Related
This guide was taken from AndroidCentral and I thought I would share it here because it's taken me 4 hours this morning to figure out why I was having so many problems trying to flash a recovery image when I know my phone was rooted and flashed in order to get 2.1 a month or so ago. I have been searching these forums and google and hope anyone else who has my issue finds this post.
1. Make sure you have the Android SDK installed.
2. Download flash_image.zip
3. Download recovery-RA-heroc-v1.5.2.img
4. Unzip the first file, and place both in your Android SDK/tools folder.
5. Make sure USB debugging is ON
6. Connect your phone to the PC
7. Open the command window and navigate to the Android-sdk/tools folder on your computer.
8. At the prompt enter the following, one line at a time followed by enter
Code:
adb shell
su
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
exit
exit
adb push flash_image /system/bin
adb push recovery-RA-heroc-v1.5.2.img /sdcard
adb shell
chmod 0755 /system/bin/flash_image
reboot
9. Your phone will reboot. When it is finished, back at your command window, once again enter
Code:
adb shell
su
cd /sdcard
flash_image recovery recovery-RA-heroc-v1.5.2.img
reboot recovery
10. With any luck, you'll have the recovery image back and can load custom 2.1 based ROMS again.
Hope this helps. All credit goes to gbhil at Android Central.
You might want to change the title of the post. People might get confused thinking you found a way to downgrade the hboot and not how to flash the recovery image.
Can't get it to work.
I ran the RUU earlier.
Tried to root the old way.......didn't work.
Just tried this to get the recovery image back.
At the SU command it says: permission denied
Thanks,
Bubba.
bubbacs1 said:
Can't get it to work.
I ran the RUU earlier.
Tried to root the old way.......didn't work.
Just tried this to get the recovery image back.
At the SU command it says: permission denied
Thanks,
Bubba.
Click to expand...
Click to collapse
This won't work for the leak that was put out today. You lost root. This process requires root.
bubbacs1 said:
Can't get it to work.
I ran the RUU earlier.
Tried to root the old way.......didn't work.
Just tried this to get the recovery image back.
At the SU command it says: permission denied
Thanks,
Bubba.
Click to expand...
Click to collapse
If you used the new RUU that was leaked today you're screwed. The older 2.1 leaks were test ROMs that were already rooted so you could use the instructions above to flash the RECOVERY. Notice recovery in bold, not bootloader. Once hboot is updated there is no known way to downgrade so you could use an older RUU file.
This rom has no root. There is NO WAY to re-root after flashing the newest RUU. I'm sorry to say... you're ****ed.
HeroMeng said:
This rom has no root. There is NO WAY to re-root after flashing the newest RUU. I'm sorry to say... you're ****ed.
Click to expand...
Click to collapse
So they can't run an older ruu with 1.5?
HeroMeng said:
This rom has no root. There is NO WAY to re-root after flashing the newest RUU. I'm sorry to say... you're ****ed.
Click to expand...
Click to collapse
To clear that up, if you run the RUU you have no root. If you extract the ROM, set it up, and flash it, you will preserve root, just like damageless made for all of us. But, yeah, you are not gonna be able to get back from this one. at least until someone figures it out.
I changed the thread title to hopefully alleviate some confusion. I didn't realize there was a newer RUU released.
I flashed the Damageless Rom and it's running smoothly so far, but I'm still trying to figure out why wifi tethering isn't working out for me. :-(
celemew2 said:
I changed the thread title to hopefully alleviate some confusion. I didn't realize there was a newer RUU released.
I flashed the Damageless Rom and it's running smoothly so far, but I'm still trying to figure out why wifi tethering isn't working out for me. :-(
Click to expand...
Click to collapse
Did you get wifi tether version 1_60? That's the only version that ever worked for me.
Yeah, I have 1.60 installed on my phone right now, but when I try to start tethering, a SU Request black screen comes up and nothing happens until I get an error, "Activity SU Request (in application Superuser Permissions) is not responding."
I'm sure there's an answer somewhere, but lately I haven't been having luck searching for it.
Edit:
Thank you 98classic! All I had to do was enable USB Debugging. (I had it turned off cause I didn't like the warning up top when my phone was plugged into the computer)
"flash_image not found" what the f**k
need the binary? physically check its there with a root explorer
Sent from my broken Typewriter!!!
or do this download and set up the android SDK it itself includes the flash_image binary. after that u will need to open a command prompt on your computer u will have to change directory to platform tools
cd /path/to/platform-tools
after that u will get the chance to do
flash_image recovery /path/to/recovery.img
that will flash the recovery
now reboot into recovery
Typed from my broken Typewriter!!!
ROOT Status of RUU_Hero_C_Sprint_2.27.651.5_R_signed_release : YES
Update: Regaw finally made it for us all! More info here http://forum.xda-developers.com/showthread.php?t=694572
======================================================
I noticed that someone has mixed up the TEST RUU and the RELEASE RUU. However they are different. The test RUU has su file built inside, other than the release RUU!
I flashed RUU_Hero_C_Sprint_2.27.651.5_R_signed_release.exe and i love it very much.
This update is very great, except that I lose my root access. And I tried every method to get root back again but failed.
1. Using asroot2 to root - Failed
I followed the Sticky GUIDE "How to Root the Sprint CDMA Hero", but failed when running
Code:
/data/local/asroot2 /system/bin/sh
The process was killed.
I know the linux kernel changed to 2.6.29 with the update. Maybe that is the reason why asroot2 does not work.
2. Using flashrec to flash a custom recovery image and then get root - Failed
I installed FlashRec 1.1.3 from zenthought's website, but failed when I tried backingup my recovery image.
3.Using adb to push the su file into the phone - Failed
I dump the su file from damageless's rom and flipz's Fresh 2.1.1 rom. Then using adb to push it into /data/local/ and chmod it to 4777, but running failed. It just said "Permission Denied". However, i push a busybox file into /data/local/ and chmod it to 4777, the busybox command runs ok.
KeithKris pointed that Su doesn't work on /data because that directory is mounted nosuid.
4.Using fastboot to flash a custom recovery image and then get root - Failed
I reboot my phone into fastboot, then connect it to PC using USB. I tried this command "fastboot boot recovery-RA-heroc-v1.6.2.img" but faild, it said "downloading 'boot.img'... FAILED (remote: not allow)".
5.Trying to flash back to RUU_Hero_C_Sprint_2.20.651.1_signed_test.exe - Failed
It said "Error 140: BOOTLOADER Version Error!".
Although regaw_leinad has pointed that the md5s on both(release version and test version) hboots are the EXACT same.
b819083aa9fe456c5a5fbde4917980e2
and
b819083aa9fe456c5a5fbde4917980e2
Click to expand...
Click to collapse
Thanks regaw_leinad for your kind help.
Update: 6. the Volex method - Failed
this volex method is revealed here. Already tested by regaw that 2.1 patched it. It doesn't work.
======================================================
After all these failures, there seems to be at least two ways to get the root back. And regaw_leinad and other guys are working hard on them.
1. Try to make a new asroot2 to exploit the linux 2.6.29/android 2.1 on our cdma hero. Here is the source code of our asroot2 -- heroc 1.5 exploit tool.
2. Try to hack the RUU file (actually we mean the rom.zip in the RUU.exe) and make sure it will pass the Bootloader check and signature check(maybe md5?). Then we could flash a RUU with su built inside and get the root back.
If anyone knows something about how to pass the signature check(maybe md5?) or linux kernel exploit, please share your wisdom. Thank you.
This post will be updated every day until the way to root comes out.
Update: Thanks to the donators in this thread! I believe the devs will find the exploit method soon with your support!
======================================================
BTW: Never ever flash the official 2.1 release RUU.exe unless you know what you are doing. You won't get root access until the exploit method has been found. If you do love the official update, you may flash this damageless's rom dump from the official 2.1 release. And the radio dump from the official 2.1 release is here1 and here2 (thanks to damageless and flipz, and remember flashing radio at your own risk). The only difference between damageless's dump and official RUU's system part is that it has root and busybox and it removed some useless apks.
would it be more like fastboot boot /sdcard/recovery-RA-.........img?
justinisyoung said:
would it be more like fastboot boot /sdcard/recovery-RA-.........img?
Click to expand...
Click to collapse
I tried /sdcard/recovery....img again, faild. Because in this command the image file should be on the PC not on the phone.
1. Make sure you have the Android SDK installed. Read HERE for more info.
2. Download 4shared.com - online file sharing and storage - download flash_image.zip
3. Download 4shared.com - online file sharing and storage - download recovery-RA-heroc-v1.5.2.img
4. Unzip the first file, and place both in your Android SDK/tools folder.
5. Make sure USB debugging is ON
6. Connect your phone to the PC
7. Open the command window and navigate to the Android-sdk/tools folder on your computer.
8. At the prompt enter the following, one line at a time followed by enter
Code:
adb shell
su
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
exit
exit
adb push flash_image /system/bin
adb push recovery-RA-heroc-v1.5.2.img /sdcard
adb shell
chmod 0755 /system/bin/flash_image
reboot
9. Your phone will reboot. When it is finished, back at your command window, once again enter
Code:
adb shell
su
cd /sdcard
flash_image recovery recovery-RA-heroc-v1.5.2.img
reboot recovery
10. With any luck, you'll have the recovery image back and can load custom 2.1 based ROMS again.
__________________
elhead17 said:
1. Make sure you have the Android SDK installed. Read HERE for more info.
2. Download 4shared.com - online file sharing and storage - download flash_image.zip
3. Download 4shared.com - online file sharing and storage - download recovery-RA-heroc-v1.5.2.img
4. Unzip the first file, and place both in your Android SDK/tools folder.
5. Make sure USB debugging is ON
6. Connect your phone to the PC
7. Open the command window and navigate to the Android-sdk/tools folder on your computer.
8. At the prompt enter the following, one line at a time followed by enter
Code:
adb shell
su
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
exit
exit
adb push flash_image /system/bin
adb push recovery-RA-heroc-v1.5.2.img /sdcard
adb shell
chmod 0755 /system/bin/flash_image
reboot
9. Your phone will reboot. When it is finished, back at your command window, once again enter
Code:
adb shell
su
cd /sdcard
flash_image recovery recovery-RA-heroc-v1.5.2.img
reboot recovery
10. With any luck, you'll have the recovery image back and can load custom 2.1 based ROMS again.
__________________
Click to expand...
Click to collapse
Sorry dude, there is NO su file in this released version of RUU.
So you won't run su after adb shell
just a question but can you successfully run the testkeys release RUU on your phone?
I thought with new 2.1 update root access was removed and there was no way workaround to get root access. I might be wrong here.
You might want to try RUU back to 1.56 version and try to gain ROOT access and just flash ROM release by the dev's here which still give us ROOT access.
I'm not sure if it even possible to go back from 2.1 to 1.5 RUU. Maybe some with more knowleadge of RUU can chip in here.
In addition the RUU you flash is same one release by Devs here on their modify ROMs.
i dont think it is possible to ruu back to 1.5. i think a dev said something about hboot being updated so it needs a new way for root.
kashb91 said:
i dont think it is possible to ruu back to 1.5. i think a dev said something about hboot being updated so it needs a new way for root.
Click to expand...
Click to collapse
You are correct sir. There's no way to downgrade hboot (without root), just like why you can't run the 1.29 RUU if you ran the 1.56, or yours came with 1.56 on it.
F.A.I.L.
10chars
aside from people who "accidentally" installed RUU, The push to quickly root this release is probably low priority, first of all this phone is probably end of life, so the chances of it coming out of the factory with 2.1 on it are slim.
2nd I imagine when the Evo gets released this forum will become a ghost town as far as new development is concerned
gunnyman said:
aside from people who "accidentally" installed RUU, The push to quickly root this release is probably low priority, first of all this phone is probably end of life, so the chances of it coming out of the factory with 2.1 on it are slim.
2nd I imagine when the Evo gets released this forum will become a ghost town as far as new development is concerned
Click to expand...
Click to collapse
well, I'll be around here unless someone buys me an EVO &
It is actually possible to go back to 1.5 even if you used the RUU (well I should say the test RUU). I just did it yesterday so I could take my phone in for service. I'll post how I did it when I'm not mobile. Basically I created an update package to flash the old hboot then used a combination of the 2 main unroot threads. Ended up being able to use the sdcard method after flashing the misc.ing from the other method. I know probably doesn't make sense but I've got it all documented at home.
eme82 said:
It is actually possible to go back to 1.5 even if you used the RUU (well I should say the test RUU). I just did it yesterday so I could take my phone in for service. I'll post how I did it when I'm not mobile. Basically I created an update package to flash the old hboot then used a combination of the 2 main unroot threads. Ended up being able to use the sdcard method after flashing the misc.ing from the other method. I know probably doesn't make sense but I've got it all documented at home.
Click to expand...
Click to collapse
I can't WAIT to read how you did this! I have been dying to get back to original HBoot since I ran the first test RUU back in April.
gunnyman said:
aside from people who "accidentally" installed RUU, The push to quickly root this release is probably low priority, first of all this phone is probably end of life, so the chances of it coming out of the factory with 2.1 on it are slim.
2nd I imagine when the Evo gets released this forum will become a ghost town as far as new development is concerned
Click to expand...
Click to collapse
Well, if we are able to root this Sense 2.1 then theoretically the same root method may work on the Evo, thereby cutting down our wait for a rooted Evo. Just a thought.
chuckhriczko said:
Well, if we are able to root this Sense 2.1 then theoretically the same root method may work on the Evo, thereby cutting down our wait for a rooted Evo. Just a thought.
Click to expand...
Click to collapse
Very very good point I'm not getting an evo till its rooted anyway
chuckhriczko said:
Well, if we are able to root this Sense 2.1 then theoretically the same root method may work on the Evo, thereby cutting down our wait for a rooted Evo. Just a thought.
Click to expand...
Click to collapse
Possible, but I doubt it.
Chances are it's an entirely different kernel. My guess is the EVO gets a 2.6.30+ Kernel - It's hardware is completely different from ours. QUALCOM doesn't even make our chipset any more.
I updated to 2.1 using damage sprintupdate2.zip. I want to use wifi-tether now. Where can I find the version I need for this particular build? I looked on wifi-tether website, but it says the 2.1 compatible version is for Nexus One. Is there even a version for Eclair for the Hero?
Would build wireless_tether_2_0_2-pre9.apk for the N1 work?
zemerick said:
I updated to 2.1 using damage sprintupdate2.zip. I want to use wifi-tether now. Where can I find the version I need for this particular build? I looked on wifi-tether website, but it says the 2.1 compatible version is for Nexus One. Is there even a version for Eclair for the Hero?
Would build wireless_tether_2_0_2-pre9.apk for the N1 work?
Click to expand...
Click to collapse
I'm still using pre6 seems to be the one for the Hero.
zemerick said:
I updated to 2.1 using damage sprintupdate2.zip. I want to use wifi-tether now. Where can I find the version I need for this particular build? I looked on wifi-tether website, but it says the 2.1 compatible version is for Nexus One. Is there even a version for Eclair for the Hero?
Would build wireless_tether_2_0_2-pre9.apk for the N1 work?
Click to expand...
Click to collapse
Here's the link: http://code.google.com/p/android-wi...ireless_tether_1_60_htc.apk&can=2&q=HTC+Donut
I tried every method, read every thread in every forum in an effort to root my EVO. Nothing worked. I was driving myself mad and spending tons of time. I Eventually I came across a post which directed me to XDA Developers Thread ---==={ROOT GUIDE}===--- | 1.47.651.1 ROOT, post 579 by SharkUW . I have used this on my own phone and I don't see a reason why it wouldn't work. I modified some of the instructions to make it clearer. The instructions may not be exact, and there is some seat-of-the-pants involved, but I got it to work. Use it at your own risk.
Prerequisites (follow in order)
Android-SDK developers program. I loaded it to C:
JAVA SE Development (use correct bit – 32 or 64). loaded in C:
Microsoft .NET Framework V 4.0
Reboot your phone and do a factory reset. Erase everything
Set phone to Charge Only and USB debugging
Open the stock browser and sign-in with your PCS phone number. Leave running.
Shutdown the phone, then restart
Make sure ADB is functional on your computer. You should be able to "adb shell" (confirming adb is working, exit shell if you're in it).
Extract the Do_root.zip (link below) and place all these files into the SAME folder as adb.exe. I have not included the appropriate PC36IMG.zip. Get it here. http://forum.xda-developers.com/showthread.php?t=701835 Leave the name as "eng-PC36IMG.zip". Place that in the SAME directory as well as the .zip.
Open a command prompt on your computer. point directory to Android-SDK directory\tools and a list will come up… click on "root.bat” and click RUN.
If it hangs for more than 30 seconds with the browser ****, CTRL+C, yes to kill the bat and just run it again.
Follow the directions. Your phone is going to reboot. It is then going to do a little **** and reboot into the boot loader. Keep track of the Command screen and wait because some steps take a while and there is no way of telling if it’s working. Nothing lasted more than 5 minutes. Eventually it will be in a "bootloader" and ask if you want to reboot. Say Yes with a Volume UP.
The .bat is now done. You have root. (not sure if next part is true) You now need a custom recovery to flash a proper ROM beyond the scope of this guide.
In original instructions but I’ve found the following Recovery step and code is not necessary: Now take the last step and flash the recovery.img that will already be on the root of your sdcard. To do this, after the PC36IMG flash:
Code:
adb shell
cat /sdcard/flash_image > /data/flash_image
chmod 755 /data/flash_image
/data/flash_image recovery /sdcard/recovery.img
To check for root do ADB Shell and should get #.
If you're all advancedy you can put on a different recovery image.
IMPORTANT If you get a message here about "not writing bad block", flash it again until you get 0 errors. I don't know how common it is, but personally my recovery has issues with flashing. Do NOT let that be a bad flash.
Attached Files
do_root.zip (4.07 MB, 49 views)
________________________________________
Last edited by SharkUW; 7th July 2010 at 01:06 AM.
Going to try it tomorrow and hope it works. Thanks
Where are the attached files?
Can't find the do_root.zip file. Seems there is no attachment, please re-post. Thanks.
I tried to attach the do_root.zip file and a link to Toast 2 file. If that doesn't work, go to the referenced post #579 here: http://forum.xda-developers.com/showthread.php?t=718889&page=58.
Have you tried this SimpleRoot? I just did it, and it worked flawlessly.
Vivix729 said:
Have you tried this SimpleRoot? I just did it, and it worked flawlessly.
Click to expand...
Click to collapse
Simpleroot ftw.
mattrb said:
Simpleroot ftw.
Click to expand...
Click to collapse
QFT. I did simple root (I still setup adb and ensured it was working first) and then flashed the rooted Stock 1.47 ROM in about 40 min. I think most people that are running into issues with Simpleroot do not have adb setup properly or they did something inadvertently and need to clear out the files/cache and need to start over from scratch.
gmanvbva said:
QFT. I did simple root (I still setup adb and ensured it was working first) and then flashed the rooted Stock 1.47 ROM in about 40 min. I think most people that are running into issues with Simpleroot do not have adb setup properly or they did something inadvertently and need to clear out the files/cache and need to start over from scratch.
Click to expand...
Click to collapse
I did simple root and it worked fine too. I don't think the issue is adb being setup since he has an adb file in his download.
Update from a few days ago.
Just got a new SDHC card and simpleroot worked. The SDHC that came with my phone died. I placed a spare in there that was a 2gd regular micro and Hboot would not ready the IMG for nothing.
If simple root is not working then it's the Sh!tty card acting up.
Happy ending for me.
I just got my phone yesterday did the ota simpleroot and seems like it worked fine
but now i dont know what to do next
to get custom roms or froyo 2.2 or anything lol
Awesome post |OP|.
My desktop is Windows 7 x64 and doesn't play nicely with the standard tools.
I was forced to adapt your root.bat script to an OSX friendly BASH script.
The only requirement is that you download the android SDK from developer.android.com/sdk/index.html (apparently, I'm too new to post links).
The steps I took to get root:
Unzip the android SDK
follow |OP|'s instructions, unzipping the contens of do_root into [sdk-root]/tools/
unzip the attached bash script to the [sdk-root]/tools/
run my bash script from the [sdk-root] folder instead of root.bat - type "./root.sh" without the double-quotes
Grab a copy of Froyo while your phone is being rooted
these instructions are intended for those who have root and S-OFF yet still on stock 1.32.405.3, the new update breaks superuser and overwrites both recovery and hboot, if you follow my steps it should all work fine and still have root, no wipe is needed
Info about this update:
1.72.405.3_R2 Update: improve system performance and camera feature enhancements
Requirements for this method:
Clockwork recovery, ENG S-OFF and radio S-OFF
unless you have radio s-off you can't flash the new radio, if you flash it without radio s-off you will loose root.
radio s-off is easy and insures you never loose s-off again, you need to have it before you apply the update
One click Radio S-OFF, SimUnlock (Easy Root Guide)
i recommend you make a nandroid backup first from clockwork recovery
Applying 1.72.405.3
Download the new OTA if you have it in the download folder you or from here
http://dl.dropbox.com/u/8076202/OTA_Ace_HTC_WWE_1_72_405_3_R2-1_32_405_6_release_1632939lowfu0y78jktpp2.zip
copy the OTA file to the root of your sdcard and rename it to update.zip
reboot into clockwork recovery and choose apply update.zip, clockwork recovery will apply the OTA safely without overwriting HBOOT and recovery
reboot, now you have android 2.2.1 and build 1.72.405.3, however clockwork didn't install the new kernel so wifi will break, you will need to flash the supplied kernel in the OTA
Re-flashing the kernel
download the original 1.72.405.3 kernel (extracted from the RUU) http://www.multiupload.com/APNFJJVGWI
Extract the boot.img file to the /tools folder of your Android SDK
Reboot your device into bootloader mode and select fast boot mode (select restart and keep holding down volume down + power, never mind the stupid vibration)
From an elevated command prompt, browse to the /tools folder of the Android SDK
Once in the /tools folder, type (without quotes) "fastboot flash boot boot.img"
Wait until the send and write operations are completed (this may take a few minutes)
Reboot your device
Restoring SU
Once rebooted, uninstall superuser (since it keeps crashing when giving permissions) this step is very important
download the old su package from here http://www.multiupload.com/YTL0P497YR
unpack files to SDCARD
boot to Clockwork recovery
(DHD CWM menu) mount /sytem
(DHD CWM menu) mount /sdcard
(PC cmd prompt sdk tools) adb shell
# cp /sdcard/su /system/bin/
# cp /sdcard/Superuser.apk /system/app/
# ln -s /system/bin/su /system/xbin/su
# chmod 06555 /system/bin/su
# exit
(DHD CWM menu) umount /sytem
(DHD CWM menu) umount /sdcard
reboot
download BusyBox from market
Flashing the New radio don't install the new radio unless you have Radio S-OFF
you can download and install the new radio by following the instructions in here
The HTC Desire HD Radio Thread
Once completed you should have the following software information:
Andorid version: 2.2.1
Baseband version: 12.28e.60.140fU_26.04.02.17_M2
Kernel version: 2.6.32.21.-g3d0aaff / [email protected]#1 / Wed Dec 1 17:09:51 CST 2010
Build nuber: 1.72.405.3.CL296490 release-keys
Software number: 1.72.405.3
Browser version: WebKit 3.1
for those struggling with sdk commands check this post forum.xda-developers.com/showpost.php?p=10068129&postcount=59
these steps and files were collected from various members, all thanks goes to them
as usual i'm not responsible if all hell breaks loose in your Desire HD
[update 1] working superuser patch http://forum.xda-developers.com/showthread.php?t=886999
[update 2] downgrade back to 1.32 guide http://forum.xda-developers.com/showthread.php?t=905003
I have done it all, and it seems to be working fine.
How can I make sure I have the new radio? what version should I check, and where?
I haven't done the SU thing yet - when I tap the Superuser it doesn't seem to crash over here. Is there any other way I can check the superuser?
hamdir said:
Extract the boot.img file to the /tools folder of your Android SDK
Reboot your device into bootloader mode and select fast boot mode (select restart and keep holding down volume down + power, never mind the stupid vibration)
From an elevated command prompt, browse to the /tools folder of the Android SDK
Once in the /tools folder, type (without quotes) "fastboot flash boot boot.img
Click to expand...
Click to collapse
I must be missing something here. Do I need the entire Android SDK to do this?
I actually have a fastboot folder with all the flashboot app etc that works (used for clockwork recovery installation before), is it enough to put boot.img there and go on?
---edit---
nevermind, that was obviously ok!...I'm going on
i think adb and fastboot should be enough but try to look up confirmation in this forum, you are gonna use it to flash so better not take risks
I've read this after, anyway just done, it needed just a few seconds and it's perfect, WiFi newly working now! I go on with the su stuff
# ln -s /system/bin/su /system/xbin/su
Click to expand...
Click to collapse
says File exists...
I'm sure I uninstalled superuser...what to do?
initial impressions
no 100% cpu usage/battery problem for me like some people are reporting, 720p lag seems gone needs more investigation, the stuck clock flipping seems gone, apps on the sd card still loses their homescreen icons once rebooted
edit - it seems snappy after it stabilizes, h264 playback seems improved
ErMeglio said:
says File exists...
I'm sure I uninstalled superuser...what to do?
Click to expand...
Click to collapse
its ok keep going as long as you made sure superuser was removed
Just done EVERYTHING. BusyBox working and saying I'm correctly rooted (superuser asked for the permission, no probls, so it's ok!), I also updated it to 1.17.1! Had some difficulties finding the right radio, that is not in the radio thread linked. I just found out that it was in my RUU-unzipped rom.zip file found in the last modified folder of %APPDATA% and the radio was named simply radio.img (how strange, he!).
Everything seems to work perfectly and I'm all-around updated.
Many many thanks go to you hamdir for your step-by-step fool-proof guide, merry xMas to you firstly...and to the whole great community in there
---edit---
ok, said too soon, WiFi not working anymore after the radio update
Ideas?
---edit---
flashed again the boot.img and WiFi IS working again.
Can it be done without eng s-off?
Flash is possible with SFR ROM???
grozni said:
Can it be done without eng s-off?
Click to expand...
Click to collapse
well im not sure if fastboot flashing would work without it
OK, I know I'm going to get scolded for this but I'm stuck at the clockwork recovery's reboot screen with a red triangle and an exclamation mark. I perm-rooted with Visionary, used the one-click radio S-OFF and it seemed to work, ROM Manager seemed to flash clockwork recovery without errors. I can get to the bootscreen with the fastboot option etc but at the top right it says radio s-on! Should I try another method to get radio S-OFF?
DHD with ENG S-OFF, Radio S-OFF and clockwork recovery installed on 1.32.405.6 and after trying
*reboot into clockwork recovery and choose apply update.zip, clockwork recovery will apply the OTA safely without overwriting HBOOT and recovery
I get :
assert failed apply patch bla bla bla, i would send screenshoot but forum wont let me add external links
Any solution?
[email protected] said:
DHD with ENG S-OFF, Radio S-OFF and clockwork recovery installed on 1.32.405.6 and after trying
*reboot into clockwork recovery and choose apply update.zip, clockwork recovery will apply the OTA safely without overwriting HBOOT and recovery
I get :
assert failed apply patch bla bla bla, i would send screenshoot but forum wont let me add external links
Any solution?
Click to expand...
Click to collapse
maybe the OTA file is broken try to donwload it again.
makbil said:
OK, I know I'm going to get scolded for this but I'm stuck at the clockwork recovery's reboot screen with a red triangle and an exclamation mark. I perm-rooted with Visionary, used the one-click radio S-OFF and it seemed to work, ROM Manager seemed to flash clockwork recovery without errors. I can get to the bootscreen with the fastboot option etc but at the top right it says radio s-on! Should I try another method to get radio S-OFF?
Click to expand...
Click to collapse
seems SOFF didn't work ask around in the radio S-OFF thread, if you are still s-on rom manager will say it installed clockwork when in fact it didnt
you must have s-off
perferable both radio s-off and eng s-off
carl2990 you've edited the build.prop i don't how to help sorry ask around in the development forum
good luck
Any theories why cwm wouldn't flash kernel image? Not flashing radio, recovery, hboot, i get that. But why not the kernel?
hamdir said:
maybe the OTA file is broken try to donwload it again.
Click to expand...
Click to collapse
Tried to download again and still same error on update thru CWM
Verifying current system:
assert failed: apply_patch_check("/system/framework/am.jar", "1e0028b2b5baa5fd8d02b1df102a8abf6f03b077", "26697b47b593b822bbbe1035b506a88b02cf4b43"
E: Error in /sdcard/update.zip
(Status 7)
Installation aborted.
I got my S-OFF issue sorted out (using this, more info here)
Now on 2.2.1, continuing with the rest
Extract the boot.img file to the /tools folder of your Android SDK
Is that the "Tool" folder on my SD card? There is also a folder called "Android" on my SD card, just want to make sure I'm not doing anything wrong.
Android SDK
http://developer.android.com/sdk/index.html
Before I start this thread, I should say that all credit goes to otaking71 for finding this crack.
The two original threads are here
http://forum.xda-developers.com/showthread.php?t=1255043
http://forum.xda-developers.com/showthread.php?t=1255360
All of the work was done in the #htc_evo_shift channel on freenode irc.
Table of contents:
1. Hboot information about the exploit.
2. Downgrading
2.1 Notes
3. Full root(Updated 2.2 root)
4. Links
5. Credits/donation links
I will aim to make it so this mod can be ported to other devices to help downgrade bootloaders and software. Please read the entire thread before flashing anything and trying this.
Hboot
Hboot uses a hidden partition to check everything it flashes against, this partition is "misc", or hboot -1, or on the shift mmcblk0p17(hboot itself is at mmcblk0p18).
Some raw dumps of this partition using strings to filter ascii strings brings out this type of dump.
Locked bootloader for the evo shift's dump
"SPCS_001
DeviceWarmBoot
CE Serial InUse
Debug Cable Ena
CE USB InUse
ClearAutoImage
2.76.651.4
FNOC
FNOC"
Unlocked bootloader for the verizon thunderbolt
"VZW__001
DeviceWarmBoot
CE Serial InUse
Debug Cable Ena
CE USB InUse
ClearAutoImage
1.02.605.6
FNOC
FNOC"
Eng spl unlocked evo shift
"FN0C
FN0C
FN0C"
Now the place to focus at is the version numbers, 2.76.651.4. Hboot will check all items you try to flash via hboot or ruu utility against this number and if it is lower than what you are trying to flash, it will allow you to proceed in flashing through hboot, or ruu. If the number is higher, it will reject the flash. If the number doesn't exist(like in the eng spl) it will assume it is able to flash it(ONLY TESTED ON ENG SPL, not locked bootloaders). So by dumping the TB's misc partition into our own, we made it so the locked hboot would accept flashes. Either by RUU or hboot.
We believe the package you flash still needs to be signed though so that only leaves you with official ruu's and extracted ruu zips.
Joeykrim's history(Located on the second page of this thread)
joeykrim said:
for those curious, a lil bit of history:
same method as used on the evo part 2 thread by toastcfh at xda.
only diff is shift is emmc and evo was mtd. shift emmc partitions are a bit more in number and named differnetly when compared to the evo mtd partitions. on the evo this partition was labeled as "misc" in /proc/partitions. the misc partition being flashed holds the software version number which hboot checks against to verify whether or not it will allow an RUU to be loaded.
also, i want to recall a web site somewhere which allows users to create a custom misc file with a provided version number.
thought this partition was protected by the internal memory write protection but appears it wasn't. not much of a surprise as the first release of the shift didn't have write protection for the hboot partition turned on.
great this works! sadly, they'll prob patch it next OTA around as they did for the evo.
good job on testing (sorry about the lost shift), publishing and releasing! glad to see the shift has unlocked internal memory write protection again!!!
you're path to the internal partition location is incorrect. as the OP states, use:/dev/block/mmcblk0p17
full command: dd if=/sdcard/misc.img of=/dev/block/mmcblk0p17
great article with the history and usage of dd, its a classic unix/linux command. very good to become familiar with: http://en.wikipedia.org/wiki/Dd_(Unix)
Click to expand...
Click to collapse
How to downgrade your device
For the shift, will be different on other devices with a bit of modding.
1. Temproot(With Fre3vo for the shift) http://forum.xda-developers.com/showthread.php?t=1185243
2. Move the file misc.img to the root of your sdcard, and PG06IMG.zip too if you plan on flashing through hboot.
3. Modify the misc partition to bypass the version check, type the following in an adb shell or a terminal emulator on your phone.
Code:
dd if=/sdcard/misc.img of=/dev/block/mmcblk0p17
Note for other devs: misc.img is the image from the TB, could be other images as long as it has a lower version number.
4. This is up to you, you can either use the ruu utility to revert or the PG06IMG.zip in hboot. I'll include links to both. Since both utilities check the misc partition, both are able to flash =)
5. Reboot and then full root like normal on your downgraded device.
Notes
1. When flashing hboot/using this exploit it always flashes twice/stops early and recontinues. Don't worry about it, this is normal(Sometimes it looks like more than 2 but just chill out).
2. Some SDcards are not recognized by hboot, so you will either have to switch cards for this operation or use the ruu utility method.
3. Remove the PG06IMG from your sdcard after flash, or hboot will pick it up next time.
Full root for downgraded 2.2
Flash ENG bootloader
1. Download these files and extract them to the root of your sdcard: www.thebcblends.com/shift/Shift-root.zip
2. Obtain temproot from z4Root, visionary, OR CM's temproot wiki
3. Flash hboot with Engineer SPL:
Code:
dd if=/sdcard/Shift/hboot_eng.nb0 of=/dev/block/mmcblk0p18
4. Boot into bootloader and check for S-OFF
Flashing a recovery
1. Grab latest shift recovery from: http://www.koushikdutta.com/2010/02/clockwork-recovery-image.html
2. Make sure you're temprooted(may have to temp root again)
3. Install recovery from rom manager
Alternative install can be done if you grab another recovery's recovery.img and do one of the following below.
a. Okay this is for those with fastboot - flash the recovery with fastboot: fastboot flash recovery recovery.img
b. This is for those where fastboot doesn't work or they don't have it - 1. Place recovery.img on the root of your sdcard, then type the command below.
Code:
dd if=/sdcard/recovery.img of=/dev/block/mmcblk0p21
Full root/Rom flashing
Well I know you don't have anything you want to save from the 2.2 ruu since it's just a stock flash, so I am going to leave it off here as flash whatever rom you want over the new system via recovery and you should end up with a fully rooted android.
Just remember to wipe data/factory reset after flash.
Links - MD5Sums aren't terribly important here as the files will not flash if they are not correct due to the signatures.
Fre3vo temp root for GB - http://forum.xda-developers.com/showthread.php?t=1185243
misc.img for the misc partition - http://dl.dropbox.com/u/41040697/misc.img MD5Sum: c88dd947eb3b36eec90503a3525ae0de
Misc.img mirror(You guys took down my second dropbox.....trying a different site now): http://www.box.net/shared/0l8ex73zne0tfr10ob69
Second mics.img mirror: http://dl.dropbox.com/u/15373824/misc.img
Another mirror for misc.img: http://dev-host.org/a9dbnuzgb9qv/misc.zip (Thanks Fdxrider)
Official ruu file for downgrading to 2.2 - http://www.multiupload.com/15N2D30H6C MD5SUM: a4b880954d2ac29d5bdf0dade9dede3c
PG06IMG for hboot downgrading to 2.2 - http://dl.dropbox.com/u/41040697/PG06IMG.zip MD5SUM: d20be478fd860b80f5e800c958f79077
Mirror for PG06IMG(First link went down temporarily due to generating too much traffic on my account, good job guys xD) - http://dl.dropbox.com/u/15373824/PG06IMG.zip
Mirror for PG06IMG: http://dev-host.org/xmlaaco0s2ph/PG06IMG.zip
2.2 root [Bcnice guide]- http://forum.xda-developers.com/showthread.php?t=932153
Cm's rooting method(For those without z4root or visionary) - http://wiki.cyanogenmod.com/wiki/HTC_Evo_Shift_4G:_Full_Update_Guide
Credits
Otaking71 - Discoverer of this exploit for the shift and working throughout the night to establish it as a working downgrade.
Bcnice20 & other 2.2 root devs - I borrowed your root methods for this guide, and linked to them. Just had to update it for recovery basically.
Stuke00 - Fre3vo temp root for 2.3.3
Joeykrim - Donating that history for the curious minds.
Donation links:
Otaking71 - Main driver of this discovery/creator and came up with this theory
http://forum.xda-developers.com/donatetome.php?u=1762836
Should we vote this to the front or try to keep it on the downlow?
^ Shift Faced
I'm at work now, but am I to understand that there is now a full root for shifts on gb?
Sent from my PC36100 using XDA App
totalnub911 said:
I'm at work now, but am I to understand that there is now a full root for shifts on gb?
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
Something of that sort, you can obtain full root through this exploit. Though it's through downgrading the firmware you use old 2.2 rooting methods.
totalnub911 said:
I'm at work now, but am I to understand that there is now a full root for shifts on gb?
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
that is correct if you downgrade then root with shiftRR. thats what i'm getting from all this
EDIT: got beat to it
YoungCorruption said:
that is correct if you downgrade then root with shiftRR. thats what i'm getting from all this
EDIT: got beat to it
Click to expand...
Click to collapse
sounds like its time to change your siggy there youngcorruption!
Im sorry for the noobish but what does this mean and how do i do this
2. Modify the misc partition: dd if=/sdcard/misc.img of=/dev/block/mmcblk0p17
misc.img is the image from the TB, could be other images as long as it has a lower version number.
halrulez said:
Im sorry for the noobish but what does this mean and how do i do this
2. Modify the misc partition: dd if=/sdcard/misc.img of=/dev/block/mmcblk0p17
misc.img is the image from the TB, could be other images as long as it has a lower version number.
Click to expand...
Click to collapse
In more specific directions it means to move the downloaded file misc.img to /sdcard , then to type the command "dd if=/sdcard/misc.img of=/dev/block/mmcblk0p17 misc.img" without quotes. The rest just means it'll be different on other devices.
Nice write up, thanks to otaking and scary you all saved the shifters from a horrible ota update
Sent from my Supreme Shift using Tapatalk
Scaryghoul said:
In more specific directions it means to move the downloaded file misc.img to /sdcard , then to type the command "dd if=/sdcard/misc.img of=/dev/block/mmcblk0p17 misc.img" without quotes. The rest just means it'll be different on other devices.
Click to expand...
Click to collapse
ok can do this in terminal from my phone or do i have to do this in adb from my computer?
and if so what are the full steps to get to the point so i can enter this. I am trying to understand adb hell i am just starting in linux so i am hella noob
halrulez said:
ok can do this in terminal from my phone or do i have to do this in adb from my computer?
and if so what are the full steps to get to the point so i can enter this. I am trying to understand adb hell i am just starting in linux so i am hella noob
Click to expand...
Click to collapse
Either one, you can either mount your phone on usb and move the misc.img to your sdcard then type the command in terminal on your phone.
OR
You can adb push the file to your sdcard then adb shell the command.
I'll make the instructions more detailed in a bit.
What do you mean by: Modify the misc partition: dd if=/sdcard/misc.img of=/dev/block/mmcblk0p1?
I moved the misc.img to sdcard but I have no mmcblk0pl in dev/block. Do I have to create that folder? And dd and of....lost me there.
I just did it and it worked perfectly. Back on 2.2, ready to root. Thanks again to otaking and scary for all your hard work.
ok so i was able to do this from the terminal from my android
bow though when i am trying to run the ruu from my computer is starts to go but keeps says that it is waiting for the booloader. the phone wont boot in to the boot loader
halrulez said:
ok so i was able to do this from the terminal from my android
bow though when i am trying to run the ruu from my computer is starts to go but keeps says that it is waiting for the booloader. the phone wont boot in to the boot loader
Click to expand...
Click to collapse
you might need to install htc sync to run ruu's. http://www.htc.com/managed-assets/support/software/htc-sync/setup_3.0.5557.exe
im just going to put this out there as well because i have had problems with the drivers that came with sync and i was forced to use the modified usb drivers found in the unrevoked evo tool, i dunno its weird but my vista pc didnt like anything but them drivers, and another guy i helped ruu from a major mess up, he couldnt get anything with sync to reconize his shift untill he used the same modified evo drivers . i hope no one has an issue but if it come about this is how to fix a driver issue
Best day ever!!!!!!!!!!!!!!!!!!!!!!!!!
strapped365 said:
im just going to put this out there as well because i have had problems with the drivers that came with sync and i was forced to use the modified usb drivers found in the unrevoked evo tool, i dunno its weird but my vista pc didnt like anything but them drivers, and another guy i helped ruu from a major mess up, he couldnt get anything with sync to reconize his shift untill he used the same modified evo drivers . i hope no one has an issue but if it come about this is how to fix a driver issue
Click to expand...
Click to collapse
provide link to said drivers?
riggsandroid said:
provide link to said drivers?
Click to expand...
Click to collapse
kinda cant provide an actual link directly to the drivers because i had to set up unrevoked just like i was rooting an evo, so i just hinted they were in the tool
http://unrevoked.com/recovery/
thats where you can get the tool from to setup your drivers if you have issues with sync not playing well or your pc just dont want to read the drivers right
for those curious, a lil bit of history:
same method as used on the evo part 2 thread by toastcfh at xda.
only diff is shift is emmc and evo was mtd. shift emmc partitions are a bit more in number and named differnetly when compared to the evo mtd partitions. on the evo this partition was labeled as "misc" in /proc/partitions. the misc partition being flashed holds the software version number which hboot checks against to verify whether or not it will allow an RUU to be loaded.
also, i want to recall a web site somewhere which allows users to create a custom misc file with a provided version number.
thought this partition was protected by the internal memory write protection but appears it wasn't. not much of a surprise as the first release of the shift didn't have write protection for the hboot partition turned on.
great this works! sadly, they'll prob patch it next OTA around as they did for the evo.
good job on testing (sorry about the lost shift), publishing and releasing! glad to see the shift has unlocked internal memory write protection again!!!
blakeatl said:
What do you mean by: Modify the misc partition: dd if=/sdcard/misc.img of=/dev/block/mmcblk0p1?
I moved the misc.img to sdcard but I have no mmcblk0pl in dev/block. Do I have to create that folder? And dd and of....lost me there.
Click to expand...
Click to collapse
you're path to the internal partition location is incorrect. as the OP states, use:/dev/block/mmcblk0p17
full command: dd if=/sdcard/misc.img of=/dev/block/mmcblk0p17
great article with the history and usage of dd, its a classic unix/linux command. very good to become familiar with: http://en.wikipedia.org/wiki/Dd_(Unix)