Database Users

[DEV_TOOL] HTC ROM EXTRACTOR * UNRUU | DECRYPT/ENCRYPT rom.zip I REPACK system.img *

[DEV_TOOL] HTC ROM EXTRACTOR​
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Tools for working with firmware HTC in LINUX
fit Kenny Millington Source kmdm
(HOW TO)
PUSH THE BUTTON
! Requirements (libunshield v0.7 or higher):
Code:
$ sudo apt-get install automake
$ git clone https://github.com/kmdm/unshield.git
$ cd unshield/
$ git checkout -t origin/v18\_wip
$ ./bootstrap
$ ./configure --prefix=/usr
$ make
$ sudo make install
1. Extract from the zip and put the RUUXXXXXXXXX.exe to a folder with the tool;
2. Run in Terminal rom-extractor file and select the option:
MAIN MENU
u - UNRUU EXE TO ZIP - extract from the file rom.zip RUU.exe
d - DECRYPT MENU > DECRYPT MENU ROM.ZIP > OUTPUT.ZIP
r - REPACK MENU > REPACK MENU
e - ENCRYPT MENU >
c - CLEAN TOOL - Unmount and remove temporary files
x - exit
> DECRYPT MENU ROM.ZIP > OUTPUT.ZIP
1 ... 24 - decode the file rom.zip output.zip (select the target device)
> REPACK MENU
e - EXTRACT ZIP ROM - to extract the firmware from the ROM folder output.zip
m - MOUNT SYSTEM (EXT4 ONLY) - mount the partition image system.img in the folder system (you can add \ remove the firmware files)
d - DESPARSE SYSTEM.IMG (EXT4 ONLY) - uncompress the sparse image system.img (depending on the device - some zhaty, some not (determined EXPERIMENTAL)) and mount the partition image system.img in the folder system (you can add \ remove the firmware files)
s - MAKE SPARSE SYSTEM.IMG (EXT4 ONLY) - the creation of a sparse image sistem.img (you must specify the size of the partition XXXXM (device) - for example ONE X = 1280M)
n - UNMOUNT SYSTEM - dismount and delete the folder system
z - ADD SYSTEM.IMG > OUTPUT.ZIP - add new edited system.img into output.zip
> ENCRYPT MENU OUTPUT.ZIP > ROM.ZIP
1 ... 24 - create encrypt new rom.zip from output.zip

Thanks

as i9000 said:
[DEV_TOOL] HTC ROM EXTRACTOR​
Tools for working with firmware HTC in LINUX
fit Kenny Millington Source
(HOW TO)
PUSH THE BUTTON
! Requirements (libunshield v0.7 or higher):
Code:
$ git clone https://github.com/kmdm/unshield.git
$ cd unshield/
$ git checkout -t origin/v18\_wip
$ ./bootstrap
$ ./configure --prefix=/usr
$ make
$ sudo make install
1. Extract from the zip and put the firmware. Exe to a folder with the tool;
2. Run in Terminal rom-extractor file and select the option:
u - extract from the file rom.zip RUU.exe
1 ... 21 - decode the file rom.zip output.zip (select the target device)
e - to extract the firmware from the ROM folder output.zip
m - mount the partition image system.img in the folder system (you can add \ remove the firmware files)
n - dismount and delete the folder system
c - Clean all tools
x - exit
d - uncompress the sparse image system.img (depending on the device - some zhaty, some not (determined EXPERIMENTAL)) and mount the partition image system.img in the folder system (you can add \ remove the firmware files)
s - the creation of a sparse image sistem.img (you must specify the size of the partition XXXXM (device) - for example ONE X = 1280M)
Click to expand...
Click to collapse
i can not work and i can not runnig

R: [DEV_TOOL] HTC ROM EXTRACTOR extract RUU & repack system.img
lauri_ylonen said:
i can not work and i can not runnig
Click to expand...
Click to collapse
This is only for linux
Inviato dal mio GT-I9070 con Tapatalk 2

Are there plans to add the One S?
Nm. Just looked at the source.... Oops.

bedwa said:
Are there plans to add the One S?
Nm. Just looked at the source.... Oops.
Click to expand...
Click to collapse
INFO FOR ALL...
If your device is not supported and you would like it supported please open an issue in the tracker with the device name, codename and a link to the most recent hboot file for the device. (Not a link to the full RUU!)
Click to expand...
Click to collapse
Kenny Milington https://github.com/kmdm/ruuveal
anything more?..
I promise to add new binaries in my instrument as we update source

Not as all. The oops was cause I looked at the source and noticed the unpacker was One S supported. Lol.

Fixed a typo in paragraph 21
HTC One VX (tc2) > HTC One S (ville)
add
HTC_ROM-EXTRACTOR_v.0.0.3_x64

it seems that I'm doing something wrong.
[email protected]:~$ git clone https://github.com/kmdm/unshield.git
Cloning into 'unshield'...
remote: Counting objects: 569, done.
remote: Compressing objects: 100% (208/208), done.
remote: Total 569 (delta 370), reused 545 (delta 346)
Receiving objects: 100% (569/569), 116.31 KiB | 204 KiB/s, done.
Resolving deltas: 100% (370/370), done.
[email protected]:~$ cd unshield/
[email protected]:~/unshield$ git checkout -t origin/v18\_wip
Branch v18_wip set up to track remote branch v18_wip from origin.
Switched to a new branch 'v18_wip'
[email protected]:~/unshield$ ./bootstrap
Creating configure.ac...done.
+ aclocal -I m4
./bootstrap: 29: ./bootstrap: aclocal: not found
[email protected]:~/unshield$
Click to expand...
Click to collapse
can anyone help?
Maybe a more step-bystep guide,
Sorry for been noob

andrewschumi said:
it seems that I'm doing something wrong.
can anyone help?
Maybe a more step-bystep guide,
Sorry for been noob
Click to expand...
Click to collapse
sudo apt-get install automake

Added
v.o.o.4
22 - HTC One U (m7_u)
23 - HTC One UL (m7_ul)
24 - HTC Desire SV (magnids)

ADDED v.0.0.5
REBUILD TOOL
ADDED ENCRYPT MENU!!!

as i9000 said:
ADDED v.0.0.5
REBUILD TOOL
ADDED ENCRYPT MENU!!!
Click to expand...
Click to collapse
Could you please help? unruu never completes. It gives me this
Extracting temporary files...
Extracting rom zip files...
./unruu_exe: line 8: 4379 Aborted (core dumped) ./unruu ruu.exe
failed to open source zip: No such file or directory
That last line fails because decrypt is looking for a zip that was never made.
If i do ./unruu ruu.exe , I am given the following
[email protected]:~/Desktop/HTC_ROM-EXTRACTOR_v.0.0.5/tools$ ./unruu ruu.exe
Extracting temporary files...
Extracting rom zip files...
Aborted (core dumped)
Click to expand...
Click to collapse
this was done as root with the same result.
Perhaps I need to switch to all i386 binaries? Ill try that, but i was trying to avoid it, as it will break my current nvidia driver setup. ohwell

Tilde88 said:
Could you please help? unruu never completes. It gives me this
Extracting temporary files...
Extracting rom zip files...
./unruu_exe: line 8: 4379 Aborted (core dumped) ./unruu ruu.exe
failed to open source zip: No such file or directory
That last line fails because decrypt is looking for a zip that was never made.
If i do ./unruu ruu.exe , I am given the following
this was done as root with the same result.
Perhaps I need to switch to all i386 binaries? Ill try that, but i was trying to avoid it, as it will break my current nvidia driver setup. ohwell
Click to expand...
Click to collapse
Did you do this?
! Requirements (libunshield v0.7 or higher):
Code:
$ sudo apt-get install automake
$ git clone https://github.com/kmdm/unshield.git
$ cd unshield/
$ git checkout -t origin/v18\_wip
$ ./bootstrap
$ ./configure --prefix=/usr
$ make
$ sudo make install

Added version 0.0.6 x86-64
25 - HTC One WLS (m7_wls)
26 - HTC One SV (k2_u)
27 - HTC One SV (k2_plc_cl)

as i9000 said:
Did you do this?
! Requirements (libunshield v0.7 or higher):
Code:
$ sudo apt-get install automake
$ git clone https://github.com/kmdm/unshield.git
$ cd unshield/
$ git checkout -t origin/v18\_wip
$ ./bootstrap
$ ./configure --prefix=/usr
$ make
$ sudo make install
Click to expand...
Click to collapse
lol yes of course

Tilde88 said:
lol yes of course
Click to expand...
Click to collapse
OK, try to extract some different rom, may be you has problem from invalid ruu.exe..
and more, what size have your ruu.exe? - x32 systems, can't handle files largest 2GB...

as i9000 said:
OK, try to extract some different rom, may be you has problem from invalid ruu.exe..
and more, what size have your ruu.exe? - x32 systems, can't handle files largest 2GB...
Click to expand...
Click to collapse
im running x64, tried with x64 binaries, and i also tried using 32bit binaries. furthermore, my RUU is onlt 1.15GB. Also, x86 (there is not such thing as x32) can handle 3gb files.
thanks so much for the tool though, everything else workes, I juse used a script I found from another developer to get the .zip, then used your tool for all the other features.

Tilde88 said:
im running x64, tried with x64 binaries, and i also tried using 32bit binaries. furthermore, my RUU is onlt 1.15GB. Also, x86 (there is not such thing as x32) can handle 3gb files.
thanks so much for the tool though, everything else workes, I juse used a script I found from another developer to get the .zip, then used your tool for all the other features.
Click to expand...
Click to collapse
Well then stay one variant - you doesn't installed "Unshield", try run terminal and input 'unsield'
here the correct conclusion:
Code:
~$ unshield
No action provided on command line.
Syntax:
unshield [-c COMPONENT] [-d DIRECTORY] [-D LEVEL] [-g GROUP] [-i VERSION] [-GhlOrV] c|g|l|t|x CABFILE [FILENAME...]
Options:
-c COMPONENT Only list/extract this component
-d DIRECTORY Extract files to DIRECTORY
-D LEVEL Set debug log level
0 - No logging (default)
1 - Errors only
2 - Errors and warnings
3 - Errors, warnings and debug messages
-g GROUP Only list/extract this file group
-h Show this help message
-i VERSION Force InstallShield version number (don't autodetect)
-j Junk paths (do not make directories)
-L Make file and directory names lowercase
-O Use old compression
-r Save raw data (do not decompress)
-V Print copyright and version information
Commands:
c List components
g List file groups
l List files
t Test files
x Extract files
Other:
CABFILE The file to list or extract contents of
FILENAME... Optionally specify names of specific files to extract (wildcards are supported)

hi is there any chance to add the Desire HD. As i am trying to merge a Orange UK RUU for Desire DHD and they never released the last RUU with all the OTA's to make a New RUU with all the OTA's included.
I have made a Nandroid backup after all the OTA's was installed to the phone i even have all the OTA's just need a way to extract the rom.zip (easy from exe file not a issue) add the changed .img files such as radio, system, hboot recovery rcdata lib.img and make a new rom.zip and ruu.exe any way this can be done just tried with your tool and got invalid htc aes encrypted zip.
Thanks in advance

[Q] build kernel by self

@dorimanx @daniel.stuart14 @REV3NT3CH @savoca @RenderBroken
Hi devs i would to learn how to build rom and kernel for d802 variant for myself.
I have build cm12 with success and it works flawlessly.
Now i want to build kernel compatible with cm 12.
I downloaded kernel from this source: https://github.com/CyanogenMod/android_kernel_lge_msm8974/tree/cm-12.0
I have used linaro toolchain 4.9.2 for a15 cpu, during the build i had a few of errors but i have fixed it, after that i have my zImage and dtb files prepared...
So i have used boot.img from previously cm 12 build(i take it from zip file to flash) to get ramdisk and zImage.
Then i have switch the original zImage with my zImage-dtb from my build and i modified files from ramdisk.
I have flashed this kernel through loki_tool but i'm stuck on lg logo...
So my question is i have to use zImage or zImage-dtb from my build?
What about creating dt.img, its obligatory?
Can i use this offset to build my kernel or i have to change it?
Code:
base=0x00000000
pagesize=2048
ramdisk_offset=0x05000000
tags_offset=0x04800000
Sorry for disturb but im curious and i want to do it by myself, so i hope you can help me!
Thanks in advance

Use this script to compile and create your image. (put in root folder of kernel)
You'll need edit it, and change:
build path. (in my script is: build=/home/daniel/android-dev/kernel_test)
Cross compile path
You'll need change the defconfig path, too.
Change the config="xxx_defconfig", to the defconfig's name of all the g2 variants in "arch/arm/configs".
And put it in your kernel root directory, too. (It's the open_bump, so you don't need loki it again, you can use my installation script + lcd.sh, in ozip folder.)
And, if for some reason you haven't installed the mkbootimg yet, download it, extract. Then, go to the folder that you've extracted, and do that:
Code:
sudo cp mkbootimg /bin/mkbootimg
sudo chmod 755 /bin/mkbootimg
sudo cp dtbToolCM /bin/dtbToolCM
sudo chmod 755 /bin/dtbToolCM
sudo cp mkbootfs /bin/mkbootfs
sudo chmod 755 /bin/mkbootfs
sudo cp mkboot /bin/mkboot
sudo chmod 755 /bin/mkboot
You'll need extract the ramdisk in ramdisk folder on root kernel folder, so you can use "mkboot" for it.
It'll say to you the ramdisk_offset, tags_offset and cmdline. So, change this in export.sh if there's a difference between.
After this. go to your kernel folder, and then: ./export.sh
OBS: In the first time you execute the script, it create the zimage, if everything goes right, execute the script again, and it'll create a zip with boot.img inside.

Hi thanks for your reply i will try this !
Which configs i have to use those one cyanogenmod_d802_config or open_g2 and so on?

I think is the cyanogenmod_d802_config.

@daniel.stuart14
i have updater-script like this:
ui_print("ebreo kernel for lg g2 d802 variant");
ui_print("Installing modules...");
mount("ext4", "EMMC", "/dev/block/platform/msm_sdcc.1/by-name/system", "/system");
delete_recursive("/system/lib/modules");
package_extract_dir("system", "/system");
set_perm_recursive(0, 0, 0755, 0644, "/system/lib/modules");
unmount("/system");
package_extract_file("lcd.sh", "/tmp/lcd.sh");
package_extract_file("boot.img", "/tmp/boot.img");
ui_print("Installing boot.img...");
show_progress(0.500000, 10);
set_perm(0, 0, 0755, "/tmp/lcd.sh");
assert(run_program("/tmp/lcd.sh") == 0);
delete("/tmp/lcd.sh");
ui_print("Done!");
show_progress(1.000000, 10);
Click to expand...
Click to collapse
But i have an error when i flash this by twrp...are there an errors?

Ok i have resolve problem with updater-script, device boot but after a cyanogenmod lho my phone reboot again....how can i debug it?

ebreo said:
Ok i have resolve problem with updater-script, device boot but after a cyanogenmod lho my phone reboot again....how can i debug it?
Click to expand...
Click to collapse
Okay, you should use logcat.
But first, try compile without the changes in kernel that you did.

daniel.stuart14 said:
Okay, you should use logcat.
But first, try compile without the changes in kernel that you did.
Click to expand...
Click to collapse
I didn't any changes its clean kernel from source....i will post logs from build.sh script.
How can i use logcat?
Thanks very much daniel!
Result from build.sh script:
OBJCOPY arch/arm/boot/zImage
Kernel: arch/arm/boot/zImage is ready
CAT arch/arm/boot/zImage-dtb
Kernel: arch/arm/boot/zImage-dtb is ready
[email protected]:~/android/kernel/cm_msm8974$ ./build.sh
TEST Build
Pick variant...
1) d800
2) d801
3) d802
4) ls980
5) vs980
#? 3
Checking for build...
Extracting files...
Modules found.
Making dt.img...
DTB combiner:
Input directory: 'arch/arm/boot/'
Output file: 'out/dt.img'
Found file: msm8974-v2-g2-open_com.dtb ... chipset: 126, rev: 131072, platform: 118, subtype: 0
Found file: msm8974-g2-open_com.dtb ... chipset: 126, rev: 0, platform: 118, subtype: 0
Found file: msm8974-v2-2-g2-open_com.dtb ... chipset: 126, rev: 131074, platform: 118, subtype: 0
=> Found 3 unique DTB(s)
Generating master DTB... completed
dt.img created
Making ramdisk...
Making boot.img...
Bumping...
bumped image: ozip/boot_bumped.img
Zipping...
adding: boot.img (deflated 7%)
adding: system/ (stored 0%)
adding: system/lib/ (stored 0%)
adding: system/lib/modules/ (stored 0%)
adding: system/lib/modules/scsi_wait_scan.ko (deflated 57%)
mv: „../ebreo_Kernel-1.0_d802_signed.zip” i „/home/marcio/android/kernel/cm_msm8974/ebreo_Kernel-1.0_d802_signed.zip” to ten sam plik
Done...
Output zip: /home/marcio/android/kernel/cm_msm8974/ebreo_Kernel-.zip
[email protected]:~/android/kernel/cm_msm8974$
Click to expand...
Click to collapse
So all is gone good

oh, okay.
You can boot, and after some minutes it reboot? Or are you in bootloop?
You can only use logcat if the rom starts.
For it, you must enable ADB, and install adb interface in your linux. (can be in windows too.)
After it, connect the device on PC, open the terminal, and put:
adb logcat
You'll need allow it in your device. So, it will start to show a lot of mensages in terminal.
For save it, do a ctrl + c. (to stop the messages), and put it:
adb logcat -c
It'll be saved on you current folder.

daniel.stuart14 said:
oh, okay.
You can boot, and after some minutes it reboot? Or are you in bootloop?
You can only use logcat if the rom starts.
For it, you must enable ADB, and install adb interface in your linux. (can be in windows too.)
After it, connect the device on PC, open the terminal, and put:
adb logcat
You'll need allow it in your device. So, it will start to show a lot of mensages in terminal.
For save it, do a ctrl + c. (to stop the messages), and put it:
adb logcat -c
It'll be saved on you current folder.
Click to expand...
Click to collapse
My problem is that im in bootloop....

[Q&A] [ROOT][CWM] Root Nexus 4 & Install Official ClockworkMod Recovery

Q&A for [ROOT][CWM] Root Nexus 4 & Install Official ClockworkMod Recovery
Some developers prefer that questions remain separate from their main development thread to help keep things organized. Placing your question within this thread will increase its chances of being answered by a member of the community or by the developer.
Before posting, please use the forum search and read through the discussion thread for [ROOT][CWM] Root Nexus 4 & Install Official ClockworkMod Recovery. If you can't find an answer, post it here, being sure to give as much information as possible (firmware version, steps to reproduce, logcat if available) so that you can get help.
Thanks for understanding and for helping to keep XDA neat and tidy!

Booting with insecure boot image has broken all my sensors in my Nexus 4 / Android 5
I have been using a boot insecure image made for Nexus 4 / Android 4.2 downloaded from here :
http://forum.xda-developers.com/nexus-4/development/boot-img-obsolete-please-lock-t1990170
to boot my phone to have root access through adb by doing:
$ fastboot boot bootinsecure.img
But after upgrading to Android 5 the process of booting with this image was ruining all my sensors and my wifi.
My wifi was fixed by deleting the content in /data/misc/wifi but leaving wpa_supplicant.conf to keep my saved wifis.
But I cannot fix the sensors. I tried this fix for Nexus 5 but it didn't work:
http://forum.xda-developers.com/google-nexus-5/general/sensors-fix-nexus-5-t2704915
If I delete the user data the problem is solved but I don't want to remove all my data.
There is something in that boot image that brakes my sensors by changing something in the userdata partition
For testing purposes, I deleted the user data. Booted again and the problem was fixed. I saved a image of the userdata partition by doing as root:
$ adb pull /dev/block/mmcblk0 mmcblk0.img
and mounting the userdata partition in my linux as root to keep al the original permissions
# sudo mount -o loop,offset=1627389952,defaults,ro,noload mmcblk0.img mnt/userdata
I booted from my boot insecure image and reboot normally and all the sensors where ruined as expected
So I created another image and I mounted the userdata in another folder
and then I compared all the files that where changed using rsync after and before the boot with the insecure image.
I found a few extra files in the "after" image so I deleted them but the problem was not fixed.
I think that maybe the problem is related to folder/files permissions, attributes or extended attributes (like SElinux) that were changed and cannot be detected when comparing using rsync
Any ideas what might have been and what to do to fix it?
SOLVED:
Solution:
Apparently the problem was not in the userdata partition was in the persist partition. I solved by cloning a working persist partition from another Nexus 4.
I realized that something was wrong in the probably extended attributes in the file /persist/sensors/sns.reg since a
$ adb logcat
was giving this error:
W/sensors.qcom( 282): type=1400 audit(0.0:5): avc: denied { getattr } for path="/persist/sensors/sns.reg" dev="mmcblk0p20" ino=15 scontext=u:r:sensors:s0 tcontext=ubject_r:unlabeled:s0 tclass=file
So I fixed in this way:
First I downloaded a modified busybox dd from:
http://d-h.st/cFA
Don't use the default one it will ruin your partition:
I downloaded recovery-clockwork-touch-6.0.4.7-mako.img from:
http://download2.clockworkmod.com/recoveries/recovery-clockwork-6.0.4.7-mako.img
1) Then I booted from a recovery image like ClockWorkMod. With the phone in the bootloader:
$ fastboot boot recovery-clockwork-touch-6.0.4.7-mako.img
2) Created a ramdisk in the phone
$ adb shell mkdir /dev/ramdisk
$ adb shell mount -o size=1536M -t tmpfs tmpfs /dev/ramdisk
3) Copied dd to the phone
$ adb push dd /
$ adb shell chmod 755 /dd
4) Extract persist from the working phone
$ adb shell /dd if=/dev/block/mmcblk0 of=/dev/ramdisk/persist.img bs=4096 skip=34816 count=4096
5) Pull file to our PC
$ adb pull /dev/ramdisk/persist.img
6) Reboot working phone
$ adb reboot-bootloader
With our not working Nexus 4
Repeat steps 1 to 3
7) Push your persist image to the phone
$ adb push persist.img /dev/ramdisk/
8) Overwrite image
$ adb shell /dd if=/dev/ramdisk/persist.img of=/dev/block/mmcblk0 bs=4096 seek=34816 conv=notrunc
9) Wipe cache and dalvik cache
10) Reboot
Should be fixed if that was the problem

[MOD] Increase your SYSTEM partition to 2.5GB , Boot to 30MB , Recovery to 30MB for Y

Finally your and MY wait is over Hear @I Putu Tirta Agung S & @Annabathina are introducing that HOW TO INCREASE YUREKA / PLUS PARTITIONS ........
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I & @I Putu Tirta Agung S are not responsible for anything that may happen to your phone as a result of following this guide / installing custom roms and/or kernels. you do so at your own risk and take the responsibility upon yourself. ​​
NOTE : Please read hole thread before starting........
Preface
This guide has been tested to work on Lollipop and Marshmallow. By following this guide, you will resize your boot, system, cache, and recovery partition to the new partition size as can be seen below:
This guide is quite safe as it doesn't change the emmc GUID and its unique partitions GUID, which is hard coded into our Yureka's non-HLOS (High Level Operating System).
The Guides
Backing up important partitions ( Very very important )
Go to TWRP (please use the newest, or at minimal Abhishek's 3.0.1-0), and when you are in it run "adb shell" from your computer using " ADB+&+Fastboot of yureka " by " Hold shift key and right click on mouse and select Open command window here " then type below lines ONE BY ONE (remember to do it line by line)
Code:
[SIZE="4"]dd if=/dev/block/mmcblk0 of=/sdcard/gpt.bin bs=512 count=34
adb shell dd if=/dev/block/mmcblk0p1 of=/sdcard/modem
adb shell dd if=/dev/block/mmcblk0p2 of=/sdcard/sbl1
adb shell dd if=/dev/block/mmcblk0p3 of=/sdcard/sbl1bak
adb shell dd if=/dev/block/mmcblk0p4 of=/sdcard/aboot
adb shell dd if=/dev/block/mmcblk0p5 of=/sdcard/abootbak
adb shell dd if=/dev/block/mmcblk0p6 of=/sdcard/rpm
adb shell dd if=/dev/block/mmcblk0p7 of=/sdcard/rpmbak
adb shell dd if=/dev/block/mmcblk0p8 of=/sdcard/tz
adb shell dd if=/dev/block/mmcblk0p9 of=/sdcard/tzbak
adb shell dd if=/dev/block/mmcblk0p10 of=/sdcard/hyp
adb shell dd if=/dev/block/mmcblk0p11 of=/sdcard/hypbak
adb shell dd if=/dev/block/mmcblk0p12 of=/sdcard/pad
adb shell dd if=/dev/block/mmcblk0p13 of=/sdcard/modemst1
adb shell dd if=/dev/block/mmcblk0p14 of=/sdcard/modemst2
adb shell dd if=/dev/block/mmcblk0p15 of=/sdcard/misc
adb shell dd if=/dev/block/mmcblk0p16 of=/sdcard/fsc
adb shell dd if=/dev/block/mmcblk0p17 of=/sdcard/ssd
adb shell dd if=/dev/block/mmcblk0p18 of=/sdcard/DDR
adb shell dd if=/dev/block/mmcblk0p19 of=/sdcard/fsg
adb shell dd if=/dev/block/mmcblk0p20 of=/sdcard/sec
adb shell dd if=/dev/block/mmcblk0p22 of=/sdcard/params
adb shell dd if=/dev/block/mmcblk0p23 of=/sdcard/panic
adb shell dd if=/dev/block/mmcblk0p24 of=/sdcard/autobak
adb shell dd if=/dev/block/mmcblk0p26 of=/sdcard/persist[/SIZE]
Copy all files from internal storage (sdcard) to your computer, keep them safe as they are very important if something bad happens.
Doing the magic
Download and extract "gpt.zip" attached in this post, and copy the "gpt.bin" file to the root of your internal storage (internal sdcard).
1. Go back to TWRP and run "adb shell" again from your computer, then type:
2. Go back to TWRP and run "adb shell" again from your computer, then type:
dd if=/sdcard/gpt.bin of=/dev/block/mmcblk0 bs=512 count=34
Click to expand...
Click to collapse
3. After all done, reboot to your bootloader and flash your recovery (TWRP) by typing:
fastboot -i 0x1ebf erase recovery
fastboot -i 0x1ebf flash recovery TheNameofYourRecovery.img
Click to expand...
Click to collapse
4. After that, type below commands (remember to do it line by line):
fastboot -i 0x1ebf oem unlock
fastboot -i 0x1ebf erase boot
fastboot -i 0x1ebf format cache
fastboot -i 0x1ebf format userdata
fastboot -i 0x1ebf format system
fastboot -i 0x1ebf reboot-bootloader
fastboot -i 0x1ebf boot recovery
Click to expand...
Click to collapse
5. After booting to TWRP, wipe everything again (system, data, cache, dalvik, internal storage)
6. Reboot the phone to TWRP again.
7. Copy your original "params", "panic", "autobak", and "persist" files you backed up earlier to the root of your internal storage (internal sdcard) and run "adb shell" again from your computer, then type:
adb shell dd if=/sdcard/params of=/dev/block/mmcblk0p22
adb shell dd if=/sdcard/panic of=/dev/block/mmcblk0p23
adb shell dd if=/sdcard/autobak of=/dev/block/mmcblk0p24
adb shell dd if=/sdcard/persist of=/dev/block/mmcblk0p26
Click to expand...
Click to collapse
This step is very important, so don't miss it or you will hard bricked your god damn phone.
8. After all done, reboot to your bootloader and type again below codes (remember to do it line by line):
fastboot -i 0x1ebf oem unlock
fastboot -i 0x1ebf erase boot
fastboot -i 0x1ebf format cache
fastboot -i 0x1ebf format userdata
fastboot -i 0x1ebf format system
fastboot -i 0x1ebf reboot-bootloader
fastboot -i 0x1ebf boot recovery
Click to expand...
Click to collapse
After booting to TWRP, wipe everything again (system, data, cache, dalvik, internal storage)
9. Reboot the phone to TWRP again.
Troubleshooting
Wallah, now you have 2.5 GB of system partition, 150 MB (it will be usefull if you use f2fs file system) cache partition, 30 MB of recovery partition, 30 MB of boot partition, and around 11.77 GB of data partition.
Oh btw, if you flash "userdata.img" from COS or CM roms, you will get something similar to this:
target reported max download size of 268435456 bytes
erasing 'userdata'...
OKAY [ 8.440s]
sending 'userdata' (137434 KB)...
OKAY [ 5.164s]
writing 'userdata'...
FAILED (remote: image size too large)
finished. total time: 13.634s
Click to expand...
Click to collapse
Why? Because now your data partition is approximately 1.5 GB smaller. So just relax, if you got that kind of warning.
Furthermore, because a lot of devs use that ****in ".dat" files ****ty thing ("system.new.dat", "system.patch.dat" and "system.transfer.list"), if you flash their roms (such as CM, AICP, Exodus, bla bla bla), you will see that your partition will go back to its original value. But not to worry, it is not the real value of what is really use. It is because of the nature on how sparse ext4 image is compiled, they need to set the partition size before compiling, and of course they use the old one, not the one we have changed.
So to overcome this problem, you need to do it the hard way, explained in the second post below. However, if you don't want the hazzle then just flash AOSParadox or YuOS (the TWRP version, not the fastboot one) or Mokee or any rom that doen't have "system.new.dat", "system.patch.dat" and "system.transfer.list" in its zip file, as they will read the new partition size just fine.
ADB+&+Fastboot : link
Partition changer : link
Back up code PNG : link
Device Driver installation links
ADB for pc : link
YU usb drivers : link
PdaNet drivers : link
@I Putu Tirta Agung S MY friend for every thing ( NOTE : YOUR the best HACKER that I ever met )
@Annabathina

If you want the hard way in changing ROMs with ****in ".dat" files ****ty thing ("system.new.dat", "system.patch.dat" and "system.transfer.list") to read the new partition size, then you need Ubuntu with the latest kernel (that has the latest patch on "Transparent Compression", see this post), and follow these steps (thanks to xpirt for his guide):
Step 1 - Decompressing = DAT (sparse data) -> EXT4 (raw image)
We're now using sdat2img binary, the usage is very simple (make sure you have python 3.x installed):
Code:
./sdat2img.py <transfer_list> <system_new_file> <system_ext4>- <transfer_list> = input, system.transfer.list from rom zip
<system_new_file> = input, system.new.dat from rom zip
<system_ext4> = output ext4 raw image file
and a quick example of usage:
Code:
./sdat2img.py system.transfer.list system.new.dat system.img
by running this command you will get as output the file my_new_system.img which is the raw ext4 image.
Step 2 - Decompress EXT4 (raw image) -> OUTPUT folder -> Compress EXT4 (raw image)
Now we need to mount or ext4 raw image into an output folder so we can see apks/jars etc. To do this we need to type this command:
Code:
sudo mount -t ext4 -o loop system.img output/
As you can see there is a new folder called output which we can edit/modify/delete your files (not able to? see here)
Now we need to compress it back to a raw ext4 image, to do this we need the make_ext4fs binary. Make sure you have the file_contexts file (taken from the Rom zip) inside the make_ext4fs path. Then type this (got issues? see here).
Code:
/make_ext4fs -T 0 -S file_contexts -l 2684354560 -a system system_new.img output/
The value of 2684354560 in above code is the new size of system partition in Bytes. Upon doing the above processes, you will get the new raw ext4 image called 'system_new.img' ready for the next step.
Step 3 - Converting = EXT4 (raw image) -> DAT (sparse data)
Now we need the rimg2sdat binary, the usage is very simple:
Code:
./rimg2sdat <system_img>
<system_img> = name of input ext4 raw image file
and a quick example of usage:
Code:
./rimg2sdat my_new_system.img
As you can see the output is composed by system.transfer.list, (system.patch.dat) & system.new.dat, ready to be replaced inside your Rom zip.
Just to make it really simple
1. Fire up your beloved ubuntu, make sure you have python 3.x installed.
2. Download "sdat2img.py", "make_ext4fs", and "rimg2sdat" binaries, and put it inside a folder (use a file manager for god sake). We can name the folder "****inGreat".
3. Now make an empty folder inside "****inGreat" folder, and name it "output".
4. Extract "system.new.dat", "system.patch.dat", "system.transfer.list", and "file_contexts" from your beloved rom's zip file, and put it inside "****inGreat" folder.
5. Now open "****inGreat" folder with root privilege, then open terminal (we call it cmd in windows) from there.
6. type below code on the terminal (one line at a time):
Code:
./sdat2img.py system.transfer.list system.new.dat system.img (press enter)
sudo mount -t ext4 -o loop system.img output/ (press enter)
/make_ext4fs -T 0 -S file_contexts -l 2684354560 -a system system_new.img output/ (press enter)
./rimg2sdat my_new_system.img (press enter)
7. Now copy the new "system.new.dat", "system.patch.dat", "system.transfer.list", and "file_contexts" inside "****inGreat" folder back to your beloved rom's zip file.
8. Flash the rom via TWRP
9. And you are good to go.
10. Ain't that simple!!!!!!!!!!!!!
sdat2img.py
- github.com
make_ext4fs
- mega.co.nz
rimg2sdat
- mega.co.nz

@I Putu Tirta Agung S MY friend for every thing ( NOTE : YOUR the best HACKER that I ever met )
@Annabathina

Guys I have tested it for 5 times before posting
Thank to @I Putu Tirta Agung S for everything ​​

reserved

reserved for future post

cant get rid of bootloader screen after returning to stock

When I flash my 2017u back to stock 6.0 then update to 7.1.1 this screen on bootup is still present. I also cannot seem to get fastboot to work to lock the bootloader either.
Any help appreciated
Excuse the pic quality it's taken with my backup i9505 s4

Try to go into fastboot using "adb reboot bootloader" or using the volume keys to go into fastboot. After that you should be able to use "adb oem lock" to lock the bootloader and you will no longer see that message when you boot.

Thanks. Will give a try again on the weekend when I Qualcomm firehose it back to stock again. Cheers

vanish0104 said:
Try to go into fastboot using "adb reboot bootloader" or using the volume keys to go into fastboot. After that you should be able to use "adb oem lock" to lock the bootloader and you will no longer see that message when you boot.
Click to expand...
Click to collapse
Hi, I managed to have a play with the phone using the edl tool, the axon7 toolkit and even adb 15 second installer. No command i have tried on B29 MM will lock the bootloader.
The 5 second screen is still there on boot and shows unlocked. I went upto N B15 and the OEM is greyed out but still a 5 second screen. So reverted back to MM B29 for now and hope someone can help me.
Edit - I've tried flashing stock images with axon 7 edl tool and some success in flashing stock but it still leaves me with the 5second screen I've tried now to inject twrp in a stock image to then hopefully flash the remove 5 second screen g and u zip but I get stuck with an encrypted drive and needing to enter a password thus unable to put the zip on the phone to flash with twrp 3.2.3.0
Everything i do i just end up with Failed Command
be1a5d19 device
C:\adb>adb reboot bootloader
C:\adb>fastboot oem lock
...
FAILED (remote: unknown command)
finished. total time: 0.016s
C:\adb>fastboot devices
C:\adb>adb devices
List of devices attached
be1a5d19 device
C:\adb>adb reboot bootloader
C:\adb>fastboot flashing lock_critical
...
FAILED (remote: unknown command)
finished. total time: 0.016s
C:\adb>fastboot flash lock_critical
unknown partition 'lock_critical'
error: cannot determine image filename for 'lock_critical'
C:\adb>fastboot flashing lock critical
usage: fastboot [ <option> ] <command>
commands:
update <filename> reflash device from update.zip
flashall flash boot, system, vendor and if fou
nd,
recovery
flash <partition> [ <filename> ] write a file to a flash partition
flashing lock locks the device. Prevents flashing
partitions
flashing unlock unlocks the device. Allows user to
flash any partition except the ones
that are related to bootloader
flashing lock_critical Prevents flashing bootloader related
partitions
flashing unlock_critical Enables flashing bootloader related
partitions
flashing get_unlock_ability Queries bootloader to see if the
device is unlocked
erase <partition> erase a flash partition
format[:[<fs type>][:[<size>]] <partition> format a flash partition.
Can override the fs type and/or
size the bootloader reports.
getvar <variable> display a bootloader variable
boot <kernel> [ <ramdisk> ] download and boot kernel
flash:raw boot <kernel> [ <ramdisk> ] create bootimage and flash it
devices list all connected devices
continue continue with autoboot
reboot [bootloader] reboot device, optionally into bootlo
ader
reboot-bootloader reboot device into bootloader
help show this help message
options:
-w erase userdata and cache (and format
if supported by partition type)
-u do not first erase partition before
formatting
-s <specific device> specify device serial number
or path to device port
-l with "devices", lists device paths
-p <product> specify product name
-c <cmdline> override kernel commandline
-i <vendor id> specify a custom USB vendor id
-b <base_addr> specify a custom kernel base address.
default: 0x10000000
-n <page size> specify the nand page size.
default: 2048
-S <size>[K|M|G] automatically sparse files greater
than size. 0 to disable
C:\adb>adb reboot bootloader
C:\adb>adb oem lock
Android Debug Bridge version 1.0.32
Revision eac51f2bb6a8-android
-a - directs adb to listen on all interfaces for a c
onnection
-d - directs command to the only connected USB devic
e
returns an error if more than one USB device is
present.
-e - directs command to the only running emulator.
returns an error if more than one emulator is r
unning.
-s <specific device> - directs command to the device or emulator with
the given
serial number or qualifier. Overrides ANDROID_S
ERIAL
environment variable.
-p <product name or path> - simple product name like 'sooner', or
a relative/absolute path to a product
out directory like 'out/target/product/sooner'.
If -p is not specified, the ANDROID_PRODUCT_OUT
environment variable is used, which must
be an absolute path.
-H - Name of adb server host (default: localhost)
-P - Port of adb server (default: 5037)
devices [-l] - list all connected devices
('-l' will also list device qualifiers)
connect <host>[:<port>] - connect to a device via TCP/IP
Port 5555 is used by default if no port number
is specified.
disconnect [<host>[:<port>]] - disconnect from a TCP/IP device.
Port 5555 is used by default if no port number
is specified.
Using this command with no additional arguments
will disconnect from all connected TCP/IP devic
es.
device commands:
adb push [-p] <local> <remote>
- copy file/dir to device
('-p' to display the transfer progress)
adb pull [-p] [-a] <remote> [<local>]
- copy file/dir from device
('-p' to display the transfer progress)
('-a' means copy timestamp and mode)
adb sync [ <directory> ] - copy host->device only if changed
(-l means list but don't copy)
(see 'adb help all')
adb shell - run remote shell interactively
adb shell <command> - run remote shell command
adb emu <command> - run emulator console command
adb logcat [ <filter-spec> ] - View device log
adb forward --list - list all forward socket connections.
the format is a list of lines with the followin
g format:
<serial> " " <local> " " <remote> "\n"
adb forward <local> <remote> - forward socket connections
forward specs are one of:
tcp:<port>
localabstract:<unix domain socket name>
localreserved:<unix domain socket name>
localfilesystem:<unix domain socket name>
dev:<character device name>
jdwp:<process pid> (remote only)
adb forward --no-rebind <local> <remote>
- same as 'adb forward <local> <remote>' but fail
s
if <local> is already forwarded
adb forward --remove <local> - remove a specific forward socket connection
adb forward --remove-all - remove all forward socket connections
adb reverse --list - list all reverse socket connections from device
adb reverse <remote> <local> - reverse socket connections
reverse specs are one of:
tcp:<port>
localabstract:<unix domain socket name>
localreserved:<unix domain socket name>
localfilesystem:<unix domain socket name>
adb reverse --norebind <remote> <local>
- same as 'adb reverse <remote> <local>' but fail
s
if <remote> is already reversed.
adb reverse --remove <remote>
- remove a specific reversed socket connection
adb reverse --remove-all - remove all reversed socket connections from dev
ice
adb jdwp - list PIDs of processes hosting a JDWP transport
adb install [-lrtsdg] <file>
- push this package file to the device and instal
l it
(-l: forward lock application)
(-r: replace existing application)
(-t: allow test packages)
(-s: install application on sdcard)
(-d: allow version code downgrade)
(-g: grant all runtime permissions)
adb install-multiple [-lrtsdpg] <file...>
- push this package file to the device and instal
l it
(-l: forward lock application)
(-r: replace existing application)
(-t: allow test packages)
(-s: install application on sdcard)
(-d: allow version code downgrade)
(-p: partial application install)
(-g: grant all runtime permissions)
adb uninstall [-k] <package> - remove this app package from the device
('-k' means keep the data and cache directories
)
adb bugreport - return all information from the device
that should be included in a bug report.
adb backup [-f <file>] [-apk|-noapk] [-obb|-noobb] [-shared|-noshared] [-all]
[-system|-nosystem] [<packages...>]
- write an archive of the device's data to <file>
.
If no -f option is supplied then the data is wr
itten
to "backup.ab" in the current directory.
(-apk|-noapk enable/disable backup of the .apks
themselves
in the archive; the default is noapk.)
(-obb|-noobb enable/disable backup of any insta
lled apk expansion
(aka .obb) files associated with each applic
ation; the default
is noobb.)
(-shared|-noshared enable/disable backup of the
device's
shared storage / SD card contents; the defau
lt is noshared.)
(-all means to back up all installed applicatio
ns)
(-system|-nosystem toggles whether -all automat
ically includes
system applications; the default is to inclu
de system apps)
(<packages...> is the list of applications to b
e backed up. If
the -all or -shared flags are passed, then t
he package
list is optional. Applications explicitly g
iven on the
command line will be included even if -nosys
tem would
ordinarily cause them to be omitted.)
adb restore <file> - restore device contents from the <file> backup
archive
adb disable-verity - disable dm-verity checking on USERDEBUG builds
adb enable-verity - re-enable dm-verity checking on USERDEBUG build
s
adb keygen <file> - generate adb public/private key. The private ke
y is stored in <file>,
and the public key is stored in <file>.pub. Any
existing files
are overwritten.
adb help - show this help message
adb version - show version num
scripting:
adb wait-for-device - block until device is online
adb start-server - ensure that there is a server running
adb kill-server - kill the server if it is running
adb get-state - prints: offline | bootloader | device
adb get-serialno - prints: <serial-number>
adb get-devpath - prints: <device-path>
adb remount - remounts the /system, /vendor (if present) and
/oem (if present) partitions on the device read-write
adb reboot [bootloader|recovery]
- reboots the device, optionally into the bootloa
der or recovery program.
adb reboot sideload - reboots the device into the sideload mode in re
covery program (adb root required).
adb reboot sideload-auto-reboot
- reboots into the sideload mode, then reboots au
tomatically after the sideload regardless of the result.
adb reboot-bootloader - reboots the device into the bootloader
adb root - restarts the adbd daemon with root permissions
adb unroot - restarts the adbd daemon without root permissio
ns
adb usb - restarts the adbd daemon listening on USB
adb tcpip <port> - restarts the adbd daemon listening on TCP on th
e specified port
networking:
adb ppp <tty> [parameters] - Run PPP over USB.
Note: you should not automatically start a PPP connection.
<tty> refers to the tty for PPP stream. Eg. dev:/dev/omap_csmi_tty1
[parameters] - Eg. defaultroute debug dump local notty usepeerdns
adb sync notes: adb sync [ <directory> ]
<localdir> can be interpreted in several ways:
- If <directory> is not specified, /system, /vendor (if present), /oem (if pre
sent) and /data partitions will be updated.
- If it is "system", "vendor", "oem" or "data", only the corresponding partiti
on
is updated.
environmental variables:
ADB_TRACE - Print debug information. A comma separated list
of the following values
1 or all, adb, sockets, packets, rwx, usb, sync
, sysdeps, transport, jdwp
ANDROID_SERIAL - The serial number to connect to. -s takes prior
ity over this if given.
ANDROID_LOG_TAGS - When used with the logcat option, only these de
bug tags are printed.
C:\adb>
As you can see i tried several commands to lock.
cheers

Jcth1 said:
Hi, I managed to have a play with the phone using the edl tool, the axon7 toolkit and even adb 15 second installer. No command i have tried on B29 MM will lock the bootloader.
The 5 second screen is still there on boot and shows unlocked. I went upto N B15 and the OEM is greyed out but still a 5 second screen. So reverted back to MM B29 for now and hope someone can help me.
Edit - I've tried flashing stock images with axon 7 edl tool and some success in flashing stock but it still leaves me with the 5second screen I've tried now to inject twrp in a stock image to then hopefully flash the remove 5 second screen g and u zip but I get stuck with an encrypted drive and needing to enter a password thus unable to put the zip on the phone to flash with twrp 3.2.3.0
Everything i do i just end up with Failed Command
be1a5d19 device
C:\adb>adb reboot bootloader
C:\adb>fastboot oem lock
...
FAILED (remote: unknown command)
finished. total time: 0.016s
C:\adb>fastboot devices
C:\adb>adb devices
List of devices attached
be1a5d19 device
C:\adb>adb reboot bootloader
C:\adb>fastboot flashing lock_critical
...
FAILED (remote: unknown command)
finished. total time: 0.016s
C:\adb>fastboot flash lock_critical
unknown partition 'lock_critical'
error: cannot determine image filename for 'lock_critical'
C:\adb>fastboot flashing lock critical
usage: fastboot [ <option> ] <command>
commands:
update <filename> reflash device from update.zip
flashall flash boot, system, vendor and if fou
nd,
recovery
flash <partition> [ <filename> ] write a file to a flash partition
flashing lock locks the device. Prevents flashing
partitions
flashing unlock unlocks the device. Allows user to
flash any partition except the ones
that are related to bootloader
flashing lock_critical Prevents flashing bootloader related
partitions
flashing unlock_critical Enables flashing bootloader related
partitions
flashing get_unlock_ability Queries bootloader to see if the
device is unlocked
erase <partition> erase a flash partition
format[:[<fs type>][:[<size>]] <partition> format a flash partition.
Can override the fs type and/or
size the bootloader reports.
getvar <variable> display a bootloader variable
boot <kernel> [ <ramdisk> ] download and boot kernel
flash:raw boot <kernel> [ <ramdisk> ] create bootimage and flash it
devices list all connected devices
continue continue with autoboot
reboot [bootloader] reboot device, optionally into bootlo
ader
reboot-bootloader reboot device into bootloader
help show this help message
options:
-w erase userdata and cache (and format
if supported by partition type)
-u do not first erase partition before
formatting
-s <specific device> specify device serial number
or path to device port
-l with "devices", lists device paths
-p <product> specify product name
-c <cmdline> override kernel commandline
-i <vendor id> specify a custom USB vendor id
-b <base_addr> specify a custom kernel base address.
default: 0x10000000
-n <page size> specify the nand page size.
default: 2048
-S <size>[K|M|G] automatically sparse files greater
than size. 0 to disable
C:\adb>adb reboot bootloader
C:\adb>adb oem lock
Android Debug Bridge version 1.0.32
Revision eac51f2bb6a8-android
-a - directs adb to listen on all interfaces for a c
onnection
-d - directs command to the only connected USB devic
e
returns an error if more than one USB device is
present.
-e - directs command to the only running emulator.
returns an error if more than one emulator is r
unning.
-s <specific device> - directs command to the device or emulator with
the given
serial number or qualifier. Overrides ANDROID_S
ERIAL
environment variable.
-p <product name or path> - simple product name like 'sooner', or
a relative/absolute path to a product
out directory like 'out/target/product/sooner'.
If -p is not specified, the ANDROID_PRODUCT_OUT
environment variable is used, which must
be an absolute path.
-H - Name of adb server host (default: localhost)
-P - Port of adb server (default: 5037)
devices [-l] - list all connected devices
('-l' will also list device qualifiers)
connect <host>[:<port>] - connect to a device via TCP/IP
Port 5555 is used by default if no port number
is specified.
disconnect [<host>[:<port>]] - disconnect from a TCP/IP device.
Port 5555 is used by default if no port number
is specified.
Using this command with no additional arguments
will disconnect from all connected TCP/IP devic
es.
device commands:
adb push [-p] <local> <remote>
- copy file/dir to device
('-p' to display the transfer progress)
adb pull [-p] [-a] <remote> [<local>]
- copy file/dir from device
('-p' to display the transfer progress)
('-a' means copy timestamp and mode)
adb sync [ <directory> ] - copy host->device only if changed
(-l means list but don't copy)
(see 'adb help all')
adb shell - run remote shell interactively
adb shell <command> - run remote shell command
adb emu <command> - run emulator console command
adb logcat [ <filter-spec> ] - View device log
adb forward --list - list all forward socket connections.
the format is a list of lines with the followin
g format:
<serial> " " <local> " " <remote> "\n"
adb forward <local> <remote> - forward socket connections
forward specs are one of:
tcp:<port>
localabstract:<unix domain socket name>
localreserved:<unix domain socket name>
localfilesystem:<unix domain socket name>
dev:<character device name>
jdwp:<process pid> (remote only)
adb forward --no-rebind <local> <remote>
- same as 'adb forward <local> <remote>' but fail
s
if <local> is already forwarded
adb forward --remove <local> - remove a specific forward socket connection
adb forward --remove-all - remove all forward socket connections
adb reverse --list - list all reverse socket connections from device
adb reverse <remote> <local> - reverse socket connections
reverse specs are one of:
tcp:<port>
localabstract:<unix domain socket name>
localreserved:<unix domain socket name>
localfilesystem:<unix domain socket name>
adb reverse --norebind <remote> <local>
- same as 'adb reverse <remote> <local>' but fail
s
if <remote> is already reversed.
adb reverse --remove <remote>
- remove a specific reversed socket connection
adb reverse --remove-all - remove all reversed socket connections from dev
ice
adb jdwp - list PIDs of processes hosting a JDWP transport
adb install [-lrtsdg] <file>
- push this package file to the device and instal
l it
(-l: forward lock application)
(-r: replace existing application)
(-t: allow test packages)
(-s: install application on sdcard)
(-d: allow version code downgrade)
(-g: grant all runtime permissions)
adb install-multiple [-lrtsdpg] <file...>
- push this package file to the device and instal
l it
(-l: forward lock application)
(-r: replace existing application)
(-t: allow test packages)
(-s: install application on sdcard)
(-d: allow version code downgrade)
(-p: partial application install)
(-g: grant all runtime permissions)
adb uninstall [-k] <package> - remove this app package from the device
('-k' means keep the data and cache directories
)
adb bugreport - return all information from the device
that should be included in a bug report.
adb backup [-f <file>] [-apk|-noapk] [-obb|-noobb] [-shared|-noshared] [-all]
[-system|-nosystem] [<packages...>]
- write an archive of the device's data to <file>
.
If no -f option is supplied then the data is wr
itten
to "backup.ab" in the current directory.
(-apk|-noapk enable/disable backup of the .apks
themselves
in the archive; the default is noapk.)
(-obb|-noobb enable/disable backup of any insta
lled apk expansion
(aka .obb) files associated with each applic
ation; the default
is noobb.)
(-shared|-noshared enable/disable backup of the
device's
shared storage / SD card contents; the defau
lt is noshared.)
(-all means to back up all installed applicatio
ns)
(-system|-nosystem toggles whether -all automat
ically includes
system applications; the default is to inclu
de system apps)
(<packages...> is the list of applications to b
e backed up. If
the -all or -shared flags are passed, then t
he package
list is optional. Applications explicitly g
iven on the
command line will be included even if -nosys
tem would
ordinarily cause them to be omitted.)
adb restore <file> - restore device contents from the <file> backup
archive
adb disable-verity - disable dm-verity checking on USERDEBUG builds
adb enable-verity - re-enable dm-verity checking on USERDEBUG build
s
adb keygen <file> - generate adb public/private key. The private ke
y is stored in <file>,
and the public key is stored in <file>.pub. Any
existing files
are overwritten.
adb help - show this help message
adb version - show version num
scripting:
adb wait-for-device - block until device is online
adb start-server - ensure that there is a server running
adb kill-server - kill the server if it is running
adb get-state - prints: offline | bootloader | device
adb get-serialno - prints: <serial-number>
adb get-devpath - prints: <device-path>
adb remount - remounts the /system, /vendor (if present) and
/oem (if present) partitions on the device read-write
adb reboot [bootloader|recovery]
- reboots the device, optionally into the bootloa
der or recovery program.
adb reboot sideload - reboots the device into the sideload mode in re
covery program (adb root required).
adb reboot sideload-auto-reboot
- reboots into the sideload mode, then reboots au
tomatically after the sideload regardless of the result.
adb reboot-bootloader - reboots the device into the bootloader
adb root - restarts the adbd daemon with root permissions
adb unroot - restarts the adbd daemon without root permissio
ns
adb usb - restarts the adbd daemon listening on USB
adb tcpip <port> - restarts the adbd daemon listening on TCP on th
e specified port
networking:
adb ppp <tty> [parameters] - Run PPP over USB.
Note: you should not automatically start a PPP connection.
<tty> refers to the tty for PPP stream. Eg. dev:/dev/omap_csmi_tty1
[parameters] - Eg. defaultroute debug dump local notty usepeerdns
adb sync notes: adb sync [ <directory> ]
<localdir> can be interpreted in several ways:
- If <directory> is not specified, /system, /vendor (if present), /oem (if pre
sent) and /data partitions will be updated.
- If it is "system", "vendor", "oem" or "data", only the corresponding partiti
on
is updated.
environmental variables:
ADB_TRACE - Print debug information. A comma separated list
of the following values
1 or all, adb, sockets, packets, rwx, usb, sync
, sysdeps, transport, jdwp
ANDROID_SERIAL - The serial number to connect to. -s takes prior
ity over this if given.
ANDROID_LOG_TAGS - When used with the logcat option, only these de
bug tags are printed.
C:\adb>
As you can see i tried several commands to lock.
cheers
Click to expand...
Click to collapse
because you didn't allow oem unlocking?

OEM unlocking allowed. I'm now back on Los 16 for the time being. OEM unlocking before greyer out saying my bootloader is already unlocked. It just will not lock and edl will not lock it either

There is a method by @raystef66 where u can "hide" this notification.

Spillunke said:
There is a method by @raystef66 where u can "hide" this notification.
Click to expand...
Click to collapse
Yea I'm not that desperate to hide it no more. I flashed stock android 8 and couldn't get it to stop encrypting the data partition with twrp so I gave up. I'm back on Los 16 with a new battery and that will do.
I'm not going to buy a razer phone 2 this year so this axon will have to do. Just got to order a new speaker as my bottom loud speaker just doesn't work. The plastic cover and the springs arms are intact just nothing coming from it.
Cheers for the replies guys. Was thinking of trading the phone in at CEX here in the UK and then move to my dual Sim Samsung s7. But since the Axon defeated me I'll keep it for now and maybe get shot of the Samsung instead.

Jcth1 said:
When I flash my 2017u back to stock 6.0 then update to 7.1.1 this screen on bootup is still present. I also cannot seem to get fastboot to work to lock the bootloader either.
Any help appreciated
Excuse the pic quality it's taken with my backup i9505 s4
Click to expand...
Click to collapse
you need to flash original stock rom for your device trough edl. (rom your device came from factory,marshmallow)
then boot into system,unlock developer options.Allow oem unlock and turn on usb debugging.Now connect phone to laptop and check the dialogue on your phone that ask for usb debug.Unplug phone.
When you did this you want to flash TWRP trough EDL.
Now boot in TWRP and flash UnlockbootloaderPackage from DrakenFX.
Reboot system.
Now turn off your device and boot into fastboot,connect your phone with laptop and open ADB terminal on your laptop or use Axon7toolkit.
In terminal enter fastboot oem lock,or in axon7toolkit choose lock bootloader.
Your bootloader is now locked.
PS: you dont need locked bootloader to recieve ota's,and make sure you are on the firmware your device came shipped with!!
You need a locked bootloader to get rid of the warning message ( dont flash any mod package that claims it delete the warning page)

Predatorhaze said:
you need to flash original stock rom for your device trough edl. (rom your device came from factory,marshmallow)
then boot into system,unlock developer options.Allow oem unlock and turn on usb debugging.Now connect phone to laptop and check the dialogue on your phone that ask for usb debug.Unplug phone.
When you did this you want to flash TWRP trough EDL.
Now boot in TWRP and flash UnlockbootloaderPackage from DrakenFX.
Reboot system.
Now turn off your device and boot into fastboot,connect your phone with laptop and open ADB terminal on your laptop or use Axon7toolkit.
In terminal enter fastboot oem lock,or in axon7toolkit choose lock bootloader.
Your bootloader is now locked.
PS: you dont need locked bootloader to recieve ota's,and make sure you are on the firmware your device came shipped with!!
You need a locked bootloader to get rid of the warning message ( dont flash any mod package that claims it delete the warning page)
Click to expand...
Click to collapse
Cheers. I however am not the phones original owner. So should I just go with the edl image for b29 marshmallow?

Jcth1 said:
Cheers. I however am not the phones original owner. So should I just go with the edl image for b29 marshmallow?
Click to expand...
Click to collapse
yes,take a early marshmallow build ( not the latest marshmallow build ).
I think u should take B25,follow my guide for lock bootloader and then update the rom trough OTA

Predatorhaze said:
yes,take a early marshmallow build ( not the latest marshmallow build ).
I think u should take B25,follow my guide for lock bootloader and then update the rom trough OTA
Click to expand...
Click to collapse
Any links to an earlier one would be appreciated. I downloaded djkuz b29 but that's his earliest it seems

Jcth1 said:
Any links to an earlier one would be appreciated. I downloaded djkuz b29 but that's his earliest it seems
Click to expand...
Click to collapse
i looked for you but cant find any b25....Then you can go ahead and use B29 marshmallow full edl

New problem...I have managed to flash b29 mm and lock the bootloader finally however 1, I have no SIM or WiFi working on setup screen so cannot set in motion otas. 2, I edl flash b15 N or B32 N or B20 O and none of them stuck. I just end up back at B29 MM Setup screen with a 02 Mac and no detected wifi

Jcth1 said:
New problem...I have managed to flash b29 mm and lock the bootloader finally however 1, I have no SIM or WiFi working on setup screen so cannot set in motion otas. 2, I edl flash b15 N or B32 N or B20 O and none of them stuck. I just end up back at B29 MM Setup screen with a 02 Mac and no detected wifi
Click to expand...
Click to collapse
Did you try factory reset?

Predatorhaze said:
Did you try factory reset?
Click to expand...
Click to collapse
Yes I did

Jcth1 said:
Yes I did
Click to expand...
Click to collapse
You can edl flash nougat stock ROM,or try edl flash b29mm ROM again,then boot in stock recovery( do not boot system) and do factory reset,turn off phone,boot phone.
I don't had these problems

Predatorhaze said:
You can edl flash nougat stock ROM,or try edl flash b29mm ROM again,then boot in stock recovery( do not boot system) and do factory reset,turn off phone,boot phone.
I don't had these problems
Click to expand...
Click to collapse
Ok the recovery says that it's on 6.0.1 and nothing changes ever. Tried flashing b15 N and nope still recovery says 6.0.1.
I tried updating via ADB and sdcard. Neither works. Two different updates also that I downloaded.
I did the factory reset, still same problem. No service on SIM and WiFi Mac is still 02:00:00 etc.
Just spent an hour on my driving break in my truck and nothing had worked.

Jcth1 said:
Ok the recovery says that it's on 6.0.1 and nothing changes ever. Tried flashing b15 N and nope still recovery says 6.0.1.
I tried updating via ADB and sdcard. Neither works. Two different updates also that I downloaded.
I did the factory reset, still same problem. No service on SIM and WiFi Mac is still 02:00:00 etc.
Just spent an hour on my driving break in my truck and nothing had worked.
Click to expand...
Click to collapse
Do you use Miflash for flash EDL firmware?

Predatorhaze said:
Do you use Miflash for flash EDL firmware?
Click to expand...
Click to collapse
No I used axon 7 edl tool.
So today I tried and tried and gave up flashing b15 N. I had a go with b32 N instead. However after flashing I didn't select yes on the edl tool to reboot instead going for a cable unplug and forced reboot holding the power button. I tried to boot into recovery which yielded a double flash of the red led and then nothing else. Blank screen and no led. I tried rebooting again to recovery and voila. 7.1.1 recovery loaded.
Not taking a chance I factory resetted and now have a fully stock axon 7 with a locked bootloader.
Many thanks to those who helped me but I'm going to part with this phone and return to a Nexus 6p that needs a new battery and a dual SIM exynos s7 for my axon 7 lineage os replacement.