Hey guys, I'm trying to tinker with the recently-released Telstra-Branded Froyo ROM so I can check on some of the data inside and modify T-Mod to suit, but I've come across two very strange problems:
1: Extracting the update form the RUU gives me naught but a .img file which I have no clue how to open (I know it's a filesystem image, but I haven't been able to find tools to open it)
2: The OTA version of the update, while easily viewable, seems to use a .p file based patching system that I have never seen before.
If anyone can help me with these two problems by providing me with either the tools to decompile the RUU into something I can actually look at, such as tools for android's .img filesystem format, or a decrypted version of this ROM, it would be greatly appreciated.
EDIT: Nevermind, I found a copy of unYAFFS, figured it all out. just had to figure out what the filesystem on the RUU was.
Edit: I see you found it..
I know you're sorted now Muskie, but using dsixda's kitchen is also a useful tool.
http://forum.xda-developers.com/showthread.php?t=633246
Run the ruu until the menu comes up, go to your temp folder and copy the rom.zip and whack it in the kitchen.
Ben
Related
Hi all I am putting together an android app that will making the rooting process much easier. This thread is discuss issues and suggestions with this app.
I have the app near done, the biggest problem is that I cannot format the sdcard as fat32. Is formatting to fat32 required. Why do we do this? What is the real need to do this?
I have not tested the app out yet, but so far this is how it has been put together. There is a main activity with textboxes that have the urls of the files needed to root (dreaimg.nbh, recovery.img, hardsplupdate.zip, JF_RC33update.zip) and there are buttons for each step in the process to download these necessary files and extract them if needed and put them on the sdcard and renaming them properly. You can change the urls to something else if needed.
so you click the first button it downloads the .nbh and puts it on the sdcard and then prompts the user to turn off, power+camera on, flash. when phone is on then reinstall this app and go to step 2 (because it would of been lost when flashed)
you click the second button it downloads recovery.img and hardsplupdate.zip. renames the files appropriately and puts them on the sd. it runs a script to do the recovery.img flash. It then prompts you to restart into recovery mode and gives the instructions on flashing the hardspl. and tells you to reopen this app when done
you click the third button it downloads the latest JF firmware (lets just say the RC33 flavor) puts it on the sdcard and renames it as update.zip. it prompts you to restart into recovery mode and do the flash.
Anybody see any possible problems with this logic? Also what do people think about maybe packing some of these files in the app instead of having them be downloaded?
Update: app is working http://allshadow.com/forum/viewtopic.php?f=9&t=5229
I am still looking for help to make it better.
I need devs to help make it nicer.
I am also looking for someone who's familiar with the update.zip package, to pack the radio, hardspl, and jf_rc33 all in one update file.
If anybody is interested in helping, PM me
I dont think its that big of a deal to format the card yourself, but why not make an app on the desktop that does some of the work for you, like formatting the card, then downloading and renaming the files needed to get started?
Packing the files into the app is going to make the app big. I like this whole idea though.
when you flash the .nbh it does a wipe on its own so one would need to re-download the app after that unless you can get it to stick somehow, i like the idea, is each button of the app just running a script? like to get the dreaimg.nbh have a script that runs:
"$wget [url to the .nbh file]
$echo 'please reboot your phone into SPL by holding the camera and power button'"
or did you have some other idea?
i like the idea but i am just not sure how easy this would be to code as i am just used to writing scripts that do everything for me.
or you could follow Kllian's advice and make a desktop program that does all this. i could easily write a script for linux that would do it, and a .bat file wouldn't be too hard either. you would just need to have adb and you could have the scipt/batch reboot the phone into recovery to do the flashing of each update.zip
pm me if you have an questions or would like me to write a script to do all this
tubaking182 said:
when you flash the .nbh it does a wipe on its own so one would need to re-download the app after that unless you can get it to stick somehow, i like the idea, is each button of the app just running a script?
Click to expand...
Click to collapse
tubaking brings up a good point.
I have an idea that possibly could resolve the "wiping" issue. What you do is, the initial app would be placed on the desktop (assume RC30). From here you'd downgrade the firmware to RC29.
The problem is though, the app you are scripting will be wiped. SO...
How about saving it on the SD temporarily.
THEN modifying the .nbh file to restore the <rooting app> to desktop (from SD)
Just throwing some stuff out there.
IF you need some help, hit me up.
if anyone knows how to convert a .sh bash script from linux to a .bat batch file for windows then i already have the script written, send me a PM to get it. or we could port it into java, but i don't know how to do that stuff. tomorrow i will upload my script onto 4shared and provide a link here as long as it works. keep in mind that i am on a linux machine and my script will not work in M$ windows. i don't know a damn thing about mac, so i have no idea if this will work or not for them.
my script is nearly completely automated, the only thing you need to do is hit ENTER a few dozen times, i will also write a completely automated one that sleeps rather than waits for you to hit enter, but it will take longer to run most likely since i will have to oversetimate the sleep time.
hopefully i can find a windows machine and learn what commands in the cmd are equal to the commands in my terminal
akapoor said:
tubaking brings up a good point.
I have an idea that possibly could resolve the "wiping" issue. What you do is, the initial app would be placed on the desktop (assume RC30). From here you'd downgrade the firmware to RC29.
The problem is though, the app you are scripting will be wiped. SO...
How about saving it on the SD temporarily.
THEN modifying the .nbh file to restore the <rooting app> to desktop (from SD)
Just throwing some stuff out there.
IF you need some help, hit me up.
Click to expand...
Click to collapse
modifying ,nbh files is no easy task, i tried it once and fortunately for many people GSLeon3 was able to help me fix my tilt. i think the .bat or .sh would be the easiest way to root your phone
Tubaking,
Send over the file you have. Ill work on converting it to a .bat, useable from windows.
Email : akapoor92_at_gmail.com
I should have it soon, but since its like 3:30am here, I'm off to bed. Haha
tubaking182 said:
modifying ,nbh files is no easy task, i tried it once and fortunately for many people GSLeon3 was able to help me fix my tilt. i think the .bat or .sh would be the easiest way to root your phone
Click to expand...
Click to collapse
Uh, you'd not only need to modify the nbh file, but you'd also need to sign it with the Google OTA keys - otherwise the phone will refuse to flash it.
If it were possible to create Google-signed nbh files we'd dispense with all this downgrading nonsense and just create an nbh of the latest JF firmware with root and directly flash that.
The issue is that until you've patched the recovery loader the phone won't flash anything that isn't signed by Google. The reason we can get around this is that there is a leaked signed file with the old firmware version, and that version happens to contain a vulnerability that you can use to get root access. Once you have root access you can reflash the recovery loader with a new one which accepts the test keys. At that point you can dispense with the hacks and begin directly flashing whatever you want.
In any case, rooting a phone is serious enough of a matter that we probably shouldn't be encouraging anybody who can download an app to do it. They should at least have some confidence in reading and following obscure instructions online, because of anything goes wrong later that is what they'll be doing...
Thanks for all your input. I have been trying to hold hand people through the root process and it is a real pain. Biggest issues are people not being able to unzip files correctly, rename files correctly, and the biggest thing is the recovery.img step and typing in the commands.
- .nbh cannot be patched because it is signed.
- yes my app will get wiped because of the .nbh flash. It does tell the user to reinstall this app once done with the .nbh step and then continue
- i prefer an android app, so people can do it without a computer and without having to install the sdk
- the app does not run a script to get the files. it uses some android sdk functions to download files. it does use the unzip linux command to unzip, not sure if this will work because of permissions, i may have to figure out how to do it from the sdk. the app does run a script to do the recovery.img step, during this step we should already have root so no issue there with permissions.
Biggest problem I see is Fat32 format I heard it is not absolutely necessary. Does anyone have any more information about why this needs to be done?
it IS necessary, you need the card formatted in order to do the NBH flash, after that you should be ok. most card come formatted in the box they came in so anyone that said they didn't need to format their card is lying because is was already formatted to fat 32
in the RC29 firmware is there a su command in /system/bin/ or are all commands run as root without having to call /system/bin/su ??
moussam said:
in the RC29 firmware is there a su command in /system/bin/ or are all commands run as root without having to call /system/bin/su ??
Click to expand...
Click to collapse
from what i've read, in the RC29 version andything you type on the home screen gets put through a root shell as well all on it's own
I have a feeling whoever makes this app is going to sell iot for a ridiculous price on the market
My script is written but requires the user to do certain things, later I hope to have it be completely automated after a certain point and it will be free. After I get it written in linux shell I will be converting it to use in windows. Expect my automated root to be available for download by the weekend.
I got the app pretty close to done. I hope to put something up tonight or tomorrow that you guys can test. I am not going to charge for this app, I want to give it for free so everybody can have root and a more rich experience.
The place were I am stuck right now is the unzipping of the DREAIMG.NBH file from its zip file after it is downloaded. I am using java.util.zip I am not sure if the problem is because the file is so big or if I am doing it wrong. does anyone have an android java unzip code snippet?
The app now downloads files for you and unzips them if needed. THere is an issue with the unzipping though, after around 25 MB of unzipping DREAIMG.NBH i get this error...
java.io.IOException at java.util.zip.InflaterInputStream.read(InflaterInputStream.java)
anybody have any suggestions? Is their not enough memory to unzip the files or something?
For now I am not going to let the .nbh file be zipped up. THe app instead will have to download the full uncompressed .nbh file.
So it is ready to be tested, if you want to try it out PM me, I do not want to just post it and have everybody use it until it has been tested more.
Good news the app works on downloading the .nbh file and then flashing you to RC29. It then successfully downloads the recovery.img and hardspl update.zip
I had someone testing it and when they ran the recovery script the mount command gave them mount: operation not permitted. Is this correct? I know without root it is supposed to give you mount: permission denied.
If this is correct the app is working, and I just need someone else to confirm.
Mike
Does anybody else want to help with the coding of this project? If so create an open-source repository and I will add the current source in there.
Does anyone know what type of a file a .nbh is and how to make it veiwable/modifiable. If there was a way that we can mod the NBH file that I believe would be the successful way of rooting the MyTouch 3G. I will be getting one of the production devices in a week or so anyone want to have anything dumped let me know.
the nbh is a ROM and you can't flash it without a modified SPL. i'm not even sure the SPL used for android even supports the file type but any kitchen from winmo can decompile it
Not really so much an android thing but is a hardware thing of HTC. The Dream and Sappihre support these files. There is a NBH file which will take you all the way back to RC29 and also flashes back the original SPL as well. So it is my belief that if we can make a compatible NBH for the sapphire it will accomplish the end result.
Of course it will... That's what NBH files are made for. I don't think you can make one since it's signed (or something) with a key we don't have.
Ehh, i have an idea:
Some has to decompile .nbh and modify it to work on mytouch 3g.
Than you have to create a goldcard.. not sure about if viperbjk is putting sapphire into qmat..
Yeh I have tried to decode with hex editor and have not had any real luck with it at all. Looks coded. Just wondering if anyone knows how to decode would be greatly appreciated. I have tried to use some of the old Windows mobile kitchen tools.
There are lots of tools to extract NBH files, they should work if HTC hasn't changed anything...look for other devices kitchens and you'll find the tools.
Also there's a project which tries to achieve the same result under linux http://code.google.com/p/htc-flasher/.
where did you guys get an android nbh? this is odd because android is updated by placing and update.zip on the root of the sd card (among other ways) which is handled by the SPL. why wouldn't HTC just stick with nbh then?
sammypwns said:
where did you guys get an android nbh? this is odd because android is updated by placing and update.zip on the root of the sd card (among other ways) which is handled by the SPL. why wouldn't HTC just stick with nbh then?
Click to expand...
Click to collapse
android is updated by .zip but NBH is an all in one image type file that flashes htc phones to factory defaults. its usually used by the support techs to restore phones.
android/google=zip
htc =nbh
tripledes said:
There are lots of tools to extract NBH files, they should work if HTC hasn't changed anything...look for other devices kitchens and you'll find the tools.
Also there's a project which tries to achieve the same result under linux http://code.google.com/p/htc-flasher/.
Click to expand...
Click to collapse
this looks promising...i wonder if we can figure out how to resign it....
Hi,
I have just tested the HTC-Flasher and unfortunately it does not work with the DREAIMG.nbh
So i someone know how to extract and re-flash the dream NBH please help.
Bye
Herc. 8)
anybody can tell me how to convert official ROM to update.zip
I want to know how to make an official from the ROM can customize the ROM, instead of only at others do the update.zip in thickening delete...
First, you need to run the RUU.
Check in your system TEMP folder, and you should have an update.zip there.
Unzip that, and you'll have amongst others, system.img
Extract the files via unyaffs or other means, customize your build, zip and sign.
Voila.
My guess is that a simple search via the search tool would've resolved that, then again, I guess you were too lazy to do that.
adwinp said:
First, you need to run the RUU.
Check in your system TEMP folder, and you should have an update.zip there.
Unzip that, and you'll have amongst others, system.img
Extract the files via unyaffs or other means, customize your build, zip and sign.
Voila.
My guess is that a simple search via the search tool would've resolved that, then again, I guess you were too lazy to do that.
Click to expand...
Click to collapse
I have get the system.img, but I don't know what tools and methods reduction system.img to update.zip file format,can replace programs self.
Can you explain it step by step?
He actually told you in the post above to use unyaffs, all you need to know is already in this forum if you search for it. Here's a thread to get you started:
http://forum.xda-developers.com/showthread.php?t=566235
thanks , i went to see
Hey,
I tried to pot my Treo back to WM6 from Vodafone with the original updater, but it keeps telling me that my device is not supported because of language issues (Right now there is WM6.1 working on it in english and I need to flash the German WM6). when I open the installer with WINRAR I can see a couple of *.nbh files (cheeimg.nbh and cheeimg_fw.nbh). Is it eventually possible to just take one of them and flash it? or do they anyway require to have a preinstalled stock ROM to update with them? And why are there so many other files in, when i usually actually just need one nbh file as a rom?
Thanks for helping me understand my phone
bump
i d like to know that aswell. did you fixed the issue by now?
If you want to use the official updater you need to modify the payloads.xml file.
You can find it by opening the official updater, but don't start the upgrade. Opening the updater will extract a bunch of files to your TEMP folder. The payloads.xml file will be in one of the subfolders. The folder is called something random so you'll have to seach for it, but you'll see a bunch of Palm icons in it so you'll know you're there.
You can edit the payloads.xml file with any text editor. Notepad works fine.
If you are changing carriers as part of the update, you will probably need to change the carrier code to the one matching the currently installed ROM. This is AT&T, for example.
Code:
<carrier_codes>CNG,ATT</carrier_codes>
I think Vodofone is VF, but you'll have to do some searching to confirm that.
Then you need to change the revision range to allow the downgrade.
Code:
<revision_range>
<low>1.13</low>
<high>3.00</high>
</revision_range>
Save it when you are done, and then start the updater. It should work. If not, there are plenty of posts here about downgrading ROM's, so search around until you find something that works for you.
And yes, you can extract the ROM's from a desktop updater and flash using the SD card method, assuming of course you have successfully HardSPL'd your phone. You need the CHEEIMG_FW.nbh file, but must rename it to CHEEIMG.nbh before putting it on the SD card.
You don't need to Hard-SPL in order to flash official Palm WM ROMs from a MiniSD.
Hello all.
I haven't posted here for years. My account is still active, but I am no longer allowed to post in specific forums regarding ROMs, so I am asking here.
[moderators: sorry if this is the wrong topic. It is the closest I could find, since my question is not device specific]
I have an Android 9 box which is signed with AOSP test certificates.
I also have an update.zip file for this box.
This box has A/B OTA support, it is working and verified through fastboot.
I want to edit and repackage the update.zip
I know how to do it on old ROMs, but I could not find any tool that can repackage payload.bin
There are several tools to unpack it, and I used one to extract boot.img and system.img
But I can't find any way to package these files back in to payload.bin format.
I tried various google searches and even analyzing the open source unpacking tools, but building a packaging tool from scratch is too complex for me at this point.
Any advice?
Have you found anything for this? I am trying to repack the payload.bin as well from modified IMG files, but I cant find anything on the web.
I extracted this script from linux-86 tools, pretty sure this is the one that repacks all the images into payload.bin, but donno what's the exact code inside it that makes it possible... Understand the last 100 lines & you might succeed.
MPK99 said:
I extracted this script from linux-86 tools, pretty sure this is the one that repacks all the images into payload.bin, but donno what's the exact code inside it that makes it possible... Understand the last 100 lines & you might succeed.
Click to expand...
Click to collapse
MPK99 said:
I extracted this script from linux-86 tools, pretty sure this is the one that repacks all the images into payload.bin, but donno what's the exact code inside it that makes it possible... Understand the last 100 lines & you might succees
Click to expand...
Click to collapse
Please Teach me, how to repack .img files into payload.bin
Did u Already Know How To Repack .img Files Into Payload.bin?
MPK99 said:
I extracted this script from linux-86 tools, pretty sure this is the one that repacks all the images into payload.bin, but donno what's the exact code inside it that makes it possible... Understand the last 100 lines & you might succeed.
Click to expand...
Click to collapse
Hello do you still have this script trying to repack a QCM6125 with magisk and twrp
Edit: Its advised to use superR's kitchen
SuperR Kitchen
forum.xda-developers.com
Hey
I've also tried everything, how do you pack it back into a payload.bin, I only wanted usb rights in the Platform.xml, I didn't want that anymore, that's enough for me, but how do I pack it again, thanks
I'm asking here as I never got an answer, sorry
don't want root
Thanks