Database Info

Question re: TFlo Config Tool & HTC Cube [HTC TyTN II (Kaiser)]

Hey hey,
As my thread indicates my question is about the FTouchFlo Configuration Tool and the HTC Cube. Please, bear with me while I explain my process of failure.
A few weeks ago, I installed the HTC Cube and it was working great. I happened upon these forums and found the Config. Tool. So, I installed it. It worked great!
Then, I found SCLPC. I uninstalled the HTC Cube, and installed SCLPC. While it is a nice program, I decided it was not for me at this time. So, I uninstalled it and reinstalled HTC Cube and the FTouchFlo Configuration Tool again.
Unfortunately, now the Down-Up gesture is running the application "/Windows/saplaywm.exe" and under Command line parameters: it says, "/Program Files/SCLPF/Version 1-00.swf" which apparently-please correct me if I'm wrong-attempts to call up the SCLPC program.
The Config program and HTC Cube were working together before I tried out SCLPC. Somehow whatever command line in the Config program which called up the HTC Cube is no longer there. So, if I enable the FTouchFlo Configuration Tool, the Down-Up gesture no longer calls up HTC Cube, but that means I won't be able to use the Config program and it's Exclusions list, which is exactly why I installed it.
My question [finally ] is this: Does anyone know the correct command lines that I should input in my Config Tool? Maybe you can find it in your phone and display them for me? Also, does anyone know how to display any parameters available to a program in my phone?
Example:
For those of us that use or used DOS, remember how we used to type a command line like "Copy /?" in DOS and it would show you a screen like:
Copies one or more files to another location.
COPY [/D] [/V] [/N] [/Y | /-Y] [/Z] [/L] [/A | /B ] source [/A | /B]
[+ source [/A | /B] [+ ...]] [destination [/A | /B]]
source Specifies the file or files to be copied.
/A Indicates an ASCII text file.
/B Indicates a binary file.
/D Allow the destination file to be created decrypted
destination Specifies the directory and/or filename for the new file(s).
/V Verifies that new files are written correctly.
/N Uses short filename, if available, when copying a file with a
non-8dot3 name.
/Y Suppresses prompting to confirm you want to overwrite an
existing destination file.
/-Y Causes prompting to confirm you want to overwrite an
existing destination file.
/Z Copies networked files in restartable mode.
/L If the source is a symbolic link, copy the link to the target
instead of the actual file the source link points to.
Thanks ahead of time guys for your help!

[GUIDE] Changing the Bootloader Graphic

WARNING: This guide involves modifying your phone's boot loader and may brick your phone if done incorrectly. It is most likely to soft brick your phone if something goes wrong, meaning it should be recoverable.
NOTE: This guide instructs how to replace the boot graphic in the boot loader but does not modify the kernel graphic. Doing this requires compiling the kernel.
Prerequisites:
Heimdall or Odin, with appropriate drivers. (The guide is for Heimdall)
A replacement.jpg graphic that is not greater than 68,849 bytes. The file should be 480x800.
A copy of param.lfs for your phone. This file is included in the Heimdall one-click packages, and probably other places.
Running Gingerbread bootloaders.
Steps:
Open both replacement.jpg and param.lfs in a hex editor.
Go to offset 532480 in param.lfs. At this location, there should be a JPG beginning of file (BOF) marker FF D8.
Verify that offset 601327 contains the JPG end of file (EOF) marker, FF D9. There are other JPG BOF and EOF markers between these two offsets because this JPG file contains embedded thumbnails for some stupid reason.
Go back to offset 532480. Use your hex editor to paste the contents of replacement.jpg into param.lfs at offset 532480 in overwrite mode. Use of overwrite mode will ensure that the file does not change size and other offsets are not affected. Use of a replacement.jpg less than 68,849 bytes ensures that other data within param.lfs is not overwritten.
Save new file as param2.lfs. Verify it is the same size as param.lfs
Heimdall:
Ensure that Heimdall, the Heimdall front-end, and appropriate drivers are installed.
Connect your phone via USB and start the Heimdall front-end.
Under the Utilities tab, click Save As and save your PIT as device.pit.
Click Download.
Under Flash tab, in the PIT subwindow, click Browse and select device.pit.
Click Add in the Partitions (Files) subwindow, and select PARAM from the Partition Details subwindow. NOTE: if you do not select the PARAM partition, there is potential to hard brick your device when you flash.
Click Browse in the File subwindow, and select your modified param2.lfs. NOTE: If your param2.lfs is corrupted, or if the flash otherwise fails, your device will be soft bricked and your device will be in download mode (although it will not have the familiar yellow screen). Attempt to reflash the PARAM partition with param.lfs.
Verify that PARAM is selected in the Partition Details subwindow. Click Start to flash param2.lfs with Heimdall to the PARAM partition.
Credit:
hexedit method: http://forum.xda-developers.com/showthread.php?t=1315401

These are some handy utility functions I wrote in Python.
This script finds most of the JPG files in param.lfs. It will choke on JPG files with embedded images.
Code:
import re
jpg = re.compile(b'\xff\xd8.*?\xff\xd9', re.DOTALL);
data = open('param.lfs','rb').read()
jpgs = re.findall(jpg, data)
for i,image in enumerate(jpgs):
open( str(i)+'.jpg', 'wb' ).write(image)
This lists all the JPG BOF and EOF file markers. Helps for spotting images with embedded thumbnails.
Code:
import re
import binascii
jpg = re.compile(b'\xff[\xd8\xd9]', re.DOTALL);
data = open('param.lfs','rb').read()
markers = re.findall(jpg, data)
for i, m in enumerate(markers):
print "%i: %s" % (i, binascii.hexlify(m))

An update to this post. I have written a script which is run on your desktop with a Python installation that perofrms the modification of the param.lfs binary. Attached to this post is a package containing (1) logoreplace.py, (2) param.lfs [from GB bootloader], (3) Sgs4g.pit [also from GB bootloader].
Also, I have attached a param_acid.lfs with the Team Acid logo. This will go well with your team acid kernels.
(1) ./logoreplace.py logo.jpg param.lfs
(2) adb reboot download
(3) Run heimdall-frontend
(4) Click "Flash" tab.
(5) Browse to Sgs4g.pit. Add.
(6) Select PARAM partition.
(7) Browse to param_acid.lfs
(8) Click "Start" to flash.
Here is the code:
Code:
#!/usr/bin/env python
import sys,os
if __name__ == "__main__":
if len(sys.argv) != 3:
print "Usage: %s <logo.jpg> <param.lfs>" % (sys.argv[0],)
else:
image = open(sys.argv[1],'rb').read()
fw = open(sys.argv[2],'rb+')
if len(image) <= 68849:
fw.seek(532480)
fw.write(image)
else:
print "Image file is too long. Must be <= 68849 bytes."

@tablador How do I use the script that performs the modification of the param.lfs binary (logoreplace.zip)?
I tired running the logoreplace.py after inserting my replacement.jpg in the directory on my phone and got:
Code:
/sdcard/logoreplace.py
import: not found
/sdcard/logoreplace.py 5:syntax error word unexpected (expecting ")")
I used both methods listed in the OP as well with no luck (Did not find the offsets mentioned in the first method and was a little lost on what to copy from the replacement.jpg).
I did read both OPs that you linked to in the credits.
I using the alternate method, I received an error when trying to copy replacement.jpg (In both ADB and Terminal):
Code:
cp: can't create '/mnt/.lfs/logo_T759.jpg': file exists
I am using vb final, and bh's rc1.

thomas.raines said:
@tablador How do I use the script that performs the modification of the param.lfs binary (logoreplace.zip)?
Click to expand...
Click to collapse
Are you running the script on your phone? The script runs on your desktop via Python. Sorry if that wasn't clear. Once you create the file, you flash it using Heimdall.
Also, I removed the alternate method information. As I noted, that method was untried and untested on this phone, and from what I can tell after trying it, does not seem to work. My best guess is that phone's bootloader has the offset of that information stored directly (e.g. bypasses the filesystem) so renaming the file does not work. OP all revised to reflect this.

Yes, I ran it in python. But it didn't change anything. I also renamed my image (replacement.jpg) to logo.jpg.
I added a raw_input() to see if I could see an error or something to indicate any kind of activity.
This is the output I got:
Code:
Usage: C:\Users\mydirectory\desktop\logoreplace\logoreplace.py <logo.jpg> <param.lfs>
Which is what you have set to print. Otherwise, there are no errors. I have my logo.jpg in the same directory as the logoreplace.py. What can I possibly be doing wrong?

How exactly are you running the script? And what OS?

tablador said:
How exactly are you running the script? And what OS?
Click to expand...
Click to collapse
Windows 7 (32)
I have double clicked on it, and tried running it manually using python.exe terminal and no errors. Am I suppose to copy my logo.jpg to /mtn/.lfs?
Would it be easier to just send you my logo and you could hook it up? lol...

How exactly are you running the script? If you don't tell me, I can't figure out what the problem is. Are you typing something into the commandline in windows? If so, what?

tablador said:
How exactly are you running the script? If you don't tell me, I can't figure out what the problem is. Are you typing something into the commandline in windows? If so, what?
Click to expand...
Click to collapse
I have tried typing the code you wrote in a python terminal for windows.
I have tried just running it by double clicking on it.
I just tried it in portable ubuntu by double clicking on it, but cannot get it to run (only open in text editor). I also changed it to open with python and I Usage: /home/pubunto/Desktop/logoreplace/logoreplace.py <logo.jpg> <param.lfs>.
I would think I would need to add my logo.jpg to .mnt/.lfs so it knew what image to look for.
I just tried running the logoreplace.py via pubuntu terminal. Here is the output:
Code:
[email protected]:/home/pubuntu/Desktop/logoreplace# ./logoreplace.py <logo.jpg> param.lfs
bash: ./logoreplace.py: Permission denied
[email protected]:/home/pubuntu/Desktop/logoreplace#

thomas.raines said:
I have tried typing the code you wrote in a python terminal for windows.
I have tried just running it by double clicking on it.
I just tried it in portable ubuntu by double clicking on it, but cannot get it to run (only open in text editor). I also changed it to open with python and I Usage: /home/pubunto/Desktop/logoreplace/logoreplace.py <logo.jpg> <param.lfs>.
I would think I would need to add my logo.jpg to .mnt/.lfs so it knew what image to look for.
I just tried running the logoreplace.py via pubuntu terminal. Here is the output:
Code:
[email protected]:/home/pubuntu/Desktop/logoreplace# ./logoreplace.py <logo.jpg> param.lfs
bash: ./logoreplace.py: Permission denied
[email protected]:/home/pubuntu/Desktop/logoreplace#
Click to expand...
Click to collapse
This is what you need to type:
Code:
./logoreplace.py logo.jpg param.lfs

tablador said:
This is what you need to type:
Code:
./logoreplace.py logo.jpg param.lfs
Click to expand...
Click to collapse
Yep. Just figured that out right after I sent the output. But now it change the param.lfs icon from a text icon to an blank icon with "usage" on the top. I flahsed it with heimdall which said heimdall crashed and got a oddly colorful strip on the top of the screen and now the phone is soft bricked... lol... I checked the size of my jpeg and see that it is 3 bytes over the allocated size...lol... Going to shrink it and try again... Will keep you posted...
EDIT
I got it to work! YAY!
Thanks for your help man!
The only thing, it displays before the normal boot splash logo (logo_vibrantplus.jpg). Is there a way to either replace logo_vibrantplus.jpg, or make it display after the default boot splash?

thomas.raines said:
Yep. Just figured that out right after I sent the output. But now it change the param.lfs icon from a text icon to an blank icon with "usage" on the top. I flahsed it with heimdall which said heimdall crashed and got a oddly colorful strip on the top of the screen and now the phone is soft bricked... lol... I checked the size of my jpeg and see that it is 3 bytes over the allocated size...lol... Going to shrink it and try again... Will keep you posted...
EDIT
I got it to work! YAY!
Thanks for your help man!
The only thing, it displays before the normal boot splash logo (logo_vibrantplus.jpg). Is there a way to either replace logo_vibrantplus.jpg, or make it display after the default boot splash?
Click to expand...
Click to collapse
That image is in the kernel. You would have to do your own compile. I know how to do it but it involves setting up a toolchain. I will make a guide when I have time...
Also, it is interesting that the script didn't give you an error when the filesize was bigger than it should have been. I will check that out.

tablador said:
That image is in the kernel. You would have to do your own compile. I know how to do it but it involves setting up a toolchain. I will make a guide when I have time...
Also, it is interesting that the script didn't give you an error when the filesize was bigger than it should have been. I will check that out.
Click to expand...
Click to collapse
Oh... I have no idea about setting up a toolchain or doing anything related to the kernel... yet...lol

thomas.raines said:
Oh... I have no idea about setting up a toolchain or doing anything related to the kernel... yet...lol
Click to expand...
Click to collapse
http://forum.xda-developers.com/wiki/Samsung_Galaxy_S/SGH-T959V/Building_From_Source

@FBis251 Thanks man, but still a little above my knowledge/experience level...lol...

I have attached a modified param.lfs file. I gzipped it. This should match the latest teamacid logo pretty well. Also attached is the jpg I used, which hopefully is viewable.

tablador said:
I have attached a modified param.lfs file. I gzipped it. This should match the latest teamacid logo pretty well. Also attached is the jpg I used, which hopefully is viewable.
Click to expand...
Click to collapse
not bad. gotta love plugins that modify already made images. plus if you're using team acid's latest kernel, you'll notice that they're already using the logo i made them.
sent from within pure darkness

tablador said:
I have attached a modified param.lfs file. I gzipped it. This should match the latest teamacid logo pretty well. Also attached is the jpg I used, which hopefully is viewable.
Click to expand...
Click to collapse
I was meaning to ask you for this. I really liked the video you linked us to on IRC. It makes it look so sleek.

droidmyst said:
not bad. gotta love plugins that modify already made images. plus if you're using team acid's latest kernel, you'll notice that they're already using the logo i made them.
sent from within pure darkness
Click to expand...
Click to collapse
This image will display for the one second or two before the kernel image you made loads up. Yep, used a simple Photoshop plugin because I am not much artistically inclined, at least with photoshop. Still, this kinda gives a fade-in effect when combined with your image used as the kernel image.
http://www.youtube.com/watch?v=kxBpKKDmnFY
FB, I was thinking this could be put into any one clicks you guys made if you wanted to get this in somewhere.

[Tutorial] How to port cf-root to other i9003 Firmwares [23/02/2012]

Tutorial for Porting Cf-root To Newer Firmware's
There were quite a few requests for a tutorial to create ginger bread cf-root. So here it is folks.
Big Thanks to skin1980 for helping me out.
Credits:
Chainfire for the cf-root.
Skin1980 for porting it to Samsung Galaxy SLCD.
Prerequisites:
Any Linux. Basic knowledge of linux is mandatory.
Tools for Unpacking and Packing images.
Base Samsung Galaxy SLCD Gingerbread Cf-root.
Samsung Galaxy SLCD Gingerbread Firmware ROM for cf-root creation.
Downloads & Setup
Any Linux: For this tutorial I am using Linux Mint KDE. You are free to use the Linux of your choice. Ideal starting point for downloading and installing Linux would be Distrowatch.com.
Tools for unpacking and packing images: These are sets of tools that allow you to unpack and pack boot images. Basically one requires just a few tools to achieve.
Link to Download: cfroot-tools.zip - 19 KB.
Download and exatract it into your home folder. It will create a cfroot-tools folder under home folder. Go to the folder and execute the following comand:
Code:
chmod +x *
Base Cf-root: Download any latest cf-root from this Link. Extract the normalboot.img from the cf-root tar file.
normalboot.img: Require normalboot.img extracted from downloaded Gb ROM.
Hex editor: You will require and Hex Editor. I am using bless hex editor. You can use any one which you are comfortable or the one available under your linux distribution.
Open terminal window and enter the following commands:
Code:
[FONT=Microsoft Sans Serif][SIZE=2]cd
[/SIZE][/FONT][FONT=Microsoft Sans Serif][SIZE=2]gedit ~/.bashrc[/SIZE][/FONT]
You can use any editor of your choice. The main purpose is to set the tools path. At the bottom of this file, add the following lines:
Code:
PATH=$HOME/cfroot-tools:$PATH
export PATH
Save and close the file.
Logoff from linux and login again for the new path to take effect.
The Actual Process
For the purpose of tutorial, I am going to use XXKPQ cf-root as the base and DDKP3 for creating new one.
Create a folder called “cfroot” with out the quotes under home.
Go to the created folder and create two more folders: DDKP3 and XXKPQ.
Now copy the normalboot.img extracted from XXKPQ cf-root and copy it into the XXKPQ folder. Next copy the normalboot.img fromDDKP3 firmware and copy it into DDKP3 folder.
Now go to the cfroot-tools folder under HOME and copy the decom.sh and recom.sh into XXKPQ and DDKP3 folders.
The above steps can be accomplished by the below code. Open command window and type the following:
Code:
cd
mkdir ~/cfroot
mkdir ~/cfroot/XXKPQ
mkdir ~/cfroot/DDKP3
cd ~/cfroot/XXKPQ
cp ~/cfroot-tools/*.sh .
chmod +x *.sh
cd ~/cfroot/DDKP3
cp ~/cfroot-tools/*.sh .
chmod +x *.sh
You need to press enter after each command.
From terminal window, first to change directory to XXKPQ, type the following commands:
Code:
cd ~/cfroot/XXKPQ
./decom.sh
After the execution of the above command, the following files and folders will be created:
normalboot.img-base
normalboot.img-cmdline
normalboot.img-pagesize
normalboot.img-ramdisk.gz => Ramdisk
normalboot.img-zImage => Kernel
Click to expand...
Click to collapse
Apart from these files, a folder called ramdisk will be created, into which the contents of normalboot.img-ramdisk.gz would have been extracted.
Now once more from the terminal window execute the following command:
Code:
cd ~/cfroot/DDKP3
./decom.sh
Also make note of the following values, which are shown, when the decom.sh script is executed.
Code:
BOARD_KERNEL_BASE 81800000
BOARD_PAGE_SIZE 00001000
Now under DDKP3 folder, edit the recom.sh file. Replace the value after --base with the value after BOARD_KERNEL_BASE. Replace the value after --pagesize with value after BOARD_PAGE_SIZE. Save the file.
Now we can switch to file manager. It will be easier to work using a file manager from here on. Open the XXKPQ/ramdisk and DDKP3/ramdisk folders separately in file manager.
Copy the folders res & sbin from base cf-root (XXKPQ in our case) and paste into DDKP3/ramdisk folder. Overwrite all when prompted.
Copy all the files under XXKPQ/ramdisk (in the root) to DDKP3/ramdisk.
From XXKPQ/ramdisk/lib/modules/2.6.35.7/kernel/ copy the fs folder into DDKP3/ramdisk/lib/modules/2.6.35.7/kernel/.
At this point of time, we no longer require the XXKPQ folder. So we can close the file manager window browsing XXKPQ folder.
Now comes the tricky and critical part. This must be done very carefully. We need to edit the .ko files using a hex editor.
Under the kernel/crypto/ folder, there is a pcbc.ko file, edit it using an hex editor. Search for 2.6.35.7 using find option in the editor. Now note down the six digit numbers starting immediately after 2.6.35.7-CL. In our case the magic number is 882023. Close the file and the editor.
Now we open the kernel/fs/ folder in the file manager.
Now open the mbcache.ko file in the hex editor. Search for 2.6.35.7 again. As we can see that the six digits after 2.6.35.7-CL is not 882023. In our case it is 709629. We need to change 709629 to 882023 and save the file. Different editors provide for different methods of editing. In my case I can just simply click on starting number that is 7 and start typing 882023 and save the file.
Now you need to do the same for two more files under kernel/fs/jbd2/ and kernel/fs/ext4/.
Now go back to ramdisk folder. Under ramdisk/sbin/boot/ there is a file called install.sh. We are now going to edit this file. This not important that you edit this file.
Edit the first line and replace XXKPQ with DDKP3.
Similarly under the “# Once be enough”, there is another XXKPQ which is to be replace with DDKP3.
Now save this file.
Now back to command prompt and execute the following commands:
Code:
cd ~/cfroot/DDKP3
./recom.sh
Executing the above script recreates the normalboot.img-ramdisk.gz, the normalboot.img and create DDKP3-CFROOT-16-02-2012.tar.
The DDKP3-CFROOT-16-02-2012.tar is the cf-root for DDKP3 and can be flashed using ODIN as Pda file.
*
Thats it folks. Hope my effort is worthwhile and benefits some of you.
*
Additional Links:
A text file Create Custom Rom (though not for our phone but is quite useful all the same) - Found it while searching google. Don't know who created it. But here is the link. Create_Custom_Rom.txt - 5 KB
The link to tools zip mentioned in the above text file. tools.tar.gz - 49 MB

Script to uncompress and compress UC Kernel
uc_decom.sh - 258 b
uc_recom.sh - 382 b

10 Chars ......

For Future Use

Whoa! This is huge! Awesomr work man! Thanks.
Edit - No offence meant, but it would be appropriate if the title is How to "port" or similar. Since it ws "created" by ChainFire and we just porting it.

ganeshbiyer is good, very patient, did not think that my trouble!
Has been helping me! Am very grateful!

great job! & i already translate it into chinese^^
and a problem:
after i run the script "decom.sh",it display following words:
[[email protected] xxkpq]# ./decom.sh
./decom.sh: line 5: unpackbootimg: command not found
gunzip: ../normalboot.img-ramdisk.gz: No such file or directory
cpio: premature end of archive
[[email protected] xxkpq]#
help me please~what's going on?

cRainin said:
great job! & i already translate it into chinese^^
and a problem:
after i run the script "decom.sh",it display following words:
[[email protected] xxkpq]# ./decom.sh
./decom.sh: line 5: unpackbootimg: command not found
gunzip: ../normalboot.img-ramdisk.gz: No such file or directory
cpio: premature end of archive
[[email protected] xxkpq]#
help me please~what's going on?
Click to expand...
Click to collapse
unpackbootimg must be in the path.
also it must be executable.

ganeshbiyer said:
unpackbootimg must be in the path.
also it must be executable.
Click to expand...
Click to collapse
sorry,i paste the wrong code. my problem is this:
[[email protected] XXKPQ]$ ./decom.sh./decom.sh: /home/chenyu/cfroot-tools/unpackbootimg: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory
gzip: ../normalboot.img-ramdisk.gz: No such file or directory
cpio: premature end of archive
[[email protected] XXKPQ]$

cRainin said:
sorry,i paste the wrong code. my problem is this:
[[email protected] XXKPQ]$ ./decom.sh./decom.sh: /home/chenyu/cfroot-tools/unpackbootimg: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory
gzip: ../normalboot.img-ramdisk.gz: No such file or directory
cpio: premature end of archive
[[email protected] XXKPQ]$
Click to expand...
Click to collapse
Need to install the missing file ld-linux.so.2
Sent from my GT-I9003 using xda premium

Thank you Ganeshbiyer! this is the tutorial for which send multiple private messages and never answered .. Thanks again, nowI can make a version for Gingerbread UBKPD.
goodbye

Yeah ganesh! A superb work..well done bro

thanks bhaiya....

Thanks for the tutorial buddy

Hope it has been useful.

_
Release all PERFECT! I had no problem in making the entire guide .. BUT ... when flashing in ODIN, and says that when it failed to finish.
I knew that I would be so easy, so I started to analyze both folders (my UBKPD and XXKPQ) and did not get that at the root of KPD I have 12 files and only 11 KPQ. The 12th file executable type KPD called RECOVERY. This file should remove it before using recom.sh?
Thanks again for the guide. goodbye
Edit2:
Well, my little patience led me to delete that file and then went back to RECOVERY recom.sh run and throw me error that could not erase normalboot.img and did not understand, but looking at the files in the root, not the size you normalboot.img was higher than the stock then replace the stock normalboot (+5 mb), run again and finally he created recom.sh cf.root, I flash with ODIN successfully without any problem in these +30 minutes.
Thanks (again).
Now I have as including UV & OC (freqmax 1100MHz is very good speed and would think you do not need more with this phone)

maybe a stupid question:
would it work with other phones as well? natually with the files of the other phone and not with the 9003 files

fabsau said:
maybe a stupid question:
would it work with other phones as well? natually with the files of the other phone and not with the 9003 files
Click to expand...
Click to collapse
Well you can always try

thanks for your reply
I will try it soon^^
wait for my next reply
greetings fabsau

i do it all at this tutorial and it create .tar fine without trouble.. i flash with odin also no problem happen.. but while device open.. at boot logo get stuck or freeze at long time.. why it happen???
i confuse with this line:-
-Copy the folders res & sbin from base cf-root (XXKPQ in our case) and paste into DDKP3/ramdisk folder. Overwrite all when prompted.
-Copy all the files under XXKPQ/ramdisk (in the root) to DDKP3/ramdisk.
-From XXKPQ/ramdisk/lib/modules/2.6.35.7/kernel/ copy the fs folder into DDKP3/ramdisk/lib/modules/2.6.35.7/kernel/
Click to expand...
Click to collapse
why do not copy all the file in ramdisk n skip copy file inside the ramdisk folder.. it is difference?? please tell me if i do a mistake.

Perl scripts to encrypt/decrypt adb backup files

I wrote the following attached PERL routines for reading/decrypting/decompressing and writing/encrypting/compressing adb backup format backup files.
The routines are:
backupdecrypt.pl: Decrypt (and decompress) android backup file
backupencrypt.pl: Encrypt (and decompress) android backup file
tarfix.pl: Fix broken tar files produced by android backup when using -shared flag
The first two routines allow for reading and writing to the standard ".ab" adb backup format.
Backupdecrypt.pl takes an '.ab' file as input and outputs a standard format tar file (which may be optionally gzip'd).
Backupencrypt.pl takes an arbitrary file (though typically it should be tar file) as input and outputs a standard ".ab" format backup file. Options include the ability to encrypt (or not) and deflate (or not) the backup. Also, one can automatically decompress most standard input formats before encrypting.
For encryption, passwords can be queried for or passed on the command line or read from a file.
NOTE: unfortunately the standard 'adb backup' routine seem to have a SEVERE *BUG* in it when using the '--shared' option in combination with certain other options.
First, the backup is not compressed even though the header claims it is. To get around this, backupdecrypt.pl has a --nocompress option to override the header.
Second, the encapsulated tar file is corrupted by the insertion of 4 extra bytes before every file header and before every group of 64 512-byte blocks of data.
The third routine tarfix.pl fixes this corruption and outputs a normal readable tar file. So, if you are not able to recover a valid tar backup file using backupdecrypt.pl, try doing the following:
backupdecrypt.pl --nocompress <backup.ab> <backupdata>
tarfix.pl backupdata | tar xv
Enjoy!
NOTE: I am incredibly grateful to Nikolay Elenkov for providing sample java routines and for help in understanding the encryption formats

Thanks for this. I was looking for away to peek into the backup file.

Problem decrypting
just what i was looking for, unfortunately, the tarfix.pl doesn't seem to like my backup.
Code:
[email protected]:~/Sandbox/transformerprime$ ~/bin/adbbackup/backupdecrypt.pl --nocompress backup.ab decrypted
the following is where things get funky. not recognized as a tar archive
Code:
[email protected]:~/Sandbox/transformerprime$ ~/bin/adbbackup/tarfix.pl decrypted | tar xv
Illegal binary digit ']' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Wide character in oct at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal binary digit '�������������' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
tar: This does not look like a tar archive
tar: Skipping to next header
Illegal octal digit '8' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Wide character in oct at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal binary digit '�������������' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal hexadecimal digit 'X' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal hexadecimal digit '' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal octal digit '9' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Wide character in oct at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal binary digit '�������������' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Wide character in oct at /home/user/bin/adbbackup/tarfix.pl line 107.

Fix for tarfix.pl issue
I had ran into issues with ADB backups performed under Android 4.0.4 before the JB upgrade (on a Samsung Galaxy Nexus). I did include the shared storage (accidentally or intentionally I don't remember) and I ran into this bug (Android issue 28303; sorry, I am new here and not allowed to post outside links). Some investigation revealed that while the backup was supposedly AES encrypted and "Deflate" compressed, this was only true for the first "part" of it. At around 150 MB into the file, a simple tar archive of the SD card content was appended. ADB was unable to restore any SD card content per the bug linked to above.
What I did to resolve:
Use a hex editor (HxD) to get to the start of the appended tar archive
Copy this part to a new ".tar" file
Experiment with tarfix.pl and run into the same issues as the previous poster
Look at the code and TAR file content and find out that 00 00 02 00 needs to be prepended to the tar file for tarfix.pl to do its job
Key learning was that the ADB backup tool will create plaintext, corrupted tar format backups that it cannot restore. It is problematic that while the user will believe they have an encrypted backup they can restore, they actually have a plaintext backup that they cannot restore...

Hi,
where did you get PBKDF2.pm from?
I couldnt find it in Fedora repos and the only one I got from the internat has an issue:
Undefined subroutine &Crypt:penSSL:BKDF2::derive called at ./backupdecrypt.pl line 266, <STDIN> line 1.
Thanks,
Klement

CPAN
All modules were pulled from CPAN directly (I had to use Cygwin as I was on the road), e.g. "perl -M CPAN -e shell" and then issuing "install Crypt:penSSL:BKDF2".

binaryhero said:
I had ran into issues with ADB backups performed under Android 4.0.4 before the JB upgrade (on a Samsung Galaxy Nexus). I did include the shared storage (accidentally or intentionally I don't remember) and I ran into this bug (Android issue 28303; sorry, I am new here and not allowed to post outside links). Some investigation revealed that while the backup was supposedly AES encrypted and "Deflate" compressed, this was only true for the first "part" of it. At around 150 MB into the file, a simple tar archive of the SD card content was appended. ADB was unable to restore any SD card content per the bug linked to above.
What I did to resolve:
Use a hex editor (HxD) to get to the start of the appended tar archive
Copy this part to a new ".tar" file
Experiment with tarfix.pl and run into the same issues as the previous poster
Look at the code and TAR file content and find out that 00 00 02 00 needs to be prepended to the tar file for tarfix.pl to do its job
Key learning was that the ADB backup tool will create plaintext, corrupted tar format backups that it cannot restore. It is problematic that while the user will believe they have an encrypted backup they can restore, they actually have a plaintext backup that they cannot restore...
Click to expand...
Click to collapse
I ran afoul of this (foolishly didn't finish the 30 page forum post on it before diving in ). I'm trying your perl solution now, but I'm afraid I'm unfamiliar with tar headers in a hex viewer. Could I trouble you for some pointers on how best to determine where the TAR starts? I understand there is some sort of header, but I can't figure out what to look for.
Thanks, though, the perl runs well and I'm learning alot (far more than I ever wanted, tbh) about tars,encrypted backups, adb, etc.
:good:

Thanks for your great tools! Here is some better way for unpacking?
dd if=mybackup.ab bs=1 skip=24 | openssl zlib -d > mybackup.tar
For packing (just need to add 24 butes to header (41 4E 44 52 4F 49 44 20 42 41 43 4B 55 50 0A 31 0A 31 0A 6E 6F 6E 65 0A)?
openssl zlib -in mybackup.tar -out gg.ab
Hope it helps! :good:

munjeni said:
Thanks for your great tools! Here is some better way for unpacking?
dd if=mybackup.ab bs=1 skip=24 | openssl zlib -d > mybackup.tar
For packing (just need to add 24 butes to header (41 4E 44 52 4F 49 44 20 42 41 43 4B 55 50 0A 31 0A 31 0A 6E 6F 6E 65 0A)?
openssl zlib -in mybackup.tar -out gg.ab
Hope it helps! :good:
Click to expand...
Click to collapse
Of course. You have to concatenate the created ab backup to the first 24 bytes.
Get the first 24 bytes of an unencrypted backup
Code:
dd if=mybackup.ab bs=24 count=1 of=first24
Concatenate
Code:
cp first24 backup.ab
openssl zlib -in mybackup.tar >> backup.ab
---------- Post added at 10:25 AM ---------- Previous post was at 10:21 AM ----------
binaryhero said:
All modules were pulled from CPAN directly (I had to use Cygwin as I was on the road), e.g. "perl -M CPAN -e shell" and then issuing "install Crypt:openSSL:BKDF2".
Click to expand...
Click to collapse
Says "Missing argument to -M."

You concatenation is wrong! Your command "cp" will overwrite backup.ab! You can concetate 2 files using "cat" for example "cat first24 backup.ab > new.backup.ab"
Do you have idea how I can generate timestamp of these file in "13 number" format?
<?xml version="1.0" encoding="UTF-8"?>
<recordset version="1" timestamp="1344764788434" size="61667">
<record name="back.ab" type="1" size="12662" order="1" catagory="1" id="back.ab"><packagelist><package>com.android.settings</package></packagelist></record>
</recordset>
Click to expand...
Click to collapse
Edit:
found a way for generating timestamt with 13 numbers
stat -c '%Y000' backup.ab

munjeni said:
You concatenation is wrong! Your command "cp" will overwrite backup.ab!
Click to expand...
Click to collapse
Of course, you have to use different names.

binaryhero said:
I had ran into issues with ADB backups performed under Android 4.0.4 before the JB upgrade (on a Samsung Galaxy Nexus). I did include the shared storage (accidentally or intentionally I don't remember) and I ran into this bug (Android issue 28303; sorry, I am new here and not allowed to post outside links). Some investigation revealed that while the backup was supposedly AES encrypted and "Deflate" compressed, this was only true for the first "part" of it. At around 150 MB into the file, a simple tar archive of the SD card content was appended. ADB was unable to restore any SD card content per the bug linked to above.
What I did to resolve:
Use a hex editor (HxD) to get to the start of the appended tar archive
Copy this part to a new ".tar" file
Experiment with tarfix.pl and run into the same issues as the previous poster
Look at the code and TAR file content and find out that 00 00 02 00 needs to be prepended to the tar file for tarfix.pl to do its job
Key learning was that the ADB backup tool will create plaintext, corrupted tar format backups that it cannot restore. It is problematic that while the user will believe they have an encrypted backup they can restore, they actually have a plaintext backup that they cannot restore...
Click to expand...
Click to collapse
Hi al!
I also ran into the problem, that my .ab backup created with -shared option can't be restored.
Running backupdecrypt.pl seems to work fine, but tar archive is corrpted. But not the whole file: e.g. Ark sees some files and folders both from apps and storage. When using tarfix.pl i get same errors like trogdan in 3rd post.
To me it seems, that not every file in the tar archive is corrupted. I tried with cpio to rescue at least something and it runs quite a while. It also can read files from storage folder, but fails then somewhere in the middle (to be specific: i have a TitaniumBackup folder in storage. cpio can copy some of the files from this folder, but then fails at others. i don't know, why the corrupted segment should start somewhere and not at the beginning of storage...)
binaryhero and others: could you be please more specific how you managed to repair the .ab file or at least rescued the containing files? I would like to know, how to get tarfix.pl working. Is it possible, that only segments of the .ab file are corrupted? how can i identify them?
Any help and hints are highly appreciated! Thanks in advance! LLAP _\V/, bye Marc.

marchard said:
Hi al!
I also ran into the problem, that my .ab backup created with -shared option can't be restored.
Click to expand...
Click to collapse
Create an adb backup with the apps/ folder only, and the shared/ is just the sdcard you can restore it with another adb backup or manually, for example via ftp.

scandiun said:
Create an adb backup with the apps/ folder only, and the shared/ is just the sdcard you can restore it with another adb backup or manually, for example via ftp.
Click to expand...
Click to collapse
Unfortunately dataloss occurred. that means, it is essential for me, to read somehow the content of .ab file.

marchard said:
Unfortunately dataloss occurred. that means, it is essential for me, to read somehow the content of .ab file.
Click to expand...
Click to collapse
zlib has to be able to process the ab file (considering that has no password). If zlib doesn't work, I don't know how could you workaround that, but seems impossible to me.
munjeni said:
You can concetate 2 files using "cat" for example "cat first24 backup.ab > new.backup.ab"
Click to expand...
Click to collapse
To overwrite is this operator: >
To binary append this one: >>
So in this case is being done right.

Hi all! I'm having a few problems, and not really sure where I'm going wrong so hoping you can help. I am coming from froyo (rooted) to jelly bean (not rooted), so cannot use adb backup on the froyo phone, and cannot use adb push on jelly bean (don't want to root my htc one x+). So at the moment I haven't got many options to transfer my app data from my froyo phone to jelly bean.
At the moment, my plan is to use adb pull on the froyo phone to grab my "app data" (specifically angry birds), and then use adb backup on the jelly bean phone to create a .ab file. I then use the OPs perl files to convert the .ab file to a .tar, and then extract that file (on Ubuntu 12.04), replace the app data in the extracted folder with my froyo app data, compress that back to a .tar, then use the perl file to convert back to .ab. I then use adb restore to restore the backup. However, when I then go into angry birds, its just reset and there is no save data. Can anybody see if there is anything wrong with what i'm doing?

cn198 said:
Hi all! I'm having a few problems, and not really sure where I'm going wrong so hoping you can help. I am coming from froyo (rooted) to jelly bean (not rooted), so cannot use adb backup on the froyo phone, and cannot use adb push on jelly bean (don't want to root my htc one x+). So at the moment I haven't got many options to transfer my app data from my froyo phone to jelly bean.
At the moment, my plan is to use adb pull on the froyo phone to grab my "app data" (specifically angry birds), and then use adb backup on the jelly bean phone to create a .ab file. I then use the OPs perl files to convert the .ab file to a .tar, and then extract that file (on Ubuntu 12.04), replace the app data in the extracted folder with my froyo app data, compress that back to a .tar, then use the perl file to convert back to .ab. I then use adb restore to restore the backup. However, when I then go into angry birds, its just reset and there is no save data. Can anybody see if there is anything wrong with what i'm doing?
Click to expand...
Click to collapse
I am almost 100% sure that you are generating an invalid tar file.

scandiun said:
I am almost 100% sure that you are generating an invalid tar file.
Click to expand...
Click to collapse
Is there a unique attribute applied to the original tar file then? Any idea how to generate a valid tar file?

cn198 said:
Is there a unique attribute applied to the original tar file then? Any idea how to generate a valid tar file?
Click to expand...
Click to collapse
It's not that simple. I am writing a guide based on a third party software for the purpose of Android backups. I'll post here as soon as is published. I hope to have it completed in a day our do.

scandiun said:
It's not that simple. I am writing a guide based on a third party software for the purpose of Android backups. I'll post here as soon as is published. I hope to have it completed in a day our do.
Click to expand...
Click to collapse
That sounds great, looking forward to seeing your efforts! :good:

Software Development FYT Firmware Workbench 2.0

# FYT-Firmware-Workbench
PLEASE DO NOT USE WITH T'EYES CC3 FIRMWARE
Scripts intended to mount the FYT UIS7862 firmware, make modifications and reassemble it back
They can retrieve the firmware from specified location and after modification, they can put the packed and signed firmware into another specified location
Files:
1-) config.ini = A file to setup parameters, paths for the original firmware and patched firmware, temp directory to work with firmware files and mount point to edit the firmware
2-) import_original.sh = Retrieves the ZIP file from the location specified in config.ini
3-) import_patched.sh = Retrieves the same files that 'import_original.sh' but from the patched location specified in the config.ini (normally a firmware that you've already patched before)
4-) unpack.sh = (autorun after import*) Unpack the imported firmware and create the mount moints (as specified in the config.ini file) to work with the firmware
5-) tweaker.sh = Allows change Locale, Language, Country and allows enabling ADB and OTG (if hardware supports it)
6-) inject_mods = Copies all contents of "_mods" folder into system partition, like gps.conf or even bootanimation, up to you to creat the same folder structure with your own files to inject
7-) repack.sh = Unmount the modified firmware from the mount points, delete the mount points, assembly the new ZIP file, sign it and move it to the patched directory as specified in config.ini
clean_local.sh = This script will unmount the firmware and delete it, it will also delete temporary files. as its name says, it cleans the local workbench !
N'joy it !
[CHANGELOG]
2.0 Introduces a different ZIP signature method
1.0 Initial release

Did you already try to flash it? I seed that you sign with the test keys but does that now work on the 7862?
On the previous architectures the recovery did not allow self signed zips.

Yes it works well, of course I flashed a modified 6315_1 befor make this post. You can trust the scripts, take a look at the tweaker.sh who allow you to modify some settings, Locale,Region, Coutry, and more to come !

Hi,
I tried your tools. Nice work.
I first did the "import_original.sh" and then the "unpack.sh". I did use this on a RPi4 running Debian Linux. All my Linux machines are currently RPi boxes and I use my headless server RPi4 for most stuff I do myself on images. (Next to that I have a Chromebook running Linux as well, but that one doesn't allow me to mount images in the linux sandbox.)
In the unpack.sh I get errors after brotli on the resizing of all the images:
Bash:
**********************************************
Processing 'system' image ...
BROTLI -- Handling system.new.dat.br...
Converting system.new.dat file into system.img file
When tring the "Converting .." is where it goes wrong without error message. The sdat2img is using "#!/usr/bin/env python" which, on an python3 only system gives "/usr/bin/env: ‘python’: No such file or directory"
When I change the call to "python3 sdat2img.py <etcetera>" it works. It might be better to use something like
Code:
if [ `which python` ]; then
./tools/sdat2img.py
elif [ `which python3`]; then
python3 ./tools/sdat2img.py
else
printf "\n\nNo python found!!\n\n"
exit 1
fi
Otherwise your created dat file is 0 bytes (simply an echo of 0 bytes to a new file), then giving corrupt empty images of 128 MB when trying to resize them.
And about the resizing/shrinking of the images: Why do you do that?
Simply leave the img as is and mount it read-write, not read-only.
Please use
Code:
mount -t ext4 -o loop,rw $unzippedPath$i.img $MOUNTPOINT/$i
and then simply copy (as root) your stuff in or make the modifications directly (as root). After unmounting you can immediately repack and brotli-compress it again. No extra intermediate steps necessary.
****
And some other remarks (actually a bit of nit-picking, please don't feel offended. I think you did a great job):
You use and pack a 64bit jdk with it, which is of course very convenient in most cases but doesn't work on my ARM raspberry pi.
I would put something in the shell script like
Bash:
echo "Singning '${FIRMWAREZIPFILENAME}' file..."
if [ -n `which java` ]; then
# Not found. Use packed version and hope it is a 64bit system
tools/jdk64/bin/java -jar tools/SignApkv2.jar <etcetera>
else
# Use system version
java -jar <etcetera>
fi
You also use
Bash:
echo " "
echo "READY !!!."
echo " "
Why not use
Code:
printf "\n\nREADY !!!\n\n"

Don't feel offended at all fellow, that's normal you're improving the scripts so suit your needs, that's normal, and your code (above) seems much more adapted than mine, I packed a 64bit java 8 cause java 11 does not sign the ZIP, (or at least I didn't reach the sign correctly)
Y have a giltab at home with that projects (FYT, TS10 etc....) y you want to participate and pull-request your changes, os help me improving that scripts, you're welcome and I'll send you the link via PM

mariodantas said:
I packed a 64bit java 8 cause java 11 does not sign the ZIP, (or at least I didn't reach the sign correctly)
Click to expand...
Click to collapse
Yes, you are right. the signapkv2 is already very old. I forgot that. I just tested and java V11 comes without the sun packages.

Will add and arm64 java 8 and detect the proc architecture by scripts to select the right java

@surfer63 I forgot to tell you that I released FYT Firmware Workbench 2.0 which includes another 6315_1 signature method (no more signapkV2), (as required with lsec6315update after Jul/2/22) thos signs well the new 6315_1 files, so we can still modify their contents and repack again and flash without the message: "Please use legal system"

I finally got my images to mount. (had to sudo)
I used the modifications @surfer63 suggested. (python3 was the trick here)
edit: are the mountpoints supposed to be RO? I'm getting "no space.." error running the tweaker.

j-5 said:
I finally got my images to mount. (had to sudo)
I used the modifications @surfer63 suggested. (python3 was the trick here)
edit: are the mountpoints supposed to be RO? I'm getting "no space.." error running the tweaker.
Click to expand...
Click to collapse
No, they shoud have 128Mb + each uhntil repack
NOTE: before running FYT Firmware Workbench do a "sudo su" (you must run as ROOT) that's why it didn't work flawlessly, I'll modify the scripts to ask for sudo su if needed !

@mariodantas : Your FYT workbench was still in the Android head units section. I had it moved to the FYT forum.

mariodantas said:
No, they shoud have 128Mb + each uhntil repack
NOTE: before running FYT Firmware Workbench do a "sudo su" (you must run as ROOT) that's why it didn't work flawlessly, I'll modify the scripts to ask for sudo su if needed !
Click to expand...
Click to collapse
OK, got it.
I had commented out the "expand' part, my bad .

Is there a github repo for the latest scripts? I'd love to try this out.

No Github, I'll release some fixes soon !

mariodantas said:
I'll release some fixes soon !
Click to expand...
Click to collapse
this is very good, thanks for your hard work!
I am also having trouble parsing the system.new.dat.br file (I only chose to edit it in config). After changing to python3, file began to be mounted and repack. But I get an error on the device in the middle of installation related to "dynamic_partitions_op_list" even though I didn't change anything

Where are the 2.0 tools?

Andy826 said:
Where are the 2.0 tools?
Click to expand...
Click to collapse
In the OP

surfer63 said:
And about the resizing/shrinking of the images: Why do you do that?
Click to expand...
Click to collapse
@surfer63 I do that to allow me to add content inside, if not, the free size is 0Kb after mount

@mariodantas The CC3 Firmware Tools don't seem to work with the January firmware. The error when using them on the January firmware is:
Code:
ext2fs_open2: Bad magic number in super-block
e2fsck: Superblock invalid, trying backup blocks...
e2fsck: Bad magic number in super-block while trying to open _tmp/_firmware/elable.img
Any chance of this being fixed please?

ahmed123 said:
Any chance of this being fixed please?
Click to expand...
Click to collapse
Not compatible with CC3 anymore