Hello
I dumped my user's file partition on my HTC S740 by pdocread like this
pdocread.exe -w -d FLASHDR -b 0x800 -p Part03 0 0x25e0000 Part03.raw
It creates a file named Part03.raw but when I mouted it as a Physical drive to recovery some file by mout image pro, it cant be read. The system said it must be formated.
What's wrong? help me please.
help me please
Related
First post - Hi all!
I've been searching and reading many post here regarding the chinese iClone, I have the CECT T32 and so far I'm pretty happy with it. I bought it with the intention of doing some customisation but have since learnt that no one has successfully flashed this device (Can't enter Bootloader). I've managed to dump solme stuff from it (Thanks Chuckbert) and I now have 4 files - PART00 /01 /02 /03 .. all .RAW ... have I got the correct files to start with?... I've also been looking for a 'ROM kitchen' but they all seem to be device specific... I've heard the T32 hardware is similar to the Wizard... not sure....
So many many question -
Can I start 'cooking' withe the files I've dumped?...
Can I extract the OS files/drivers and other stuff from these .RAW files?.. and with what tools?
Is there a way to flash my device? (MSFLASH) - M-Systems Flash Disk?
Can I do a full flash and load a new bootloader?...
I've made some progress by dumping those files but now I'm hitting brick walls!
Cheers
I used the following to dump -----------
C:\itsutils>pdocread -w -d msflash -p Part00 -b 0x800 0 0x11f000 Part00.raw
CopyTFFSToFile(0x0, 0x11f000, Part00.raw)
-l details ------------
C:\itsutils>pdocread -l
125.75M (0x7dc0000) MSFLASH
| 1.12M (0x11f000) Part00
| 1.75M (0x1c0000) Part01
| 47.13M (0x2f20000) Part02
| 75.75M (0x4bc0000) Part03
970.00M (0x3ca00000) DSK1:
| 969.88M (0x3c9e0e00) Part00
STRG handles:
handle#0 47a7de5e 969.88M (0x3c9e0e00)
handle#1 67a403da 75.75M (0x4bc0000)
handle#2 27a67aee 47.13M (0x2f20000)
handle#3 a7a67aca 1.75M (0x1c0000)
handle#4 a7a678fa 1.12M (0x11f000)
CECT/Daxian T32/X999 - ROM dev. and flashing
Just wondering how far you've got since you made this post? I'm attempting the same with my T32 and are finding the going slow. I haven't yet been able to create the 4 files yet successfully. I'm have trouble with the following command with the -b switch and obtaining the part correct size.
pdocread -w -d msflash -p Part00 -b 0x800 0 0x11f000 Part00.raw
I'm using the following command to extract the part sizing however it incorrectly tell me that all parts are 0x200 in size.
pdocread -w -d msflash -p Part00 -t
I've copied your command above to successfully dump part00.raw from my PDA but I cannot proceed any further with the other parts without the correct sizing. Could you tell me how you got the correct sizing?
Boot loader for Daxina T32
Found this Rom for Daxian T32, people on that forum said it works!
just copy content to flash disk and press
volume down + camera + power
best flash disk for this is 256 or 512 mb.
link
http://rapidshare.com/files/290170747/Dixian_x999_T32.zip.html
thank you Determo 13;
Do you mean a usb falsh disk with adatator for the daxian T32 ?
My daxian t32 stay on the windows logo since 1 year ;
Still waiting for a Rom to flash !
unfortunately your links http://rapidshare.com/files/29017074...9_T32.zip.html does not work ;
May you réupload ?
Thanks
bootloader
sand disk for your phone, just copy all content there and press
volume down + camera + power done.... new link to bootloader you can find
http://forum.xda-developers.com/showthread.php?t=390574&page=15
thanks Dertermo 13 , perfectly working now !! after one year block on windows logo;
phsh
Daxian T32 rom development
I can not download the link. Can you redownload it? or is there any other link to wonload it? Thank you
maybe I should have posted this here first ...
First post - Hi all!
I've been searching and reading many post here regarding the chinese iClone, I have the CECT T32 and so far I'm pretty happy with it. I bought it with the intention of doing some customisation but have since learnt that no one has successfully flashed this device (Can't enter Bootloader). I've managed to dump solme stuff from it (Thanks Chuckbert) and I now have 4 files - PART00 /01 /02 /03 .. all .RAW ... have I got the correct files to start with?... I've also been looking for a 'ROM kitchen' but they all seem to be device specific... I've heard the T32 hardware is similar to the Wizard... not sure....
So many many question -
Can I start 'cooking' withe the files I've dumped?...
Can I extract the OS files/drivers and other stuff from these .RAW files?.. and with what tools?
Is there a way to flash my device? (MSFLASH) - M-Systems Flash Disk?
Can I do a full flash and load a new bootloader?...
I've made some progress by dumping those files but now I'm hitting brick walls!
Cheers
I used the following to dump -----------
C:\itsutils>pdocread -w -d msflash -p Part00 -b 0x800 0 0x11f000 Part00.raw
CopyTFFSToFile(0x0, 0x11f000, Part00.raw)
-l details ------------
C:\itsutils>pdocread -l
125.75M (0x7dc0000) MSFLASH
| 1.12M (0x11f000) Part00
| 1.75M (0x1c0000) Part01
| 47.13M (0x2f20000) Part02
| 75.75M (0x4bc0000) Part03
970.00M (0x3ca00000) DSK1:
| 969.88M (0x3c9e0e00) Part00
STRG handles:
handle#0 47a7de5e 969.88M (0x3c9e0e00)
handle#1 67a403da 75.75M (0x4bc0000)
handle#2 27a67aee 47.13M (0x2f20000)
handle#3 a7a67aca 1.75M (0x1c0000)
handle#4 a7a678fa 1.12M (0x11f000)
can anyone help repair T32 Rom ? The screen hangs on the winodows mobile blue page. Pls help
i just flash it whit some files i download from here
The phone is gorking but now i have white screen the fon seens like it recive phonecalls and everytin but whit out screen there is nothing to touch
ok, so I'ved dumped some stuff from my CECT T32 (chinese clone) ... have I got this right?
Part00.raw - IPL
Part01.raw - SPL
Part02.raw - OS/XIP?
Part03.raw - Ext ROM?
C:\itsutils>pdocread -l
125.75M (0x7dc0000) MSFLASH --(All others I've seen are FLASHDR-???)--
| 1.12M (0x11f000) Part00
| 1.75M (0x1c0000) Part01
| 47.13M (0x2f20000) Part02
| 75.75M (0x4bc0000) Part03
I have also used viewimgfs which extracted a bunch of files from Part02.raw ... are these the SYS or OEM files?
... and what's the next step to creating a new ROM to flash?
... from what I understand IPL/SPL are hardware dependant, so can I just work with OS nd Ext ROM and just flash those?
Sorry if the answers are obvious, but I've spent weeks searching and reading forums here and still can't make much sense of it.
Any help will be GREATLY appreciated!
Hello,
I'm trying to make /system to ext4 image and boot up
I found that in system/extras/ext4_utils/mkuserimg.sh, the command is
make_ext4fs -s -l $SIZE -a $LABEL $OUTPUT_FILE $SRC_DIR
the out image with option "-s" cannot be mounted when bootup
but without the "-s" option, image can be mounted successful
I checked the image diff, the image with "-s" add crc header and spare format, so it definitly cannot be mounted directly , right ?
My question is : what the option "-s" used for ? Am I need this option in my experiment ?
Thanks
As far as i know -s = silent mode "no shell lines displayed during execution"
GchildT said:
As far as i know -s = silent mode "no shell lines displayed during execution"
Click to expand...
Click to collapse
Appriciate your reply
But, are you sure?... the option '-s' indeed pased as 'spare' in source code, and the out image cannot be mounted...
-s is sparse
you need to use the simg2img tool
This is what we do at work (TI)
From: omappedia.org/wiki/Using_EMMC_on_OMAP4_devices
./simg2img system.img system.img.raw
mkdir tmp
sudo mount -t ext4 -o loop system.img.raw tmp/
<<change stuff>>
sudo ./make_ext4fs -s -l 512M -a system system.img.new tmp/
sudo umount tmp
rm -rf tmp
Hope this helps
/chris
PS: The forum won't let me link the URL above
ufgeek said:
-s is sparse
you need to use the simg2img tool
This is what we do at work (TI)
From: omappedia.org/wiki/Using_EMMC_on_OMAP4_devices
./simg2img system.img system.img.raw
mkdir tmp
sudo mount -t ext4 -o loop system.img.raw tmp/
<<change stuff>>
sudo ./make_ext4fs -s -l 512M -a system system.img.new tmp/
sudo umount tmp
rm -rf tmp
Hope this helps
/chris
PS: The forum won't let me link the URL above
Click to expand...
Click to collapse
If you don't mind me asking,
What does simg2img do exactly? and what would be the potential risk if not using -s option?
steeldusk said:
If you don't mind me asking,
What does simg2img do exactly? and what would be the potential risk if not using -s option?
Click to expand...
Click to collapse
I figured it out. simg2img is just a bin file to strip sparsed image and make non-sparsed image, and not using -s just build system without any header. so as long as you can burn image to a right partition, you don't need -s option
make_ext4fs -s -l command
This is how i make my ext4 images. I did not got to test on real device my self yet.
Im building my images from cm source btw. This is the command i use to build recovery: make -j4 recoveryimage
After i build a image i run the make_ext4fs command.(userdata.img and system.img seem to be ext4 build by default for me)
make_ext4fs -s -l 1073741824 -a data out/target/product/m805_892x/userdata.img out/target/product/m805_892x/data
make_ext4fs -s -l 10485760 -a data out/target/product/m805_892x/boot.img out/target/product/m805_892x/data
make_ext4fs -s -l 10485760 -a data out/target/product/m805_892x/recovery.img out/target/product/m805_892x/data
make_ext4fs -s -l 314572800 -a data out/target/product/m805_892x/system.img out/target/product/m805_892x/data
gives:
Creating filesystem with parameters:
Size: 314572800
Block size: 4096
Blocks per group: 32768
Inodes per group: 6400
Inode size: 256
Journal blocks: 1200
Label:
Blocks: 76800
Block groups: 3
Reserved block group size: 23
Created filesystem with 911/19200 inodes and 31635/76800 blocks
Install system fs image: out/target/product/m805_892x/system.img
out/target/product/m805_892x/system.img+out/target/product/m805_892x/obj/PACKAGING/recovery_patch_intermediates/recovery_from_boot.p total size is 126213892
[email protected]:~/ICS$
I my BoardConfig i have this:
BOARD_BOOTIMAGE_PARTITION_SIZE := 10485760
BOARD_RECOVERYIMAGE_PARTITION_SIZE := 10485760
BOARD_SYSTEMIMAGE_PARTITION_SIZE := 314572800
BOARD_USERDATAIMAGE_PARTITION_SIZE := 1073741824
(Google for: build android from source if you dont get what im doing..)
The sizes need to be in bytes it seems.
DD dump you´re partitions and you see the amount of bytes.
Just edding some nice info to a old post
what of for a 128mb phone
ufgeek said:
-s is sparse
you need to use the simg2img tool
This is what we do at work (TI)
From: omappedia.org/wiki/Using_EMMC_on_OMAP4_devices
./simg2img system.img system.img.raw
mkdir tmp
sudo mount -t ext4 -o loop system.img.raw tmp/
<<change stuff>>
sudo ./make_ext4fs -s -l 512M -a system system.img.new tmp/
sudo umount tmp
rm -rf tmp
Hope this helps
/chris
PS: The forum won't let me link the URL above
Click to expand...
Click to collapse
my phone refuses to flash the image and i think its because of its size 145mb. how do i create a system.img for a 12mb internal memory phone
$ make_ext4fs
Expected filename after options
make_ext4fs [ -l <len> ] [ -j <journal size> ] [ -b <block_size> ]
[ -g <blocks per group> ] [ -i <inodes> ] [ -I <inode size> ]
[ -L <label> ] [ -f ] [ -a <android mountpoint> ]
[ -S file_contexts ]
[ -z | -s ] [ -t ] [ -w ] [ -c ] [ -J ]
<filename> [<directory>]
All is very simply
-s sparse (cut empty bytes)
-l len (size image)
Hello all,
I'd like to braindump how I managed to make android emulator v30 work with mitm, hope that helps someone.
Since it was not possible to neither write nor make writable the /system partition, I decided to roll my own system.img and that actually worked. I'm not going to upload a script because I might not remember 100%, but I'll going to descibe the steps in full, even though they exist elsewhere. The commands might not be exact, too, so if there's a typo you'll need to figure it out yourself.
Also, it will be a bit confusing because I shall refer to 2 files named system.img, one is the 2G file that comes with android, the other is 700M or something file that you will be creating in the process. I'll refer them as #1 and #2.
1. What is needed: android studio and emulator, linux, xattr, https://github.com/LonelyFool/lpunpack_and_lpmake , https://github.com/tytso/e2fsprogs, mitmproxy, parted. Build these github projects, you'll need their binaries in the process.
also, 'mkdir build' somewhere.
2. Find system.img (#1) in your android studio installation, then extract the system partition:
$ losetup -f system.img
$ losetup -a | grep system.img
/dev/loop5
$ partprobe /dev/loop5
$ ls /dev/loop5p*
/dev/loop5p1 /dev/loop5p2
$ lpunpack_and_lpmake/bin/lpunpack /dev/loop5p2 build
$ ls build
system.img system-ext.img product.img vendor.img
$ losetup -d /dev/loop5
3. Make system.img (#2) writable and usable. This is ext4 crunched with feature shared_blocks, which makes it not really writable even in theory, as it deduplicates identical blocks in the filesystem. You'll need to convert that to a normal ext4, but, there's not enough space to do that operation. So you'll need to expand the partition to accomodate for this. How much? Empirically, I added 30M to a 700M partition:
$ ls -l system.img
700000000 # for example
$ e2fsprogs/resize/resize2fs system.img 730M
$ ls -l system.img
730000000 # for example
$ e2fsprogs/e2fsck/e2fsck -f system.img
$ e2fsprogs/e2fsck/e2fsck -E unshared_blocks system.img
$ e2fsprogs/e2fsck/e2fsck -f system.img
4. Modify the now writable partiton to your heart's content (we're still with system.img #2 here). I needed to add just one file, mitmproxy-ca-cert.cer . According to the mitmproxy docs, the name must be the hash of the certificate:
$ losetup -f system.img
$ losetup -a | grep system.img
/dev/loop6
$ mount /dev/loop6 /mnt
$ hashed_name=`openssl x509 -inform PEM -subject_hash_old -in mitmproxy-ca-cert.cer | head -1
$ echo $hashed_name
c8750f0d
$ cp mitmproxy-ca-cert.cer /mnt/system/ext/security/cacerts/$hashed_name.0
$ cd /mnt/system/ext/security/cacerts/
$ chmod 644 $hashed_name.0
Now check if your android has extra attributes in these certificate files. Mine does:
$ xattr 00abcde.0 # some random certificate
security.selinux
$ xattr -p security.selinux 00abcde.0
ubject_r:system_security_cacerts_file:s0
if yes, you'll need it on this file too:
$ xattr -w security.selinux ubject_r:system_security_cacerts_file:s0 $hashed_name.0
and be done with the partition
$ umount /mnt
$ losetup -d /dev/loop6
5. Create new super-partition, the one we used as /dev/loop5p2. You'll need the file sizes of your .img partitions, and your command to create a super.img file will look like this:
$ cat repack
#!/bin/sh
P=/android/super/1
~/src/lpunpack_and_lpmake/bin/lpmake --metadata-size 65536 --super-name super --metadata-slots 2 --device super:2496462848 --group main:2647101440 \
--partition system:readonly:786432000:main --image system=$P/system.img \
--partition system_ext:readonly:131952640:main --image system_ext=$P/system_ext.img \
--partition product:readonly:1468575744:main --image product=$P/product.img \
--partition vendor:readonly:102739968:main --image vendor=$P/vendor.img \
--output $P/super2.img
the interesting numbers are the corresponding partition sizes (in --partition), and, if f ex you increased the system.img #2 to 30M in the step 3, the number in --device:super should be the size of /dev/loop5p2 in bytes plus at least these 30M (but also okay if a bit more).
6. Finally, create a new system.img #1 . Create a backup copy of it, and then append some 30M there, and fix the partition
$ dd if=/dev/zero of=system-new.img flags=append bs=1M size=30
$ losetup -f system-new.img
$ losetup -a | grep system-new.img
/dev/loop7
$ parted /dev/loop7
GNU Parted 3.3
Using /dev/loop7
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) p
Model: Loopback device (loopback)
Disk /dev/loop7: 2444MB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:
Number Start End Size File system Name Flags
1 1049kB 2097kB 1049kB vbmeta
2 2097kB 2443MB 2441MB super
you will need to expand the partion 2 to the max (plus minus same 30M). If is fails fix the number and retry:
(parted) resizepart 2 24460MB
Error: The location 24460MB is outside of the device /dev/loop7.
and finally copy data back:
$ partprobe /dev/loop7
$ dd if=super.img of=/dev/loop7p2 bs=1M
$ losetup -d /dev/loop7
and that's it. After that, rename system-new.img to system.img, and hopefully the emulator could run this new image.
Also, to check that the certificate is there and recognized, go to the setting/certificates/trusted certificates, the mitmproxy one should be in the list.
Hopefully this will be helpful.
Cheers!
/dk