Related
Before we begin. This solution is for people who have tried everything multiple times, and failed. If you haven't read and have not tried the following solutions yet, please do so first:
How to start over: From original stock to rooted latest OTA (WiMAX working!)
[GUIDE] Bad WiMax MAC? Broken 4G after update? Fix HERE!
The guide below is ONLY for people who did not have success with above methods (i.e. they are really really hosed). And there are limitations for now, until everything is confirmed and tested. The most important part you need access to a second, healthy and rooted EVO. As of yet, this is the only way to guarantee that one binary dump is not used a million times, negating the effect.
Please read the whole guide before starting the process, so that you know the risks, limitations, and potential issues with all this.
I am going to sign off for a few hours, and go enjoy my life for a brief time, before returning to answer any questions that may arise.
Ok, so for now, this is more of a proof of concept solution, since I understand not everyone has more than one EVO to do what I did.
My idea about partitions was correct, so without further ado, here is how to restore a botched wimax.
What you need.
2 Fully rooted EVOs (step 1 and step 2), one with working 4G (any version of all firmware on either, all we care for is working WiMax)
System which can do fastboot commands. That means you will have to have Android SDK installed. I also add path to /tools folder into my system PATH, so I don't have to type out the full path to adb or fastboot every time
Custom recovery. I use clockwork for this, since I am not sure all the files are signed, as required by Amon RA's recovery
Broken EVO backup
Backup your existing wimax partition on your broken EVO. We may need it some day.
Open command line window (cmd)
Make sure you have no PC36IMG.zip files in the root of your SD Card, or it will take a while to power your phone up
Power down your phone
Power it up while holding down the Volume Down key
HBOOT will attempt to scan for PC36IMG files. Let's hope you read carefully and don't have it on your SD Card root
Once HBOOT fails to find the file, use Vol Up/Down buttons to go into Fastboot mode
Connect the USB cable to your phone (and PC). You may have to install the USB drivers that come with Android SDK, but chances are if you are looking for this solution, you already have them installed and working
The FASTBOOT mode will switch to FASTBOOT USB (that's good)
Test your fastboot by typing "fastboot oem h" in command window you opened earlier (note, no adb, or adb shell anywhere, the command is "fastboot oem h". From here on all fastboot commands are issued in that window
If you see less than ~40 lines of output, you don't have a propertly rooted phone, and you need to do step 1 and step 2 (see above)
Dump your wimax data by issuing "fastboot oem saveprt2sd wimax -n wimax.bin" command (varies, anywhere between 7 to 8.5 MB, mine was 7MB)
Dump complete partition (~12MB) by issuing "fastboot oem saveprt2sd wimax -n wimax.bin -a" command
Reboot your phone
Pull the data files you dumped to a safe place ("adb pull /sdcard/WIMAX.BIN" and "adb pull /sdcard/WIMAXRAW.BIN"). Note the capitalization, it's important
We are done with your "bricked" phone.
Getting correct wimax image from a working phone
Now, repeat the same steps for your working phone (steps 1-14)
Pull the files to a different (safer) place, and cherish them like they are the only thing you care about in this world (which you do, right?)
Make a copy of your WIMAX.BIN file from the working phone (do NOT edit the actual file, just in case something breaks with your working phone at any time)
Use hex editor to update the working file in 2 places, and change the MAC address (which should be your working evo MAC - 1) to your broken evo MAC - 1 (remember, A becomes 9, F becomes E, etc). It's a big file, so search for "00:18" to find the 2 places. There will be exactly 2, not 3+ and not 1.
Rename the file you just edited to "wimax_25641R01.img"
Fixing your bricked phone
Push it to your sd card root: "adb push wimax_25641R01.img /sdcard"
Push the attached zip file to sdcard root: "adb push new_wimax.zip /sdcard"
Reboot your bricked phone into recovery
Flash new_wimax.zip. This will force write wimax_25641R01.img you pushed earlier, including the certificates in it
Reboot from recovery, let it finish, and boot up into Android
If not running the latest evo WiMax firmware yet, use the second attached zip to do so
Reboot your phone. Allow everything to complete and boot into Android
If needed, update PRL/Profile (I didn't need to, but I already updated it 50 times by now, so YMMV)
Now, I can not attach any of my dumps yet, before I test and make sure whether both phones can stay online on 4G without interruption, I will do some more testing later, since the Encryption keys are different (between 2 working evos I dumped binaries from). I still have 1 more phone to check when I get home. So if you have another evo (friend, family, etc) - you can do that already.
Otherwise, be patient, more testing is needed to make sure we are not going to steal anything from your friend, family, etc, since encryption keys are unique.
But the above solution works for completely restoring your 4G into working state.
I am currently running latest rooted OTA update, too, so it definitely works fine on latest and greatest.
Red,
Have you actually seen the encryption keys in plain text? How many bits are they?
Also, when you restored the wimax part from the working phone to your non-wimax-working phone, did you keep the MAC the same between the two phones?
Red,
Now that you have 4g fixed, can you take a look at your *.tree.xml files? Look at the ones from when 4g was broke, and then look after. Everything from boot.bin gets written into that file, and I'm hoping the signature does as well. If so, we may be able to pull it out of an old xml file and somehow work it back into the wimax.img.
Thanks
EDIT: On second thought, I do recall there being a way to flash the signature via fastboot..
MAC addresses were kept different, exactly what they are on a label behind the battery. For each phone. Hence, the editing step for the wimax partition dump.
Tree.xml does not contain any signatures, I verified this some time ago before I even started playing with the wimax partition by taking one from a working evo.
The keys are in plain text, simple RSA keys, judging by the size looks like 1024 bit. both public and private key are stored. Who knows, maybe just faking one will do it but I am guessing they are signed by some sort of CA otherwise it would be too insecure of Sprint.
So if we had a Nandroid backup from when Wimax was working, the boot.bin in that backup would have the key in it right?
Let's pretend it does, it would get written over when you powered on the phone after flashing. What if we didn't reboot after the restore and went back to recovery? We would then be able to get the boot.bin via adb and get our respective signatures. If they are indeed 1024bit, I don't see us being able to regenerate them anytime soon.
This may be worth a shot. I am not sure boot.bin has the signatures, but I will check later tonight. If it does, I am guessing we should be able to just do a drop in replacement of signatures in the image file and it should work.
Sent from my PC36100 using XDA App
Also since nandroid is just a simple copy and I'd the keys are indeed preserved, I would think we can pull them from there.
Sent from my PC36100 using XDA App
mpa4712 said:
So if we had a Nandroid backup from when Wimax was working, the boot.bin in that backup would have the key in it right?
Let's pretend it does, it would get written over when you powered on the phone after flashing. What if we didn't reboot after the restore and went back to recovery? We would then be able to get the boot.bin via adb and get our respective signatures. If they are indeed 1024bit, I don't see us being able to regenerate them anytime soon.
Click to expand...
Click to collapse
Does the Boot.bin actually store the keys? You are correct that once you restore a nandroid your working Boot.bin is replaced on boot of Android, in fact from what I saw it seemed it was replaced upon every boot but I could just be mistaken. With that said once you nandroid you can pull it by adb shell mount -a then adb pull /data/wimax/Boot.bin all from right within recovery without booting back into Android.
redsolar said:
Also since nandroid is just a simple copy and I'd the keys are indeed preserved, I would think we can pull them from there.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
Cordy said:
Does the Boot.bin actually store the keys? You are correct that once you restore a nandroid your working Boot.bin is replaced on boot of Android, in fact from what I saw it seemed it was replaced upon every boot but I could just be mistaken. With that said once you nandroid you can pull it by adb shell mount -a then adb pull /data/wimax/Boot.bin all from right within recovery without booting back into Android.
Click to expand...
Click to collapse
My thoughts exactly gentleman.
The only problem I forsee is that when you restore a nandroid backup, doesn't the phone reboot automatically afterwards? I think it does.
mpa4712 said:
My thoughts exactly gentleman.
The only problem I forsee is that when you restore a nandroid backup, doesn't the phone reboot automatically afterwards? I think it does.
Click to expand...
Click to collapse
ugh it shouldn't, not sure what recovery you're using but using toasts or Amon_Ra's recovery it just restores the nandroid and then you choose manually to reboot. In fact I've already pulled my Boot.bin from before I messed up my MAC this way already, I actually puled the whole wimax folder.
you can unyaff your data.img in your nandroid and dig thru watever you want.
david279 said:
you can unyaff your data.img in your nandroid and dig thru watever you want.
Click to expand...
Click to collapse
*grumble* going to compile it now....*grumble*
david279 said:
you can unyaff your data.img in your nandroid and dig thru watever you want.
Click to expand...
Click to collapse
lol or do that so much easier huh!
looking at my boot.bin from 6/20, I don't *think* the signature is in it. However, I will let Red confirm that since he knows exactly what to look for.
I've only dealt with rsa encryption using openssl, in a full screen terminal, not a tiny hex editor.
There are some fw files in the wimax directory that are worth a look too though.
mpa4712 said:
looking at my boot.bin from 6/20, I don't *think* the signature is in it. However, I will let Red confirm that since he knows exactly what to look for.
I've only dealt with rsa encryption using openssl, in a full screen terminal, not a tiny hex editor.
There are some fw files in the wimax directory that are worth a look too though.
Click to expand...
Click to collapse
That was the reason I asked, I as well as others have looked through the Boot.bin before. I also looked through all the firmware files. Interestingly there is a default firmware and that a manufacturer firmware I'm guessing one to fall back on the other. You're mac is in the Boot.bin as well as wimax_properties. If these files stored the keys great, but either way they'd have to be changed on the actual firmware.
Interestingly enough, my boot.bin from my broken wimax is about 10kb smaller than my boot.bin from my nandroid backup that had working wimax.
Clearly there is something in that file that the other one does not have. I do think the rsa keys need to be stored somewhere though. I really do not believe the phone does on the fly encryption/decryption with them from the wimax partition.
If they come in an actual file, red will be able to extract the wimax.img he made and look.
mpa4712 said:
Interestingly enough, my boot.bin from my broken wimax is about 10kb smaller than my boot.bin from my nandroid backup that had working wimax.
Clearly there is something in that file that the other one does not have. I do think the rsa keys need to be stored somewhere though. I really do not believe the phone does on the fly encryption/decryption with them from the wimax partition.
If they come in an actual file, red will be able to extract the wimax.img he made and look.
Click to expand...
Click to collapse
you know for something that obvious I never noticed that. I never ran a diff on them. I just scanned through it to see if there was anything that struck out as being different and I stopped when I saw the different MAC's
I just went through the two boot.bin files and I'm pretty sure the keys are not in there. However, there are plenty of files that get overwritten on every boot, so I'm going to go through all of them. A 1024bit key should stick like a sore thumb if it's in plain text..
How can I tell if my keys were effed up? I'm currently out of 4G coverage and will be for the next week or so, but I'd like to get it fixed.
I know it was broken because my MAC was changed, I've fixed everything, my boot.bin is the same as pre-screwup as is wimax_properties, everything appears to be working fine, but I can't tell without coverage.
I just wanna know if I messed my keys up too, but I'm not sure whether I did or not?
Geniusdog254 said:
How can I tell if my keys were effed up? I'm currently out of 4G coverage and will be for the next week or so, but I'd like to get it fixed.
I know it was broken because my MAC was changed, I've fixed everything, my boot.bin is the same as pre-screwup as is wimax_properties, everything appears to be working fine, but I can't tell without coverage.
I just wanna know if I messed my keys up too, but I'm not sure whether I did or not?
Click to expand...
Click to collapse
From what we know, if you ever had a messed up MAC then your keys are also gone.
Seems like it would be a good idea to get people in the habit of backing up absolutely everything before rooting, installing roms, etc. We could perhaps avoid problems with people overwriting their 4G keys or other unforeseen consequences.
Problem is, I don't know how to do it. Could someone please write a quick guide on how to backup everything (nand, ext, wimax, radio, etc.) and also how to restore it when something goes wrong?
gthing said:
Seems like it would be a good idea to get people in the habit of backing up absolutely everything before rooting, installing roms, etc. We could perhaps avoid problems with people overwriting their 4G keys or other unforeseen consequences.
Problem is, I don't know how to do it. Could someone please write a quick guide on how to backup everything (nand, ext, wimax, radio, etc.) and also how to restore it when something goes wrong?
Click to expand...
Click to collapse
1. Reboot into recovery (Clockwork/RA)
2. Select nandroid backup
3...
4. Profit
imaxreed said:
1. Reboot into recovery (Clockwork/RA)
2. Select nandroid backup
3...
4. Profit
Click to expand...
Click to collapse
A nandroid backup will backup the wimax partition? Pretty sure radio/wimax partitions are not included.
Doesn't that put the previous rom you had when backed up back on there so if you flash a new one then restore the new rom is gone and your back to where you were?
Sent from my PC36100 using XDA App
krizno said:
Doesn't that put the previous rom you had when backed up back on there so if you flash a new one then restore the new rom is gone and your back to where you were?
Click to expand...
Click to collapse
Yes, but some things, like the radios, are not included in the backup.
So you want to be able to back up the radio too i get you I guess you would just have to download the newest radio off here or find the download for the radio you have that works for you and save it to the root of sd and just flash it over when you need it just a suggestion
Sent from my PC36100 using XDA App
gthing said:
Seems like it would be a good idea to get people in the habit of backing up absolutely everything before rooting, installing roms, etc. We could perhaps avoid problems with people overwriting their 4G keys or other unforeseen consequences.
Problem is, I don't know how to do it. Could someone please write a quick guide on how to backup everything (nand, ext, wimax, radio, etc.) and also how to restore it when something goes wrong?
Click to expand...
Click to collapse
Scratch what I had.
I guess nandroid doesn't backup radio and wimax.
My guide I wrote doesn't get this far in depth, but covers boot partition pretty well.
+1 on this request.
I'm not doing any radio changes until I can back up the originals first. (Hence my low post count.)
I found this from the broken 4G thread:
redsolar said:
Broken EVO backup
Backup your existing wimax partition on your broken EVO. We may need it some day.
Open command line window (cmd)
Make sure you have no PC36IMG.zip files in the root of your SD Card, or it will take a while to power your phone up
Power down your phone
Power it up while holding down the Volume Down key
HBOOT will attempt to scan for PC36IMG files. Let's hope you read carefully and don't have it on your SD Card root
Once HBOOT fails to find the file, use Vol Up/Down buttons to go into Fastboot mode
Connect the USB cable to your phone (and PC). You may have to install the USB drivers that come with Android SDK, but chances are if you are looking for this solution, you already have them installed and working
The FASTBOOT mode will switch to FASTBOOT USB (that's good)
Test your fastboot by typing "fastboot oem h" in command window you opened earlier (note, no adb, or adb shell anywhere, the command is "fastboot oem h". From here on all fastboot commands are issued in that window
If you see less than ~40 lines of output, you don't have a propertly rooted phone, and you need to do step 1 and step 2 (see above)
Dump your wimax data by issuing "fastboot oem saveprt2sd wimax -n wimax.bin" command (varies, anywhere between 7 to 8.5 MB, mine was 7MB)
Dump complete partition (~12MB) by issuing "fastboot oem saveprt2sd wimax -n wimax.bin -a" command
Reboot your phone
Pull the data files you dumped to a safe place ("adb pull /sdcard/WIMAX.BIN" and "adb pull /sdcard/WIMAXRAW.BIN"). Note the capitalization, it's important
SNIP
Click to expand...
Click to collapse
Edit:
Haven't tried this yet, but it would backup wimax. How do we back up radio?
krizno said:
So you want to be able to back up the radio too i get you I guess you would just have to download the newest radio off here or find the download for the radio you have that works for you and save it to the root of sd and just flash it over when you need it just a suggestion
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
The reason you would want your own backup is because it could contain wimax keys, etc. If everyone had backed up we wouldn't have tons of people running around with bricked 4G radios now. Some things you can't fix with a generic download - you need a backup.
nefas110 said:
+1 on this request.
I'm not doing any radio changes until I can back up the originals first. (Hence my low post count.)
I found this from the broken 4G thread:
Edit:
Haven't tried this yet, but it would backup wimax. How do we back up radio?
Click to expand...
Click to collapse
why do you need to backup the radio? there's a list of radio and wimax in the development section, you can always download those file and save it onto your computer or your sdcard if you ever need to use them again.
the PC36IMG.zip itself contain the wimax and the radio in it. i've downgrade from 1.47...OTA update with the new radio and wimax, and it downgraded just fine along with the radio and wimax.
if you wanna backup your wimax, try this.
in a shell,
Code:
cat /proc/mtd
you should get a list from mtd0 through mtd7. wimax should show up as mtd0.
to back up the wimax img to your sdcard,
Code:
cat /dev/mtd/mtd0 > /sdcard/mtd0.img
that should back up your wimax image to your sdcard. i'm now sure if you could flash that like you flash a radio through your recovery(i wouldn't try it) but if you wanna revert you could probably do something like
Code:
cat /sdcard/mtd0.img > /dev/mtd/mtd0
another method may be to use fastboot. i'm not sure if you can do this or not, and i can't verify it since i'm not at home, but maybe do something like
Code:
fastboot flash wimax /sdcard/mtd0.img
might work. but if you try this and something breaks... it's not my fault.
campchi said:
why do you need to backup the radio? there's a list of radio and wimax in the development section, you can always download those file and save it onto your computer or your sdcard if you ever need to use them again.
the PC36IMG.zip itself contain the wimax and the radio in it. i've downgrade from 1.47...OTA update with the new radio and wimax, and it downgraded just fine along with the radio and wimax.
Click to expand...
Click to collapse
Those don't include the unique encryption key embedded on each phone. It's too bad none of the backup solutions out there do a complete backup.
campchi said:
why do you need to backup the radio? there's a list of radio and wimax in the development section, you can always download those file and save it onto your computer or your sdcard if you ever need to use them again.
the PC36IMG.zip itself contain the wimax and the radio in it. i've downgrade from 1.47...OTA update with the new radio and wimax, and it downgraded just fine along with the radio and wimax.
Click to expand...
Click to collapse
Read that thread by redsolar: [TUTORIAL] Proof of concept solution on fixing badly broken 4G after bad MAC, etc
To summarize, each Evo comes equipped with security keys for wimax that are SPECIFIC TO THAT ONE DEVICE. If you loose those keys, there is no way to revive your bricked 4G at this time. You can lose the keys if you flash a bad image (this is what happened to people) or you can have a bad flash (can happen at random). Now do you want to backup your wimax?
As for the rest of the radio, how can we be certain a generic image will restore the device? The only way to be sure is to make a backup of that image too.
I read that nandroid used to backup the radio. That feature should be brought back as an option. Does anyone know who runs nandroid now? I would like to write to the suggestion box.
justinisyoung said:
if you wanna backup your wimax, try this.
in a shell,
Code:
cat /proc/mtd
you should get a list from mtd0 through mtd7. wimax should show up as mtd0.
to back up the wimax img to your sdcard,
Code:
cat /dev/mtd/mtd0 > /sdcard/mtd0.img
Click to expand...
Click to collapse
Thanks, this part works. I used a hexeditor to at least find and copy my encryption keys. (Search for BEGIN RSA PRIVATE KEY).
justinisyoung said:
if you wanna backup your wimax, try this.
in a shell,
Code:
cat /proc/mtd
you should get a list from mtd0 through mtd7. wimax should show up as mtd0.
to back up the wimax img to your sdcard,
Code:
cat /dev/mtd/mtd0 > /sdcard/mtd0.img
that should back up your wimax image to your sdcard. i'm now sure if you could flash that like you flash a radio through your recovery(i wouldn't try it) but if you wanna revert you could probably do something like
Code:
cat /sdcard/mtd0.img > /dev/mtd/mtd0
another method may be to use fastboot. i'm not sure if you can do this or not, and i can't verify it since i'm not at home, but maybe do something like
Code:
fastboot flash wimax /sdcard/mtd0.img
might work. but if you try this and something breaks... it's not my fault.
Click to expand...
Click to collapse
While this does work for a sheer purpose of extracting wimax key and certificate, the resulting file is not binary safe. cat appears to do some codepage interpretation, so the resulting file is not consistent between phones, even when firmware is mostly identical, and the differences are just MAC address and RSA key/SSL certificate.
So far, the only safe (and restorable) way to do a backup is described here. I verified, and backing up/rewriting image this way does work, and works correctly.
My buddy got this phone I want to hook it up as he's not great with tech stuff i rooted with z4root and just need to know how to access recovery cause i didn't see a reinstall packages option in standard recovery ? Any help would be awesome thanks guys
I just rooted with Z4root... then I installed Titanium Backup and then ROM Manager, giving both apps root access (which I verified with the SuperUser app). In ROM Manager I did "Flash ClockworkMod Recovery" and chose the Fascinate option and was told that it downloaded the latest ClockworkMod Recovery. What's my next step?... Choose "Reboot into Recovery" within ROM Manager or do it another way. (My goal is to install Voodoo5 using the stock ROM for now. I have the Voodoo5 file on the SD card.)
EDIT: Whoops. I just realized that I had downloaded the two files to get CWM working but hadn't followed the unzipping, etc. instructions. I'd better go back and read that CWM thread again...
First get CWM working
Then check out this ROM
Or this ROM
and if you really wanna get fancy check out this kernel
Just in case you screw up
If you need more help on each specific topic, just ask in the appropriate areas and there is usually someone around that can answer questions.
Thanks for the quick links... really appreciate it.
BTW - Titanium Backup asks for USB Debugging to be enabled... do you have to do this? It creates issues for me when connecting the phone as mass storage to my PC.
ALSO - I'm assuming I should take an initial backup with Ti before I get too far into this, right? Not having done a backup before... is Ti the best to use? (Do I just choose batch and pick an option(s)? Does choosing "Backup user apps + system data" backup game save data?) EDIT: Just did this and it ran fine but it switched my Live wallpaper back to stock?!? WTF?
monthlymixcd said:
Thanks for the quick links... really appreciate it.
BTW - Titanium Backup asks for USB Debugging to be enabled... do you have to do this? It creates issues for me when connecting the phone as mass storage to my PC.
ALSO - I'm assuming I should take an initial backup with Ti before I get too far into this, right? Not having done a backup before... is Ti the best to use? (Do I just choose batch and pick an option(s)? Does choosing "Backup user apps + system data" backup game save data?)
Click to expand...
Click to collapse
Quick links are awesome! They save time, for sure.
Check the box to ask each time for mass storage and kies. Then you can have debugging enabled, and yes you have to have it enabled or TB won't do it's thing properly. You can switch it back and forth also. That's what I do.
I use TB to do my app and system data backups. Just run a batch backup on user apps and system data, like you said. That's the best option to start with. This isn't the same as a nandroid backup, but it's a good second choice for if you need to wipe data and restore apps quickly like a ROM install that requires you to wipe data/factory reset.
phidelt82 said:
Check the box to ask each time for mass storage and kies. Then you can have debugging enabled, and yes you have to have it enabled or TB won't do it's thing properly. You can switch it back and forth also. That's what I do.
Click to expand...
Click to collapse
Perfect. Thanks! Only thing is... USB dubugging doesn't stay ticked, it's ticked and Ti says it's not, or the connection still triggers a missing driver error message with Vista on the PC. Oh well.
phidelt82 said:
This isn't the same as a nandroid backup, but it's a good second choice for if you need to wipe data and restore apps quickly like a ROM install that requires you to wipe data/factory reset.
Click to expand...
Click to collapse
Easiest way to do a Nandroid backup? BTW - Ti backup ate up 5GB of my sd card?!? Yikes!
Also, regarding this thread:
phidelt82 said:
First get CWM working
Click to expand...
Click to collapse
I get "adb: not found"?
monthlymixcd said:
Perfect. Thanks!
Easiest way to do a Nandroid backup?
Also, regarding this thread:
I get "adb: not found"?
Click to expand...
Click to collapse
Nandroid backup will be there once you get CWM working.
You can do everything from the phone, just read down through the pages to find the people that have done it. They have left instructions using terminal emulator and root explorer. You will find that in a lot of instances many problems will have different ways of dealing with them. You probably don't have the Android SDK which is how you get ADB working on your computer. This isn't critical, it just makes it so that you will have to either install it or use the other means available. (ie terminal emulator and root explorer)
Still getting errors after trying several of the things in the thread... Q:I never did get a robot voice when I ran Z4root and never saw a place to choose permanent... should I run Z4root again? I mean, I was able to install Ti, etc. so I must have root, right? But I think my issues stem from not being able to get redbend_ua into the /system/xbin folder. Astro can't paste it there, Root Explorer can't paste it there, but in the terminal it appears like chmod worked... thoughts?
monthlymixcd said:
Still getting errors after trying several of the things in the thread... Q:I never did get a robot voice when I ran Z4root and never saw a place to choose permanent... should I run Z4root again? I mean, I was able to install Ti, etc. so I must have root, right? But I think my issues stem from not being able to get redbend_ua into the /system/xbin folder. Astro can't paste it there, Root Explorer can't paste it there, but in the terminal it appears like chmod worked... thoughts?
Click to expand...
Click to collapse
Root explorer needs to be mounted RW. There is a button at the top that will say RO or RW.
Sent from my SCH-I500 using XDA App
phidelt82 said:
Root explorer needs to be mounted RW. There is a button at the top that will say RO or RW.
Sent from my SCH-I500 using XDA App
Click to expand...
Click to collapse
"Mounted as r/w"
I tried this. Used root explorer to finally get redbend_ua into system/xbin but when I try to run the commands in the post it cannot find redbend_ua. I also cannot cd into xbin within the emulator to ls ... says xbin not found. Explorer can see it there... what gives? do you have to restore redbend_ua inside the xbin directory or will it work to restore it elsewhere?
EDIT: cd to /system/xbin worked and an ls shows the redbend_ua there but the chmod 777 redbend_ua fails to "Unable to chmod redbend_ua: No such file or directory
EDIT to the EDIT: Hang on... think I may have found where I went wrong. What's the terminal command for delete?
monthlymixcd said:
"Mounted as r/w"
I tried this. Used root explorer to finally get redbend_ua into system/xbin but when I try to run the commands in the post it cannot find redbend_ua. I also cannot cd into xbin within the emulator to ls ... says xbin not found. Explorer can see it there... what gives? do you have to restore redbend_ua inside the xbin directory or will it work to restore it elsewhere?
Click to expand...
Click to collapse
Are you doing /system/xbin? The first / is important. You don't need to cd to xbin, though.
Sent from my SCH-I500 using XDA App
Isn't there anyway to flash a rom using odin ? If not are the codes the same for terminal emulator as they are for adb to get cwm working? I'm from the vibrant section of this site running nero v4 right now I have a good understanding of odin for the most part but this not having an easy recovery is bs lol
willsnews said:
Isn't there anyway to flash a rom using odin ? If not are the codes the same for terminal emulator as they are for adb to get cwm working? I'm from the vibrant section of this site running nero v4 right now I have a good understanding of odin for the most part but this not having an easy recovery is bs lol
Click to expand...
Click to collapse
I've never flashed a ROM using Odin, but that doesn't mean that it can't be done. The process should be the same using terminal emulator or adb, just more of a pain. I agree it would be nice to have full CWM Recovery support (or any full recovery support) but I don't have the money to spend on a phone to send to Koush right now to get that done. As soon as I do, this will be done and then I'll have a tester phone for firmware builds. It really isn't that difficult to get it working, though. I've done it probably 30-40 times now and even the first time the only flub was in a typo for the second to last character (thought it was a 1 and not an L)
So you type this stuff in all in one line or what?
willsnews said:
So you type this stuff in all in one line or what?
Click to expand...
Click to collapse
Depending on which parts you are talking about, yes. Each new line is a line of code. If it moves to a new line, hit enter.
phidelt82 said:
Are you doing /system/xbin? The first / is important. You don't need to cd to xbin, though.
Sent from my SCH-I500 using XDA App
Click to expand...
Click to collapse
Yes. Something's definitely up 'cause when I try to use Astro to copy redbend_ua to /system/xbin the paste option is grayed out for that directory.
monthlymixcd said:
Yes. Something's definitely up 'cause when I try to use Astro to copy redbend_ua to /system/xbin the paste option is grayed out for that directory.
Click to expand...
Click to collapse
I can't remember if Astro has R/W options for the root directory. That may be the problem.
phidelt82 said:
Depending on which parts you are talking about, yes. Each new line is a line of code. If it moves to a new line, hit enter.
Click to expand...
Click to collapse
I just ned to get a custom recovery how did you type it in to terminal emulator? Like extacy how?i just dont want to mess up my buddies phone I want yo hook him up not **** him up lol
monthlymixcd said:
Yes. Something's definitely up 'cause when I try to use Astro to copy redbend_ua to /system/xbin the paste option is grayed out for that directory.
Click to expand...
Click to collapse
You guys are confusing the hell outta me I don't know who's answering me and who's answering you I know this pertains to this thread but im right in the middle of this process and its not even my phone
I apologize for the derail... I got mine working. I had a typo. I'm off to voodoo.
followed this thread http://forum.xda-developers.com/showthread.php?t=2046439 yesterday to root my samsung galaxy s3 and unlock the bootloader, but i am unsure if it worked 100%. i know it is rooted because i dl'ed titanium backup and it works, but how do i tell if my bootloader is unlocked or not? did a search, couldn't find an answer, so i am asking here.
There's not really a concrete way to tell however if you reboot and the Samsung logo flashes by in a second then you're unlocked. Typically it sits for three to five seconds on this screen but once unlocked, this screen just flashes by.
Sent from my SCH-I535 using xda app-developers app
considering we all use the same unlocked aboot.img, it's pretty easy to concretely verify that you're bootloader is unlocked.
but im too stupid to write a script, and no one wants to do it because it's a bit longer than timing the samsung boot logo (which when you compare time-invested to information given, is pretty reliable)
basically involves comparing the md5 of the aboot.img of your phone to the known unlocked aboot.img (will try to find the terminal/adb shell commandsi posted before)
found it:
The unlocked md5 is: 0ba9ad45fc15cf3d62af7dd363686b3f
So if you pull a copy of your current aboot partition and save it to your sd card.
Run the following in ADB shell or terminal. Make sure you run it as superuser:
dd if=/dev/block/mmcblk0p5 of=/storage/sdcard0/aboot.img
That command will save an aboot.img to your internal sd. Check it's md5 and see if it matches.
Can run in adb:
md5 /storage/sdcard0/aboot.img
or
use any of the many md5 checking apps out there
SlimSnoopOS said:
There's not really a concrete way to tell however if you reboot and the Samsung logo flashes by in a second then you're unlocked. Typically it sits for three to five seconds on this screen but once unlocked, this screen just flashes by.
Sent from my SCH-I535 using xda app-developers app
Click to expand...
Click to collapse
ok, cool, thanks! so it looks like the root took, but the bootloader didn't unlock. the samsung logo took 3 seconds to pass by. so what do i need to do now to unlock it? should i repeat the steps from what i did yesterday?
corbn89 said:
considering we all use the same unlocked aboot.img, it's pretty easy to concretely verify that you're bootloader is unlocked.
but im too stupid to write a script, and no one wants to do it because it's a bit longer than timing the samsung boot logo (which when you compare time-invested to information given, is pretty reliable)
basically involves comparing the md5 of the aboot.img of your phone to the known unlocked aboot.img (will try to find the terminal/adb shell commandsi posted before)
found it:
The unlocked md5 is: 0ba9ad45fc15cf3d62af7dd363686b3f
So if you pull a copy of your current aboot partition and save it to your sd card.
Run the following in ADB shell or terminal. Make sure you run it as superuser:
dd if=/dev/block/mmcblk0p5 of=/storage/sdcard0/aboot.img
That command will save an aboot.img to your internal sd. Check it's md5 and see if it matches.
Can run in adb:
md5 /storage/sdcard0/aboot.img
or
use any of the many md5 checking apps out there
Click to expand...
Click to collapse
I'm gonna bookmark this cuz this is a really good explanation. I don't ever suggest dd methods (nor memorize them) cuz I know a single typo could brick the device.
a.demarco said:
ok, cool, thanks! so it looks like the root took, but the bootloader didn't unlock. the samsung logo took 3 seconds to pass by. so what do i need to do now to unlock it? should i repeat the steps from what i did yesterday?
Click to expand...
Click to collapse
Just sideload EZ Unlock v1.2 and press the unlock button. You'll hear an audio confirmation and boom, unlocked.
ok, so now i am confused. i have the correct supersu+bootloader on the sd card, and the supersu app on the phone, but the samsung logo still takes a while to disappear.
edit: nevermind, got it working, samsung logo now just flashes by. thanks again for all your help!
SlimSnoopOS said:
I'm gonna bookmark this cuz this is a really good explanation. I don't ever suggest dd methods (nor memorize them) cuz I know a single typo could brick the device.
Just sideload EZ Unlock v1.2 and press the unlock button. You'll hear an audio confirmation and boom, unlocked.
Click to expand...
Click to collapse
Yep, it's pretty straightforward. I tested my unlocked bootloader with this. Haven't had a chance to tested while locked though (will have to wait till my next odin to stock).
But yeah, as long as no one switches the "if" and the "of" it should be safe (aka accidentally pasting something into the normally inaccessible partition rather than copying out to the sd)
---------- Post added at 10:32 AM ---------- Previous post was at 10:29 AM ----------
a.demarco said:
ok, so now i am confused. i have the correct supersu+bootloader on the sd card, and the supersu app on the phone, but the samsung logo still takes a while to disappear.
Click to expand...
Click to collapse
sometime that image doesn't take for whatever reason. just use the app slimsnoop os linked to, should do the trick
a.demarco said:
ok, so now i am confused. i have the correct supersu+bootloader on the sd card, and the supersu app on the phone, but the samsung logo still takes a while to disappear.
edit: nevermind, got it working, samsung logo now just flashes by. thanks again for all your help!
Click to expand...
Click to collapse
Great! Just so you know, you can uninstall EZ Unlock (if you installed it that is) and never use it again. You will not need it again unless you do the following which which will re-lock your bootloader:
1) take a Verizon OTA
2) Odin flash a stock image
Make sure to do a nandroid and happy flashing!
SlimSnoopOS said:
Great! Just so you know, you can uninstall EZ Unlock (if you installed it that is) and never use it again. You will not need it again unless you do the following which which will re-lock your bootloader:
1) take a Verizon OTA
2) Odin flash a stock image
Make sure to do a nandroid and happy flashing!
Click to expand...
Click to collapse
still learning all about this, i will have to search what a nandroid is. i am doing a backup currently using titanium backup (free version right now), and it seems to be working well.
i want to flash either the cm 10.1 or jellybeans v.15 i think, just gotta read more about them.
a.demarco said:
still learning all about this, i will have to search what a nandroid is. i am doing a backup currently using titanium backup (free version right now), and it seems to be working well.
i want to flash either the cm 10.1 or jellybeans v.15 i think, just gotta read more about them.
Click to expand...
Click to collapse
Ahh, you'll see a lot of terms thrown around like that haha here's a glossary of common terms taken from DroidStyle's guide in the dev section.
Basically a nandroid is a complete system or rom backup akin to a computer backup. You perform a nandroid in custom recovery (CWM or TWRP) however its labeled as "Backup" in both recoveries. "Nandroid" is just the common name for it. The reason you perform a nandroid is to have a safe point to restore your phone to if you flash a rom, kernel, or mod and your phone begins to misbehave. Before flashing your first rom, it's highly recommended that you perform a nandroid in your custom recovery and even save a copy on a computer so you always have that in two places. It may take about 1.5-2 GB's of space per backup so I wouldn't keep too many on your phone at a time.
SlimSnoopOS said:
Ahh, you'll see a lot of terms thrown around like that haha here's a glossary of common terms taken from DroidStyle's guide in the dev section.
Basically a nandroid is a complete system or rom backup akin to a computer backup. You perform a nandroid in custom recovery (CWM or TWRP) however its labeled as "Backup" in both recoveries. "Nandroid" is just the common name for it. The reason you perform a nandroid is to have a safe point to restore your phone to if you flash a rom, kernel, or mod and your phone begins to misbehave. Before flashing your first rom, it's highly recommended that you perform a nandroid in your custom recovery and even save a copy on a computer so you always have that in two places. It may take about 1.5-2 GB's of space per backup so I wouldn't keep too many on your phone at a time.
Click to expand...
Click to collapse
good to know... should i bother with titanium backup at all? or just boot into cwm and do a nandroid from there?
a.demarco said:
good to know... should i bother with titanium backup at all? or just boot into cwm and do a nandroid from there?
Click to expand...
Click to collapse
Perform both actually. Backup apps with TB so when you flash a rom you can restore apps at once if you actually like the rom. I typically restore a few apps when trying new roms then if I like the rom, I'll restore more apps. Backup with CWM so that in case you dislike the rom you flash, you can completely restore to your previous rom. They serve two similar functions yet distinctly different as well.
SlimSnoopOS said:
Perform both actually. Backup apps with TB so when you flash a rom you can restore apps at once if you actually like the rom. I typically restore a few apps when trying new roms then if I like the rom, I'll restore more apps. Backup with CWM so that in case you dislike the rom you flash, you can completely restore to your previous rom. They serve two similar functions yet distinctly different as well.
Click to expand...
Click to collapse
awesome, thank you for the help. doing the nandroid backup right now through cwm, backing it up to the external sd card so i can then save it to the computer.
so i should only use the tb to back up the apps? oops, i backed everything up on it, was wondering why it took so damn long!
a.demarco said:
awesome, thank you for the help. doing the nandroid backup right now through cwm, backing it up to the external sd card so i can then save it to the computer.
so i should only use the tb to back up the apps? oops, i backed everything up on it, was wondering why it took so damn long!
Click to expand...
Click to collapse
No problem! Yea, TB is useful for a lot once you have a grasp of the basic functions. Only backup user apps and do not backup/restore system apps. Depending on the number of apps and their storage size, backup time varies. You can always delete the previous TB backup files cuz its stored in the Titanium Backup folder of your internal or external sdcard. Doesn't hurt to copy that to a computer every once in awhile too.
corbn89 said:
considering we all use the same unlocked aboot.img, it's pretty easy to concretely verify that you're bootloader is unlocked.
but im too stupid to write a script, and no one wants to do it because it's a bit longer than timing the samsung boot logo (which when you compare time-invested to information given, is pretty reliable)
basically involves comparing the md5 of the aboot.img of your phone to the known unlocked aboot.img (will try to find the terminal/adb shell commandsi posted before)
found it:
The unlocked md5 is: 0ba9ad45fc15cf3d62af7dd363686b3f
So if you pull a copy of your current aboot partition and save it to your sd card.
Run the following in ADB shell or terminal. Make sure you run it as superuser:
dd if=/dev/block/mmcblk0p5 of=/storage/sdcard0/aboot.img
That command will save an aboot.img to your internal sd. Check it's md5 and see if it matches.
Can run in adb:
md5 /storage/sdcard0/aboot.img
or
use any of the many md5 checking apps out there
Click to expand...
Click to collapse
So when I start up terminal emulator, next to where it says "[email protected]:/ $" I type in su right? Then hit enter? Then on the following line I type: "dd if=/dev/block/mmcblk0p5 of=/storage/sdcard0/aboot.img"
After I type this a copy of aboot.img will be saved to my external memory card and from there I can match it up with the unlocked md5 and if it matches this garuntees that my bootloader is unlocked. Is this correct?
I'm a noob, please forgive me.
jricks said:
So when I start up terminal emulator, next to where it says "[email protected]:/ $" I type in su right? Then hit enter? Then on the following line I type: "dd if=/dev/block/mmcblk0p5 of=/storage/sdcard0/aboot.img"
Click to expand...
Click to collapse
Correct.
After I type this a copy of aboot.img will be saved to my external memory card and from there I can match it up with the unlocked md5 and if it matches this garuntees that my bootloader is unlocked. Is this correct?
I'm a noob, please forgive me.
Click to expand...
Click to collapse
It will save to your internal sdcard. sdcard0 = internal storage, sdcard1 = external sdcard.
Sent from my SCH-I535 using xda app-developers app
Much appreciated my friend.
Sent from my SCH-I535 using xda app-developers app
Let us know what your results are and which method you used to unlock.
I confirmed it on my phone that used the ez unlock app but multiple trials by others would be beneficial. Thanks
SlimSnoopOS said:
Correct.
It will save to your internal sdcard. sdcard0 = internal storage, sdcard1 = external sdcard.
Sent from my SCH-I535 using xda app-developers app
Click to expand...
Click to collapse
I did everything mentioned above and it saved to my internal card however im unable to view it. What program do i to install to view it.
Sent from my SCH-I535 using xda app-developers app
You don't need to view it. You just need to run the file through a md5 checksum app or check the md5 with terminal or adb using the command I posted earlier
Hi, Im new to this device but right after I got it I did the right thing and voided my warranty Rooted and installed a custom recovery. The recovery has been a bit of a pain but that is a story for another thread.
The problem I am having is that when I try to take a backup from recovery it errors (I forget the error, sorry. ) however the backup is still right there in the backup directory. I tried a second attempt at a backup (to see if it would error again) and these two backups filled my remaining memory. lI of course used my file explorer to delete these extraneous backups-- only to see that they are not deletable. I also tried on the PC. The folder lists read and write in the permissions. I am kind of at a loss as to what to do. IIRC correctly from a while back with this issue the answer lies somewhere in CHMOD, but I cant quite seem figure it out. CD to the directory in a terminal emulator and then CHMOD 777? Thanks for your help in advance.
knoober said:
Hi, Im new to this device but right after I got it I did the right thing and voided my warranty Rooted and installed a custom recovery. The recovery has been a bit of a pain but that is a story for another thread.
The problem I am having is that when I try to take a backup from recovery it errors (I forget the error, sorry. ) however the backup is still right there in the backup directory. I tried a second attempt at a backup (to see if it would error again) and these two backups filled my remaining memory. lI of course used my file explorer to delete these extraneous backups-- only to see that they are not deletable. I also tried on the PC. The folder lists read and write in the permissions. I am kind of at a loss as to what to do. IIRC correctly from a while back with this issue the answer lies somewhere in CHMOD, but I cant quite seem figure it out. CD to the directory in a terminal emulator and then CHMOD 777? Thanks for your help in advance.
Click to expand...
Click to collapse
If you are using TWRP, It is not possible to delete twrp backup images using normal ways. Either you can install esfile explorer and navigate to device/data/media/0/twrp/backups/ and delete from there. Or use file manager in TWRP to delete the backups. I think there is also another option in twrp to view or delete backups.
Sent from my Moto G using Tapatalk 2
Ill check out the other things you said, but Im actually getting this problem in ESfile... Ill report back if I can get at it through the recovery.
Edit: ESfile works. I followed the path you laid out ad got there just fine I didnt realize Id have to take such a roundabout path. Thank you.