This can:
Bypass TMO flash lock as it uses 9008 EDL.
Remove TMO sim lock and oem lock as you will be using global rom.
Convert your KB2007 (KB09CB) to KB2005 (KB05AA) as much as possible. (Although you're using the latest KB2005 firmware, any LineageOS stuff, such as LOS system,LOS recovery and LOS fastbootd, will still recognize it as KB2007. This is the same in OOS 11. But in OOS 12 system, it shows and acts like a KB2005.)
Should enables dsds (dual sim dual standby) in OOS 12. (Not tested. But status bar shows two empty sim slots in KB2005 OOS 12. After I flash LOS 19.1, slot 2 won't act unless boot with "persist.radio.multisim.config=dsds" prop.)
Give you access to Global OxygenOS firmware. (Bye slow TMO~)
Probably give you better overall condition (e.g. partition) than some fastboot scripts, as it's done directly by 9008 EDL.
AND THIS WILL DELETE ALL YOUR DATA ON DEVICE!!!
Actually, you should be able to change any brand device to any version you like by this method, but take your own risk as nothing is solid tested.
This can't:
Give you a second IMEI. (In OOS IMEI2 is "null". I guess it's hard baked somewhere.)
Remove TMO flash lock or unlock a locked bootloader. (You still need unlock token for that.)
You tell me please. I don't have enough time to test everything.
Please:
BE AWARE THAT YOU ARE RESPONSIBLE FOR WHAT YOU DO TO YOUR HARDWARE, NOT ME.
MY SUCCESS DOESN'T MEAN IT MAST HAPPENS TO YOU.
YOU ARE THE ONE WHO TAKE ALL THE RISKS. (And your phone, too.)
Be kind to other readers and help them, I can't stay online all day, sorry.
Why:
I own a fully unlocked KebabT running LineageOS 18.1, and I decided to try LOS 19.1 out.
But OOS 12 firmware is so buggy that it even broke my LOS instance, and the fastboot (not fastbootD, for hell reasons I can't enter LOS recovery AFTER ALL firmware upgrade) is also too buggy to fix my issue.
I unbricked my phone using this " https://forum.xda-developers.com/t/...l-to-restore-your-device-to-oxygenos.4180981/ " (Thanks for sharing!!!), but only to find that TMO firmware is so old, buggy and limited.
Then I googled and found this "https://www.droidwin.com/convert-oneplus-t-mobile-metro-to-global-on-locked-bootloader/" and this "https://github.com/bkerler/oppo_decrypt" ,but they are slightly outdated and doesn't fit kebab.
I fetched global firmware from here "https://forum.xda-developers.com/t/oneplus-8t-rom-ota-oxygen-os-repo-of-oxygen-os-builds.4193183/" (Thanks for sharing!!!) and started trying.
After a few tries I succeed and decided to share what I found.
How:
Firstly, know your hardware. Especially your ram type (ddr4 or ddr5) !
Then follow what this "https://www.droidwin.com/convert-oneplus-t-mobile-metro-to-global-on-locked-bootloader/" said, BUT WITH EXTRA MODIFICATION on your "settings.xml":
1. Overwrite "BasicInfo Project", "Version", "ModelVerifyPrjName", "ModelVerifyRandom" and "ModelVerifyHashToken", these makes you pass MsmDownloadTool's pre-check.
2. Scroll to the end of file and overwrite [Target ID="1" Desc="O2"] with [Target ID="101" Desc="TMO"], otherwise your flash won't begin as the tool can't find right hardware to flash.
3. Search for "Image ID=" and modify the results. For me, I have a DDR4 device, so I go with "xbl.img" and "xbl_config.img", so FOR ME I change "Image ID="1"" to "Image ID="101"", and change "Image ID="65537"" to "Image ID="65637"". Otherwise MsmDownloadTool won't be able to locate the right xbl img file to flash.
4. Follow the rest of that great guide and have a few tries, you won't lose more as you're already under EDL mode. Wish you success!
And:
Sorry in advance for any possible confusion as I'm not a native English speaker. You can ask in replies!
Please let me know if I'm wrong, I'll try to correct.
If this is already shared by other great guys, please forgive me as I really didn't find any related post in this forum.
I doubt this "https://forum.xda-developers.com/t/...m-unlock-or-bootloader-unlock-needed.4188491/" (Thanks for sharing!!!) is done in the same way but no one mentioned about it.
Special thanks to bkerler for creating this awesome "https://github.com/bkerler/oppo_decrypt" project!
Special thanks to LuK1337 for maintain LineageOS for OnePlus 8T!! You're great!!
Question:
It it possible to remove flash lock in this way?
I've tried several times to flash with kebab not kebabT MsmTool. But I can't make it work.
I can fix in os12 but need rw or unpack repack rom
Mr Hassan said:
I can fix in os12 but need rw or unpack repack rom
Click to expand...
Click to collapse
I don't understand.
Fix what or unpack what?
Is this what you need? "https://github.com/bkerler/oppo_decrypt"
I'm kind of curious to know what your model number would show up as in the About Phone screen. Being able to incorporate the SIM fix into the ROM would be a good thing. There was a link in the OP to a took that could unpack and repack the OPS file. My concern is, at least with the bastardized Color/Oxygen OS stock hybrid, that it will still see the device as a KB2007 and not an actual KB2005 outside of just the firmware version.
jcsww said:
I'm kind of curious to know what your model number would show up as in the About Phone screen.
Click to expand...
Click to collapse
For LOS and OOS 11, KB2007. (But for OOS 11 software update page, it shows as KB2005. You're able to get KB2005 OTA updates without any problem.)
For OOS 12, KB2005 everywhere.
You can try to spoof device model by using magisk_hide_props_config module, but it's another story.
jcsww said:
Being able to incorporate the SIM fix into the ROM would be a good thing.
Click to expand...
Click to collapse
If you use global version OOS or flash LOS, sim lock no longer exists.
IAAxl said:
I don't understand.
Fix what or unpack what?
Is this what you need? "https://github.com/bkerler/oppo_decrypt"
Click to expand...
Click to collapse
Unpack whole rom system vendor product odm
Its all in super.img
Mr Hassan said:
Unpack whole rom system vendor product odm
Its all in super.img
Click to expand...
Click to collapse
You can get super.img using oppo_decrypt.
But, I thought that's an unencrypted raw disk image, am I wrong?
And by the way, I flashed KB2005 super.img into my KB2007, but fastboot flash lock is still there, have to use unlock code bin file to disable it.
I apologize, as I don't quite understand the original post. This seems to be trying to specify a way to get dual-sim on KB2007 with A12? Apologies for the dumb questions, 1) How do I found out if my KB2007 has DDR4 or DDR5? 2) The instruction link https://www.droidwin.com/convert-oneplus-t-mobile-metro-to-global-on-locked-bootloader/ , following these steps seems to still leave the device on Android 11 (because that is the rom that comes with the MSM tools). If we then update to Android 12, won't that disable the dual-sim again?
raven911 said:
I apologize, as I don't quite understand the original post. This seems to be trying to specify a way to get dual-sim on KB2007 with A12? Apologies for the dumb questions, 1) How do I found out if my KB2007 has DDR4 or DDR5? 2) The instruction link https://www.droidwin.com/convert-oneplus-t-mobile-metro-to-global-on-locked-bootloader/ , following these steps seems to still leave the device on Android 11 (because that is the rom that comes with the MSM tools). If we then update to Android 12, won't that disable the dual-sim again?
Click to expand...
Click to collapse
In os12 ofcourse your 2nd sim will disable by bootloader partitions and some other as i mention in another post
But good news is i can fix
But bad news no way yo unpack repack or rw after root
raven911 said:
I apologize, as I don't quite understand the original post. This seems to be trying to specify a way to get dual-sim on KB2007 with A12? Apologies for the dumb questions, 1) How do I found out if my KB2007 has DDR4 or DDR5? 2) The instruction link https://www.droidwin.com/convert-oneplus-t-mobile-metro-to-global-on-locked-bootloader/ , following these steps seems to still leave the device on Android 11 (because that is the rom that comes with the MSM tools). If we then update to Android 12, won't that disable the dual-sim again?
Click to expand...
Click to collapse
To answer your questions:
1) Check here: https://wiki.lineageos.org/devices/kebab/fw_update
By the way, 8T hardware has two major variables: UFS 3.0 / 3.1 storage, and lpddr 4 / 5 memory. Storage type doesn't matter to rom flash, but memory type does.
2) Yes! You're still on OOS 11 after change-brand flash, but then you can OTA to KB2005 OOS 12 directly.
And, because my final goal is to run LOS, I didn't put my sim in while my phone is on OOS, so I can't really answer if dual sim is available in OOS 11 or 12.
In LOS, I use magisk_hide_props_config module to add "persist.radio.multisim.config=dsds" into system prop to enable dual sim. You can also try this "https://forum.xda-developers.com/t/...bile-8t-kb2007-with-lineage-aosp-rom.4262669/", same stuff.
If your KB2007 is flash locked, you can try the following steps and see if it will work:
A. Use oppo_decrypt to get elf files from msm rom;
B. Use QPST (and the elf file) to flash magisk patched boot.img into your device under 9008.
C. Install magisk model and get dsds.
∆ The risk is in step B.
I'm not familiar enough with QPST and never succeed to get QPST work to do anything.
Mr Hassan said:
Unpack whole rom system vendor product odm
Its all in super.img
Click to expand...
Click to collapse
Err… Try use MsmTool readback?
Oppo_decrypt offers an option to enable readback. I haven't used it though.
Or can you change what you have to, directly on a rooted device, and check if it works?
I'm still confused. Aren't those img file raw disk images? Can't you mount and read them on any Unix-alike device? How do you usually do this with other devices?
IAAxl said:
Err… Try use MsmTool readback?
Oppo_decrypt offers an option to enable readback. I haven't used it though.
Or can you change what you have to, directly on a rooted device, and check if it works?
I'm still confused. Aren't those img file raw disk images? Can't you mount and read them on any Unix-alike device? How do you usually do this with other devices?
Click to expand...
Click to collapse
let me tell you msm have rb option
but you still not got my pov there,s no rw option in rooted device even after root
so how can i make dump or backup or for which purpose i need backup if i dont even modded something in rooted device
another option which left is unpack system.img vendor.img odm.img etc and modify then repack it
but there,s not way to even convert it to raw i try simg2img but not support by this
even if i able to convert it to raw i can do something
and no its not raw format men. its payload and super
Mr Hassan said:
let me tell you msm have rb option
but you still not got my pov there,s no rw option in rooted device even after root
so how can i make dump or backup or for which purpose i need backup if i dont even modded something in rooted device
another option which left is unpack system.img vendor.img odm.img etc and modify then repack it
but there,s not way to even convert it to raw i try simg2img but not support by this
even if i able to convert it to raw i can do something
and no its not raw format men. its payload and super
Click to expand...
Click to collapse
Okay I understand now..
The goal is to change sth inside vendor and other partition, but they can't be remounted read-write inside system.
And the img file can't be exacted or repacked.
Will you try to remount those partition in recovery ADB maybe?
IAAxl said:
Okay I understand now..
The goal is to change sth inside vendor and other partition, but they can't be remounted read-write inside system.
And the img file can't be exacted or repacked.
Will you try to remount those partition in recovery ADB maybe?
Click to expand...
Click to collapse
Yes now you fully understand
Yes i tried many thing
And yes in twrp also tried remount etc
I also pull files and edit but when i push
Its said device not have enough space
Its maybe need resize etc
Mr Hassan said:
Yes now you fully understand
Yes i tried many thing
And yes in twrp also tried remount etc
I also pull files and edit but when i push
Its said device not have enough space
Its maybe need resize etc
Click to expand...
Click to collapse
I don't know if this helps or not.
But there are some scripts to exctract partitions from SUPER, flash them and make -rw.
[TOOL][WIN,LIN,AND,DARW] Super image tools | extract or make partitions RW in super partition
Disclaimer: Super image tools was made for testing and educational purposes, ME is not responsible for what you do on/with your device using our tools, you must agree that you using our tools on your own risk, I am not responsible for anything...
forum.xda-developers.com
[Closed] Universal SystemRW / SuperRW feat. MakeRW / ro2rw (read-only-2-read/write super partition converter)
Welcome to the one and only, the original, universal, System-RW / Super-RW feat. Make-RW / ro2rw (read-only-2-read/write super partition converter) by lebigmac Also known as: THE-REAL-RW, FULL-RW, EXT4-RW, EROFS-RW, EROFS-2-RW, F2FS-RW...
forum.xda-developers.com
Rootk1t said:
I don't know if this helps or not.
But there are some scripts to exctract partitions from SUPER, flash them and make -rw.
[TOOL][WIN,LIN,AND,DARW] Super image tools | extract or make partitions RW in super partition
Disclaimer: Super image tools was made for testing and educational purposes, ME is not responsible for what you do on/with your device using our tools, you must agree that you using our tools on your own risk, I am not responsible for anything...
forum.xda-developers.com
[Closed] Universal SystemRW / SuperRW feat. MakeRW / ro2rw (read-only-2-read/write super partition converter)
Welcome to the one and only, the original, universal, System-RW / Super-RW feat. Make-RW / ro2rw (read-only-2-read/write super partition converter) by lebigmac Also known as: THE-REAL-RW, FULL-RW, EXT4-RW, EROFS-RW, EROFS-2-RW, F2FS-RW...
forum.xda-developers.com
Click to expand...
Click to collapse
I done manything even convert to ext4
In shel its showing rw
And also in root explorer get rw but still not edit anything
I also try similar approach using qpst. I can read/save qpst and qcn but i can't write back.
vortex91 said:
I also try similar approach using qpst. I can read/save qpst and qcn but i can't write back.
Click to expand...
Click to collapse
Could you please share what you find?
I'm really unfamiliar with QPST, any info could help.
So, I'm not need T-Mobile help to sim unlock my phone?
Just convert it to global, and it will be carrier unlocked?
Are I read this right?
Deleted.
Related
Hello!
I've been trying to see if there's any root exploits, ROMs, whatever for this phone. Is it Hamachi (4012) compatible? Or is it another species? It does seem there's not much about it.
The only thing I've found is this mail thread.
comments DOT gmane DOT org / gmane DOT comp DOT mozilla DOT devel DOT b2g / 12487
The Fire C is a Jelly Bean based one. Start from there.
If I can successfully flash mine will post results. Wish me luck.
resetreboot said:
Hello!
I've been trying to see if there's any root exploits, ROMs, whatever for this phone. Is it Hamachi (4012) compatible? Or is it another species? It does seem there's not much about it.
Click to expand...
Click to collapse
mancvso said:
The only thing I've found is this mail thread.
comments DOT gmane DOT org / gmane DOT comp DOT mozilla DOT devel DOT b2g / 12487
The Fire C is a Jelly Bean based one. Start from there.
If I can successfully flash mine will post results. Wish me luck.
Click to expand...
Click to collapse
Nope. Bricked phone.
Anyone knows how to use this files?
forum DOT gsmhosting DOT com / vbb / f272 / flash-file-request-alcatel-4019x-1883599
Where did you find these files? Can you point me to them?
Maybe I can make something out of it. The MTK Droid Tools is totally unable of dumping anything from this phone and it's supposedly designed for these kind of phones (the chipset is a MediaTek).
If only I could snatch the boot image...! But the /dev/ block devices do not make any sense to me, otherwise I'd have at least something to go back when I screw the boot loader.
The URL is in the post above, just replace " DOT " with "." and delete spaces.
Anyway, the direct link is
mediafireDOTcom/?t6x77dxpb9bucbf
Which one is boot, system, userdata? Do you have the original file sizes?
I've tried with various Hamachi (4012X) boot.img but none of them works.
PD: I cannot post links.
I managed to fix my phone!!
In the folder above (Mediafire)
boot.img is B1TC000112R0.mbn
recovery.img is R1TC000112R0.mbn
system.img Y1TC000112R0.mbn
Be sure to explicitly start in fastboot mode (Power+Volume down)
As a side note, if load recovery.img in boot.img the phone will start in that mode. I've had to do that to make it boot (and them flash boot.img)
Good luck. Pass it on.
Wonderful! This is really useful info.
Now we can try to couple it with the FFOS SDK and try to get root and maybe upgrade to 2.0...
D'loading so I can start hacking...
resetreboot said:
Wonderful! This is really useful info.
Now we can try to couple it with the FFOS SDK and try to get root and maybe upgrade to 2.0...
D'loading so I can start hacking...
Click to expand...
Click to collapse
Please do so! An upgrade to 2.x is crucial even for copy/pasting text.
mancvso said:
I managed to fix my phone!!
In the folder above (Mediafire)
boot.img is B1TC000112R0.mbn
recovery.img is R1TC000112R0.mbn
system.img Y1TC000112R0.mbn
Be sure to explicitly start in fastboot mode (Power+Volume down)
As a side note, if load recovery.img in boot.img the phone will start in that mode. I've had to do that to make it boot (and them flash boot.img)
Good luck. Pass it on.
Click to expand...
Click to collapse
Great news, remember you can type *#3228# to know what are all these filenames in your device.
I have a 4019M (sold unlocked in this country) and I am interested on this, however I don't have experience flashing yet, as this is my first smartphone. If you need to do some tests from here for this particular device to get root and upgrades, feel free to ask!
This device is qualcomm based and gonk is jelly bean based, if I recall correctly.
Some news, they finally uploaded this month 4019X / 4019A GPL compliance sources into sourceforge · net / projects / alcatel / files /
Some progress to get a proper factory image
When using One Touch Update, I tried to figure what happens with the factory image download from the vendor. It downloads a bunch of 64 KiB files stored in a downloaded/ subdir of the programfiles application folder. They are downloaded via TCP, not using HTTP. Once the download is complete, out1.data and out2.data are generated, I guess all these files get somewhat assembled into these. They are placed in the programfiles application folder too, 203 MiB each. They look like a couple of Android sparse image files, according to header magic numbers. These files should be copypasted somewhere before ending the flash operation and closing the application, otherwise they will be deleted. Maybe these files contain interesting stuff :good:. There is also a log file showing addresses where is flashing and sizes of the images of the factory flashing operation.
Maybe some USB sniffing is worth, but not tested.
4019X Brick
Hi guys.
I have a 4019X bricked becasuse i tried to install a wrong system.img.
Can you upload again the factory flash images? The mediafire link is broken.
I made a backup of the original system with adb pull /system /system as mozilla´s recommend in the Firefox OS build prerequisites.
But i dont know how to compile to restore my phone. I tried this:
ANDROIDFS_DIR=<path to system backup> ./config.sh tarako
ANDROIDFS_DIR=<path to system backup> ./build.sh
but always fail.
If you dont know, can you tell me how to use the source code of alcatel to unbrik my phone:
sourceforge.net ... OT_FF_4019X_20150408.tar.xz
Thanks
Backup of the stock One Touch Fire C files
https://www.dropbox.com/s/nzn6g4qhh585ho4/4019X-2[X=A,B,C,D]TBHU1.rar?dl=0
Please keep us informed on any progress, now that Firefox has freed itself.
can u tell me if this rom has portuguese language? i need 4019x android or firefox with portuguese language? or anyway to add language?
best regards
mancvso said:
I managed to fix my phone!!
In the folder above (Mediafire)
boot.img is B1TC000112R0.mbn
recovery.img is R1TC000112R0.mbn
system.img Y1TC000112R0.mbn
Be sure to explicitly start in fastboot mode (Power+Volume down)
As a side note, if load recovery.img in boot.img the phone will start in that mode. I've had to do that to make it boot (and them flash boot.img)
Good luck. Pass it on.
Click to expand...
Click to collapse
Hi! I can not fix my Alcatel OT- 4019A yet. ¿could you please help me with that?
I don't know exactly what do with that archives.
Thanks!
Gsmfanatic said:
can u tell me if this rom has portuguese language? i need 4019x android or firefox with portuguese language? or anyway to add language?
best regards
Click to expand...
Click to collapse
The firmware doesn't have the Portuguese language, flashed it myself ...
EDIT: If you are coming here for the first time, this guide should still work, but @PorygonZRocks has created a flashable zip that should deal with a lot of these issues automatically. You can check out his post here:
https://forum.xda-developers.com/showpost.php?p=75787067&postcount=699
This method will indirectly allow you to root the LG Gpad v410 after it has been upgraded to Lollipop 5.1.1. Yes. Rooting LG v410 Lollipop. It's through a downgrade, but it works.
It took a while to get working, but here's how I did it. The process is straightforward, but the details matter greatly. You will brick your device if you mess up. Please read everything *first* before you do anything. Be sure you understand the process. I'll try to explain what's going on along the way.
An external SD card is extremely helpful for this process. You *could* adb push everything, but that will tedious.
First, you need some files.
The 4.4.2 KDZ which is a TEST OS, but it can be rooted and it downgrades to a Bump'able bootlaoder:
http://forum.xda-developers.com/g-pad-10/general/kdz-lg-g-pad-7-0-v410-t3224867
The LG 2014 Flash Tool:
http://www.mediafire.com/download/fwrcd3pdj0svjtb/LG_Flash_Tool_2014.zip
Android LG Drivers:
https://www.androidfilehost.com/?fid=24052804347802528
Parted for Android. You can probably find it other places, but I found this file:https://dl.dropboxusercontent.com/u/84115590/LG%20G2%2016GB%20Solution/sdparted-recovery-all-files.zip
EDIT: There seems to be a lot of confusion here. My bad. All you need is the file named "parted" from this zip file - nothing else. Just put that one file in the root of your external SD card.
https://dl.dropboxusercontent.com/u/84115590/LG G2 16GB Solution/sdparted-recovery-all-files.zip linked from here: http://www.**********.com/your-32gb-lg-g2-shows-only-16gb-storage-space-heres-the-fix/
EDIT2: The dropbox link is down. I've attached the file directly.
The Candy5 ROM (This will potentially save you some manual steps. Somewhat optional, but highly recommended):
http://forum.xda-developers.com/g-pad-10/development/rom-candy5-g-pad-v410-lollipop-5-1-1-v2-t3111987
Flashify APK:
http://www.apkmirror.com/apk/christian-gollner/flashify/flashify-1-9-1-android-apk-download/
TWRP for the v410:
http://forum.xda-developers.com/g-pad-10/development/recovery-twrp2-8-5-0lgv400-410-t3049568
LG One Click Root:
http://forum.xda-developers.com/lg-g3/general/guide-root-lg-firmwares-kitkat-lollipop-t3056951
(You may use Purple Drake or whatever else you want. They all use the same root script as this does and the GUI is helpful for novices.)
Android SDK (specifically adb.exe. After installing go to SDK Manager and ensure that Android SDK Platform Tools is checked):
http://developer.android.com/sdk/index.html
For clarification below, when I have commands in "quotes" they are Windows commands. When they are in `backticks` they are commands that you run inside of ADB which actually run on your device....as root. Root can screw things up. Please be extra cautious. If you blame me for messing up your device I will laugh at you. But that's not gonna happen, right? Good. Let's go.
Now that you have everything, put it all into a folder where you can access it easily.
Install the LG Drivers.
Install Android SDK (or otherwise get adb.exe).
Extract all of the archives.
Move the KDZ to the LG Flash Tool 2014 folder.
Put the tablet into Download Mode by powering it off, holding VolUp, and plugging in the USB cable. Press VolUP when instructed. You must be in Download mode before continuing.
Run LGFlashTool2014.exe. Select the KDZ file. Click "CSE Flash". Click "Start". Select "English" and click OK. Do not change anything else.
WAIT for the flash to continue. If you really want to brick your device, here's a good opportunity.
The device will reboot into Android 4.4.2. You will only have 4GB of internal storage at this point. DON'T PANIC! We are fixing it.
Enable USB debugging.
Connect the device.
Install and run LG One Click Root. Wait for the device to be rooted before proceeding.
Copy the Flashify apk, TWRP image, and Candy5 ROM to your external SD card.
Install Flashify and flash TWRP to the recovery partition.
Use the Flashify menu to reboot in to recovery.
DON'T PANIC! You will get white vertical lines on the boot screen from now on. They only show up during boot animations. A small price to pay. This may be fixed at a later date. for the time being! Thanks to marcsoup's first post ever, we have a fix! Details below. PLEASE click this link and thank him!
Things get tricky here. Copy parted to your external SD card and then run "adb shell" from Windows to get a shell in TWRP.
In TWRP, unmount /data by tapping Mount > uncheck Data.
`cp /sdcard/parted /sbin/` This copies the parted binary to /sbin so it can be executed in the path. I had trouble running `/sdcard/parted`, but YMMV.
`chmod +x /sbin/parted` Make it executable.
`parted /dev/block/mmcblk0` Run parted against the internal mmc
`p` Prints the partition table.
`rm 34` Deletes partition 34 labeled "grow". This is the root of our problem. The KDZ apparently only creates a 4GB partition, I assume so the test build has maximum compatibility with all sized devices.
`rm 33` Deletes partition 33 "userdata"
`p` Print to verify
`mkpartfs` Create a partition and put a filesystem on it. If we only expand the partition it won't help us because the filesystem is still only 4 GB.
a) name: userdata
b) type: ext2 (the tool only supports ext2. This is ok for now.)
c) start: 3439MB (the end of part 32. IT MAY BE DIFFERENT FOR YOU!) Be sure you do not omit the MB part otherwise the offset will overwrite another critical partition.
d) end: 15.8GB (where "grow" ended above. IT MAY BE DIFFERENT FOR YOU!) Be sure you do not omit the GB part otherwise the offset will overwrite another critical partition.
`p` Verify. For me it did not name the partition properly. Gotta fix that.
(if necessary) `name 33 userdata` This is critical for mount to find it in /dev/block/platform/msm.sdcc.1/by-name/ on some/all ROMS.
`p`. Verify one last time. Compare it to my partition table in the attachments. If you want to brick, delete some random partitions here.
Flash Candy5 with TWRP. It's only 239 MB, so it will flash quickly. I do this because Candy5 will reformat mmcblk0p33 from ext2 to ext4 for you. It does this as part of it's system boot, apparently. If you install a different ROM that does not do this, you can reformat it by running `make_ext4fs /dev/block/mmcblk0p33`. If your ROM does not have make_ext4, it likely has some differnt method to make an EXT4 filesystem. `/system/bin/mke2fs -t ext4 /dev/block/mmcblk0p33` may work better. Just flash Candy5 and be done with it.
Tap Wipe > Swipe to Factory Reset.
Tap Reboot > System.
WAIT!!! It will take a minute for the ROM to start the first time. You will have white lines and and possibly a white screen. WAIT. It's moving the DEX files to cache, formatting a partition, creating default folders on the internal storage, and several other things. WAIT! When the screen goes dim or turns off then it's ready.
Cycle the display or turn it on. You should be at the Candy5 lock screen.
USB debugging is on by default. Run "adb shell".
`mount | grep userdata` Make sure mmcblk0p33 is mounted.
`df` Make sure /data is 11.3 GB (or whatever size it is on non-16GB devices).
HELL YEAH, you downgraded, rooted, and fixed the partition problem. Enjoy your tablet!
Thanks to dopekid313 for finding the KDZ.
Thanks to timmytim for Candy5.
Thanks to the creators of the root script, flashify, TWRP, and XDA for being so awesome.
Thanks to marcsoup for fixing a fix to the white lines.
Thanks to navin56 for the partition dumps. PLEASE thank his post!
White lines fix.
What we are going to do is flash the aboot partition with the stock image provided by navin56. I've removed the extra files from the dump, so simply download aboot.img.7z below. Unzip it using 7zip.
These commands are to be run in TWRP. Reboot to TWRP recovery and connect with "adb shell". All of the following commands will be run in ADB under TWRP. If you cannot figure out how to get here, please post in the thread and someone will help you. Onward:
If you do everything correctly then you don't have to reflash your ROM and you won't lose data. This process can be done any time after flashing the KDZ, even before you follow the steps above to resize the userdata partition. It's a completely separate process.
Unzip aboot.img.7z so you have the file named aboot.img. You should also make sure that aboot.img's MD5 sum is e97431a14d1cee3e9edba513be8e2b52. Do not flash the 7z file. Please.
Copy aboot.img to your external SD card. It should live at /sdcard/aboot.img
Boot to TWRP and run "adb shell"
`ls -al /dev/block/platform/msm_sdcc.1/by-name/` Let's make sure we are flashing the right partition. On my device "aboot" is /dev/block/mmcblk0p6. You should verify this on your device or you WILL brick your tablet.
`dd if=/dev/block/mmcblk0p6 of=/sdcard/aboot-fukt.img` Let's back up our current aboot partition before we go flashing things just in case there are unintended consequences later. Be sure you have the same partition that "aboot" referred to in the 4th step or you have just backed up the wrong partition.
`dd if=/sdcard/aboot.img of=/dev/block/mmcblk0p6` Be sure the file exists, is the correct aboot.img, and you are flashing the right partition. You have been warned!!
Reboot TWRP and enjoy your boot animations again.
If I missed anything, please let me know. As far as I know this is the very first tutorial that details what is necessary to accomplish this. Please hit the Thanks button on every thread that you visit to download files!
FAQ:
Q: Why do I only have 11.3 GB of space when my device is 16GB?
A: The entire internal SD card (eMMC) is 16 GB. Gotta have someplace to install the bootloader, recovery, android, the modem OS, the secondary bootloader, the cache, the resource and power manager, and all of the other partitions necessary for the table to operate. Please look at the second screenshot in the OP. All of those 33 partitions take up room on the internal card. Fortunately ALL of those partitions ONLY take up about 4.4 GB. Hence the 'userdata' partition is ~11.3 GB.
If anyone wants to use my work to create a flashable zip to make it easier for novices, please do so. My problem is solved and I don't have the time to create the zip. Please post any questions and I'll gladly answer them! I'm so stoked that we have a usable downgrade method now!
Thank You, Worked Great
Thanks for making this I was gonna do it but was to lazy lol and thanks for linking my thread and giving cred instead of just linking straight to the kdz thank you
grandamle91 said:
Thank You, Worked Great
Click to expand...
Click to collapse
Glad to be of help!
dopekid313 said:
Thanks for making this I was gonna do it but was to lazy lol and thanks for linking my thread and giving cred instead of just linking straight to the kdz thank you
Click to expand...
Click to collapse
Of course! If you hadn't obtained the firmware then we'd all still be looking for a solution. It pisses me off to no end when people try to take credit for other people's work. We all just need to realize and acknowledge that we are simply standing on the shoulders of those who did the work necessary for each of us to do our work.
I just noticed since we formatted the userdata it screws up TWRP. It won't mount Data and it says the settings are corrupted
grandamle91 said:
I just noticed since we formatted the userdata it screws up TWRP. It won't mount Data and it says the settings are corrupted
Click to expand...
Click to collapse
Is this after you've rebooted into Candy5 and the partition is reformatted as ext4 (or you've done so manually)? TWRP may not be able to mount an ext2 partition.
EDIT: I just tested this. Following my instructions and flashing to Candy5, TWRP sees mmcblk0p33 (userdata) as the full size and mounts it at /emmc.
For clarification, after you run the parted commands, it will mess with the partition table and TWRP will most likely not be able to see it to remount it - at least not until after a reboot. This is why you need an external SD card from which to install ROMs.
/data not mounted
Edit: nevermind. The partition 33 was still ext2. I had to run make_ext4fs /dev/block/mmcblk0p33 and now I am able to mount /data. Thanks.
Thanks for taking the time to help us.
I followed the steps and till 33 I am good. But once I am in Candy5, I am not able to adb shell (adb not recognizing device eventhough usb debugging is on). I rebooted to recovery and adb works there. But my /data partition is not enabled in TWRP. I am not able to check it either under Mount in TWRP.
Code:
mount | grep userdata
is empty
Code:
df
does not show data
I tried this and my tablet bootlooped. I was able to get into fastboot and restore. I would GREATLY appreciate it if someone who has the time, would kindly donate their valuable time to into making an exe zip or something.
gridironbear said:
I tried this and my tablet bootlooped. I was able to get into fastboot and restore. I would GREATLY appreciate it if someone who has the time, would kindly donate their valuable time to into making an exe zip or something.
Click to expand...
Click to collapse
At what point did it bootloop? What was the last step that you took before rebooting?
Zip
I would really appreciate a zip file as I have never been savvy with adb and for whatever reason it doesn't want to work on Windows 10.
drumm3rb0y said:
I would really appreciate a zip file as I have never been savvy with adb and for whatever reason it doesn't want to work on Windows 10.
Click to expand...
Click to collapse
A zip file for what part? The only part that requires ADB directly is to fix the internal storage. You absolutely have to flash the KDZ and then root before you can do anything. If you are on 5.x then you have no possible way to root, much less flash a zip file.
If you tell me what exactly you are having issues with I will try to help.
fatbas202 said:
A zip file for what part? The only part that requires ADB directly is to fix the internal storage. You absolutely have to flash the KDZ and then root before you can do anything. If you are on 5.x then you have no possible way to root, much less flash a zip file.
If you tell me what exactly you are having issues with I will try to help.
Click to expand...
Click to collapse
The adb part is the part im having issue with. Everything else is flashed already. I was wondering if you could make a zip for the adb part so I can just flash it through twrp.
thanks for the great help. it did work perfectly to regain the lost space.
what about white lines ? is there any solution for that problem ?
I have tried flashing back stock recovery extracted from kdz, dd' but didn't help.
Now i am thinking of flashing back the aboot.bin extracted from original kdz or i can dump ".img" from another working device. (i have 4 similar devices)
what is your opinion i m not a developer and i need your advise. should i go ahead and which partition should i dd ? aboot or abootb or boot ?
regards
shahidmianoor said:
thanks for the great help. it did work perfectly to regain the lost space.
what about white lines ? is there any solution for that problem ?
I have tried flashing back stock recovery extracted from kdz, dd' but didn't help.
Now i am thinking of flashing back the aboot.bin extracted from original kdz or i can dump ".img" from another working device. (i have 4 similar devices)
what is your opinion i m not a developer and i need your advise. should i go ahead and which partition should i dd ? aboot or abootb or boot ?
regards
Click to expand...
Click to collapse
I have no solid evidence of this, but I suspect that the white lines are caused by a display driver issue where when the bootloader hands over control of the display to the kernel it doesn't get reinitialized properly. I have no ideas as to how to get rid of that at the moment but if I stumble across something I'll be sure to post here.
While I'm not an Android developer, I've been a Linux admin for 10+ years and have a lot of experience with Android devices. I'd be really hesitant to go flashing things ad hoc. While Download Mode may save you if you flash the wrong thing, I'm not entirely sure what the limitations that you may run in to with a locked bootloader are.
After having this device for months on 5.x and FINALLY being able to downgrade and run custom ROMs with root, not seeing a boot animation is a pittance to pay. But I'll keep looking.
i have same problem entered in TWRP but when ADB sheel thorough DP tools it didn't connect to my device. i m also using windows 10
Do I need to Re-mount Data ? I press format data button at TWRP and mount data. It looks work great.
After all process, it shows 16Gb total at storage, 11.04GB available. it works perfectly.
I need the stock V41010d, so I reflash the stock rom rooted at [ROM][STOCK](V410 ONLY)KOT49I.V4101d | 4.4.2 | Rooted + Busybox
Now, my Gpad is at stock V41010d, but I have a question about the boot screen, is it still with white lines and white screen? Any method to fix it?
Hello,
Thanks for the great work. unfortunately I am facing some difficulty, starting from step# 16 "Things get tricky here", how to run"adb shell in TWRP?
also can I use minimal_adb_fastboot_v1.1.3_setup.exe as mentioned in the link in the OP http://www.droidviews.com/your-32gb-lg-g2-shows-only-16gb-storage-space-heres-the-fix/ ?
also I noticed the path have been used includes 'parted' folder, but the folder I have after unzipping the parted zip called 'sdparted-recovery-all-files', do I rename the folder to 'parted' instead?
please help and excuse my broken English.
I'm also having trouble with the adb shell step. When my device is powered on normally, adb commands work. However, in TWRP mode my computer can't recognize the tablet, mount properly, and copy over parted. All the steps have been identical to this point. Any ideas?
iphone5sf said:
Do I need to Re-mount Data ? I press format data button at TWRP and mount data. It looks work great.
After all process, it shows 16Gb total at storage, 11.04GB available. it works perfectly.
I need the stock V41010d, so I reflash the stock rom rooted at [ROM][STOCK](V410 ONLY)KOT49I.V4101d | 4.4.2 | Rooted + Busybox
Now, my Gpad is at stock V41010d, but I have a question about the boot screen, is it still with white lines and white screen? Any method to fix it?
Click to expand...
Click to collapse
You shouldn't need to remount or format data. The parted command nukes the filesystem and creates a new one formatted as ext2. At this point the running kernel has the old partition table loaded and won't know that the partition has been extended. Simply flash Candy5 and reboot at this point and it will reformat the userdata partition.
See above for the white lines during the boot animation. Known issue, no fix in sight, doesn't really matter.
nmnm4alll said:
Hello,
Thanks for the great work. unfortunately I am facing some difficulty, starting from step# 16 "Things get tricky here", how to run"adb shell in TWRP?
also can I use minimal_adb_fastboot_v1.1.3_setup.exe as mentioned in the link in the OP http://www.droidviews.com/your-32gb-lg-g2-shows-only-16gb-storage-space-heres-the-fix/ ?
also I noticed the path have been used includes 'parted' folder, but the folder I have after unzipping the parted zip called 'sdparted-recovery-all-files', do I rename the folder to 'parted' instead?
please help and excuse my broken English.
Click to expand...
Click to collapse
You only need the sdparted-recover-all-files.zip from that site. "parted" is not a folder, but the binary (without a file extension) inside of that zip file. Copy that file to /sbin and you are in business.
zmali1 said:
i have same problem entered in TWRP but when ADB sheel thorough DP tools it didn't connect to my device. i m also using windows 10
Click to expand...
Click to collapse
summonholmes said:
I'm also having trouble with the adb shell step. When my device is powered on normally, adb commands work. However, in TWRP mode my computer can't recognize the tablet, mount properly, and copy over parted. All the steps have been identical to this point. Any ideas?
Click to expand...
Click to collapse
I'd recommend installing the SDK and pulling the drivers from that. Alternatively, you can try the drivers here: https://github.com/koush/UniversalAdbDriver.
Technically, when I ran the "parted" commands I was actually booted in to rooted 4.4.2 from the KDZ; I wasn't actually in TWRP. It's just not a very recommended way of going about it. I explained how to run all of this from TWRP, but there's no technical reason that you *can't* run this from Android. You just *shouldn't* because you can't cleanly unmount the filesystem and it theoretically could cause filesystem corruption. I just figured that I don't care about that partition getting corrupted since it's getting wiped out.
Hey, I noticed while looking through the Stock Firmware AP file, that in meta-data/fota.zip there are .jar files that have to do with package signing. Only issue is that the zip is password protected. If someone has the Compute power and skills to decrypt a zip and look at the jar files and ****, maybe we could find a way to sign our own TWRP recoveries and roms. Just a thought, i'll post a link to the fota.zip file i was talking about in a bit if anyone wants to take a crack at it. (Google drive is taking forever to upload cause of AT&T's ****ty DSL speeds, sorry)
Download Link: htt*ps:/*/drive.*google*.com/file/*d/0B9tb-svjqaVD*b3Y0V0tXR3drSzA/vie*w?usp=sharing (Remove all *'s from link, stupid 10 post until you can post links limitation)
Thanks,
Lavavex
Did you saw this Thread?
https://forum.xda-developers.com/an...signing-boot-images-android-verified-t3600606
About fota.zip...
Did you heard about plain text attack?
In few Seconds... minutes done... no password required but you can unpack.
Best Regards
Yesterday I have download this fota.zip... and yes... same password as for instance from my prior test with:
SM-J330F and 1 more...
Here are the 3 keys to decrypt if somebody want try...
Code:
2b4d493c
6142b289
1b7024aa
Code:
Key0
Key1
Key2
I have used Advanced Archive Password Recovery from elcomsoft...
Best Regards
adfree said:
Yesterday I have download this fota.zip... and yes... same password as for instance from my prior test with:
SM-J330F and 1 more...
Here are the 3 keys to decrypt if somebody want try...
Code:
2b4d493c
6142b289
1b7024aa
Code:
Key0
Key1
Key2
I have used Advanced Archive Password Recovery from elcomsoft...
Best Regards
Click to expand...
Click to collapse
Which will allow unpacking of the above zip? I thought it needed a zip password.
osm0sis said:
Which will allow unpacking of the above zip? I thought it needed a zip password.
Click to expand...
Click to collapse
We never found the Password... but for Decryption you need only these 3 Keys...
They can be easily found in few Minutes... with the right Tool...
Code:
2b4d493c
6142b289
1b7024aa
Here Key0 Key1 Key2 for Samsungs fota.zip...
This is really no rocket science...
Simple read about plain-text attack...
You can see all filenames...
You can see all filesizes etc...
Many files are floating around the Internet... to create ZIP for attack...
Then result is in few Minutes possible... :angel:
Use these 3 Keys in Tool:
Code:
Advanced Archive Password Recovery
And try self to unpack...
Best Regards
Edit 1.
Screenshot added...
Then maybe more clear...
Trial Version have mabye limtations... but to see it work... it is enough to play with trial.
@adfree or to anyone who can answer.
Quick question, what are the legal limitations to what is going on here? I may or not have a file from inside the fota.zip, but will sharing it put me in the legal wrong? If it is within the legal boundaries, I'd be happy to upload it for anyone to take a look at, but I don't want to land on the wrong side of the law by doing so. Please do let me know, as this is the most exciting development we've had when it comes to bootloader unlocking in a while. Also, it seems as though we can't view the entirety of the contents of the fota.zip with the trial version of the zip extraction tool mentioned in this thread, so if someone with more knowledge about this can confirm we could unlock our bootloaders with the contents of the zip (based on what is currently known about this), I'd be happy to bite the bullet of paying for the premium version given we can do this within the boundaries of the law.
Thanks.
1.
Maybe you can answer your question self...
Samsung PROTECTED this ZIP with password.
2.
IMHO it is Kernel related...
Yeah I know... Boot is every irritating...
But it is not sboot.bin related...
3.
About decrypting all files...
There are floating around Command Line Tool...
Code:
pkcrack
Try to Google it...
I have not tried...
I am 1 click Button user...
Best Regards
zipdecrypt from the pkcrack package plus those 3 keys worked flawlessly. :good:
Edit: Crazy number of utilities in this zip, but no script to run them all, and a lot of references to external files. No smoking gun like a "sbootimg_signer" binary or anything to make their proprietary footer signature, and no Samsung signature files.
the password for that zip is fotatest1234
Correct. All fota zips passwords are fotatest1234
Drdra3 said:
Correct. All fota zips passwords are fotatest1234
Click to expand...
Click to collapse
@lavavex , @osm0sis
Yes it is, but now the question still to be answered is, do the tools within the fota.zip file, actually work for legitimately repacking the boot/recovery image? Because in the fota.zip I checked from Android Pie's release it mentioned the "user/test-keys" and very much so had all of the compiled tools to actually patch a system and create and ADB flashable zip for stock recovery.
Could we technically make a signed sideloadable update.zip if the the update package was created on the device itself? The scripts included, along with the updated compiled binary tools, really do seem to be the Toolkit we've been looking for but have overlooked. I haven't tested it out fully, but I'm still reading about how to proceed. It isn't just the S7 either. So are the tools customized to the device, the android branch, or the bootloader?
Delgoth said:
@lavavex , @osm0sis
Yes it is, but now the question still to be answered is, do the tools within the fota.zip file, actually work for legitimately repacking the boot/recovery image? Because in the fota.zip I checked from Android Pie's release it mentioned the "user/test-keys" and very much so had all of the compiled tools to actually patch a system and create and ADB flashable zip for stock recovery.
Could we technically make a signed sideloadable update.zip if the the update package was created on the device itself? The scripts included, along with the updated compiled binary tools, really do seem to be the Toolkit we've been looking for but have overlooked. I haven't tested it out fully, but I'm still reading about how to proceed. It isn't just the S7 either. So are the tools customized to the device, the android branch, or the bootloader?
Click to expand...
Click to collapse
Presumably what I previously said still stands:
osm0sis said:
Crazy number of utilities in this zip, but no script to run them all, and a lot of references to external files. No smoking gun like a "sbootimg_signer" binary or anything to make their proprietary footer signature, and no Samsung signature files.
Click to expand...
Click to collapse
I thought id put together a thread with all my main tweaks and modifications to allow our device to perform better
lets start!
Decrypt
this ones an easy one - flash noverity and decrypt and you're on your way right?
i took this a step further and modified the boot.img for 4.7.6 to remove encryption and verity and added some mount flags
the flags ive added are:
noatime - noauto_da_alloc - nodiratime - data=writeback - barrier=0 - nobh
you can google to find out more information about these flags, but they all deliver top performance with minimal risk (possible risk: sudden power off may result in data loss)
How to
easy! *required /data to be formatted if you are not already decrypted
flash the modified boot image: https://drive.google.com/open?id=1WItoR1ifuCRYXwBvzBdis3hUnCftlUd-
format /data
flash supersu / magisk if you were rooted otherwise stay stock
if you want to flash a kernel you need to replace the fstab.qcom with the modified version (to do this open the kernel zip and paste over the fstab.qcom)
kernel fstab.qcom: https://drive.google.com/open?id=1XRI5EWwREnvxCVWrjY4FFu1PQs1bbUje
Disable journaling completely
my favourite tweak - disables journaling
How to
i like doing this before first boot but you can do it whenever really
ideally in TWRP
first, explorer /dev/block/
for every file you see in /dev/block you add tune2fs -O ^has_journal before it
so for example, if /dev/block has a file called sdd01
you will type: tune2fs -O ^has_journal /dev/block/sdd01 in TWRP terminal
and so on for sdd02 etc etc (or you can create a script to do this for you) it will not succeed on all blocks as some dont have this features.
DOES NOT WORK ON 5T FOR SOME REASON WILL NOT BOOT INTO OS AFTER THIS IS DONE
Misc tweaks
some other tweaks i have not tested to see if they're working on the 5T
but here they are
How to
Scripts (you can run on boot or on demand):
fstrim (requires busybox): https://drive.google.com/open?id=1MSqvVlOr59Y8y-3DiJ3Snms_rEvJWVzX
sqlite vaccum and reindex database: https://drive.google.com/open?id=1NcW33rvoInQPSx9w8RcQ__GC_5Vhv-6a
also requires this file in xbin: https://drive.google.com/open?id=1p2COCUjhiAaIjyZjV84EmvUgntp0_bdi
zipalign: https://drive.google.com/open?id=1wWyfoy6QuVCtwUUkI9TVrobNbv7Kset8
also requires this file in xbin: https://drive.google.com/open?id=1K25bOrA7eVUacHEVrHNN2At6D-Dnfgmi
mark disk as non-rotational,disable iostats, simple iomerges no hash lookup, rq_Affinity set to 2 - best for multitasking uses all cores to complete request instead of cpu 'group' : https://drive.google.com/open?id=1YJ5GHGqwl8tzxvRyEGYINPIp4zdHUgTd
Stock Boot 4-7-6
https://drive.google.com/open?id=1OQKJB9gRj2SG7WS9J-ucuUaWmqPn1gMl
Stock Boot 4-7-6 no flags, decrypt no verity
https://drive.google.com/open?id=1gXYYw7E2fzSRkh2J-1hZIS4EH34zeBPT
if anyone has any other tweaks they'd like to share ill be sure to add them in!
THIS WORK IS OPEN TO ANYONE FOR USE
FREE KNOWLEDGE FOR ALL
Thank for the tips, could you post the boot img for 4.7.6 with out the flags being set.
freegame619 said:
Thank for the tips, could you post the boot img for 4.7.6 with out the flags being set.
Click to expand...
Click to collapse
updated OP
Hi @virtyx
I'm sorry I'm hijacking this thread but I can't find answers to my questions anywhere.
Why would you decrypt the phone ? Why is useful ? Does TWRP can't read from the sdcard partition if the phone is encrypted ? What can't you do with an encrypted phone ?
Everybody is talking about decrypting the phone but nobody says why is it for.
raptor2003 said:
Hi @virtyx
I'm sorry I'm hijacking this thread but I can't find answers to my questions anywhere.
Why would you decrypt the phone ? Why is useful ? Does TWRP can't read from the sdcard partition if the phone is encrypted ? What can't you do with an encrypted phone ?
Everybody is talking about decrypting the phone but nobody says why is it for.
Click to expand...
Click to collapse
in my experience decrypting makes the phone perform better (people will argue it makes no difference) but every time ive done it i notice improvement.
twrp is fine for reading the sdcard, decrpytion has its benefits but also drawbacks (easier to hack, etc) you can do the research yourself, but there are benchmarks showing the differences (mainly reads are affected)
if you're smart with your phone (i.e dont download suspicious stuff) you should be fine without encryption.
ive never had it on, except when i cant turn it off
raptor2003 said:
Hi @virtyx
I'm sorry I'm hijacking this thread but I can't find answers to my questions anywhere.
Why would you decrypt the phone ? Why is useful ? Does TWRP can't read from the sdcard partition if the phone is encrypted ? What can't you do with an encrypted phone ?
Everybody is talking about decrypting the phone but nobody says why is it for.
Click to expand...
Click to collapse
To run decrypted ROMs mainly. I see no other reason but im curious too
Since some ROMs can only boot if you are decrypted i guess it's that
Did a very quick lookup of that journaling business and it sounds interesting. Have you noticed much of a difference in performance on vs disabled?
virtyx said:
updated OP
Click to expand...
Click to collapse
I was mentioning about the boot img without the flags being set not the one without the encryption turned off.
freegame619 said:
I was mentioning about the boot img without the flags being set not the one without the encryption turned off.
Click to expand...
Click to collapse
oh ok sorry i thought you meant stock boot.img
updated.
showofdeth said:
Did a very quick lookup of that journaling business and it sounds interesting. Have you noticed much of a difference in performance on vs disabled?
Click to expand...
Click to collapse
definitely found better responsiveness with it disabled, and multitasking is much better
Can u help me to create script for disabling journal? I had 100 files on block folder ?
Oh and also, can I flash ur modified boot.img on 4.7.5? Because I haven't got system update to 4.7.6. it would be troubling me if I had to reflash the whole 4.7.6 rom since I had around 300 apps installed. Thanks before btw
andrizmitnick said:
Can u help me to create script for disabling journal? I had 100 files on block folder
Oh and also, can I flash ur modified boot.img on 4.7.5? Because I haven't got system update to 4.7.6. it would be troubling me if I had to reflash the whole 4.7.6 rom since I had around 300 apps installed. Thanks before btw
Click to expand...
Click to collapse
Shouldn't have a problem booting 476 on 475 but you need to test
virtyx said:
oh ok sorry i thought you meant stock boot.img
I am on OB1 oreo, encrypted, oreo compatible twrp, rooted with magisk 15.2, the boot image available here are for nougat, is it possible you can do it for oreo, or any help towards this, thanks for your help, Regards.
Click to expand...
Click to collapse
vtec303 said:
virtyx said:
oh ok sorry i thought you meant stock boot.img
I am on OB1 oreo, encrypted, oreo compatible twrp, rooted with magisk 15.2, the boot image available here are for nougat, is it possible you can do it for oreo, or any help towards this, thanks for your help, Regards.
Click to expand...
Click to collapse
when I get time I'll look for the oreo boot img
Click to expand...
Click to collapse
virtyx said:
vtec303 said:
when I get time I'll look for the oreo boot img
Click to expand...
Click to collapse
ok thanks mate, cheers.
Click to expand...
Click to collapse
Hello there, I've never rooted a phone before but would love to try it with Android 12 finally coming out as stable on the OnePlus 8 Pro. So as a complete noob, can anyone walk me through it, or does anyone have a handy thread that takes me through all of it? Thank you!
Same method with OOS11 (other thread), u need full OTA OOS 12 to detached the boot.img and patch it with magisk.
- Or easier just on OOS11 rooted => update to OSS 12 (after install finished, dont reboot, go to magisk select install to inactive slot, now reboot)
dangtoi1993 said:
Same method with OOS11 (other thread), u need full OTA OOS 12 to detached the boot.img and patch it with magisk.
- Or easier just on OOS11 rooted => update to OSS 12 (after install finished, dont reboot, go to magisk select install to inactive slot, now reboot)
Click to expand...
Click to collapse
Thank you! Although as I said I'm very new So if you could explain in a biiiit more noob friendly words, that would be appreciated!
andylmfao said:
Thank you! Although as I said I'm very new So if you could explain in a biiiit more noob friendly words, that would be appreciated!
Click to expand...
Click to collapse
As i know, there is still no downloadable full OTA file for stable OOS 12,
then root method is root at OOS 11 then update after.
to do that, imo, u need to find read and research some old thread to know about that phone before.
its easier than someone will write here for you.
dangtoi1993 said:
As i know, there is still no downloadable full OTA file for stable OOS 12,
then root method is root at OOS 11 then update after.
to do that, imo, u need to find read and research some old thread to know about that phone before.
its easier than someone will write here for you.
Click to expand...
Click to collapse
Ah okay, thank you! Do you know how long it usually takes for an OTA file to come out? Or, if you could, help me through going back to OOS11, rooting it, and then updating to OOS12 and keeping root?
andylmfao said:
Ah okay, thank you! Do you know how long it usually takes for an OTA file to come out? Or, if you could, help me through going back to OOS11, rooting it, and then updating to OOS12 and keeping root?
Click to expand...
Click to collapse
I posted the patched boot img from latest OO12 Ota to another thread.
Flash it via fastboot and your are good.
BootIMG-Magisk24.3_IN2025_11_C.11
MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.
www.mediafire.com
xtcislove said:
I posted the patched boot img from latest OO12 Ota to another thread.
Flash it via fastboot and your are good.
BootIMG-Magisk24.3_IN2025_11_C.11
MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.
www.mediafire.com
Click to expand...
Click to collapse
Oh wow, thank you! How do i flash it via fastboot?
andylmfao said:
Oh wow, thank you! How do i flash it via fastboot?
Click to expand...
Click to collapse
I guess you already setup adb/fastboot on your pc. If not google it.
-connect phone to the pc and activate usb debugging in your phones developer settings(unlock developer settings by tapping 5 times about phone)
-run a windows shell in the folder where you setup adb and fastboot.exe
-type the following in shell
adb reboot bootloader
Your phone will boot into the bootloader
type:
fastboot flash boot BootIMG-Magisk24.3_IN2025_11_C.11.img
xtcislove said:
I guess you already setup adb/fastboot on your pc. If not google it.
-connect phone to the pc and activate usb debugging in your phones developer settings(unlock developer settings by tapping 5 times about phone)
-run a windows shell in the folder where you setup adb and fastboot.exe
-type the following in shell
adb reboot bootloader
Your phone will boot into the bootloader
type:
fastboot flash boot BootIMG-Magisk24.3_IN2025_11_C.11.img
Click to expand...
Click to collapse
And that's just it? Wow! Thank you!
Edit- It just say "Waiting for the device in the Shell. What do I do? And it doesn't show up with "fastboot devices" It also says there's no driver under windows device manager.
edit 2 - nvm I figured it out, turns out I hadn't installed the USB drivers
andylmfao said:
And that's just it? Wow! Thank you!
Edit- It just say "Waiting for the device in the Shell. What do I do? And it doesn't show up with "fastboot devices" It also says there's no driver under windows device manager.
edit 2 - nvm I figured it out, turns out I hadn't installed the USB drivers
Click to expand...
Click to collapse
I hope it works for you now. Have fun.
Hi, will this boot.img work for 11 C.16? If not, do you know where i can get it? Thanks
paq1170 said:
Hi, will this boot.img work for 11 C.16? If not, do you know where i can get it? Thanks
Click to expand...
Click to collapse
IDk but i installed C.16 lately and have the patched image on my pc.
boot_11.C16
MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.
www.mediafire.com
Extracted from OnePlus8ProOxygen_11_C.16_15.E.16_OTA_1036_all_2204222258_57eced36 and patched with Magisk24.3.
I'm guessing that it's not a good idea to OTA root from oos11 to 12?
omega552003 said:
I'm guessing that it's not a good idea to OTA root from oos11 to 12?
Click to expand...
Click to collapse
What do you mean? To preserve root with the inactive slot method within magisk?
I root my device with flashing a patched boot img.
xtcislove said:
What do you mean? To preserve root with the inactive slot method within magisk?
I root my device with flashing a patched boot img.
Click to expand...
Click to collapse
Well that how yo'd normally do it, but for some reason when you do that on the OOS12 upgrade its get really weird.
xtcislove said:
IDk but i installed C.16 lately and have the patched image on my pc.
boot_11.C16
MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.
www.mediafire.com
Extracted from OnePlus8ProOxygen_11_C.16_15.E.16_OTA_1036_all_2204222258_57eced36 and patched with Magisk24.3.
Click to expand...
Click to collapse
Do you have C.20 version?
gzyms said:
Do you have C.20 version?
Click to expand...
Click to collapse
No.
Simply download the Prebuild binaries from here.
[TOOL] A QUICK Android OTA payload dumper
Made with Go. By utilizing goroutines, this can extract img files from (full) OTA payload.bin really quickly. See how fast this is: https://i.imgur.com/adpijqf Source Code: https://github.com/ssut/payload-dumper-go Prebuilt binaries...
forum.xda-developers.com
Edit: That is the payload dumper im using.
(ROOT) Android 11 / Latest stock and patched img's / payload dumper / magisk_patched guides
Hi all, Have seen a lot of requests for patched boot images on these threads so thought i'd share a guide on how to get it yourself as well as all the files required, plus the patched boot.img if you just want to go ahead and boot/flash it...
forum.xda-developers.com
6.58 MB folder on MEGA
4 files and 3 subfolders
mega.nz
And download the C.20 update from here.
[OnePlus 8 Pro][ROM][OTA][Oxygen OS] Repo of Oxygen OS Builds
As OnePlus doesn't always provide download links for all of their OxygenOS ROMs & OTA update zips, we've created an index to put the links in one post so that they're easy to find. Note: This is not a support thread for issues you may have with...
forum.xda-developers.com
Use payload dumper to extract the boot image and copy it to yout device
Install Magisk apk on your device (does not matter if it has root or not)
patch the boot image, copy the patched image to your pc and you have a patched boot image for C.20.
xtcislove said:
No.
Simply download the Prebuild binaries from here.
[TOOL] A QUICK Android OTA payload dumper
Made with Go. By utilizing goroutines, this can extract img files from (full) OTA payload.bin really quickly. See how fast this is: https://i.imgur.com/adpijqf Source Code: https://github.com/ssut/payload-dumper-go Prebuilt binaries...
forum.xda-developers.com
And download the C.20 update from here.
[OnePlus 8 Pro][ROM][OTA][Oxygen OS] Repo of Oxygen OS Builds
As OnePlus doesn't always provide download links for all of their OxygenOS ROMs & OTA update zips, we've created an index to put the links in one post so that they're easy to find. Note: This is not a support thread for issues you may have with...
forum.xda-developers.com
Use payload dumper to extract the boot image and copy it to yout device
Install Magisk apk on your device (does not matter if it has root or not)
patch the boot image, copy the patched image to your pc and you have a patched boot image for C.20.
Click to expand...
Click to collapse
This is not as easy as you might think. The default payload dumper (and the Go version) cannot handle these incremental OTAs:
Processing boot partitionUnsupported type = 9 · Issue #10 · vm03/payload_dumper
Hi, @vm03! :) Is there a solution to this problem? Only boot.img didn't succeed. I have Nokia 4.2 Thanks! Log: (.py) PS D:\Downloads\1> python payload_dumper.py --diff payload.bin Processing aboot ...
github.com
Instead you need to use this:
GitHub - mrslezak/update_payload_extractor
Contribute to mrslezak/update_payload_extractor development by creating an account on GitHub.
github.com
Unfortunately, this payload extractor fork is broken on windows. I had to set up a Ubuntu VM to run it.
The entire process took the majority of my afternoon
Attached is the extracted boot.img, both magisk patched and unpatched. Hopefully it saves others some time.
Swap_File said:
This is not as easy as you might think. The default payload dumper (and the Go version) cannot handle these incremental OTAs:
Processing boot partitionUnsupported type = 9 · Issue #10 · vm03/payload_dumper
Hi, @vm03! :) Is there a solution to this problem? Only boot.img didn't succeed. I have Nokia 4.2 Thanks! Log: (.py) PS D:\Downloads\1> python payload_dumper.py --diff payload.bin Processing aboot ...
github.com
Instead you need to use this:
GitHub - mrslezak/update_payload_extractor
Contribute to mrslezak/update_payload_extractor development by creating an account on GitHub.
github.com
Unfortunately, this payload extractor fork is broken on windows. I had to set up a Ubuntu VM to run it.
The entire process took the majority of my afternoon
Attached is the extracted boot.img, both magisk patched and unpatched. Hopefully it saves others some time.
Click to expand...
Click to collapse
You are right. I posted the wrong payload dumper.
I am using the one from here and it worked with every payload i tried.
(ROOT) Android 11 / Latest stock and patched img's / payload dumper / magisk_patched guides
Hi all, Have seen a lot of requests for patched boot images on these threads so thought i'd share a guide on how to get it yourself as well as all the files required, plus the patched boot.img if you just want to go ahead and boot/flash it...
forum.xda-developers.com
6.58 MB folder on MEGA
4 files and 3 subfolders
mega.nz
I guess the other one is quicker but im using this and it works. I edit my old post.
Swap_File said:
This is not as easy as you might think. The default payload dumper (and the Go version) cannot handle these incremental OTAs:
Processing boot partitionUnsupported type = 9 · Issue #10 · vm03/payload_dumper
Hi, @vm03! :) Is there a solution to this problem? Only boot.img didn't succeed. I have Nokia 4.2 Thanks! Log: (.py) PS D:\Downloads\1> python payload_dumper.py --diff payload.bin Processing aboot ...
github.com
Instead you need to use this:
GitHub - mrslezak/update_payload_extractor
Contribute to mrslezak/update_payload_extractor development by creating an account on GitHub.
github.com
Unfortunately, this payload extractor fork is broken on windows. I had to set up a Ubuntu VM to run it.
The entire process took the majority of my afternoon
Attached is the extracted boot.img, both magisk patched and unpatched. Hopefully it saves others some time.
Click to expand...
Click to collapse
Can we use this attached boot img on IN2011_11_C.20 (India)?