lollipop, can't go into marshmallow from it.
Goal is: marshmallow with root twrp and drm. How achieve it?
I see - I have new device version (karin) so (hopefully) temporary this solution not work for me. I can have only marshmallow with root and twrp (no DRM) or marshmallow with DRM (no root and twrp). I must wait as developers support my device, and keep my keys in safe place to that time.

mrdarek said:
Goal is: marshmallow with root twrp and drm. How achieve it?
Click to expand...
Click to collapse
mrdarek said:
Tested original marsmallow germany kernel and androkernel 2.4. Image test described in step 2.6 fail
...
Flashed kernels names are properly recognized under settings. root work. I not have idea where is bug. It must be during creating andropatched image - but no errors here:
...
C:\rootkit>drmonly boot.img andropatched.img TA-07102015.img
...
- Skipping drmfix. Unsuppported/untested for model karin
...
Click to expand...
Click to collapse
OK, I see what is going on.
When I use drmonly script version 4.24 I get the following:
Code:
C:\Users\najoor\Desktop\rootkernel_v4.24_Windows_Linux>drmonly.cmd boot.img test.img TA-07102015.img
- Unpacking kernel
Found android boot image
- Unpacking initramfs
- 64-bit platfrom detected
- Configuring secd
- Configuring wvkbd
- Configuring drmserver
- Creating new initramfs
- Creating boot image
- Cleaning up
Done
But if I use version 4.31:
Code:
C:\Users\shervin\Desktop\working\Download\rootkernel_v4.31_Windows_Linux>drmonly
.cmd boot.img x.img TA-07102015.img
- Unpacking kernel
Found android boot image
Kernel version: 3.10.84
- Detected vendor: somc (Sony), device: karin, variant: row
- Unpacking initramfs
- Detected platform: 64-bit
- Detected Android version: 6.0
- Skipping drmfix. Unsuppported/untested for model karin
- Creating new initramfs
- Creating boot image
- Cleaning up
Done
I have no idea why @tobias.waldvogel decided to remove the support for Tablet Z4 in the latest version of the drmonly script, but I can see that the DRM works fine with the old version.
I do not have persmission from @tobias.waldvogel to post the older version of his script here so you have to ask him to either add support in the new version or give you the older version.

Thanks - so now I see where is problem. I try contact with author.
Heh - I send PM him but it was my fault [added: it not totally fault - Tobias work on new version and soon we should have new working utility for all ]
I'm enough clever to modify script in 5 minutes (it txt ), and enough stupid to flash it immediately. Now I have....
rooted marshmallow with DRM KEY and TWRP - job finished
To finish job I disabled in settings auto-update, because now it start possible

FAILED <remote dtb not found>
Unlocked the bootloader and successfully retrieved TA partion with SGP771_28.0.A.8.260 , installed stock 32.1.A.1.185, tablet runs fine without problems.
Retrieving the boot.img from Z4T_SGP771_AndroPlusKernel_v27 for my SGP771 device and running
Code:
fastboot boot boot.img
gives
downloading 'boot.img' ...
OKAY [ 0.347s]
booting ....
FAILED <remote: dtb not found>
Click to expand...
Click to collapse
This happens even with the 32.1.A.1.185 stock boot.img. Tried on Kubuntu 16.04 and WIN7. Same result. When I flash
the AndroPlusKernel_v27 boot.img,
Code:
fastboot flash boot boot.img
finishes without errors and tablet does not boot any more but -thanks God- fastboot mode still functioning.
I am lost. Can not root my tablet . Any clues?
---------- Post added at 04:14 PM ---------- Previous post was at 03:41 PM ----------
Sorry, correction:
first retrieved TA partion, then unlocked bootloader.

Hybel1507 said:
Unlocked the bootloader and successfully retrieved TA partion with SGP771_28.0.A.8.260 , installed stock 32.1.A.1.185, tablet runs fine without problems.
Retrieving the boot.img from Z4T_SGP771_AndroPlusKernel_v27 for my SGP771 device and running
Code:
fastboot boot boot.img
gives
This happens even with the 32.1.A.1.185 stock boot.img. Tried on Kubuntu 16.04 and WIN7. Same result. When I flash
the AndroPlusKernel_v27 boot.img,
Code:
fastboot flash boot boot.img
finishes without errors and tablet does not boot any more but -thanks God- fastboot mode still functioning.
I am lost. Can not root my tablet . Any clues?
---------- Post added at 04:14 PM ---------- Previous post was at 03:41 PM ----------
Sorry, correction:
first retrieved TA partion, then unlocked bootloader.
Click to expand...
Click to collapse
Please follow the following steps exactly and let me know in what step things fail. If you do not provide detailed information I will not be able to help you.
1- Clean flash a 185 ftf and make sure system boots fine.
2- extract the kernel.elf from the ftf and I use fastboot to see if you can boot using fastboot with this kernel.
3- extract boot.img from AndroPlusKernel_v27 and see if you can use fastboot to boot with this image.
4- use the procedure in the OP to patch AndroPlus kernel and see if you can use fastboot to boot with this image.
5- flash this image using fastboot to see if the system boots fine.

Root xperia xz 6.0.1 - 39.0.a.1.250

Before we start let’s do some preparations:
1. Find your IMEI Number, open the phone dialer on your device and enter *#06# . Write the number down for later.
2. Download SuperSU.zip file by chainfire, and copy it to the root of you phone external SDCARD.
3. Download and install ADB and Xperia XZ drivers .
4. Download TWRP recovery twrp-3.0.2-0-kagura.img .
How to Unlock your device:
Go to Sony Developer World Mobile website;
Select your device model and then provide your device IMEI number. You'll get your unlocking code after verifying your email.
Write the number down for later.
Next, Connect to Fastboot;
1. Turn off phone.
2. Connect USB.
3. Press VOLUME UP & at the same time CONNECT USB CABLE to computer.
4. Go to your ADB folder and open CMD in elevated mode, and then enter the following commands:
To verify your device is discoverable enter
CODE;
fastboot devices
* You should see your device serial number. If not, reconnect to Fastboot and make sure your USB cable is in good shape and mounted properly.
To unlock your device enter you unlocking code as follow
CODE;
fastboot -i 0x0fce oem unlock 0xYOURCODE (0xYourCodeAfterThe 0x)
* Verify you get answer back without any errors.
Next, Boot your device into bootloader,
CODE;
adb reboot bootloader
Install TWRP* now:
To flash TWRP recovery,
CODE;
fastboot flash recovery twrp-3.0.2-0-kagura.img
Install SuperSU now:
Assuming you Have already installed TWRP, and SuperSUfile.zip is in the device SDCARD,
boot into TWRP using ADB,
CODE;
adb reboot recovery
OR manually;
Shutdown the device -> Hold the volume button down & the Power button at the same time -> Once power up you can release the power button but keep holding the volume button down until TWRP opened.
Once in TWRP, install/flash UPDATE-SuperSU-vX.zip and reboot. It will take up to 10min for the first boot possibly with additional boot loop.
If its fail, flash your UPDATE-SuperSU-vX.zip again and make sure System Partition is in RW mode (read write).
*If you don’t have already a copy of SuperSU on your SDCARD, you can try use ADB to Push it.
CODE;
adb push YourSuperSUfileName.zip /sdcard
If it doesn’t work, power the phone normally, copy the file from your computer to the SDCARD, then reboot back to TWRP and continue.
To reboot your device,
CODE;
fastboot reboot
Troubleshoot:
1. *TWRP - Fix READ ONLY when try to mount System Partition;
If you see that the System Partition is mount as Read Only (you’ll see a checkmark next to read only) you must correct it before flashing SuperSU. From within TWRP go to the File Manager and look for TWRP folder, typically you'll find it in /sdcard/TWRP/ and then DELETE the file ".twrps". You may have to do it several time (reboot after each delete) until it works!
2. It taken me some time to do it successfully. Be patient and persistent - the sequence is working.
Good luck to all.
Sorry, no URL's.
Also, if you curious to know, I bought Xperia XZ with preinstalled US rom and I’ve successfully activated the finger print sensor. Here is how;
Activate Finger Print Sensor:
If you have the US version of XZ, you have to install the UK CUSTOMIZED version.
1. Download UK F8331_39.0.A.1.250_1305-2216_R5B.ftf or the most current file.
2. Use Flashtool to install (place the ftf file in C:/Users/CurrentUserName/.flashTool/firmwares).
If it worked for me it should work for you.

which funktions do we lose when we unlock the BL.
i remember when i unlocked my Z3 i lost the DRM Keys and the camera quality get worse.
also the DRM Keys were necessary to relock the BL.

I would also like to know that myself. It is the same thing as it was with the z5.

feritlt said:
which funktions do we lose when we unlock the BL.
i remember when i unlocked my Z3 i lost the DRM Keys and the camera quality get worse.
also the DRM Keys were necessary to relock the BL.
Click to expand...
Click to collapse
Tjoohej said:
I would also like to know that myself. It is the same thing as it was with the z5.
Click to expand...
Click to collapse
Yes, nothing has changed - compared to the Z-series: In case of unlocking the bootloader, your DRM-keys are lost forever. You only can reactivate a few features with a drm fix (e.g. with the tool of @tobias.waldvogel).
@Carlobatusi
Please add a warning at your op!

Klaus N. said:
Yes, nothing has changed - compared to the Z-series: In case of unlocking the bootloader, your DRM-keys are lost forever. You only can reactivate a few features with a drm fix (e.g. with the tool of @tobias.waldvogel).
@Carlobatusi
Please add a warning at your op!
Click to expand...
Click to collapse
Thank you for the quick reply, take care.

How did you get the unlock code?

amuzavali said:
How did you get the unlock code?
Click to expand...
Click to collapse
Xperia XZ isn't under the supported devices yet, but you can choose Xperia X. But keep in mind, that you'll lose your DRM-keys forever!

Ok
Trimis de pe al meu F8331 folosind Tapatalk

Anyone tried? Can we backup DRM keys before do it?
Hi
anyone tried this method? what problems will come after doing it
x-reality will work?
camera?
can we backup DRM key in case of need to relock bootloader?
sorry for English :cyclops:

Klaus N. said:
Xperia XZ isn't under the supported devices yet, but you can choose Xperia X. But keep in mind, that you'll lose your DRM-keys forever!
Click to expand...
Click to collapse
Now Xperia XZ is listed under device selection for unlock bootloader.
lianzen said:
Hi
anyone tried this method? what problems will come after doing it
x-reality will work?
camera?
can we backup DRM key in case of need to relock bootloader?
sorry for English :cyclops:
Click to expand...
Click to collapse
No, you can't backup your DRM keys as of now, there is no way to root with locked bootloader.
And YES, installing androplus kernel v4 you will recover x-reality. and camera functions. The only thing that you will loose is the warraty, but if you don't have any issues with your phone, there is no problem.

My phone is stuck on the Sony logo after I installed SuperSU. I tried installing it again, but no luck

Danchou-san said:
My phone is stuck on the Sony logo after I installed SuperSU. I tried installing it again, but no luck
Click to expand...
Click to collapse
The guide in post #1 is old and flawed that I even suppose it did not work in 2016.
You need a custom kernel otherwise DM-Verity and RIC are freaking out -> bootloop.

[BEGINNERS GUIDE][Lollipop 5.1.1 .236] Root,Backup TA, UBL, Install Recovery

NOTE: DON'T HOLD ANYONE RESPONSIBLE IF SOMETHING GOES WRONG DURING THE PROCESS!
This thread contains full information you might need for rooting, backing up TA partition, unlocking bootloader, installing custom recovery, installing custom rom etc.
Some notes below, read them
-I try to keep this thread clean so people have easier time navigating. @derjango has ALOT of info and fixes on his THREAD which is related to this one, give it a read
-Read comments if you have problems. You may find answer and fix there by other users. I wrote this thread few months after I did these steps to my phone so I likely made mistakes (e.g. I forgot or got some steps wrong). If you do see those mistakes or have problems that nobody else has, feel free to ask in comments.
-We will use legit rooting methods and not those sketchy one click root apps
-These instructions may apply for other z line devices but you will have to find ftf files for your own device
-Written for 14.6.A.1.236 firmware but it will work on any version that you have currently.
0. PREPARATIONS
Backup all your data (photos, videos, contacts etc.)
Fully charge your battery
Enable USB debugging
Download the following:
Latest XperiaCompanion from HERE (for drivers mainly)
Sony flashtool from HERE
Follow THIS thread to install adb drivers
Navigate to your C:\Flashtool\drivers and run Flashtool-drivers
Select Flashmode drivers, Fastboot drivers and Xperia Z1 Compact drivers and click install
Now download THIS and THIS and put it in C:\Users\username\.flashTool\firmwares
(Windows 8/8.1/10 users can try - THIS fix if you can't install flashtool drivers)
1. FLASHING .108 FIRMWARE
1.1. Run Flashtool and click on lightning button, make sure flashmode is selected and hit Ok
1.2. In left window click on + symbol until you find 14.4.A.0.108
1.3. Under wipe check both options
1.4. Click Flash
1.5. Wait
1.6. Follow the on screen instructions
(You can release vol- when you see activity in flashtool window)
(If you get device disconnected just unplug phone and repeat all from step 1.1)
1.7. Don't touch anything until blue progress bar disappears. You should see Device disconnected> Device connected in flash mode.
(Don't worry if bar gets stuck near end just let it do it's thing)
1.8. Disconnect phone and reboot
1.9. Done!!!
(Do only basic setup, we won't be staying on this rom for long)
2. ROOTING .108 FIRMWARE
2.1. Make sure USB debugging is enabled
2.2. Download THIS Easy Root Tool by zxz0O0
2.3. Unzip and run install.bat
2.4. Download SuperSu apk form HERE put it in internal storage and install it.
2.5. Update binary normally.
2.6. Done!!! You should have root now.
(Download Root Checker to make sure you do)
3. TA PARTITION BACKUP
(NOTE: This is absolutely not necessary and is only needed if you plan to go back to stock firmware AND use BionZ, X-Reality and Music ID/Gracenote. TA partition and DRM keys stored inside get erased when you unlock bootloader.
3.1 Download THIS Backup TA v9.11 by DevShaft
3.2. Extract and run Backup-TA.bat. You should see backup>TA backup.zip in main folder where you extracted
3.3. Backup whole folder to cloud since you can't flash someone's else backup if you loose yours
3.4. Done!!!
(Read linked thread for useful information and FAQ)
4. UNLOCKING BOOTLOADER
4.1. Dial *#06# on your device. You will see your IMEI code
4.2. Go HERE and scroll to bottom
4.3. Under select device select Z1 Compact and enter your IMEI code
4.4. Check the 2 boxes and click on submit. You will get your unlock code. Copy it to clipboard
4.5. Run Flashtool again and click on "BLU" button
4.6. Connect phone in flashmode.
4.7. When prompted, enter your unlocking code that you copied form SONY website
4.8. Click unlock.
(Follow any instructions that flashtool gives you. I don't remember if there are any after this)
4.9. Done!!! Your bootloader is unlocked!
5. FLASHING RECOVERY
This is how I did it. You can try to skip step 5.2. If it doesn't work try again following all steps
5.1. Download THIS TWRP by 115ek and extract recovery image in new folder
5.2. Run Flashtool and flash 14.6.A.1.236 just like you did with .108 in first step (If you have problems here see THIS comment)
5.3. Now without rebooting or disconnecting your phone flash THIS open bootloader with flashtool just like you flashed system ftf-s.
5.4. Disconnect your phone and press volume up and connect your data cable. You should see blue led.
5.5. Now enter that folder where you extracted recovery image and press shift and right click in empty window area and select Open Command window here (Powershell for windows 10 users should work fine I think. Never used it)
5.6. Type "fastboot flash recovery recovery.img" and hit enter.
5.6 Done!!! You should have your recovery now.
To reboot to recovery first disconnect your phone and hold volume down and power button. Release power button when phone vibrates but keep holding volume down until you see twrp logo.
AND THAT IS IT
Now that you have your recovery and unlocked bootloader you can flash whatever roms, kernels, mods that you want for your phone.
Thanks to:
derjango for his thread mentioned above
munjeni For supplying open bootloader ftf and for giving me support with my problems
Androxyde For Flashtool
Snoop05 For ADB driver tool
zxz0O0 For Root tool And PRF Creator tool
DevShaft For Backup TA tool
115ek For TWRP
[NUT] For XZDualRecovery
kulvertti For SuperSu Dummy

Placeholder

I'm really struggling to get past unlocking the bootloader and starting to get quite confused.
Sony Companion is up to date.
Flashtool installed and used to flash .108 firmware.
Device is rooted using Easyroot tool.
Supersu installed and binary updated.
When I go to run BLU in Flashtool it prompts me to connect my device whilst holding the volume-down button (so flash mode). A couple of seconds after doing that it prompts me to re-connect the device whilst holding the volume-up button (so fastboot mode), but nothing happens. Blue LED is on the device, but Flashtool does absolutely nothing.
When I check Flashtool-driver it does fail to install the AndroidUsbDeviceClass driver, but when I run the 15-second ADB Installer it completes successfully - plus I was able to flash the firmware earlier so I don't see why I'd now have a driver issue.
Any ideas? It's starting to drive me crazy.

Here is what you can try.
Connect your phone to pc and in command prompt type adb reboot bootloader or hold vol+ and connect your phone
Your phone will be booted to fastboot now
Now type fastboot devices
You should see
XXXXXXXXXblabla fastboot
If you see this that means that your phone is recognized in fastboot by your pc.
If you see <waiting for device> or something else go to your device manager while still in fastboot
IIRC you should see under other devices something like saXXXX or something
You can tell me what exactly it says or you can fix it yourself by googling that number and adding fastboot driver and update it manually through device manager
If you decide to do it yourself make sure you link me website where you link me thread where you found driver and write down instructions so other people can see it
If you have any other problems feel free to reply
Also i just noticed that i didn't include that you lose ta partition when ubl and since you don't have ta backup make sure you make one. You never know when you might need it

Ok, thanks for that I definitely had a problem with driver installation so followed the steps in this video - https://www.youtube.com/watch?v=fcz4o6fpDGc
Now I am a bit stuck on flashing recovery.
5.2. Run Flashtool and flash 14.6.A.1.236 just like you did with .108 in first step --- do I also check both options under Wipe? will this not remove root?
5.3. Now without rebooting or disconnecting your phone flash THIS just like you did with system ftf-s. --- not sure what I'm meant to do here

Glad you fixed that problem
Flash that file through flashtool just like you flashed system ftf
Also yes that will remove root but we had that root only to backup ta and unlock bootloader. Since you unlocked bootloader and you install twrp you can easily root any rom

I get the "'fastboot' is not a recognised ..." error when trying to flash recovery - using Windows PowerShell as I'm on Win10.
EDIT: running CMD then moving to the location of where ADB was installed and contains Fastoot.exe worked.
Thanks for the guide!

scanz said:
I get the "'fastboot' is not a recognised ..." error when trying to flash recovery - using Windows PowerShell as I'm on Win10.
Click to expand...
Click to collapse
That means you don't have fastboot drivers installed. Here is temporary fix that got me out of frustrating situations when i can't install drivers systemwise
https://mega.nz/#F!aBoUXI5Q!RmxLAO638aHNJKLwo00Hew
If it downloads as zip first unzip it and run command prompt/powershell in that folder or in powershell type cd and drag that folder, that should do the same.
fastboot will now be recognised as command
this also includes adb drivers

Just wondering, I'm trying to get Magisk running after finishing the steps in your guide, but it does not pass any of the SafetyNet checks - even basicIntegrity check comes back false. Have you any ideas or experience with this? If so perhaps you could include it as part of the guide

If you get cts fasle that means you flashed rom that comes with supersu preinstalled. You could try installing rom without magisk and removing su then flashing mahgisk.
Not sure about integrity tho. I heard that xposed can cause problems with that.

colaigor said:
5.3. Now without rebooting or disconnecting your phone flash THIS with flashtool just like you flashed system ftf-s.
Click to expand...
Click to collapse
I get this:
23/015/2018 22:15:07 - INFO - Selected Bundle for Sony Xperia Z1 Compact(D5503). FW release : 1. Customization : openbootloader
23/015/2018 22:15:07 - INFO - Preparing files for flashing
23/015/2018 22:15:07 - INFO - Please connect your device into flashmode.
23/015/2018 22:15:08 - INFO - Opening device for R/W
23/015/2018 22:15:08 - INFO - Device ready for R/W.
23/015/2018 22:15:08 - INFO - Reading device information
23/015/2018 22:15:08 - INFO - Unable to read from phone after having opened it.
23/015/2018 22:15:08 - INFO - trying to continue anyway
23/015/2018 22:15:08 - INFO - Phone ready for flashmode operations.
23/015/2018 22:15:08 - INFO - Opening TA partition 2
23/015/2018 22:15:08 - INFO - Start Flashing
23/015/2018 22:15:08 - INFO - No loader in the bundle. Searching for one
23/015/2018 22:15:13 - INFO - Processing loader.sin
23/015/2018 22:15:13 - INFO - Checking header
23/015/2018 22:15:13 - ERROR - Processing of loader.sin finished with errors.
23/015/2018 22:15:13 - INFO - Ending flash session
23/015/2018 22:15:13 - ERROR - null
23/015/2018 22:15:13 - ERROR - Error flashing. Aborted
23/015/2018 22:15:14 - INFO - Device connected in flash mode
Click to expand...
Click to collapse

Are you sure you installed flashtool and other drivers? I can't think of any other cause for this problem right now

I flash 14.6.A.1.236 without problems using flashtool, so drivers should be ok; maybe why I'm using a Mac istead Windows?

_Pano_ said:
I flash 14.6.A.1.236 without problems using flashtool, so drivers should be ok; maybe why I'm using a Mac istead Windows?
Click to expand...
Click to collapse
Found this boot bridge for mac users. you may try it and see if it works. Can't really tell you anything about drivers on mac since i never touched one.
Also mega file may be corrupted. You can try downloading from this comment where i downloaded openbl from
Do you have windows machine to try flashing ?

yes, I try tomorrow using Windows 10, thanks

colaigor said:
Found this boot bridge for mac users. you may try it and see if it works. Can't really tell you anything about drivers on mac since i never touched one.
Also mega file may be corrupted. You can try downloading from this comment where i downloaded openbl from
Do you have windows machine to try flashing ?
Click to expand...
Click to collapse
ok, I flash .236 linked in your first post and then without rebooting or disconnecting the device I flash openbootloader and I see:
24/020/2018 09:20:14 - INFO - Closing TA partition
24/020/2018 09:20:14 - INFO - Ending flash session
24/020/2018 09:20:14 - INFO - Flashing finished.
24/020/2018 09:20:14 - INFO - Please unplug and start your phone
24/020/2018 09:20:14 - INFO - For flashtool, Unknown Sources and Debugging must be checked in phone settings
24/020/2018 09:20:16 - INFO - Device connected in flash mode
24/022/2018 09:22:15 - INFO - Selected Bundle for Sony Xperia Z1 Compact(D5503). FW release : 1. Customization : openbootloader
24/022/2018 09:22:15 - INFO - Preparing files for flashing
24/022/2018 09:22:15 - INFO - Please connect your device into flashmode.
24/022/2018 09:22:15 - INFO - Device connected in flash mode
24/022/2018 09:22:16 - INFO - Using Gordon gate drivers version 3.1.0.0
24/022/2018 09:22:16 - INFO - Opening device for R/W
24/022/2018 09:22:16 - INFO - Device connected in flash mode
Click to expand...
Click to collapse
that's all? 1 second flash?

_Pano_ said:
that's all? 1 second flash?
Click to expand...
Click to collapse
Sorry for late answer.
Does it work? I don't remember how much it took to flash tbh

colaigor said:
Sorry for late answer.
Does it work? I don't remember how much it took to flash tbh
Click to expand...
Click to collapse
yes, after various attempts: after flashing .236 I had to disconect and reconnect the phone in order to flash openbootloader; otherwise it doens't flash

thank you for these tutorials..I now have a rooted z1compact lollipop 5.11 locked bootloaders..My question is how can I debloat my phone..I want to uninstall other system apps that I don't need and I want to install xposed on my own..sorry I am newbie

xjhayar09 said:
thank you for these tutorials..I now have a rooted z1compact lollipop 5.11 locked bootloaders..My question is how can I debloat my phone..I want to uninstall other system apps that I don't need and I want to install xposed on my own..sorry I am newbie
Click to expand...
Click to collapse
You can download Titanium backup from playstore and delete all that you dont need and keep what you nees. Also you can find twrp flashable script that deletes all bloatware. Just sreach xperia lolipop debloat script on xda.