Database Info

[Heimdall][One-Click] The T959V Heimdall One-Click Collection [12/10/2012]

Disclaimer:
These One-Click's contains bootloaders, kernels, and roms for ONLY the SGH-T959V. This One-Click will not work with any other device!
By downloading and flashing the files you agree that you will not hold me or anyone in the credits responsible if your device becomes bricked or unusable. (But here is a place to get that kinda stuff fixed)
If you need help getting your device unbricked or getting into "Download Mode", please search in the General Forum and search and ask in the Q&A Forum.
T959W Users
If you have a Moblicity SGH-T959W, please read this thread first!
Introduction:
There is a single full One-Click on this page that contains the full stock rom.
There are two more sets in the second post with AntonX's and Hampsterblade's kernels (both oc/uv and non-oc/uv variants). They only contain the bootloaders and kernels.
This package will reset your "Galaxy S 4G - SGH-T959V" to UVKJ6 with all the bootloaders you'd get by following FBis251's [ODIN+CWM] GB Ext4 Starter Pack, but with stock (not rooted, not deodexed) UVKJ6 installed afterward.
The idea in the end is to have everything you need from this guide to go back to stock, as if you updated with Kies from KD1.
If you wrote bad bootloaders, but can still get into download mode somehow, this One-Click will also write known good bootloaders.
The Fully Stock One-Click is useful if you need to send your phone back to be repaired, as the Stock files in this One-Click are from the Kies tarball.
All package include:
Repartitioning: Repartition to stock KJ6
Reloading: IBL/PBL, SBL, SBL2, PARAM, Kernel, Recovery, FactoryFS, Data, and Modem.
Formatting: Cache and DBdata
All packages do not wipe:
EFS - Where your serial number and carrier information is stored.
SDCard - Where your pictures are stored.
Adam says "You may use this code to reformat the Data and SDCard *2767*3855# There is no way to do this from Download Mode. The code will leave the EFS untouched."
But I suggest if you are using CWM to back up your sdcard and do a battery pull after you see the boot animation. Boot into recovery and repartition your sdcard to have >=2048M of ext2.
This will make sure you have no problems converting to ext4 from rfs and visa-versa.
Download:
Download T959VUVKJ6 Stock UVKJ6
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Instructions:
(Windows Only) You also need to install the Visual Studio C++ runtime. (Thanks stephen_w!)
Get the latest version of Java 1.6 from this link or from your linux distribution. (openjdk-6-jdk worked for me )
Run:
Code:
java -jar <one-click_package_you_downloaded>.jar
Remove the /sdcard/Voodoo directory from your sdcard. This fixes a problem if the CSC updates, and linda converted to ext4 the first time because of voodoo.
Put your phone into "Download Mode".
Run "flash" once. Let the phone reboot itself. Don't touch the phone until it boots into android. If it works and you want to flash bootloaders:
Put your phone into "Download Mode" again (make sure developer mode is enabled on the phone):
Code:
adb reboot download
Check the "Flash Bootloaders" checkbox and Run "flash" again to get bootloaders.
Again, let it reboot fully into android.
Your device should now be like it would be if it came from the Kies with Official UVKJ6 preloaded.
Credits:
AdamOutler (Thanks for making my working Sgs4g UnBrickable and for One-Click, and One-Click-Packager!)
Benjamin Dobell (and everyone that worked on Heimdall!)
RaverX3X (Thanks for helping and testing!)
FBis251 (Thanks for the ext4 guide! This guide helped me figure out which bootloaders to use.)
Samsung (Thanks for Kies, which is where I got the stock rom bits.)

Variants
eollie: AntonX's BwaT + Stock Rom
Stock_KJ6_+_root-One-Click.jar (this has the blastoff v2.5 kernel)
AntonX: Basic with a Twist SGS4G KJ6 1.1.0
AntonX-Basic_with_a_twist-v1.1.0-OC_UV.jar
AntonX-Basic_with_a_twist-v1.1.0-NO_OC_UV.jar
Hampsterblade: [KERNEL] Basic MIUI modified
hampsterblade-Basic_MIUI_Kernel_r2_OC_UV.jar
hampsterblade-Basic_MIUI_Kernel_r2_NO_OC_UV.jar

Nice! Good work.
Sent from my rockin' Galaxy S 4G using XDA Premium App

Downloading now, If it works properly I'll have a mirror on the Team Komin server for you and I can send this device back. BTW... UnBrickable Mod team have nothing to do with Heimdall One-Click... That's Benjamin Dobell for Heimdall and Me for the One-Click and One-Click packager.
There's no need to RAR the JAR file. The firmware contained within is packaged in a superior tar.gz and a jar file is actually a zip.. It's already double compresed.
Just as a tip, I generally include the SBL2 in a flash. I don't know which devices use it, but it's supposed to ensure a valid SBL is on a device. It's safer and provides a total restore if you know you have a good SBL unlike the KG2 firmware package. I see there's no SBL2 in the detail tab. This is what happened to me today with KG2 bootloaders...
Code:
1mmunications established�� X4 &c1 E1 Q0
-----------------------------------------------------------
Samsung Primitive Bootloader (PBL) v3.0
Copyright (C) Samsung Electronics Co., Ltd. 2006-2010
-----------------------------------------------------------
+n1stVPN 2688
+nPgsPerBlk 64
+n1stVPN 3008
+nPgsPerBlk 64
ERROR.. Bootable SBL doesn't exist ..
Other than that, it's working great!
I repackaged with the SBL2 after I verified the package is working properly. It will be available here in aproximately 26 minutes from this post. http://files.teamkomin.com/t959-SGS4G/T959V-UVKJ6-One-Click.jar
I just realized I post jacked, sorry.

AdamOutler said:
Downloading now, If it works properly I'll have a mirror on the Team Komin server for you and I can send this device back.
Click to expand...
Click to collapse
I think I'm fine with hosting on sourceforge. You can mirror it if you want.
AdamOutler said:
BTW... UnBrickable Mod team have nothing to do with Heimdall One-Click... That's Benjamin Dobell for Heimdall and Me for the One-Click and One-Click packager.
Click to expand...
Click to collapse
Thanks for pointing that out! I did resurrect a few times (Mostly stupid mistakes. You do stupid things when you know you can recover. ), so I wanted to give credit, or it would not have been possible for me to learn more about how to make mistakes so others don't have to.
AdamOutler said:
There's no need to RAR the JAR file. The firmware contained within is packaged in a superior tar.gz and a jar file is actually a zip.. It's already double compressed.
Click to expand...
Click to collapse
Thank you for the tip! I'll host the jar from now on.
AdamOutler said:
Just as a tip, I generally include the SBL2 in a flash. I don't know which devices use it, but it's supposed to ensure a valid SBL is on a device. It's safer and provides a total restore if you know you have a good SBL unlike the KG2 firmware package. I see there's no SBL2 in the detail tab. I'll repackage it and host it here when ready: http://files.teamkomin.com/t959-SGS4G/T959V-UVKJ6-One-Click.jar
Click to expand...
Click to collapse
The problem is, samsung has never packaged an sbl2 with any leak or official package.
I had some weird problems when I wrote the sbl2, so not writing it makes me feel safer.
AdamOutler said:
Other than that, it's working great!
Click to expand...
Click to collapse
Thanks! I'm hoping to get more things done soon. I'm having some personal life issues that are rightfully taking my time, but I get little bursts to work on projects when I can. You however, are a machine! Keep up the good work, man!

^^ I edited while you were posting. the code block shows why you should write the SBL2. Normally it's either empty or it has a duplicate SBL. If you're using a good SBL it's safe. If it's a bad SBL, then it's not safe. It's less safe to not have an SBL2 on a device in general though. If you switch to something like CM7, you won't have an SBL2. When you switch back to stock the SBL2 has to be flashed back or it's still missing on devices that have it.
I've already begun uploading. It's 1/2 way there and will be on the TK server in ETA 13 minutes 11 seconds. It has the SBL2 included and I verified everything works fine.
btw.. repackaging is a breeze. change the jar to a .zip file and then go to /com/AdamOutler/HeimdallOneClick/resources/ROMPackage/ the tar.gz is right there and you can open it in heimdall.

AdamOutler said:
^^ I edited while you were posting. the code block shows why you should write the SBL2. Normally it's either empty or it has a duplicate SBL. If you're using a good SBL it's safe. If it's a bad SBL, then it's not safe. It's less safe to not have an SBL2 on a device in general though. If you switch to something like CM7, you won't have an SBL2. When you switch back to stock the SBL2 has to be flashed back or it's still missing on devices that have it.
Click to expand...
Click to collapse
Interesting, good to know! I will retest with sbl2 again.
AdamOutler said:
I've already begun uploading. It's 1/2 way there and will be on the TK server in ETA 13 minutes 11 seconds. It has the SBL2 included and I verified everything works fine.
Click to expand...
Click to collapse
In the future, I would rather that you mirror that file that I have. As to not have different version of the same file on the web to support.
(EDIT: I mean, if you make a crontab to always pull the version I post, then I just tell people to get the latest version. Then I don't care where they get it.)
AdamOutler said:
btw.. repackaging is a breeze. change the jar to a .zip file and then go to /com/AdamOutler/HeimdallOneClick/resources/ROMPackage/ the tar.gz is right there and you can open it in heimdall.
Click to expand...
Click to collapse
That's how I repackaged with the sourceforge links and other updated metadata. Except I just used the gnome-archive tool in nautilus. Just right-click on the jar and click "Extract All".

I retested with the SBL2, and didn't have any problems.
I must of had some bad combination loaded before, and thought it was the sbl2.
@AdamOutler, thanks for the advice!
Op updated with new link to the jar file. The rar without the sbl2 is still available, but will move to the 'old' folder soon.

Updated op with better notes and references.

Op updated with kj1 and kj6 with CWM + Voodoo Ext4 Lagfix one-clicks!

Great work, thanks..

This worked for me like a charm to get CWM back after bricking my phone and using AdamOutler's UnBrickable mod to bring it back: http://forum.xda-developers.com/showthread.php?t=1333424
This CWM OneClick'er is invaluable, especially if there is problems with Odin after.
Props.

Updated OP with SMS KJ6 beta2d One-Click.

bhundven said:
Updated OP with SMS KJ6 beta2d One-Click.
Click to expand...
Click to collapse
I flashed my SGS4G a few weeks back with ur first release... is it wise to reflash again with the new updates u have :
Download Fully Back-To-Stock UVKJ6
Download KJ1 Kernel Stock Rom with Bootloaders
Download SMS KJ6 (beta2d) Kernel Stock Rom with Bootloaders
and if so what would be the way to go?
Id like to root and whippe out all the bloatware also.
*Also I seem to have an annoying lock screen pattern replace my actual lock screen wallpaper.... do u know why?

Lvnlegendinc said:
I flashed my SGS4G a few weeks back with ur first release... is it wise to reflash again with the new updates u have :
Download Fully Back-To-Stock UVKJ6
Download KJ1 Kernel Stock Rom with Bootloaders
Download SMS KJ6 (beta2d) Kernel Stock Rom with Bootloaders
and if so what would be the way to go?
Id like to root and whippe out all the bloatware also.
*Also I seem to have an annoying lock screen pattern replace my actual lock screen wallpaper.... do u know why?
Click to expand...
Click to collapse
The only thing that changed was the kernel in my kj6 one-click. You can flash the ROM with this tool without flashing bootloaders.
As for the lockscreen... I have no clue.
Sent from my SGH-T959V using xda premium

bhundven said:
The only thing that changed was the kernel in my kj6 one-click. You can flash the ROM with this tool without flashing bootloaders.
As for the lockscreen... I have no clue.
Sent from my SGH-T959V using xda premium
Click to expand...
Click to collapse
If I were to re-install everything and install ur one click.... which of the 3 would recommend... I have no clue what a bootloader does or affects...

Try my kj6. From that cwm whatever ROM you want after a full wipe of everything.
Sent from my SGH-T959V using xda premium

bhundven said:
Try my kj6. From that cwm whatever ROM you want after a full wipe of everything.
Sent from my SGH-T959V using xda premium
Click to expand...
Click to collapse
Which one?
a -Download Fully Back-To-Stock UVKJ6
b -Download KJ1 Kernel Stock Rom with Bootloaders
c- Download SMS KJ6 (beta2d) Kernel Stock Rom with Bootloaders
or
[KERNEL][UVKJ6][BETA2d] Subtly Modified Stock with CWM + Voodoo Lagfix [12/11/2011]

bhundven said:
Try my kj6.
Click to expand...
Click to collapse
Sent from my SGH-T959V using xda premium

so.... i take it option c
lol
thanks bro

[Q] No boot: 7 vibrations + Black Screen

Containment: remove battery for more than 5 minutes, phone then boots without issues.
Known solution: I don't have one yet for my phone, but could a stock RUU fix it?
Happens on a HTC Desire SV, but I read there's more phones who have the same issue, but no solution yet.
Have the same problem?
- You can leave a reply with details about your situation. Have you rooted you phone, flashed roms, etc? This could help pinpoint the problem and search for a solution.
- Which brand / type do you have? You can vote which brand of phone you have with the same issue. I've listed some popular brands. This could indicate if it's related to one specific brand/type or not.
Other observations and possible explanations:
- Happens after turning off the phone. Possible issue here: is the phone failing to shutdown properly, leaving incorrect code or data in memory?
- Does not happen when restarting the phone.
- Does not happen when switching off the phone with fast boot option (in Settings > Power). There's reason to believe HBOOT is bypassed in this fast boot mode, as it would take more than 2 seconds to go from the black screen to the boot logo in normal boot mode, and in fast boot mode this black screen takes far less than 2 seconds.
- Phone vibrates 7 times after a couple of minutes. I see several hints on hardware failures on the forum: EMMC, overheating CPU, see related issues below. Both do not seem to be the case, since the phone is able to (re)boot containment.Open question here is what does this boot error code mean, and is it part of first or secondary (HBOOT) bootloader? See also next observation:
- Screen remains black when attempting to power-up. This could mean we do not get passed HBOOT. Possible issues: kernel can not be found by HBOOT, or HBOOT can not be started. Again here, it could be interesting to know what exactly makes the phone vibrate 7 times. Is it HBOOT, or firmware?
- Removing the battery for more than 5 minutes solves the issue. Does this mean the phone boots differently when it's just restarted, when it's booted from power-off, or when the battery is pulled and then started? I can think of two possibilities: that the phone attempts to boot from incorrect code in RAM, which is being wiped after the battery is removed long enough, or that some CPU pins remain high when the battery stays in the phone, causing the CPU to boot from another location. Room for thought here as well.
- CWM recovery is flashed, the phone is rooted, but still S-ON. Going back to stock recovery did not fix it. I have some doubt believing that flashing a custom recovery partition can cause something to happen to the boot partition, although in my case, I see the boot partition is located right after the recovery partition. The CWM recoveries I flashed, were about 5MB, while the partition it's placed in is more than 8 MB. So plenty of room to fit CWM recovery in.
Related issues:
- Overheating CPU. Most likely not the case here. Phone does not feel hot at all, never had freezes and such when using the phone.
- 7 times vibrate during welcome screen or even after that. In the case above, the phone doesn't reach that far.
- Hard brick. Issue described above can be called soft-brick maybe. Pulling the battery for more than 5 minutes fixes it until the next shutdown.
That's all I can mention, maybe this is already helpful to some, most certainly when you gave up on your phone thinking it's hard bricked.
So pleae leave a message if you like this thread, hit thanks, and/or vote for the brand that you have the same issue with, and maybe this leads to the solution,

Several boot partitions?
Something I noticed for the HTC Desire SV: the boot partition is in mmcblk0p22 (see /proc/emmc below), but there are 2 other partitions with the same size (mmcblk0p13 and mmcblk0p14, see /proc/partitions further below). Are these alternative /boot partitions?
Code:
/proc/emmc:
dev: size erasesize name
mmcblk0p17: 00040000 00000200 "misc"
mmcblk0p21: 0087f400 00000200 "recovery"
mmcblk0p22: 00400000 00000200 "boot"
mmcblk0p25: 3bdffe00 00000200 "system"
mmcblk0p27: 0ffffe00 00000200 "cache"
mmcblk0p26: 4cfffe00 00000200 "userdata"
mmcblk0p28: 017ade00 00000200 "devlog"
mmcblk0p30: 00040000 00000200 "pdata"
mmcblk0p31: 46800000 00000200 "fat"
mmcblk0p29: 00011c00 00000200 "extra"
/proc/partitions:
major minor #blocks name
179 0 3817472 mmcblk0
179 1 20 mmcblk0p1
179 2 544 mmcblk0p2
179 3 4500 mmcblk0p3
179 4 1 mmcblk0p4
179 5 30000 mmcblk0p5
179 6 12500 mmcblk0p6
179 7 2048 mmcblk0p7
179 8 3072 mmcblk0p8
179 9 2048 mmcblk0p9
179 10 1024 mmcblk0p10
179 11 1024 mmcblk0p11
179 12 8751 mmcblk0p12
179 13 [COLOR="Red"][B]4096[/B][/COLOR] mmcblk0p13
179 14 [COLOR="Red"][B]4096[/B][/COLOR] mmcblk0p14
179 15 1024 mmcblk0p15
179 16 6909 mmcblk0p16
179 17 256 mmcblk0p17
179 18 1024 mmcblk0p18
179 19 1024 mmcblk0p19
179 20 1280 mmcblk0p20
179 21 8701 mmcblk0p21
179 22 [COLOR="Red"][B]4096[/B][/COLOR] mmcblk0p22
179 23 256 mmcblk0p23
179 24 2047 mmcblk0p24
179 25 980991 mmcblk0p25
179 26 1261567 mmcblk0p26
179 27 262143 mmcblk0p27
179 28 24247 mmcblk0p28
179 29 71 mmcblk0p29
179 30 256 mmcblk0p30
179 31 1155072 mmcblk0p31
179 64 7778304 mmcblk1
179 65 7774208 mmcblk1p1

Interesting
Something I stumbled upon by the way:
android/system/bootable/recovery/bootloader.h
Code:
/*
* Copyright (C) 2008 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef _RECOVERY_BOOTLOADER_H
#define _RECOVERY_BOOTLOADER_H
/* Bootloader Message
*
* This structure describes the content of a block in flash
* that is used for recovery and the bootloader to talk to
* each other.
*
* The command field is updated by linux when it wants to
* reboot into recovery or to update radio or bootloader firmware.
* It is also updated by the bootloader when firmware update
* is complete (to boot into recovery for any final cleanup)
*
* The status field is written by the bootloader after the
* completion of an "update-radio" or "update-hboot" command.
*
* The recovery field is only written by linux and used
* for the system to send a message to recovery or the
* other way around.
*/
struct bootloader_message {
char command[32];
char status[32];
char recovery[1024];
};
/* Read and write the bootloader command from the "misc" partition.
* These return zero on success.
*/
int get_bootloader_message(struct bootloader_message *out);
int set_bootloader_message(const struct bootloader_message *in);
/* Write an update to the cache partition for update-radio or update-hboot.
* Note, this destroys any filesystem on the cache partition!
* The expected bitmap format is 240x320, 16bpp (2Bpp), RGB 5:6:5.
*/
int write_update_for_bootloader(
const char *update, int update_len,
int bitmap_width, int bitmap_height, int bitmap_bpp,
const char *busy_bitmap, const char *error_bitmap);
#endif

It happens everytime i switch off the device
jheller said:
Containment: remove battery for more than 5 minutes, phone then boots without issues.
Known solution: I don't have one yet for my phone, but could a stock RUU fix it?
Happens on a HTC Desire SV, but I read there's more phones who have the same issue, but no solution yet.
Have the same problem?
- You can leave a reply with details about your situation. Have you rooted you phone, flashed roms, etc? This could help pinpoint the problem and search for a solution.
- Which brand / type do you have? You can vote which brand of phone you have with the same issue. I've listed some popular brands. This could indicate if it's related to one specific brand/type or not.
Other observations and possible explanations:
- Happens after turning off the phone. Possible issue here: is the phone failing to shutdown properly, leaving incorrect code or data in memory?
- Does not happen when restarting the phone.
- Does not happen when switching off the phone with fast boot option (in Settings > Power). There's reason to believe HBOOT is bypassed in this fast boot mode, as it would take more than 2 seconds to go from the black screen to the boot logo in normal boot mode, and in fast boot mode this black screen takes far less than 2 seconds.
- Phone vibrates 7 times after a couple of minutes. I see several hints on hardware failures on the forum: EMMC, overheating CPU, see related issues below. Both do not seem to be the case, since the phone is able to (re)boot containment.Open question here is what does this boot error code mean, and is it part of first or secondary (HBOOT) bootloader? See also next observation:
- Screen remains black when attempting to power-up. This could mean we do not get passed HBOOT. Possible issues: kernel can not be found by HBOOT, or HBOOT can not be started. Again here, it could be interesting to know what exactly makes the phone vibrate 7 times. Is it HBOOT, or firmware?
- Removing the battery for more than 5 minutes solves the issue. Does this mean the phone boots differently when it's just restarted, when it's booted from power-off, or when the battery is pulled and then started? I can think of two possibilities: that the phone attempts to boot from incorrect code in RAM, which is being wiped after the battery is removed long enough, or that some CPU pins remain high when the battery stays in the phone, causing the CPU to boot from another location. Room for thought here as well.
- CWM recovery is flashed, the phone is rooted, but still S-ON. Going back to stock recovery did not fix it. I have some doubt believing that flashing a custom recovery partition can cause something to happen to the boot partition, although in my case, I see the boot partition is located right after the recovery partition. The CWM recoveries I flashed, were about 5MB, while the partition it's placed in is more than 8 MB. So plenty of room to fit CWM recovery in.
Related issues:
- Overheating CPU. Most likely not the case here. Phone does not feel hot at all, never had freezes and such when using the phone.
- 7 times vibrate during welcome screen or even after that. In the case above, the phone doesn't reach that far.
- Hard brick. Issue described above can be called soft-brick maybe. Pulling the battery for more than 5 minutes fixes it until the next shutdown.
That's all I can mention, maybe this is already helpful to some, most certainly when you gave up on your phone thinking it's hard bricked.
So pleae leave a message if you like this thread, hit thanks, and/or vote for the brand that you have the same issue with, and maybe this leads to the solution,
Click to expand...
Click to collapse
This problem first started when i backedup image of my existing system using the latest version of cwm. after backing up, the phone switched off. it took around 15 mins after reinserting battery to restart it. but again when I switched it off to go into boot menu the phone didint switch on. It has got me worried. I think its because of this new version of CWM. Now I'm waiting for the phone to start again, will probably go directly into recovery and try to boot into 0.8 version
---------- Post added at 04:09 AM ---------- Previous post was at 03:54 AM ----------
The phone denies either starting or going into boot menu. Last time it happened, i had kept my phone idle for hours. So i am unable to find the exact time after which it will supposedly start.

No change in status of the phone.......:crying:
tanaynaik said:
This problem first started when i backedup image of my existing system using the latest version of cwm. after backing up, the phone switched off. it took around 15 mins after reinserting battery to restart it. but again when I switched it off to go into boot menu the phone didint switch on. It has got me worried. I think its because of this new version of CWM. Now I'm waiting for the phone to start again, will probably go directly into recovery and try to boot into 0.8 version
---------- Post added at 04:09 AM ---------- Previous post was at 03:54 AM ----------
The phone denies either starting or going into boot menu. Last time it happened, i had kept my phone idle for hours. So i am unable to find the exact time after which it will supposedly start.
Click to expand...
Click to collapse
I kept the battery out of the phone for different durations of time. All more than 5 mins, Still the phones refrains from switching on. The blinking of charging LED continues and the phone vibrates 7 times after sometime.
Also keeping the battery inside the phone without connecting the charger also causes the phone to vibrate.
Some 1 please help.....This is my daily use phone, and theres no chance of me getting a new deivce of this kind. :fingers-crossed:

FIX for Black Screen after Power Off
But to help many people , still being annoyed by this method .
This issue is experienced when the bootloader is unlocked with HtcDev.
I have a very simple solution to this...
Download RUU from the below link
https://www.dropbox.com/s/p46ly9rs0bguyxu/RUU_MAGNI_DS_ICS_40A_1.07.401.6_system_imadge.exe
YOU SHOULD HAVE S-OFF FOR THIS TO WORK-I will post another tutorial for S-Off
Download adb and fastboot binaries from google.
Extract the binaries to "C:/Android"
1.Open cmd as administrator and type: "cd C:/Android/"
2.Then type "adb reboot bootloader"
Unlocking Bootloader is necessary-Below commands will relock the bootloader.
3.Then type "fastboot oem lock"
4.Type fastboot reboot
5.When device boots on unlock the lock screen and type:"adb reboot bootloader"
6.Now open the RUU file (Link Above)
7.It may take time for the RUU to load.
8.When the RUU loads , minimize it.
8.Check the box and click the last option (towards the left)
9.Wait for the RUU to install.
10.After installing the phone reboots automatically.
11.Now to root your phone again unlock your bootloader with Windroid & Root wih the same application.
12.Framaroot (1.9.3) also works after S-Off.One Click Root APK for Desire SV.
http://forum.xda-developers.com/apps/framaroot/root-framaroot-one-click-apk-to-root-t2130276

akash14darshan said:
This issue is experienced when the bootloader is unlocked with HtcDev.
Click to expand...
Click to collapse
That sounds plausible and new to me. Can you elaborate on this?
Quite some HTC devices seem to have the 7x vibration issue after unlocking and/or replacing stock recovery. I tend to think it's related to hboot, also pointing into the direction of htcdev causing this.
With hindsight, for me a reason to ditch HTC altogether is the s-off "functionality" which in reality makes it even more difficult to make modifications to /system. Still curious though how you managed to s-off the Desire SV.

jheller said:
That sounds plausible and new to me. Can you elaborate on this?
Quite some HTC devices seem to have the 7x vibration issue after unlocking and/or replacing stock recovery. I tend to think it's related to hboot, also pointing into the direction of htcdev causing this.
With hindsight, for me a reason to ditch HTC altogether is the s-off "functionality" which in reality makes it even more difficult to make modifications to /system. Still curious though how you managed to s-off the Desire SV.
Click to expand...
Click to collapse
It is easy to get S-OFF in HTC Desire SV
I just downloaded RumRunner Universal and tried to S-OFF.
But at some stage it used to give me an error : Please flash insecure kernel or custom rom.
So I download a rom from 4pda ( https://docs.google.com/file/d/0B82Fg9xGxxLeZXdnZHhCUHdZcXM/edit ) and flashed it. Still I got the same error at same stage.
So what I did is decompiled the kernel , changed it to insecure one , flashed it in fastboot and ran RumRunner.
And Voila ! My phone got S-OFF
But the ics recovery you compiled was the only serious threat (sorry to say man xD)
Just after installing your recovery , my phone rejected to Boot after switching off. This was fixed by flashing ruu .
---------- Post added at 05:00 AM ---------- Previous post was at 04:46 AM ----------
Sorry I forgot to mention
Everyone else other than jheller , the kernel file is available in the link ( boot.img )
Decompiling can be easy :
https://www.youtube.com/watch?v=yFdH_P6fd9U
I used the same tool.
To make the kernel insecure :
Decompile Boot.img file , find default.prop and open it using NOTEPAD++ ONLY!!!
Change ro.secure=0 and ro.adb.secure=0
NOTE: Donot add second second line if it is not present
After changing ro.secure to 0 , save the file and recompile the boot.img file
Flash it in fastboot and download RumRunner : http://rumrunner.us/downloads-2/
Download the universal one for your OS.
And let the rumrunner do the work for you.
After S-OFF , your phone will be in HBOOT , so change it to fastboot and type this in cmd/terminal in pc:
"fastboot oem writecid 11111111" without quotes.
To confirm this ,type:
"fastboot read cid"
This should state your cid is 11111111 ( 8times 1).
CHanging to supercid allows you to flash RUU which will solve the No Boot problem.

[RECOVERY][DREAMTAB] TWRP 3.0.0.0 for Nabi Dreamtab HD8

TWRP recovery 3.0.0 for the Nabi Dreamtab HD8. (t8400n)
​
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
​
At this point this recovery is still considered in testing. The normal disclaimers apply.
IMPORTANT!!!! If you have an IN08A version do not use this recovery, this will only work on NV08A
For IN08A see a tethered recovery and rooting method here: http://forum.xda-developers.com/showpost.php?p=57825022&postcount=25
This is for Nabi Dreamtab
Nabi2 is HERE
Nabi JR 4GB is HERE
Nabi JR 16GB is HERE
NabiXD is HERE
Updates
READ THIS FIRST!!
03/22/2016 Latest TWRP 3.0.0 files http://forum.xda-developers.com/showpost.php?p=65989774&postcount=66
10/5/2015 older TWRP 2.8.7 files http://forum.xda-developers.com/showpost.php?p=63151136&postcount=46
Initial TWRP 2.7.1 Direct Link
Stock recovery for Nabi version 1.3.7
http://forum.xda-developers.com/showpost.php?p=59290754&postcount=41
For more information on TWRP and change log see the TeamWin Website
Information
You do not need root to install this, in fact you can use the recovery to root your Dreamtab HD8. Upon exiting TWRP it will ask to root the device if it is not already, I ran in to an issue where I had to download SuperSU from play store afterwards to get it properly rooted.
Installation
Video tutorial https://www.youtube.com/watch?v=V_JML4wN3QM&feature=youtu.be
Having trouble? http://forum.xda-developers.com/nabi-2/general/nabi-information-t3229119
Start with Nabi booted to android, ADB debugging enabled, windows adb and fastboot drivers installed. (PDAnet drivers are popular)
-Method 1 (Recommended install , guided installer)
-Download Dreamtab Auto Installer from above
-Extract DTTWRPinstaller.zip
-Run install.bat
Code:
Select option 1 for installing recovery and immediate backup of tablet
Select option 2 to just install TWRP
Select option 3 to install the original stock recovery
-Method 2 (manual temporary install, will keep your current recovery)
-Download "TWRP 3.0.0.0 for Nabi Dreamtab"
-Extract recovery.img from zip to your adb directory
-From a command prompt in your adb directory
Code:
adb reboot-bootloader
fastboot boot recovery.img
-Method 3 (manual permanent install, will overwrite your current recovery)
-Download "TWRP 3.0.0.0 for Nabi Dreamtab"
-Extract recovery.img from .zip to your adb directory
-From a command prompt in your adb directory
Code:
adb reboot-bootloader
fastboot flash recovery recovery.img
Other
Device source https://github.com/aicjofs/android_device_fuhu_t8400
TWRP source https://github.com/omnirom/android_bootable_recovery
Credits
Geohot for towelroot (version 1 specifically)
TeamWin and OmniROM teams for TWRP.
Dees_Troy for build tutorials.

are you playing with new goodies again ? lol
Cant wait for you to " port " this to another nabi :victory:

aicjofs said:
.
Click to expand...
Click to collapse
You are awesome! :highfive:
Now for the $10^6 question....did Fuhu pull a Nabi2 and screw up the filesystem on the Dreamtab?
Thanks
Sno

Snoshrk said:
You are awesome! :highfive:
Now for the $10^6 question....did Fuhu pull a Nabi2 and screw up the filesystem on the Dreamtab?
Thanks
Sno
Click to expand...
Click to collapse
Better. /cache is ridiculously large, and while system is big, their ROM takes most of it and this time they left a little wiggle room. Dumbest by far is recovery being only 8MB. I may not be right on my markup below because I don't have my notes handy, but it's close
C:\Users\JON\Downloads\V50020_aboot_twrp_v2>adb shell
adb server is out of date. killing...
* daemon started successfully *
[email protected]:/ $ su
su
[email protected]:/ # df
df
Filesystem Size Used Free Blksize
/dev 959256.0K 128.0K 959128.0K 4096
/sys/fs/cgroup 959256.0K 12.0K 959244.0K 4096
/mnt/asec 959256.0K 0.0K 959256.0K 4096
/mnt/asec/com.mojang.minecraftpe-1 29688.0K 28108.0K 1580.0K 4096
/mnt/obb 959256.0K 0.0K 959256.0K 4096
/system 1548144.0K 1427960.0K 120184.0K 4096 Some free space for grow or user add system apps
/cache 1548144.0K 703612.0K 844532.0K 4096 I don't see using all this space in normal system operation
/data 10234424.0K 5400448.0K 4833976.0K 4096 I think I have a whole bunch of stuff on here so ignore this
/forever 64496.0K 4172.0K 60324.0K 4096
/forever/addon 1548144.0K 1010428.0K 537716.0K 4096
/mnt/shell/emulated 10234424.0K 5400448.0K 4833976.0K 4096
/storage/emulated 959256.0K 0.0K 959256.0K 4096
/mnt/media_rw/sdcard1 31154688.0K 27072640.0K 4082048.0K 32768
/storage/sdcard1 31154688.0K 27072640.0K 4082048.0K 32768
/storage/emulated/0 10234424.0K 5400448.0K 4833976.0K 4096
/storage/emulated/0/Android/obb 10234424.0K 5400448.0K 4833976.0K 4096
/storage/emulated/legacy 10234424.0K 5400448.0K 4833976.0K 4096
/storage/emulated/legacy/Android/obb 10234424.0K 5400448.0K 4833976.0K 4096
[email protected]:/ # cat /proc/partitions
cat /proc/partitions
major minor #blocks name
7 0 30177 loop0
179 0 15267840 mmcblk0
179 1 8192 mmcblk0p1
179 2 4096 mmcblk0p2
179 3 8192 mmcblk0p3
179 4 1572864 mmcblk0p4 system
179 5 1572864 mmcblk0p5 cache
179 6 2048 mmcblk0p6
179 7 65536 mmcblk0p7
179 8 1572864 mmcblk0p8 addon
179 9 2048 mmcblk0p9
179 10 32768 mmcblk0p10
179 11 2048 mmcblk0p11
179 12 10397696 mmcblk0p12 data
179 32 4096 mmcblk0boot1
179 16 4096 mmcblk0boot0
179 48 31166976 mmcblk1
179 49 31162880 mmcblk1p1
254 0 30177 dm-0
[email protected]00n:/ # ^C
These thing at $200 at Walmart a week ago, very good deal, considering they had the Nabi2 at $179 right next to it.

Hi, just got this tablet today and I'm puzzled as why the Nabi website says this is supposed to have a Tegra 4 CPU but in CPU-Z it says is an Intel Atom Z3745. Many thanks for any info.
Sent from my DMTAB-IN08A using Tapatalk

Omegadrive said:
Hi, just got this tablet today and I'm puzzled as why the Nabi website says this is supposed to have a Tegra 4 CPU but in CPU-Z it says is an Intel Atom Z3745. Many thanks for any info.
Sent from my DMTAB-IN08A using Tapatalk
Click to expand...
Click to collapse
Interesting. Initially this was to be an Intel CPU tablet(see CES articles from Feb), then it came out as Tegra4. Look at you model number. The "IN08A" versus the "NV08A". This is a first for Fuhu. So this recovery certainly won't work. Do you have fastboot?

aicjofs said:
Interesting. Initially this was to be an Intel CPU tablet(see CES articles from Feb), then it came out as Tegra4. Look at you model number. The "IN08A" versus the "NV08A". This is a first for Fuhu. So this recovery certainly won't work. Do you have fastboot?
Click to expand...
Click to collapse
Haven't attempted to root or install recovery, but it could be that they have both tablets at Costco, first one she tried to scan didn't matched the sku and she went and got another one, I will take it back today and make sure the model number starts with NV, I was actually expecting a Tegra CPU which is way better than a crappy Atom.
Sent from my DMTAB-IN08A using Tapatalk

Omegadrive said:
Haven't attempted to root or install recovery, but it could be that they have both tablets at Costco, first one she tried to scan didn't matched the sku and she went and got another one, I will take it back today and make sure the model number starts with NV, I was actually expecting a Tegra CPU which is way better than a crappy Atom.
Sent from my DMTAB-IN08A using Tapatalk
Click to expand...
Click to collapse
This recovery definitely won't work on the Intel one. I think I typo'd above, it NV08B not A

aicjofs said:
This recovery definitely won't work on the Intel one. I think I typo'd above, it NV08B not A
Click to expand...
Click to collapse
Just came back from Costco, ended up returning it, there is no info on the boxes that says the model number anywhere, so didn't risk it. Thanks anyway.
Sent from my XT910 using Tapatalk

So is there any viable method to root the Intel version? At this point I'd be happy with just knocking out the bloat so my kid can actually install apps.

pm1066 said:
So is there any viable method to root the Intel version? At this point I'd be happy with just knocking out the bloat so my kid can actually install apps.
Click to expand...
Click to collapse
You can try towelroot. Only version 1 worked on the nvidia. Likely depends on software version and if futex exploit was patched in kernel.

I'll check it out. Don't want to brick my kid's toy!

Warning !! Locked Bootloader after OTA 1.3.7 Update
Seems they might have locked the bootloader in the OTA 1.3.7
adb reboot-bootloader
fastboot boot recovery.img
downloading 'boot.img'...
FAILED (remote: Bootloader is locked.)
finished. total time: 0.003s
The OTA 1.2.9 didn't do this, and I as able to still fire over the TWRP custom recovery just fine
fastboot oem unlock
...
(bootloader) Showing Options on Display.
(bootloader) Use device keys for selection.
(bootloader) erasing userdata...
(bootloader) erasing userdata done
(bootloader) erasing cache...
(bootloader) erasing cache done
(bootloader) unlocking...
(bootloader) Bootloader is unlocked now.
OKAY [ 71.105s]
finished. total time: 71.105s
Bootloader is now unlocked again but at the expense of basically a factory reset (losing all outside data and apps)
And the question I'm left with now is how do I apply any future OTA without having to dump the data again *Grin* ?
Thanks again aicjofs

Since this is the only thread I've found that even mentions the DreamTab, I'm going to hope someone can help me. Basically my DreamTab was bricked with the latest OTA. Upon restarting after the update, I get the DreamTab logo "powered by android" and then after, it goes to the generic "android" boot animation, rather than the DreamTab animation. (The word android in the old font in a greenish color that has a "shine" moving across it) I've let it sit on this screen for a while, but it never moves beyond it. I've done a factory reset through the recovery kernel, but that doesn't seem to have helped anything. I am RMAing the device, but if I can avoid the 2+ of transit and such, I would like to. Any chance I can flash the OTA through the recovery kernel and possibly fix this? If so, any chance someone actually has the OTA zip? Thanks in advance.

chikimonke said:
Since this is the only thread I've found that even mentions the DreamTab, I'm going to hope someone can help me. Basically my DreamTab was bricked with the latest OTA. Upon restarting after the update, I get the DreamTab logo "powered by android" and then after, it goes to the generic "android" boot animation, rather than the DreamTab animation. (The word android in the old font in a greenish color that has a "shine" moving across it) I've let it sit on this screen for a while, but it never moves beyond it. I've done a factory reset through the recovery kernel, but that doesn't seem to have helped anything. I am RMAing the device, but if I can avoid the 2+ of transit and such, I would like to. Any chance I can flash the OTA through the recovery kernel and possibly fix this? If so, any chance someone actually has the OTA zip? Thanks in advance.
Click to expand...
Click to collapse
Do you know if it's the Intel or Nvidia version?
I am sure I have stock backup of nvidia in my archives somewhere, but haven't uploaded it.

aicjofs said:
Do you know if it's the Intel or Nvidia version?
I am sure I have stock backup of nvidia in my archives somewhere, but haven't uploaded it.
Click to expand...
Click to collapse
How would one tell?

chikimonke said:
How would one tell?
Click to expand...
Click to collapse
I'm at work, but I think on the back in says something like NV8B, or IN8A. nv for nvidia, in for intel.

aicjofs said:
I'm at work, but I think on the back in says something like NV8B, or IN8A. nv for nvidia, in for intel.
Click to expand...
Click to collapse
nvidia it is. Is this something that can flashed through the stock recovery? Because if this doesn't work, I still want to be able to use the RMA that I have setup.

chikimonke said:
nvidia it is. Is this something that can flashed through the stock recovery? Because if this doesn't work, I still want to be able to use the RMA that I have setup.
Click to expand...
Click to collapse
No you would have to temp load TWRP to RAM(no flashing to nand), then restore. I could upload the OTA that's flashable with stock recovery, it might work if it happens to update the right files but if you have something corrupt it will fail the SHA1 checks. You were going from 1.2.9 to 1.3.7?
Let me know how you want to proceed.

aicjofs said:
No you would have to temp load TWRP to RAM(no flashing to nand), then restore. I could upload the OTA that's flashable with stock recovery, it might work if it happens to update the right files but if you have something corrupt it will fail the SHA1 checks. You were going from 1.2.9 to 1.3.7?
Let me know how you want to proceed.
Click to expand...
Click to collapse
Alright, if I understand correctly, I could try the OTA first, then if that doesn't work try with TWRP. The temporary TWRP method, does it require unlocking the bootloader? I'm not familiar with loading a recovery only in RAM. And yes, going from 1.2.9 to 1.3.7. Thanks for your help.

Samsung General Galaxy Core LTE SM-G386F knowledge base

In this thread I would like to gather all information about custom roms, recoveries, kernels and root methods suitable for the Samsung Galaxy Core LTE SM-G386F, so that people don't have to look up every single thread in order to find (or, which is true in most of the cases, to not find) their desired solutions. Also this may get developers interested which would be good since there is nearly no developing going on at the moment. It would be very kind of the mods if they'd made this thread a sticky so that everybody can easily access the information.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
DEVICE SPECIFICATIONS
Display - PLS capacitive touchscreen, 16M colors; 540 x 960 pixels, 4.5 inches (~245 ppi pixel density)
Internal Memory - 8 GB, 1 GB RAM
Connectivity - GPRS; EDGE; HSPA; LTE, Cat4, 50 Mbps UL, 150 Mbps DL; Wi-Fi 802.11 b/g/n, Wi-Fi Direct, DLNA, Wi-Fi hotspot; Bluetooth v4.0, A2DP; NFC;
Camera - Back: 5 MP, 2592 х 1944 pixels, autofocus, LED flash; Front: 0,3 MP
CPU - Renesas MP5232 dual-core SoC (1,2 GHz)
Graphics Chip - PowerVR SGX544
Sensors - Accelerometer, proximity, compass
GPS - with A-GPS, GLONASS
LATEST STOCK ROM
Android OS, v4.2.2
Release date: August 2014
Country: Italy
PDA: G386FXWUANG1
CSC: G386FITVANH1
Download: http://rapidgator.net/file/6a9315a968157e27400354cc6850bfcd/XEF-G386FXWUANG1-20140805095652.zip.html
HOW TO ROOT
First of all: I am NOT responsible for any damage the following guides may do to your phones. Use them at your own risk! If you don't know what you're doing - stop! You have been warned.
Currently there is only one working root method (thanks to freb123 for letting me know!).
Root via Chimera tool
EDIT: You can now manually root your devices!
The necessary files can be downloaded from here: sendbox.fr/pro/yagmbf4ke22i/g386froot.zip.html (thanks to freb123 again for providing us with the files! )
These files can be flashed through ODIN and/or adb. The only thing you need to do is to change the file extension from .md5 to .tar (thanks to mstefanski1987 for figuring that out!)
Note: You still need to install supersu from Google Play after flashing.
Again: Use this at your own risk and only if you're completely aware of what you're doing.
Download ODIN 3.07: http://www.mediafire.com/download/khxp78iwthsukji/Odin+3.07+BY+taringuero_d+.rar
Download Samsung USB driver: http://developer.samsung.com/board/download.do?bdId=0000000700&attachId=0000000001
Requirements - Computer running Windows XP or above; Chimera Tool: https://chimeratool.com/application/142; All-in-one driver package: https://pics.chimeratool.com/drivers/chimera_drivers.exe; USB debugging enabled in phone
1. Download the linked packages
2. Install the drivers first and the program itself afterwards
3. Launch chimera tool
4. You will have to log in in order to proceed. To do so you'll need to sign up for a free chimera account here: https://chimeratool.com/register (this account expires after three days)
5. Connect your phone via USB with USB debugging enabled
6. If the phone is recognized correctly, the program will display your device model and five options (Info, Repair, Root/Unroot, Firmware Update and Factory Unlock)
7. Click "Root/Unroot"
8. The rooting process is automated so everything from 7. on should happen automatically. However, the program prompted me to manually enter download mode. If that's the case, simply disconnect your phone from USB, turn it off and enter download mode by following the on-screen instructions. After entering download mode reconnect your phone via USB and rooting should finish.
9. Since the program does NOT install supersu, you'll have to manually install it via Google Play.
10. That's it - your device is rooted!
CUSTOM ROMS & KERNELS
None yet
CUSTOM RECOVERY (TWRP,CWM)
None yet
Note: This thread will be updated as soon as I receive new information about the listed sections. If there is anything you wish to add or contribute (I'd love you to do that, believe me ) feel free to comment!

Thx for this thread.
Could we use the root.tar.md5 downloaded by chimera and root directly with adb or odin ?

freb123 said:
Thx for this thread.
Could we use the root.tar.md5 downloaded by chimera and root directly with adb or odin ?
Click to expand...
Click to collapse
It should work, I'll give it a try when I'm on my Windows PC and report back.
Btw: You can also use the thanks-button if you want to thank me

Thx for this thread, my Core LTE will appreciate :good:

freb123 said:
Thx for this thread.
Could we use the root.tar.md5 downloaded by chimera and root directly with adb or odin ?
Click to expand...
Click to collapse
Do you know where chimera tool puts the downloaded files? I can't seem to find them.
If they can be taken from any directory, flashing via ODIN or adb should be no problem, since that's what the tool does as well.

bchzmlsn said:
Do you know where chimera tool puts the downloaded files? I can't seem to find them.
If they can be taken from any directory, flashing via ODIN or adb should be no problem, since that's what the tool does as well.
Click to expand...
Click to collapse
Yes, in the directory where you launh chimera (/backup/gm-386), but files are deleted after root. You can get them just after chimera asks you to put the phone off.
If you are already rooted, you need to unroot your phone to see them again ! (voodoo ota root keeper can help you...)
I send you the link to the file in PM (can't include a link, not enough posts in the forum).
sendbox.fr/pro/yagmbf4ke22i/g386froot.zip.html

freb123 said:
Yes, in the directory where you launh chimera (/backup/gm-386), but files are deleted after root. You can get them just after chimera asks you to put the phone off.
If you are already rooted, you need to unroot your phone to see them again ! (voodoo ota root keeper can help you...)
I send you the link to the file in PM (can't include a link, not enough posts in the forum).
sendbox.fr/pro/yagmbf4ke22i/g386froot.zip.html
Click to expand...
Click to collapse
Thank you!
I've updated the initial post and attached the files.

When i try to use attached file with Odin 3.07 I get this:
Code:
<OSM> Enter CS for MD5..
<OSM> Check MD5.. Do not unplug the cable..
<OSM> Please wait..
<OSM> MD5 hash value is invalid
<OSM> sm-g386f_root.tar.md5 is invalid.
<OSM> End...
What am I doing wrong?
I am trying to get root so I can dump recovery image and start working on it. Any help is appreciated.
EDIT:
Figured it out, I had to change extension from .tar.md5 to .tar.
MANUAL ROOT METHOD IS WORKING.
EDIT 2:
I've added CWM to builder queue: builder-clockworkmod-com/done?build_id=16f0aab3c75f41c0a46f1aa4fdb4b407

There is a recovery.img file in the archive (open the .tar with winrar).

it made my day, can confirm that manual root works

By uploading this file I can void some flag or triangle or it is with samsung signature ?
PS I know root is nonlegal

I've dumped boot.img and I'll try to create recovery later today.
Partition table for reference:
Code:
major minor #blocks name
253 0 153600 zram0
179 0 7634944 mmcblk0
179 1 1024 mmcblk0p1
179 2 20480 mmcblk0p2
179 3 6144 mmcblk0p3
179 4 6144 mmcblk0p4
179 5 6144 mmcblk0p5
179 6 2048 mmcblk0p6
179 7 2048 mmcblk0p7
259 0 8192 mmcblk0p8
259 1 10240 mmcblk0p9 - kernel
259 2 10240 mmcblk0p10 - recovery
259 3 2048 mmcblk0p11
259 4 6144 mmcblk0p12
259 5 32768 mmcblk0p13
259 6 6144 mmcblk0p14
259 7 6144 mmcblk0p15
259 8 256 mmcblk0p16
259 9 2048 mmcblk0p17
259 10 204800 mmcblk0p18
259 11 1510400 mmcblk0p19 - system
259 12 51200 mmcblk0p20
259 13 5730304 mmcblk0p21 - data
179 16 4096 mmcblk0boot1
179 8 4096 mmcblk0boot0
Well, I tried. Any idea why I get this after trying to boot freshly compiled recovery? Is bootloader locked or what?
Normal boot logo byt with red exclamation mark in the top left corner and then nothing.
i-imgur-com/32XyqR5.jpg
EDIT: Trying again, will post results. Here is my recovery.fstab:
Code:
# mount point fstype device [device2]
/tmp ramdisk
/efs ext4 /dev/block/mmcblk0p2
/boot emmc /dev/block/mmcblk0p9
/recovery emmc /dev/block/mmcblk0p10
/cache ext4 /dev/block/mmcblk0p18
/system ext4 /dev/block/mmcblk0p19
/preload ext4 /dev/block/mmcblk0p20
/data ext4 /dev/block/mmcblk0p21
/sdcard vfat /dev/block/mmcblk1p1

mstefanski1987 said:
I've dumped boot.img and I'll try to create recovery later today.
Partition table for reference:
Code:
major minor #blocks name
253 0 153600 zram0
179 0 7634944 mmcblk0
Well, I tried. Any idea why I get this after trying to boot freshly compiled recovery? Is bootloader locked or what?
Normal boot logo byt with red exclamation mark in the top left corner and then nothing.
i-imgur-com/32XyqR5.jpg
Click to expand...
Click to collapse
Maybe because your recover is not valid ( samsung signature )
Like in my question above.
If you upload sm-g386f_root.tar you will have red exclamation ? or something else ?

No, everything worked ok.

After uploading of this file all work fine, root working, but in samsung phone info app we have "Bootloader version: unknow". But I think, after reflash of original ROM it will be overwrited.

freb123 said:
There is a recovery.img file in the archive (open the .tar with winrar).
Click to expand...
Click to collapse
There is but flashing it won't get you to CWM recovery (or I am doing something wrong). That's why I am trying to compile ClockWorkMod on my own.
I have little to none experience with compiling anything for android (built sony xperia j kernel from sources once). So far I've managed to fail once - compiled CM11 CWM instead of CM 10.1 and without modyfing recovery.fstab, which I presumed would be autogenerated from boot.img. I've fixed thoe mistakes and I will try to compile it again today.
In the meantme I've found that little red exclamation mark signifies that the device has been rooted at least once, so I guess it is not a problem to boot custom recovery once I get compiling it right.
Many fails are inbound, as I learn all the things along the way. Wish me luck.

mstefanski1987 said:
Figured it out, I had to change extension from .tar.md5 to .tar.
MANUAL ROOT METHOD IS WORKING.
Click to expand...
Click to collapse
Thank you very much, manual root method is really working if you rename the file ! For me this is the only root method that works :good: (root method with chimera tool does not work for me (device is listed as "unknown") )

mstefanski1987 said:
Figured it out, I had to change extension from .tar.md5 to .tar.
MANUAL ROOT METHOD IS WORKING.
Click to expand...
Click to collapse
Thank you very much!
I've put this into the initial post

Core 4G - Best price now
In France the Samsung Core 4G is at 119 euros
Compared to Wiko Kite or Archos 45 HELIUM 4G, I'd like to buy that one.
But, the best configuration would be with the last kitkat OS.
So, I'd like to root, install if possible CyanogenMod...
If I understand all the discussion, it seems to be possible to root it (possible for France ?)
Can we install CyanogenMod ?

eleger91 said:
If I understand all the discussion, it seems to be possible to root it (possible for France ?)
Can we install CyanogenMod ?
Click to expand...
Click to collapse
Salut. Oui le root est possible (la méthode manuelle semble bien marcher), par contre il n'y a pour l'instant ni custom recovery, ni rom kitkat.
Root is possible (manual method is ok) but no custom recovery and no kitkat rom.

Custom Recovery for rooted 6th Gen Fire HD 8 Tablets? (Exploratory Discussion)

I was just wondering if the partition structure on the 5th gen fire hd tablet was the same as the 6th gen.
Looked at
HTML:
https://developer.amazon.com/public/solutions/devices/kindle-fire/specifications/01-device-and-feature-specifications
to compare hardware. It does bear same chipset manufacture as Fire HD 6 (2014)<KFARWI>,Fire HD 10 (2015)<KFTBWI>, and Fire (2015)<KFFOWI>, so maybe they retain the same partitioning structure/scheme, which would be nice. Now that root is possible, can anyone advise if they have had any luck with flashing a custom recovery. I was about to cancel this post because I realize the bootloader is locked. However I was wondering if this might provide some pathways: https://forum.xda-developers.com/fire-hd/development/bootloader-unlock-t3129630 and apply to the 6th gen unit.
Food for thought. I might try it and see what happens. Unless someone more braver than me wants to try it, please advise. I'll look into it later.
TWRP on this would be sweet.
I did run this real quick:
Code:
C:\dump\adt-bundle\sdk\platform-tools>adb shell
[email protected]:/ $ su
[email protected]:/ # cat /proc/partitions
major minor #blocks name
7 0 79688 loop0
179 0 15388672 mmcblk0
179 1 3072 mmcblk0p1
179 2 5120 mmcblk0p2
179 3 10240 mmcblk0p3
179 4 10240 mmcblk0p4
179 5 256 mmcblk0p5
179 6 500 mmcblk0p6
179 7 16268 mmcblk0p7
179 8 16384 mmcblk0p8
179 9 6144 mmcblk0p9
179 10 512 mmcblk0p10
179 11 8192 mmcblk0p11
179 12 10240 mmcblk0p12
179 13 1024 mmcblk0p13
179 14 5120 mmcblk0p14
179 15 5120 mmcblk0p15
179 16 40320 mmcblk0p16
179 17 1024 mmcblk0p17
179 18 1024 mmcblk0p18
179 19 1653024 mmcblk0p19
179 20 434176 mmcblk0p20
179 21 512 mmcblk0p21
179 22 16384 mmcblk0p22
179 23 4320 mmcblk0p23
179 24 13138927 mmcblk0p24
179 96 4096 mmcblk0rpmb
179 64 4096 mmcblk0boot1
179 32 1024 mmcblk0boot0
179 33 2 mmcblk0boot0p1
179 34 2 mmcblk0boot0p2
179 35 256 mmcblk0boot0p3
179 36 747 mmcblk0boot0p4
[email protected]:/ #
15388672 mmcblk0 might be the recovery partition as noted from that other thread linked above.
eh...scratch that..i guess based on older rsa bug which later fire OS fixed. oh well.might still try it though since have more powerful permissions now (su).

For Reference <or enlightenment>
MT8163
CPU ISA CPU CPU cache GPU Memory technology Wireless radio technologies Released
ARMv8 1.3 GHz quad-core ARM Cortex-A53 Mali-T720 MP2 @ 520 MHz Wi-Fi, Bluetooth, FM, GPS Q2 2015
Acer B3-A20-K8UH
BQ Aquaris M10
Asus ZenPad 10 (Z300M)
Asus ZenPad 8.0 (Z380M)
Amazon Fire HD (6th generation)
from: https://en.wikipedia.org/wiki/List_of_devices_using_Mediatek_tablet_processors
https://www.asus.com/zentalk/thread-88877-1-1.html
https://forum.xda-developers.com/android/general/guide-bq-aquaris-m10-freezerhd-twrp-root-t3523833
I found bootimg.exe and extracted the boot.img from the .bin file to take a peek...but I think if any changes were made and file recreated and flashed over would presumably fail due to locked bootloader. Not sure if this unit is unlocked, just had the same chipset..I dunno.Just looking at things.lol.

smokejumper76 said:
For Reference <or enlightenment>
MT8163
CPU ISA CPU CPU cache GPU Memory technology Wireless radio technologies Released
ARMv8 1.3 GHz quad-core ARM Cortex-A53 Mali-T720 MP2 @ 520 MHz Wi-Fi, Bluetooth, FM, GPS Q2 2015
Acer B3-A20-K8UH
BQ Aquaris M10
Asus ZenPad 10 (Z300M)
Asus ZenPad 8.0 (Z380M)
Amazon Fire HD (6th generation)
from: https://en.wikipedia.org/wiki/List_of_devices_using_Mediatek_tablet_processors
https://www.asus.com/zentalk/thread-88877-1-1.html
https://forum.xda-developers.com/android/general/guide-bq-aquaris-m10-freezerhd-twrp-root-t3523833
I found bootimg.exe and extracted the boot.img from the .bin file to take a peek...but I think if any changes were made and file recreated and flashed over would presumably fail due to locked bootloader. Not sure if this unit is unlocked, just had the same chipset..I dunno.Just looking at things.lol.
Click to expand...
Click to collapse
I'm thinking it's definitely locked. I ran a few commands from adb while in fastboot mode and always get back that the commands aren't allowed on locked hw.

unlock
try fastboot getvar all
it will shows an unlock_code

emas73 said:
try fastboot getvar all
it will shows an unlock_code
Click to expand...
Click to collapse
yes. However, is this the public key? They (mediatek <chipset manufacture SOC>/amazon <brand name>/quanta computer <the actual manufacturer> might use 2 key firmware signing. So, they will have a master private (secret) key. and each device has a generated public key unique to each device. Those 2 keys get crypto'd together to sign the firmware/bootloader. So, as a result only firmware signed by the master key can be loaded on the device. I can be totally wrong. But the more people asking questions, researching, arguing (lol), etc., the closer we may get to trying to find a way to unlock the bootloader. I hope a way will be found. I will give the first person to find a way a big shinny nickel (I'm a cheap bastard).

Under developer options is a setting called OEM unlocking.
I tried enabling it, but it will not stick.
I wonder where this is located in the code...
Sent from my KFGIWI using Tapatalk

I don't have this tablet, but I have the Asus Z380M (same chipset). I was just wondering, has anyone even tried to build and flash a custom recovery onto this device? We just made a TWRP build for the Z380M and it boots and works perfectly. Best part: you don't even have to unlock the bootloader! Everyone's just assuming that a locked bootloader will refuse to boot unofficial images. But has this been tested? It should at least be able to boot self-signed images. Since you have root already, it shouldn't be too hard to flash a recovery. See this thread here for some information that might help you. There's even a method to flash stuff onto a locked MediaTek device from a PC that might work for this Fire HD.

diplomatic said:
I don't have this tablet, but I have the Asus Z380M (same chipset). I was just wondering, has anyone even tried to build and flash a custom recovery onto this device? We just made a TWRP build for the Z380M and it boots and works perfectly. Best part: you don't even have to unlock the bootloader! Everyone's just assuming that a locked bootloader will refuse to boot unofficial images. But has this been tested? It should at least be able to boot self-signed images. Since you have root already, it shouldn't be too hard to flash a recovery. See this thread here for some information that might help you. There's even a method to flash stuff onto a locked MediaTek device from a PC that might work for this Fire HD.
Click to expand...
Click to collapse
You win the internet today! I looked at that thread:
https://forum.xda-developers.com/android/development/twrp-custom-recovery-asus-zenpad-8-0-t3588765
You need a scatter file (partition structure file) for the particular device. However making a scatter seems to be pretty easy <and i wouldn't be surprised if the partition structure is somewhat similar due to being same the same chipset..but I'd rather have one for the actual device..lol> I'm sure there is a thread here on XDA too on how to make a scatter file. Then just apply those instructions to that that zenpad thread. Very interesting indeed!
:
https://androidmtk.com/create-scatter-file-for-mtk-devices
So, maybe this is theoretically possible. I might try it, but someone else I'm sure will beat me to it (hint hint)...<and maybe do a write up>. I'll hmm and haw and look into it. Good work!

diplomatic said:
I don't have this tablet, but I have the Asus Z380M (same chipset). I was just wondering, has anyone even tried to build and flash a custom recovery onto this device? We just made a TWRP build for the Z380M and it boots and works perfectly. Best part: you don't even have to unlock the bootloader! Everyone's just assuming that a locked bootloader will refuse to boot unofficial images. But has this been tested? It should at least be able to boot self-signed images. Since you have root already, it shouldn't be too hard to flash a recovery. See this thread here for some information that might help you. There's even a method to flash stuff onto a locked MediaTek device from a PC that might work for this Fire HD.
Click to expand...
Click to collapse
So I tried creating a scatter file, but I'm not having much luck. I don't think MTK Droid Tools works with later MediaTek Chipsets like the mt8163.
It brings up the following info when I load it up USB debugging enabled and phone connected and device shows up via "adb devices" command:
Code:
Hardware : MT8163
Model : KFGIWI
Build number : LVY48F
Build date UTC : 20160918-002858
Android v : 5.1.1
Baseband v: -----
Kernel v : 3.18.19-g9fc382b ([email protected]) (gcc version 4.9 20140514 (prerelease) (GCC) ) #1 SMP Sun Sep 18 00:32:41 UTC 2016
But clicking on the "Blocks Map" button just shows
Code:
bmtpool scatter/00000000 byte size 0
And that's it.
Then, I tried to "manually" create it. In an ADB shell there are tutorials that show you to issue the command:
Code:
cat /proc/mtd
but I don't get anything:
Code:
[email protected]:/ $ cat /proc/mtd
dev: size erasesize name
Tried it via su and same thing. Any ideas?

Wait, before you bother with creating the scatter file and what not, have you checked to see if your tablet exposes the MediaTek USB interface that Flashtool can use? When you plug in the USB cable with the tablet powered off, do you get a Mediatek Preloader USB VCOM device (VID 0E8D, PID 2000) on your PC? What about when you hold the volume up or volume down as you plug in? Do you see a Mediatek USB Port (VID 0E8D, PID 0003)? If you get the first one, that's good. If you get the latter one, that's very good, because that's the boot ROM that's built into the SoC. It's independent of any code on the EMMC, so may be able to flash stuff even to a bricked unit.
When I made the scatter file for the Z380M, I did it the cowboy way. The droid tools didn't work for me either, of course. All the information you need to make the scatter file is already on the GPT. You just need to read back the first few sectors of the "disk" and save it on your computer. Then use your favorite hex editor and a hex calculator to crunch the LBA numbers into partition addresses and sizes. This is the information that every scatter file boils down to.
I believe you don't need to have an accurate scatter file to read back data. You can start with the one from the Z380M, and then see if you can read back anything with SP Flash Tool. At the same time, you can check if your tablet exposes the low-level USB interfaces.
But if you already have root, why don't you just try to build a recovery for your device and flash it with Busybox/dd? I mean, I don't think there's anything that SP Flash Tool can do for you that you can't already do with a root shell...except to serve as an emergency flashing option. That was kind of the point of my last post.

smokejumper76 said:
You need a scatter file (partition structure file) for the particular device. However making a scatter seems to be pretty easy <and i wouldn't be surprised if the partition structure is somewhat similar due to being same the same chipset..but I'd rather have one for the actual device..lol> I'm sure there is a thread here on XDA too on how to make a scatter file. Then just apply those instructions to that that zenpad thread. Very interesting indeed!
Click to expand...
Click to collapse
Did you or anyone else ever get anywhere with this? I didn't mean to say you have to do it all yourself. I can help you build the scatter file, etc. if you send me the GPT (i.e. first 4KB or so of mmcblk0).

diplomatic said:
Did you or anyone else ever get anywhere with this? I didn't mean to say you have to do it all yourself. I can help you build the scatter file, etc. if you send me the GPT (i.e. first 4KB or so of mmcblk0).
Click to expand...
Click to collapse
So far as I know, it's not possible to make a scatter file for the HD 8...at least not possible for UNROOTED ones. Amazon has several security and locking features in place which lock that information on the other side of the bootloader. So programs such as MTK Droid Tools, won't be able to read the code to create a scatter file. Unfortunately this is the case with nearly every phone with a locked bootloader, unless your provider or manufacturer allows it to be unlocked through official channels.
Looking on the deepweb I've seen posts in forums in China (where a significant portion of one click rooting software comes from) and there is supposedly exploits for the newest MTXXXX's, but I have yet to find anything. There are very few exploits for the MT8XXX types. Most exploits are for the MT6XXX types.

DragonFire1024 said:
So far as I know, it's not possible to make a scatter file for the HD 8...at least not possible for UNROOTED ones. Amazon has several security and locking features in place which lock that information on the other side of the bootloader. So programs such as MTK Droid Tools, won't be able to read the code to create a scatter file. Unfortunately this is the case with nearly every phone with a locked bootloader, unless your provider or manufacturer allows it to be unlocked through official channels.
Click to expand...
Click to collapse
Well, I'm talking about creating the scatter file manually, like I did for my locked/unrooted Asus ZenPad 8.0. No root tools or any special apps necessary. I'm not sure you understand what a scatter file contains. It is simply the partition layout of the device's flash memory and some parameters of each partition relevant to SP Flash Tool. If you have root and busybox you already have everything you need to make one. Just read back the GPT (dd if=/dev/block/mmcblk0 of=gpt.bin bs=4K count=1) and open with a hex editor and do some number crunching. It might even be possible to read the flash memory of a locked device with SP Flash Tool.

diplomatic said:
Well, I'm talking about creating the scatter file manually, like I did for my locked/unrooted Asus ZenPad 8.0. No root tools or any special apps necessary. I'm not sure you understand what a scatter file contains. It is simply the partition layout of the device's flash memory and some parameters of each partition relevant to SP Flash Tool. If you have root and busybox you already have everything you need to make one. Just read back the GPT (dd if=/dev/block/mmcblk0 of=gpt.bin bs=4K count=1) and open with a hex editor and do some number crunching. It might even be possible to read the flash memory of a locked device with SP Flash Tool.
Click to expand...
Click to collapse
I'm just saying. Plug my Fire HD 8 into the PC> load MTK Droid Tools> Click blocks map> bmtpool 00000000 000000 size: 0

DragonFire1024 said:
I'm just saying. Plug my Fire HD 8 into the PC> load MTK Droid Tools> Click blocks map> bmtpool 00000000 000000 size: 0
Click to expand...
Click to collapse
Did you get a chance to try the dd method above, sounds like that should work to get a peek at the partitions?

growlre said:
Did you get a chance to try the dd method above, sounds like that should work to get a peek at the partitions?
Click to expand...
Click to collapse
I have not.