Related
*** I've been receiving many requests and PMs from members asking to help them unbrick their device. Please note that I no longer own this device (and even if I did I would not purposely brick it just to reproduce your problem), therefore I am unable to help out beyond this tutorial. ***
Hello,
First some background and credits:
There are a few ways to brick a phone. Sometimes it's lack of experience, sometimes it's an accidental thing, sometimes there just isn't an explanation for what went wrong... (share your experience here, if you wish). For me, I owned my OPO for about 4 hours before things went wrong. First thing I did was I rooted it and installed TWRP. After creating a nandroid backup of the stock image I installed my favorite custom ROM and restored all my apps with TiBu. Everything was great and configured just the way I wanted it. I then wiped my old phone (Nexus 4), installed a new ROM and got it all ready for my wife. She was so excited to get rid of her GNex and move up to the N4. But then, for whatever reason, I opened an app on my OPO that I used to manage, download, and install kernels with. It came up with "there is a new kernel update!" and I instinctively clicked on "Install". 10 seconds later my phone was bricked. Nothing came on the screen, no fastboot, no recovery, nothing to boot to, no way to send data to and from it. The second the screen went black and the phone became lifeless I got that wretched feeling in my gut as I realized I just flashed a N4 kernel on my new OPO. Restoring the kernel management app with TiBu made it act like it's still running on my old phone, and in my excitement I didn't take a second to think things through...
I received a bit of consolation when a quick XDA search revealed that I am not the only dumbass to brick his phone this very way. I joined forces with some pretty smart and desperate people and tried different things, all described in the following thread: http://forum.xda-developers.com/oneplus-one/help/wrong-kernel-black-screen-fastboot-adb-t2835696. Unfortunately it took us what seemed like many long weeks to figure it all out. Well, in the end a solution was found and I documented it in the the following post: http://forum.xda-developers.com/showpost.php?p=55024864&postcount=136.
This was a few months ago, but I recently noticed many people continue to search for these directions and have problems finding them hidden among many pages and other threads, so I've decided to put this stand alone thread with these, now updated, directions.
Let me get one more thing straight, for the record. I did not find the way to unbrick the OPO. In fact I wasn't even the very first one to do it. It was a collective effort of few people who tried many different approaches and ideas, and I eventually documented these steps for others to follow. Being said, the following people deserve credit as well: @os_man, @rezor92, @Mnt-XDA. If I am forgetting other significant names and efforts, I apologize.
***CAUTION***
The following instructions are for hardware bricked devices ONLY and will not work on soft bricked devices. To determine whether your device is soft or hard bricked, click the button below:
Hardware brick
A hardware bricked OPO has nothing but a black screen (nothing ever comes on the screen, not even a boot logo), it might vibrate when a power button is pressed and held for 20 seconds, has no Recovery partition, no adb mode, and no fastboot partition. The device might be detected in Linux and you might be able to even send commands to it. In Windows, the bricked OPO should be detected as QHSUSB_BULK USB. You might have a bricked OPO as a result of flashing a kernel meant for a different device (or a ROM meant for another device that included a kernel), tinkering with the boot logo or bootloader, or your attempt of unlocking the bootloader resulted in corrupting the boot partition.
Software brick
Please do not attempt to use these directions if your phone is soft bricked. A software bricked OPO is one that might be stuck in a bootloop, but has a working bootloader, recovery partition, fastboot, or adb. If you press the power button and images appear on the screen and you are able to enter fastboot mode (Power + VolUP) or recovery (Power + VolDOWN) then your device is soft bricked. This thread does not encompass soft brick recovery, the instructions below do not apply and will not work on these phones. Consult other threads for help on soft bricked devices.
If based on the above explanation of differences between soft and hard bricks you determined your device is hard bricked, here's what you will need to do...
1:
Download Color.zip from (mirror needed).
After downloading, unzip the archive on your computer.
2:
Next, you need proper Windows drivers. There are architectural differences between Windows XP and Windows 7/8, so follow the directions below that pertain to you. One quick note about the drivers: the installation and process is very simple and straightforward on Windows XP (I also tested successfully on Windows 2003), but proves to be quite a challenge when running on Windows 7 or 8. Over and over people report issues when attempting the unbrick procedure on Windows 7/8, some have more luck than others. Being said, if you have access to a Windows XP computer, I highly recommend that you use that. If you have no choice but to use a Windows 7 or 8 computer and have problems, please share them here and read others' experiences.
So first, by now you probably tried a few different things to fix your phone and you've already installed some drivers, including Qualcomm USB drivers for 9006 and 9008. My best advice is to uninstall the drivers you tried so far and use the ones listed below. Go to Device Manager, right click on the bricked USB device (QHSUSB_BULK or Qualcomm HS-USB QDLoader 9008) and go to Properties, click on Driver, then select Uninstall. Check the box to remove driver files, if prompted. Then:
2a:
Windows XP users:
You are in luck, driver installation is straightforward. Go to the extracted Color.zip folder and find Driver.iso. Extract Driver.iso. Inside the extracted folder find Setup.exe. Run Setup.exe to install the drivers. The installer is Chinese, but all you need to do is click through the prompts.
2b:
Windows 7 and Windows 8:
These operating systems block unsigned driver installations by default. Follow these steps (thanks @nag4pl for testing these):
Download and extract these Qualcomm 2012 drivers: (mirror needed).
Connect your bricked phone and let Windows do its thing.
Now something very essential you need to do here is to execute two commands to allow you to install unsigned drivers for QHUSB_BULK. Click on Start Menu > Type cmd.exe > Right Click and Run as Administrator.
In the CMD window type in the following commands (hit enter after each):
Code:
bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
Code:
bcdedit.exe -set TESTSIGNING ON
After both the commands should run successfully, restart your computer.
You can now proceed to install unsigned drivers from the file you downloaded. Open Device Manager, you should be seeing ugly yellow warning under other devices for QHUSB_BULK. Right click on the name and select Update Driver Software > Browse my Computer for driver software. For driver software location provide the path where you have extracted Qualcomm 2012 drivers you downloaded and make sure 'Include Subfolders' is checked. Proceed through all the installation prompts ignoring any warnings.
3:
Once you have the drivers straightened out, connect your bricked phone to the computer and start it up by holding VolUp + Power to about 10 seconds, and let the computer do its thing. Don't install drivers if they are not installed by itself. Instead launch Msm8974DownloadTool.exe as Administrator (right click on Msm8974DownloadTool.exe and select "Run as administrator") from the extracted Color.zip archive. It will scan all the COM ports and find the phone. That's the one line that looks different in the list. The list is just a list of your com ports and devices. If you unplug the phone and move it to another port, it will show your bricked phone on a different line.
Clicking on "Enum" just rescans the busses. Clicking the big square button in upper right corner scans the phone and reports what's good and what's not. It takes a minute for the scan to finish.
If you don't see your phone in the list of com devices, try unplugging/plugging in your phone a couple times, and rebooting it with VolUP + Power (hold 10 seconds). You will see it in Device Manager as well.
Once you see the phone in the list, click Start. You should see the programs start writing different files to the phone. Each time it writes a file you'll see a progress bar. Once you see this process happening, smile, you know you will be good to go... After all files are written, the com line with your device will turn green. You're good, unplug and reboot your phone. It will boot to ColorOS, the Chinese OS that comes on OPO.
4:
Optional Steps:
Your phone is no longer bricked. You now have a few options to get back to stock. The easiest way is to use a toolkit from http://forum.xda-developers.com/oneplus-one/development/oneplus-one-toolkit-manudroid19-gui-t2807418, or you can flash an image manually by following directions from: http://forum.xda-developers.com/oneplus-one/general/guide-return-opo-to-100-stock-t2826541. Download the proper image zip and after extracting it, run the following commands in fastboot mode:
Code:
fastboot flash boot boot.img
fastboot flash userdata userdata.img
fastboot flash system system.img
fastboot flash recovery recovery.img
fastboot flash cache cache.img
fastboot flash modem NON-HLOS.bin
fastboot flash sbl1 sbl1.mbn
fastboot flash dbi sdi.mbn
fastboot flash aboot emmc_appsboot.mbn
fastboot flash rpm rpm.mbn
fastboot flash tz tz.mbn
fastboot flash LOGO logo.bin
Make sure you have the proper image. I accidentally installed the 16GB version on my 64GB OPO first time and obviously didn't get 64GB of space.
That's about it. I think if people are still having problems then it's likely due to drivers, or Windows 7/8 issue.
Good luck! Share your experience here and let me know if I can improve this thread.
Please click the Thanks button if you found the above guide useful.
Added to OnePlus One index thread:
[INDEX] OnePlus One Resources Compilation Roll-Up
Transmitted via Bacon
did this and it finally worked but still i have unknown baseband and no imei.........flashed coloros using the msm tool and rom goes into a bootloop......tried all the ways with no luck....even flashed the persist.img......still no luck.......my last hope is claiming warranty and act like a noob in service center.......will they get to know taht i unlocked the bootloader?
mysterio619 said:
did this and it finally worked but still i have unknown baseband and no imei.........flashed coloros using the msm tool and rom goes into a bootloop......tried all the ways with no luck....even flashed the persist.img......still no luck.......my last hope is claiming warranty and act like a noob in service center.......will they get to know taht i unlocked the bootloader?
Click to expand...
Click to collapse
You should be able to boot to fastboot now. From there flash the cm11s image. I believe that "fastboot flash sbl1 sbl1.mbn" will fix the imei issue.
Also, unlocking bootloader does not void your warranty. Not with OPO.
netbuzz said:
You should be able to boot to fastboot now. From there flash the cm11s image. I believe that "fastboot flash sbl1 sbl1.mbn" will fix the imei issue.
Also, unlocking bootloader does not void your warranty. Not with OPO.
Click to expand...
Click to collapse
Tried it......still no imei
mysterio619 said:
Tried it......still no imei
Click to expand...
Click to collapse
Just to give one last try, flash color os modded zip from relic, i used 2.0.43 purezip and it gave me back my imei. Had the same issue as you last week. Be sure to flash TWRP 2.8.4.1 first and then flash color os.
Legit method.
Worked for me 2 weeks ago!
unbrick oneplus one, oppo 7
Hi there my friend, i had many works about unbricking solutions, a few of you know that, i have much easier and faster ways now, tested many times before i decided to share with you, it will be a long topic ( and my brain is messed up to sum them up clearly), as soon i can think clearly again, i start to write them, till then,
greetings from Istanbul to all geeks around thw world.
Ps: including restoring imei's if they got lost during this process.
Ps2: just a quick info abou imei, if your imei is "invalid" , this means your modem.bin (NON-HLOS.bin, baseband) is not inadaptable with your rom, just try flashing the right modem ( from fastboot), your imei will be back.
Ps3 : This will lead us to unbrick many Snapdragon's out there , not only oneplus one's or oppo's.
I had to use this tutorial some days ago.
There is also a modified .zip where the tool from OPO flashed CM11s instead of ColorOS.
http://forum.xda-developers.com/oneplus-one/general/tool-oneplusrecovery-tool-v1-0-restore-t2991851
I had many driver problems and i had to use this driver from qualcomm so my win7 could recognize the phone.
Tutorial to install the driver:
1. Open your device manager (Start - right click on computer - properties - devices manager)
2. Press on power + vol up for like 10 sec until you see a device showing up (called QHSUSB_BULK)
3. Right click on this devices and click on "Update Driver Software" -> "Browse my computer for driver software" -> locate the Qualcomm 2012\fre\Windows7 8 or vista folder depending on your setup. Update the driver.
michaeldepotter said:
I had to use this tutorial some days ago.
There is also a modified .zip where the tool from OPO flashed CM11s instead of ColorOS.
http://forum.xda-developers.com/oneplus-one/general/tool-oneplusrecovery-tool-v1-0-restore-t2991851
I had many driver problems and i had to use this driver from qualcomm so my win7 could recognize the phone.
Tutorial to install the driver:
1. Open your device manager (Start - right click on computer - properties - devices manager)
2. Press on power + vol up for like 10 sec until you see a device showing up (called QHSUSB_BULK)
3. Right click on this devices and click on "Update Driver Software" -> "Browse my computer for driver software" -> locate the Qualcomm 2012\fre\Windows7 8 or vista folder depending on your setup. Update the driver.
Click to expand...
Click to collapse
Hi, Dropbox link for drivers seems to be wrong.. could you please update correct one.. I am in very much need of it! pls!!
nag4pl said:
Hi, Dropbox link for drivers seems to be wrong.. could you please update correct one.. I am in very much need of it! pls!!
Click to expand...
Click to collapse
Sorry. Here is the link:
https://www.dropbox.com/s/vgujdut93m341qm/Qualcomm 2012.rar?dl=0
Sent from my A0001 using XDA Free mobile app
michaeldepotter said:
Sorry. Here is the link:
https://www.dropbox.com/s/vgujdut93m341qm/Qualcomm 2012.rar?dl=0
Sent from my A0001 using XDA Free mobile app
Click to expand...
Click to collapse
Thank you.. Troubleshooting my phone now..
may i ?
http://www.androidbrick.com/?wpdmdl=2599
Back from Brick!!
First of all Thanks a lot to @netbuzz(for such a life saver guide on unbricking 1+1) and @michaeldepotter for providing link to download appropriate drivers.
Here is some good news by my findings and can be a quick help for those who do not have or can't get XP. You can use Windows 7 itself for the process mentioned by @netbuzz
All you need to do is:
1. Download drivers from link provided by @michaeldepotter : https://www.dropbox.com/s/vgujdut93m341qm/Qualcomm 2012.rar?dl=0
2. Extract to some folder under C: or whichever drive you prefer.
3. Connect your bricked phone after pressing Volume Up and Power key (make sure phone vibrates once)
4. Now that QHUSB_BULK should be detected and Windows will eventually try to download drivers from update, which you can skip and close the window.
Now something very essential you need to do here is to execute some commands so that you will be able to install unsigned drivers for QHUSB_BULK.
4a. Click On Start Menu > Type cmd.exe > Right Click and Run as Administrator (make sure you are running cmd as admin)
4b. Now type below command
bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
>hit Enter
bcdedit.exe -set TESTSIGNING ON
> hit Enter again
4c. Both the commands should run successfully, then restart your computer.
These steps are to disable driver sign verification. You must proceed to next steps only after above steps executed successfully.
After machine booted back to desktop
5. Now Open Device Manager by Start > Run > type "devmgmt.msc" and hit enter
6. You should be seeing ugly yellow warning under other devices for QHUSB_BULK.
7. Right click on the same > Update Driver Software > Browse my Computer for driver software
8. Now under driver software location, provide the path where you have extracted drivers which you downloaded from step 1. For me it was:
"C:\Users\Arjun\Downloads\Qualcomm 2012\fre\Windows7" - Remember to provide path only till windows 7 and make sure 'Include Subfolders' is checked.
9. Click next, and it should install driver for QHUSB_BULK. Click on Install Driver if you get any warnings.
Now your driver set-up for QHUSB_BULK in Windows 7 is complete and now you may proceed with the steps to run Msm8974DownloadTool as provided by netbuzz.
I have attached the screenshots for the same just for confirmation.
SuccessfullDriver - showing successful installation of driver
FlashInProgress - showing tool flashing the system image
FlashSuccess - showing green row indicating successful flash.
Once again, thanks a lot for all the guide and help. Hope this quick guide helps some one in need!!
nag4pl said:
First of all Thanks a lot to @netbuzz(for such a life saver guide on unbricking 1+1) and @michaeldepotter for providing link to download appropriate drivers.
Here is some good news by my findings and can be a quick help for those who do not have or can't get XP. You can use Windows 7 itself for the process mentioned by @netbuzz
All you need to do is:
1. Download drivers from link provided by @michaeldepotter : https://www.dropbox.com/s/vgujdut93m341qm/Qualcomm 2012.rar?dl=0
2. Extract to some folder under C: or whichever drive you prefer.
3. Connect your bricked phone after pressing Volume Up and Power key (make sure phone vibrates once)
4. Now that QHUSB_BULK should be detected and Windows will eventually try to download drivers from update, which you can skip and close the window.
Now something very essential you need to do here is to execute some commands so that you will be able to install unsigned drivers for QHUSB_BULK.
4a. Click On Start Menu > Type cmd.exe > Right Click and Run as Administrator (make sure you are running cmd as admin)
4b. Now type below command
bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
>hit Enter
bcdedit.exe -set TESTSIGNING ON
> hit Enter again
4c. Both the commands should run successfully, then restart your computer.
These steps are to disable driver sign verification. You must proceed to next steps only after above steps executed successfully.
After machine booted back to desktop
5. Now Open Device Manager by Start > Run > type "devmgmt.msc" and hit enter
6. You should be seeing ugly yellow warning under other devices for QHUSB_BULK.
7. Right click on the same > Update Driver Software > Browse my Computer for driver software
8. Now under driver software location, provide the path where you have extracted drivers which you downloaded from step 1. For me it was:
"C:\Users\Arjun\Downloads\Qualcomm 2012\fre\Windows7" - Remember to provide path only till windows 7 and make sure 'Include Subfolders' is checked.
9. Click next, and it should install driver for QHUSB_BULK. Click on Install Driver if you get any warnings.
Now your driver set-up for QHUSB_BULK in Windows 7 is complete and now you may proceed with the steps to run Msm8974DownloadTool as provided by netbuzz.
I have attached the screenshots for the same just for confirmation.
SuccessfullDriver - showing successful installation of driver
FlashInProgress - showing tool flashing the system image
FlashSuccess - showing green row indicating successful flash.
Once again, thanks a lot for all the guide and help. Hope this quick guide helps some one in need!!
Click to expand...
Click to collapse
Thanks for this Win7/8 workaround. I'll be adding your info to the OP.
Finally Unbricked mine...Drivers resolved on Win 7
netbuzz said:
Second note about drivers is that I had the worst time trying to get things to work on my Windows 7 computers. Both Windows 7 and 8 block unsigned driver installations by default. I've tried overwriting these settings in Windows and spent half a day messing with it, and I never got things to work properly. At first all looked good to go, but then latter steps were failing. You might have a better luck getting drivers to work on Windows 7 or 8 (I've heard some people did it), but if you have access to a Windows XP or 2003 machine, try it first, it should save you some major headache.
Once you have the drivers straightened out, connect your bricked phone to the computer and start it up by holding VolUp + Power to about 10 seconds, and let the computer do its thing. Don't install drivers if they are not installed by itself. Instead launch Msm8974DownloadTool.exe from the extracted Color.zip archive. It will scan all the COM ports and find the phone. That's the one line that looks different in the list. The list is just a list of your com ports and devices. If you unplug the phone and move it to another port, it will show your bricked phone on a different line.
Click to expand...
Click to collapse
I have used the override tool for certificates: DSEO - Driver signature enforcement overrider
to allow the unsigned drivers to be used and it worked like charm on windows 7 64 bit.
Also, I used the additional Qualcomm 2012 drivers and not sure which one might got picked in that mess :cyclops::cyclops:
Thanks!!
:good::good::angel::angel:
nevermind!
Well I managed to hardbrick my phone. I am download the ColorOS file from Mega at the moment. It's downloading at 30KB/s and will take around 6.5 hours. Is there any other source to download it from ? Thanks !
Also, about the driver ...
While I wait on the colorOS to download I want to clarify one more thing about the driver.
According to the screenshot of @nag4pl the driver should show as Qualcomm USB diagnostic 9006, while for me it shows as Qualcomm HS-USB QDloader 9008. Is this going to be an issue ?
This is what I did. I uninstalled the default driver that came with windows 7. After that it failed to install the driver provided in this forum because it kept saying that device descriptor failed. I rebooted the phone several times and changed the USB ports and eventually windows detected it but AGAIN with the windows driver even though I had checked the option to delete the original driver while uninstalling it. Through the update driver option I managed to force it to install the unsigned driver.
Now I can see both the drivers under the update drivers option. Interestingly the default driver is a version ahead of the unsigned driver provided in this forum.
My only concern is that I see a different driver name compared to the one posted by @nag4pl
Thanks! Very useful for me!
That shouldn't be a problem. Not sure if that is specific to region, mine is India version phone.. Can some one clarify on this?
WHAT IS HARD-BRICK?
The Hard-Brick, translated means device NULL, without function neither one! This happens a lot for forced updating: AS ANDROID 4.4.4 FOR 5xx ....
Most of the time, the cell phone stays in BOOTLOOP (infinite loop), another case as hard brick gets on the black screen with LED access.
Then you ask me?
Wagner, I Brickei my device, how to recover?
YES! There is always a way to recover. More remembering that each device has a way of doing, some are easier and others more complicated. We just need to find the right files.
So let's go!
MOTOROLA DRIVER
Drivers required for device recognition on PC.
If you have already installed, you do not have to install again.
Download
HAND-BRICK.exe
It will install the drives, recover the cell phone and recover the fastboot.
Download
STEP BY STEP
1- Turn off the phone and enter the fastboot mode:
Yes, I know the phone is off!
Plus the device is in operation and we need the phone to be turned off and enter the Fastboot mode.
HOW DO I DO THAT? I discovered two ways!
- Fast and easy mode:
OPEN THE PHONE AND DISCONNES THE BATTERY, IT WILL PLACE THE FATBOOT MODE.
IF YOU MAKE ERRORS IN COMMANDS, YOU CAN GET THE FASTEST ANSWER.
- Time-consuming and need patience:
PLUG THE PHONE TO CHARGE "INTO THE SOCKET", THE LED GOES ON, WAITES THE LED OFF.
If the LED does not turn on?
SAFETY THE POWER BUTTON ON + THE DOWN VOLUME, FOR 2 SECONDS OR ACCOUNT UP TO 30!
THEN PLACE INTO THE OUTLET, AND OBSERVE THAT THE LED WILL TURN ON! And wait until the LED turns OFF.
Why did I say I had to be patient?
Well, you're going to do this straight, each made the commands go wrong.
And it will only work again if the phone restarts. Many times the LEDs do not light up among other things like not recognizing on the PC.
HOW DO I KNOW THAT IT WORKS?
When using the unbrick, it will show you a path:
EXP:
C: / USERS / NAME / DESKTOP / MOTO MAXX / PORTUGUESE [BR] / 2 - REVIVER FB / UNBRICK - 5.1> .QBOOT BLANK - FLASH
AND THEN HE SHOWS THE RECOGNIZED FILES.
When of FAILED?
(BLANK-FLASH: **********):
THE FILES WILL BE DEMANDED TO BE RECOGNIZED, THEN IN THIS CASE THE COMMANDS WILL NOT WORK! AND AI FOLLOW THE STEPS AGAIN THE LED!
OK! now that the phone is off and ready to use the unbrick.
Remember, every time you use the unbrick and appear errors, you will have to repeat the STEP to turn on the LED!
2 - Connect the device to the PC, and check that the device is being recognized as QUSB-BULK.
Search the device manager for your PC.
And look in the part (Ports (COM and LPT)) and see if you recognize the device!
3- Install the MOTOROLA + Qualcomm USB drives.
In the Device Manager will shows that the device is being recognized as QUALCOMM.
4- Choose the Unbrick option and execute the files "GO" and wait ends up to 100%
NOTE THAT: THE PHONE WILL BECOME LIFE, AND SHOW THE BOOTLOADER WITHOUT ANDROID!
If it looks like FAIL - You have to repeat STEP 1 to turn on the LED, done that, Test other files
Contains GPT.BIN files from Android 4.4.4 to the latest version 6.0.1!
CASE NOTHING WORKS USE THIS FILE "download"
1 - REMOVE THE ARCHIVE
2- EXECUTE THE FILE WITH THE NAME "GO.bat"
3- NOTHING EVEN? ENTER WITHIN THE "DATE" FOLDER AND EXECUTE THE "01 GO.bat"
4 - NOTHING EVEN? EXECUTE THE FILE "02 GO.cmd"
ONE OF THOSE FILES MUST WORK, BECAUSE THERE IS ONLY THIS FILE!
Now go to the Fastboot option and execute the files "GO"
Contains GPT.BIN files from Android 4.4.4 to the latest version 6.0.1!
THE NEW VERSION IS MARKED WITH RED!
6. Ready! the cell phone will restart with Android 5.0.2, but this one with ERROR does not connect in the WIFI!
To correct this error, turn off the phone
Enter Fastboot mode
Choose a ROM STOCK "here" and install.
If you want a customized ROM First:
Download the new version of TWRP "here"
Choose a CUSTOM ROM "here"
And the GApps according to Android Chosen "here"
READY! YOU CAN BE HAPPY AND INSTALL ANY ROM THAT YOU WANT.
REMEMBER THAT THE ROM Stock 4.4.4 CAN NOT BE UPDATED OVER.
Hope this helps!
do not forget to leave your LIKE and SHARE, leave your comment than you found.
Hi Wagner! The "HAND-BRICK.exe" download link isn't working. Could you provide a new download link, please? Thanks in advance!!!
Welcome to edl(emergency download) flashing guide.
Pre-requisites:
Latest MiFlash tool(Google)
Latest MIUI stable fastboot ROM(Google)
Proper drivers installed(Google)
Fastboot mode accessible
A working PC
This tool
Atleast some understanding about advanced Android stuff
A simple brain
Some memes to look at while flashing(not google)
And ofcourse a Redmi note 4 SD variant
Assuming you have all the requirements satisfied above, let's move on to the actual guide:
Follow the Steps:
First goto edl mode by following the steps here
Connect your phone to PC and open MiFlash tool
Click on refresh to show the connected device in the tool
Your device will be shown as COMXX with 'XX' being some number
Click on "select" button on top left and browse to the extracted fastboot rom folder
When ready, click "flash"
Now don't touch the phone or cable, and don't disconnect it
Now comes the most important step, find some memes to look at, because this is gonna take some time, like 10-15 mins.
When the flashing is done, your phone may reboot itself, if it doesn't, disconnect the phone and hold the power button until it vibrates, then you are good to go.
Now, wait again and go look at memes, because first boot takes time
Boot complete? Enjoy your fully recovered phone
Credits:
@Annabathina for his tool.
Good day people, see you around, now i have some memes to look at, bye
If any further help is needed, you can tag me in your comment
DisclaimerWhile I will assist with any issues resulting from this guide, I disclaim all responsibility and cannot be held accountable for any consequences caused by the use or misuse of this tool or process. This method also will wipe your phone, so please back up your data. I also will disclaim any understanding as to why exactly this works, since this method was developed by someone else, I am just listing the instructions on how to use it. With that being said, understand your personal limits and read this entire guide before starting.
PrefaceI have seen dozens of posts asking for a Bootloader unlocking method for the OnePlus 8 5G UW (IN2019) and thanks to the attributed users at the end of this post, a method has been found. I will document the most straightforward way to unlock the bootloader here so you can install custom OSes, TWRP, and Magisk.
Part I: Prerequisites and initial setupTo follow this guide you will need
A Windows PC (running 7+)
Latest MsmDownloadTool and stock firmware for the OnePlus IN2019 - Link
OnePlus 8 IN2019 with latest stock software update and USB cable
Latest version of platform-tools - Link
The bootloader unlock.ops file - Link
Plug your phone into your PC using a USB 2.0 port (this is important, USB 3.0 has given me a lot of issues and just doesn’t seem to work all the time) and ensure USB debugging is enabled.
Extract the downloaded platform-tools zip and open the platform-tools folder in a command prompt, and Run adb devices and makes sure your device appears in the list.
Next, extract the OnePlus_8_Verizon_OxygenOS_11.0.zip and open up the MsmDownloadTool V4.0.exe inside the instantnoodlev_15_O.01_210110 folder.
When the application opens, select “Others” under the User type dropdown and hit next. Leave this window and the platform-tools command prompt open.
Spoiler: Command Prompt
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Spoiler: MsmDownloadTool setup
Part II: Entering Qualcomm EDL mode and installing correct QDLoader DriverIn this section we will install the correct drivers to utilize Qualcomm's Emergency Download (EDL) mode. When you are in EDL mode, your phone screen will be completely black and it will only exit if you complete a flash or unplug it from your PC and hold volume up, volume down and power. To enter EDL mode from a powered off state, hold volume up and volume down and connect your phone to your PC.1. Return to the platform-tools command prompt, and type adb reboot edl and wait. Your phone should disconnect from the computer and then reconnect.
2. Open Device manager, and check for the device “Qualcomm HS-USB QDLoader 9008” or “QUSB_BULK_CID:xxxx_SN:xxxxxxxx” - if you see “Qualcomm HS-USB QDLoader 9008” under Ports (COM and LPT), skip to part III. If you see “QUSB_BULK_CID:xxxx_SN:xxxxxxxx” under Other Devices with a yellow triangle, then proceed to step 3.
Spoiler: QUSB_BULK_CID:xxxx_SN:xxxxxxxx (Proceed to Step 3)
Spoiler: Qualcomm HS-USB QDLoader 9008 (Skip to Part III)
3.
Spoiler: Windows 11
Open Settings, Go to Windows Update and Check for updates. After, Click Advanced options, Optional Updates and drop down “Driver Updates” Locate “Qualcomm Incorporated - Ports - 3/25/2016 12:00:00 AM - 2.1.2.2” in the list, and install it.
Spoiler: Windows 10
On Windows 10 - Open Settings, Go to Update & Security, Check for updates, Click “View Optional Updates” and select “Qualcomm Incorporated - Ports - 3/25/2016 12:00:00 AM - 2.1.2.2” and install it.
This should install the correct driver, replacing “QUSB_BULK_CID:xxxx_SN:xxxxxxxx” with "Qualcomm HS-USB QDLoader 9008" in device manager.
Spoiler: Correctly Installed Driver
Part III: Flash Stock FirmwareIn this section, we will flash the stock IN2019 Android 11 firmware. If you have any trouble with this process refer to the original guide on how to do this here.1. Return to MsmDownloaderTool and hit the Enum button. In the list, it should list the COM Port associated with the device. The status of connection should read “Connected”
Spoiler: MsmDownloadTool Connected
2. Click the “Start” button. This will flash the stock firmware, wiping your data. Make sure you have backed your data up at this point. It will take a few minutes, usually ~300 seconds. Once it completes, it will reboot into factory default android.
3. Close MsmDownloadertool and once you are back to android, unplug your phone and power it off.
Part IV: Unlock the bootloaderIn this section, we will flash the unlockable firmware and unlock the device for good.1. Inside the directory with MsmDownloaderTool V4.0.exe, there should be a file called “instantnoodlev_15_O.01_210110.ops”. Remove it from the directory, either by deleting it or moving it to another folder. Then take the unlock.ops file downloaded earlier, and drag it into the directory. It should be in the same folder as MsmDownloaderTool.
Spoiler: Directory before unlock.ops
Spoiler: Directory after unlock.ops
2. Reopen MsmDownloaderTool V4.0.exe and like before, select “Others” in the drop down, and click next. Leave the window open.
3. Hold in the Volume up and down buttons, then plug your phone back in. Keep holding the buttons until your phone connects to your PC as "Qualcomm HS-USB QDLoader 9008", like before. Check device manager to ensure that it’s connected correctly as a COM port. If it boots to android, power it off and try again.
4. Return to MsmDownloaderTool and click Enum. Make sure the phone is still displayed in the list under the associated COM Port.
5. Click start. The flashing should take about 15 seconds, and when complete, your phone should restart. It will display a message at boot saying “<!> The device is corrupt..” Do not panic, this is normal.
6. Unplug your phone and hold Volume Up, Volume Down and Power until the device reboots and let go once it shows the OnePlus Logo and “Fastboot Mode”. You should arrive at a screen that has “Start” in big green letters at the top, and “Fastboot mode” below it, with the very last item saying “Device state - Locked” in red text.
7. Plug your phone back into your computer, and open device manager. Look for the “Kedacom USB Device” category with “Android Bootloader Interface” under it. If this device is present, skip to step 9. If this device is not, proceed to step 8.
8. Go back to Windows Update, Check for updates again, go into Optional Updates and install “Google, Inc. - Other hardware - Android Bootloader Interface”
Spoiler: Optional Driver
Check device manager to ensure “Android Bootloader Interface” is present under Kedacom USB Device.
Spoiler: Kedacom USB Device
9. Return to your command prompt window open in platform-tools, and run fastboot devices and ensure your device is in the list.
10. Finally, run the command fastboot flashing unlock and on your phone, it should prompt you to confirm unlocking the bootloader. Once complete, it should reboot into Android.
11. Shut the phone off again, and then Hold Volume Up, Volume Down, and Power and let go when the OnePlus logo and “Fastboot mode” shows up on screen. If the final item in the list says “Device State - Unlocked”, Congrats! You have successfully unlocked your bootloader. You can follow your custom OS’s installation guide from here.
Part V: Troubleshooting, Notes, and Attributions
Spoiler: If your MSM tool gets stuck on "Sahara communcation failed" when trying to flash.
Unplug your phone, and hold Power, Volume Up, and Volume Down. It should reboot into fastboot mode. Using the volume keys, navigate to the "Power off" option and hit the power button to confirm. Then holding Volume Up and Down, plug your phone back into your PC and try flashing again.
Any attempt to use MsmDownloadTool after the unlock will cause the device
to become locked again. You can unlock again by repeating the steps above.
Attempting the unlock process while running android 10 will result in a
crash at bootup. Update your phone to the latest update before starting.
USB 3.0 has thrown some obtuse errors when trying to use this process, so I highly recommend using a USB 2.0 port if possible.
If you want to flash back to stock firmware again (relock bootloader), you have to first flash this file (stock.ops) and then flash the bundled stock firmware. It will give a mismatch error if you do not.
You can only have one .ops file in the MsmDownloadTool directory at a time. You'll get an error if there are multiple files.
If for some reason, you run into an issue or skip a step by accident, leave a comment and I will try to help as much as possible. This is my first XDA guide and I just wanted to compile something that would have saved me hours of trial and error.
Attributions:@Whoareyou for providing the method and unlock.ops to me originally. He pretty much got the ball rolling for me.
@retryfail / https://retry.abort.fail for creating the unlock.ops and providing the original guide, this would absolutely not be possible without his work.
@Some_Random_Username for the MsmDownloadTool tutorial and resources.
https://onepluscommunityserver.com (hosted by Votton, maintained by @Some_Random_Username and AnonymousWP) for providing the stock firmware and MsmDownloadTool
The unlock.ops link doesn't work?!?
7eregrine said:
The unlock.ops link doesn't work?!?
Click to expand...
Click to collapse
It does. If you already have Android 11, just save and store your phone data, factory reset, boot into EDL, connect and start the tool. If it runs an error, DONT stop the download. Press the POWER + VOLUME UP + VOLUME DOWN buttons at the same time and hold it until it reconnects. It takes a few seconds. Once it reconnects you should see it fully load. I didn't see the need for stock firmware file unless I needed to reflash my stock after ****ing up (I bricked it once or twice), and tbh it's not even the one I used to reset my phone. I just unlocked my BL a few hours ago. It works, I promise
7eregrine said:
The unlock.ops link doesn't work?!?
Click to expand...
Click to collapse
Right click the link and open in new window, than refresh the blank page it opens. That will trigger the download.
GloomyHat14 said:
It does. If you already have Android 11, just save and store your phone data, factory reset, boot into EDL, connect and start the tool. If it runs an error, DONT stop the download. Press the POWER + VOLUME UP + VOLUME DOWN buttons at the same time and hold it until it reconnects. It takes a few seconds. Once it reconnects you should see it fully load. I didn't see the need for stock firmware file unless I needed to reflash my stock after ****ing up (I bricked it once or twice), and tbh it's not even the one I used to reset my phone. I just unlocked my BL a few hours ago. It works, I promise
Click to expand...
Click to collapse
Did you follow the guide while unlocking your bootloader and if so, do you have any feedback for the guide? This is my first guide so I just wanted to hear any potential criticism.
Mason220 said:
Did you follow the guide while unlocking your bootloader and if so, do you have any feedback for the guide? This is my first guide so I just wanted to hear any potential criticism.
Click to expand...
Click to collapse
It worked for me. It was straightforward, and it was really easy to figure out. I kept getting an error during the parameter update when I used the included firmware, so I just flashed the Unlock.ops file and carried on. I had a dumb moment bc I didnt actually read it fully at first, so I freaked out and thought that I'd bricked it lmao. But all in all, it was good man. Good instructions, and you gave examples that helped me out when I was confused. Good job! Well worth the wait
This replaces the VZW abl/xbl with ones from one of the unlockable variants? Impressive that it works this way...
AndyYan said:
This replaces the VZW abl/xbl with ones from one of the unlockable variants? Impressive that it works this way...
Click to expand...
Click to collapse
From my understanding, it messes with the param essentially tricking the phone into thinking it's not from Verizon.
Mason220 said:
From my understanding, it messes with the param essentially tricking the phone into thinking it's not from Verizon.
Click to expand...
Click to collapse
Fantastic! Actually I have a OnePlus 8 T-mobile. Did you modify the Msmdownloadtool to allow this process going? Can you help allow msmdownloadtool to flash global roms to the T-mobile/ Verizon variant so that we maybe can unlock the second sim function?
dlhxr said:
Fantastic! Actually I have a OnePlus 8 T-mobile. Did you modify the Msmdownloadtool to allow this process going? Can you help allow msmdownloadtool to flash global roms to the T-mobile/ Verizon variant so that we maybe can unlock the second sim function?
Click to expand...
Click to collapse
The MsmDownloadTool did not need to be modified at all, you just had to swap the included .ops file (Stock firmware) with the unlock.ops in the directory, and it'll flash it on. As for the second question, I'm not really sure how I could help. If really would like my help, I'd be happy to assist, just contact me on Discord (Mason.#6969) or Telegram (message me on xda and i'll give it to you).
Thanks guys. I'll be trying this soon.
7eregrine said:
Thanks guys. I'll be trying this soon.
Click to expand...
Click to collapse
Please share your findings when you are successful.
Does this process replace verizon rom with global stock rom?
Does this process replace verizon rom with global stock rom?
I am on OnePlus 8 5G UW (Verizon) using a different network operator.
Zombify01 said:
Does this process replace verizon rom with global stock rom?
I am on OnePlus 8 5G UW (Verizon) using a different network operator.
Click to expand...
Click to collapse
No. It just unlocks the bootloader so installing a different ROM is possible. What you install is up to you.
Mason220 said:
No. It just unlocks the bootloader so installing a different ROM is possible. What you install is up to you.
Click to expand...
Click to collapse
+1
is there any way to change from verizon rom to global rom..?
Can we use with another Sim when flashed custom Rom?? Anyone know??
nhonpiseth said:
Can we use with another Sim when flashed custom Rom?? Anyone know??
Click to expand...
Click to collapse
Yes. As long as your device is unlocked (60 days after initial purchase from Verizon) then it will work with any SIM.
Royk504 said:
is there any way to change from verizon rom to global rom..?
Click to expand...
Click to collapse
I did this while trying to get the camera working. I think you can flash the global rom using the stuff from this guide
EDIT: Instructions for updating the ROM are in the third message and they work for everyone, rooted or not.
This is specifically for the RFinder B1+ with 6 GB of system RAM and 128GB of built in ROM but with or without the First Responder designation or Band 14. It will likely work with all three RFinder B1+ radios as they use the same MediaTek chipset.
***THE B1 CLASSIC ROOT METHOD IS TOTALLY DIFFERENT***
***I AM NOT RESPONSIBLE IF YOU DAMAGE OR DESTROY YOUR DEVICE***
***I AM ALSO NOT RESPONSIBLE IF YOU VIOLATE FCC RULES OR WHATEVER THE EQUIVALENT AGENCY US IN YOUR COUNTRY***
In a nutshell, if something goes wrong, it's up to you to fix it. Though there are very few ways to brick the RFinder, keep in mind it's also a two way radio, so don't blame me if yours falls apart, you burn yourself on an exposed part of the antenna, the family cat runs off, you manage to summon security on their local DMR channel, or if it gets stuck in an infinite loop showing sample Pac Man footage.
For those unfamiliar, there are a few combo radio and Android units. The RFinder B1+ is one of them. I see no advantage to rooting on the radio side; most amateur radios offer you as much access as you need. AnyTone offers access to *everything*, they're completely unlocked. Motorola Solutions (not the Motorola seen most often here) keeps strict control of what you can access. Analog only devices vary but have a lot of access through the program Chirp.
Now that we've worked out you're here to root the Android part instead of the radio, let's dive on in.
Here's what I used:
A laptop running Windows 11
My Moto G7 (Mobility, not Solutions)
A typical USB-A to USB-C cable
ADB tools
MediaTek drivers
Magisk 23
The latest RFinder firmware, which can be found here:
Index of ./B1-Plus-APKs/
While there you may need to grab the latest APKs. Towards the end of this post I'll explain a bit about DMR and analog radio, this will help you understand what the B1 does and if it's worth the investment ($1,600 currently) to you.
Please be patient, it may take a couple of tries to download the firmware.
I don't see a need to change the recovery. If you have other ham radios with you, you will likely have a computer as well which can be used to reflash the ROM to the radio if need be.
First, back everything up. Files and whatnot can be backed up to SD cards, radio info is to be backed up to the cloud. Install the latest firmware (this will include the ROM) as per RFinder's instructions. It takes a little digging to find it. My B1 has the firmware I linked to, so I used that. With the latest firmware installed, shut the B1 down and either charge it or attach a fully charged battery.
Over on the G7 (you may use any phone that runs Magisk Manager 23) I extracted boot.img from the downloaded firmware. You also need to extract vbmeta and lk.bin (depending on your preferences). lk.bin can be added to clean up the boot screen. I used a blank vbmeta intended for a rooted Onn 10.1 tablet, but it's better to use the one that comes with the firmware.
Next I patched the boot.img with the Magisk Manager 23 on my rooted G7 and took note of the file name. I have several patched boot images for different devices, no need to risk flashing the wrong image and possibly turning my radiophone into a light bulb.
Then I hooked up the laptop to the phone. ADB tools are in the most basic directory I could make: c:\adb. I put the patched boot.img in there. You'll need to copy vbmeta and lk.bin as well. I disconnected the laptop from the G7 and hooked it up to the B1, then started the B1 normally. Windows 11 recognized it immediately and installed the drivers. I enabled developer options (settings->system->about phone, then tap build number several times) and enabled OEM unlocking through Developer Options.
Next I unhooked the B1 and rebooted it to the super simple MediaTek bootloader by holding power and volume UP together for a few seconds. I followed the on screen prompts to get into fastboot mode.
With the laptop and the B1 connected, I went to C:\adb on the laptop, right clicked, and opened a terminal. This may be listed as open PowerShell or command prompt depending on your version of Windows.
For the next part, we're telling certain programs to do certain things to certain partitions within the radiophone with certain files. Imagine giving someone a command: "Fastboot, please flash the boot partition with the boot.img. file." That's the flow of each command.
The first command was to verify the laptop and PC could communicate, so I typed (without quotes)
"fastboot devices"
The RFinder put a number up on the laptop screen. All good so far.
Next
"fastboot flashing unlock"
This unlocks the bootloader and frees up every bit of storage on the radio's installed ROM storage.
Next, without quotes or parentheses, I typed "fastboot flash boot (whatever Magisk named the patched boot image).img
Last was "fastboot flash vbmeta vbmeta.img"
At this point if you want to patch the lk.img file and have that nice, clean battery warning specific to the B1, patch it in a hex editor, put it into the ADB folder, and type:
"fastboot flash lk (whatever you named the patched lk.img).img
If for some reason you want to re lock the boot loader,
"fastboot flashing lock" should do it. I left mine unlocked.
Once that's done, reboot the B1. You can power cycle it or type
"fastboot reboot"
That will either get it booted to Android 9 or into a boot loop. If it boot loops, re check your work and try again. Worst case scenario you can flash the respective files from the firmware you downloaded, start with vbmeta, though!
The last step is to install Magisk Manager 23. It should recognize the Android part is rooted.
You can use a later Magisk or even a different root solution. I used 23 because it's the latest one I'm familiar with.
Now... just what exactly does this oversized, bulky piece of hardware do?
Most any radio, your cell phone included, has to connect to a central point and identify itself to be allowed to use that connection. For a cell phone, we call that a "tower", for ham radios, it's called a "repeater". Shocking idea...they both do the exact same thing: take in information and then repeat it either over the air or via physical connection (backhaul for cell, network for radio) so that other devices can receive it. Some radios can talk directly to one another without all of this.
When your radio connects to a repeater, it also sends certain information to activate that repeater. Both analog and digital modes require this, but the digital identification carries more information.
Enter DMR radio. An analog repeater has one or maybe two "channels". A DMR repeater accesses a network called Brandmeister or sometimes DMR_MARC which contains thousands of channels known as "talkgroups".
In either case, someone has to program those ID signals and the desired channels into the radio. No two repeaters are exactly the same, but someone with a lot of patience can set the radio up to automatically access each repeater on a long trip much the way a cell phone roams from tower to tower.
Most programmable two way radios have to have all this info entered at least once by hand. The B1 does it automatically.
Aside from that, there are obvious advantages to an amateur radio operator with a single device that can serve as their cell phone, their handheld radio, and possibly even their wallet. There's also an advantage to being able to simply switch out a dead battery for a charged one, the B1 is offline for perhaps a minute while this is done rather than being captive to a power bank and cable for an hour or two.
OK, post #2. I like to put my ham and GMRS call signs on my radios' boot screens, and I hate that orange mode warning, so a good place to put change that is in the lk.bin file.
Dumb skull moment #1: fastboot flash lk onn_10_lk.bin (should have flashed the B1+'s lk.img, not some bin file from a cheap tablet...oops!)
Dumb skull moment #2: fastboot reboot.
Step 3: Enjoy my new $1,800 brick. Smartphones ain't cheap!
I went through the same steps I normally would to unbrick a Walmart tablet because the chipsets are almost identical. Bob designed a next gen B1+ and added some lifesaving features to a few of them for first responders, then ran a batch or two with the better hardware but no access to US cell band 14 for the rest of us. In the end, we got a good ham radio with a solid cell phone as the front end and batteries that absolutely devastate what would normally be in the phone.
Here's the catch: the RFinder B1+ flash memory is formatted a little different than a standard MTK 6765. The scatter file used in the ROMs doesn't play nice with SP flash tool because of this. This is actually fairly common among different radio models, but before now I've had to do some soldering to repartition a handful of AnyTone units. What I did was grab a generic MTK 6765 scatter file and compare it to the B1+. I changed line numbers and memory addresses on the generic file to match the RFinder official ROM, but left the generic file structure intact. I double checked my work and it matched up. Next I loaded it into SP Flash Tool and hit download without the B1+ hooked up. It stalled where I expected it to. A quick driver update, some frustration with Windows 11 (I said the magic words a few times), then back to Windows 10 because that laptop is working still... another driver update and presto! The radio swallowed a stock lk.img faster than I wolf down steak and taters.
Another warning: on the B1+, if you need to use SP Flash Tool, only use the "download" function and untick ALL the boxes except just what you need! If you're hacking up the scatter file, one mistake can soft brick the radiophone, but if that mistake isn't on a partition you're flashing it won't matter.
Anyway, back to hackin' devices and yakkin' on the radio!
-73
ROM updating:
If you open the RFinder HAM app and go to "Advanced Settings" it may prompt you for an update. If it's updating the app itself, follow the on screen instructions.
If it's updating the ROM, follow the instructions to download the file, then STOP. Back everything up including the radio memories, then unmount any SD cards you have, power down, and remove them from the radio.
Re attach the battery to the radio and charge it fully. Once it's charged, unplug the USB and remove the radio from the cradle.
ROOTED USERS ONLY (all others skip to "ALL USERS"):
Get the radio into fastboot mode and connect a USB cable. Locate the downloaded zip file that matches the ROM you have, unzip it into a folder on your PC that's easy to find, and then use fastboot to flash *stock* files from that zip file into the radio to replace any files you've patched or modded. Specifically you'll need the boot.img and the vbmeta.img and they MUST match the ROM currently in the radio. Open a command prompt, then change to the directory where your fastboot is installed. I recommend you put the official vbmeta and boot files in this directory.
"fastboot devices" and wait for your B1+ to show up.
"fastboot flash boot boot.img" where boot.img is the official boot image that matches the one in the radio. Double check your typing, then hit enter.
"fastboot flash vbmeta vbmeta" Again, you need to be sure it's the matching official vbmeta.img. Double check typing, then hit enter.
Double check everything.
"fastboot reboot" Your B1+ will boot back into Android.
Go to Settings -> Reset Options -> Erase All Data, then read the text and hit "Reset Phone".
Alternately you can reset from the B1+'s Recovery Menu (power +vol down IIRC, if not try power +vol up).
Sideload the Magisk app. Again, I used 23, which is older but it's the one I understand best.
ALL USERS:
Plug in a live USB cable (preferably to a USB power outlet, not a computer).
Go to settings -> System -> About Phone -> System Upgrade. Click that and choose update from local storage, then choose the update file the radio downloaded or that you received from the customer support team. Follow the instructions. The radio will shut down. You may have to power it up manually. It'll go into a mode that looks like recovery, then it'll say it's updating. If something isn't right the update will abort and generate an error message. If everything is OK the update takes around five minutes. The first reboot hangs on the tower splash screen for a while, so please be patient!
Non rooted users are done. Hooray!
ROOTED USERS:
Once the update is finished, go to your fastboot folder on the PC and replace vbmeta with the empty one you used with the old *rooted* boot.img.
Unpack the new update file, copy it to the radio's internal storage, and use Magisk to patch it. Copy the patched file back to your PC, preferably into the folder with fastboot.
Get the radio into fastboot mode and connect it to your PC with a USB cable.
Use fastboot the same way you did above except this time, flash the patched boot.img and the empty vbmeta.img.
Double check everything you just flashed, then type "fastboot reboot" and hit Enter.
Once the radio loads up, download a root verification app and run it. You should get a superuser request. Hit grant, read the root checker output, and voila!
Next find the RFinder HAM apk and install it. Ideally you should have a backup of it, if not, get it from RFinder.wiki.
Make any other mods you need to make, then reinstall any SIM and SD cards, update the RFinder HAM and IMEI apps if necessary, restore your memories into the RFinder HAM app. Reload your other apps, restore any backups they have, re grant root access as needed, and you're done.
B1 Classic rooting.
If you got hold of one of these, you're in for a rough ride. If it's got the latest update, version 25, you have your work cut out for you. The best way to get hold of the ROM is from Bob Greenberg with RFinder support. RFinder has an official and an unofficial Facebook group and a Zoom channel. Bob is proactive in contacting people who post with issues in either of those groups. He has a number of beta roms available as well as beta RFinder software. Serious, go sign up and ask.
If you're NOT on 25 or you'd care to chat via Zoom, things are a lot easier.
I started with a B1 classic from a silent key That operator was part of a Jeep club out of Oregon and for whatever reason they sold off his B1 Classic as part of the estate.. That's a term of respect for a ham operator who has passed on. Obviously if the person had a startup PIN on the device, it soft bricks when hey pass on unless someone knows it. You also have the FRP lock to deal with, however, this operator had either logged out of Google before he passed or never logged in.
Here's what I did:
To remove the startup lock, shut the unit off and remove the battery. Cherge the battery it its cradle (the B1 Classic will not charge via USB). Reinstall the battery, press and hold "Power" and Volume down, release them after a few seconds. This gets you to recovery. Factory reset the radiophone from here.
Once the B1 restarts, head over to RFinder.wiki and get the latest RFinder ham apk. Install it, go into settings, and Advanced Support. If you're not on version 25, you'll get a notice to update an an option to download a ROM. Do both, and save the ROM file whe n you're finished.
Unzip the ROM file and locate the boot.img and the scatter.txt. You know what to do with the boot imagw: get it onto a device that has the Magisk apk, rooted or not, and patch it. Put it back into the folder with the unzipped ROM file.
Shut down the B1 Classic and remove the battery. Unplug the USB cable from your PC.
Next grab a scatter file for a stock MTK 6763. Go through it and the scatter file from RFinder, match up the start points of all the partitions and as man of the sizes as you can. You'll need to delete one of the partitions in the stock file and do all of your edits on the *stock* MTK file, not the RFinder one. Chenge the "is download" value on ALL partitions except the Preloader and the Boot to FALSE. Save that in the unzipped ROM folder.
Now grab SP Flash tools. The B1's bootloader can be unlocked, but it's difficult and I happen to like my data. Open SP Flash tools (unzip, find flashtool.exe and double click it). Hit "browse" and go to the unzipped ROM folder, then click on your scatter file. If everything went well, you should have only two lines showing on the download screen: Preloader and Boot.
UNDER NO CIRCUMSTANCES ARE YOU TO MODIFY THE PRELOADER! Uncheck that option. You have to have the line populated or SP Flash Tools will throw an error, but you MUST UNCHECK IT. If the two lines don't populate, find the respective images in the unzipped rom. Click the empty line, then find the image and click that. Ensure the Boot line is checked, preloader unchecked, double check your work, then hit "download".
Grab the B1, plug the loose USB cable into it. Press and hold Volume Up and Volume Down while you plug the other end of the USB cable into your computer where SP Flash Tools is waiting. You do not need a battery. SP flash Tools will connect to the B1, the progress bar will turn RED, then it will verify your work and attempt to download your changes to the B1. If that's successful, the bar will turn yellow. When it's finished, it'll notify you of the results.
DO NOT FORMAT ANYTHING IF IT ASKS YOU TO. That's an error which needs addressed, so fix it and try again.
Unplug the cable, attach the battery, and boot the B1. You will not need to reinstall anything save for an SU manager (Magisk is fine) and a root checker.
Keep in mind that we didn't touch the bootloader, it is still LOCKED. I was all over it trying to unlock it to no avail, and I didn't care to dig out my old Toughbook for Ubuntu. Not everyone has an old Toughbook with Ubuntu on it anyway, you may be on Windoze.
I strongly suspect this method will work for future updates to the other B1 models as well, and since we're not fooling around with the bootloader, no data will be lost. Runbo puts out quit a few ROM updates for their stuff (yes, Runbo) so those who own the newer devices will be re rooting a time or two.
E81 owners: if these methods work, please let us know! Or if you flashed a B1 to an E81 or vice vera, let us know how that went.