Bypassing bootloader lock on Moto RAZR. Possible for us? - Motorola Milestone Android Development

I came across this thread (featured on frontpage).
They have managed to bypass the locked bootloader of the motorola RAZR. Maybe we can port this to the milestone somehow?

fingers crossed ..

Trying not to get too excited...
First time I think we are really close to something...

We can boot custom kernel for a long time already, using 2nd-boot, which is very similar to kexec.
The problem has always been the Wrigley 3G BP, which we are not able to get working after the start of the second kernel. And there seems to be no way to reinitialize it.
The Razr is using MDM6600 BP, which is rather easy to get working after kernel restart.
So, this kexec stuff won't help us in any way.

Pavel, you're saying that at some point there was a working 2ndboot project that just couldn't reinit the 3G radio?
Is there any files kicking around on a Github project or Dropbox account that I could take a look at? I'm mostly just curious.

I tracked down some info about that project and yeah, it's been dead for a while now.
Wiki:
http://droid-developers.org/wiki/2ndboot
Code Rep:
https://bitbucket.org/droiddev/2ndboot/

2 months ago skirllaz_cz was working on it...... that was what is last known by me...i dont know if he gave up or not ...any news??

Sorry...
http://forum.xda-developers.com/showthread.php?p=24918641
Wysłane z mojego MB526 za pomocą Tapatalk

Related

[Crack-Prj] BOINC Project for bruteforcing Milestone's RSA Keys

Hi all!
As you all know, the 2ndboot and vulnerability hunting project has started months and months ago, one with some results (but still not useful), and the other without any result.
As far as we're seeing, finding a vulnerability in Milestone is nearly impossible.. it's powered by military equipment from TI (OMAP) and, well... I'm not discrediting the work done by droid-developers where I've put my partecipation (yakk, xvilka, Bavilo etc...) but I think that they're getting a bit off-road as they're now setting their own AOSP for Milestone without going on with vulnerability hunt.
The 2ndboot project seems died, as they've tried to boot MBM with 2ndboot for re-initing the modem, but failed. And it seems that modem reinit is almost impossible.
So, cracking the RSA key it's not an easy thing to do, but we can almost try, setting a BOINC project and giving our CPUs to the work: we can crack it in seconds, days, weeks, months.. or we can FAIL, but at this point it's worth trying to do it, as all the methods tried seems to be a fail...
Well, what I'm tryin' to do with this thread?
I need your collaboration and your help for this project as we need processing power. The more we have, less would be the time for finding the key.
I think that if we started this thing months ago, now we'd be able to flash our custom ROMs.
I can provide the BOINC server as I've got a dedicated server w/Linux (Gentoo) or FreeBSD, but I need help for setting it as I've never done a BOINC project and I don't know how it works.
Are you with me?
The Eugenia Project Developer
-kholk
Havnt a clue how to do it but you have my CPU at your disposable
I'm in
Sent from my A853 using XDA App
Same here
I'm in 2 keep us posted about your further development!
Just create the project at boinc so we can start helping.
I'm in, I just need instruction on how to set it up
Sent from my Milestone using XDA App
Well my boinc is set up wait, im sure there must be a how to guide or something but i guess it isn't going to be easy good luck man
Sent from my Milestone using XDA App
+1 ^_______^
count me in kholk
you've got a lot of my proccesing power with my computer turned on almost 24/7
you can count on my dual core when ever im online!
Hope someone can help us with this and set up BOINC project on your server
I think many people will join this project once this is running.
I am in, 24x7, 1 C2Q and 2 C2D available
but I think CUDA and Stream is much faster.
zacthespack said:
Well my boinc is set up wait, im sure there must be a how to guide or something but i guess it isn't going to be easy good luck man
Click to expand...
Click to collapse
In windows and mac os is easy, since you have a wizard to guide the steps required.
In linux there's lots of differents ways (I only use gentoo).
I will dedicate 2 computers that will be online 24/7, both with dual cores in them, only to run for this project. That means the usage of full processing power on each, and I'll let my Macbook do the odd running too. Let us know the details once you have this up and running, and we can get this show on the road. I too feel it's the only way we're going to get this working.
MrP.
MrPadie said:
I will dedicate 2 computers that will be online 24/7, both with dual cores in them, only to run for this project. That means the usage of full processing power on each, and I'll let my Macbook do the odd running too. Let us know the details once you have this up and running, and we can get this show on the road. I too feel it's the only way we're going to get this working.
MrP.
Click to expand...
Click to collapse
Same here, I have my homeserver with core2duo (idle most of time) so I'll give full power to it. Also, I can install in my notebook to help.
count me in! we may get lucky - against all odds breaking the RSA
Hopefully a BOINC that supports GPU, this way I have an ATI 5870 to help!
I've got a full cluster totally dedicated to this, as well as all my home computers. Hopefully it gets set up soon!
So far we have lots of volunteer who can provide processing power.....but yet to have someone who knows how to make it work...anyone?
Ps.you've got additional power from me.
Sent from my Milestone

[Q] bootloader unlock possible?

Since I heard motorola isn't going to unlock bootloaders I'm thinking of getting a different device. However if it is possible for a dev to get the job done I will gladly wait. So is it possible for a dev to crack this phone? Or rather must we wait for Motorola?
Sent from my MB865 using Tapatalk
Unfortunately we will have to wait for an unlocked version of the bootloader to be leaked, and or found through cheesecake. This is how the OG Atrix was unlocked. I have found a way to DOS the bootloader, but it will brick the device at the same time, so it is possible to overload the bootloader temporarily, but once the phone is booted, it corrupts the initrd boot image, so you can only run the changed kernel once. Until we can figure a more stable way to use that information, we will have to wait for the leaked version or cheesecake.
Heck why not get another phone and still hang on to this one to play with? That is what I am doing. I am also in the process of locating an LTE version of the galaxy nexus, to play with on ATT's network, so I will have both phones to play with.
jimbridgman said:
Unfortunately we will have to wait for an unlocked version of the bootloader to be leaked, and or found through cheesecake. This is how the OG Atrix was unlocked. I have found a way to DOS the bootloader, but it will brick the device at the same time, so it is possible to overload the bootloader temporarily, but once the phone is booted, it corrupts the initrd boot image, so you can only run the changed kernel once. Until we can figure a more stable way to use that information, we will have to wait for the leaked version or cheesecake.
Heck why not get another phone and still hang on to this one to play with? That is what I am doing. I am also in the process of locating an LTE version of the galaxy nexus, to play with on ATT's network, so I will have both phones to play with.
Click to expand...
Click to collapse
funds prevent me from buying another device. i think im still within my 30 days but the only phone better was the gs2 and they wouldnt let me get that one as my a2 was an exchange for my nexus s. they gave me 600 bucks credit and gs2 was 650 bucks. i suppose im stuck. i have 4 lines so ill have to wait for my upgrade. shoot by then att might have the galaxy nexus. well ill just sit back and have some fun with it and check for updates on cheesecake. this is such a great phone with SO much potential. i just dont like having to sit on stock for so long. i really enjoy flashing any rom i can and trying every devs work. i wonder if by moto saying they wouldnt unlock bootloaders that meant what we would find on cheesecake or official releases OTA.

[Q] Rooting a new droid ultra 4.4?

Ok, so I have been scouring the interwebs for 4 hours now, and I am getting 100 conflicting stories. I am not sure if I can post youtube links, but one says That I can use Kingo (didn't work for me) another was from FrenchGrape100 Neither worked for me, downloaded everything they said, did it all OTA. If anyone has any information, please reply.
Thank you in advance!
~Kevin D.
Okay, here's a TL;DR on the Droid lineup root situation. Essentially, you're out of luck at this point. No root for you! (Or for me, or for a lot of other annoyed users out there. You're not alone.)
Let me reiterate: if you currently have a brand new Droid running 4.4, no root is possible at the moment.
That being said, you're probably getting mixed accounts of this because of the following. Droid Maxx/Ultra/Mini sounds a lot like the Moto X--and they're very similar phones. However, the Moto X DOES have root on 4.4. It's a complicated process that involves downgrading to 4.2, installing a backdoor, and upgrading again to 4.4, then using the backdoor to regain root access. However, as the Droid Maxx/Ultra/Mini have locked bootloaders, it is not possible to downgrade after accepting the OTA upgrade to KitKat 4.4, and most new phones in the lineup are being shipped out with 4.4 already installed.
The first inkling of possible root was when noted dev and exploit-master jcase mentioned, tangentially and on twitter, that he HAD found an exploit for our phones. However, the exploit is not suitable for casual user usage, and still doesn't unlock write protection on the phone, making it essentially useless. Oh, and as a result of the locked write protection, root would be lost any time you restarted the phone. Jcase will be revealing the exploit at the blackhat conference this coming August as a teaching tool, but don't expect it to turn into anything we'll be seeing a solution out of.
The next glimmer of hope came a few weeks ago; remember how I said we couldn't downgrade because of our locked bootloaders? Some Motorola employee started selling bootloader unlock codes for the Droid lineup. You could send the guy 40 bucks and your IMEI number and he'd send you back a device-specific code to unlock your bootloader. Which through an even more complicated process, does eventually allow for root. However, as of about 2ish (?) weeks, the guy selling the codes has stopped; it seems like he/she/them/it/whatever no longer has access to the database containing the unlock codes. A few lucky people got codes before that happened--the process seemed sketchy, and those of us like myself who hesitated are now left with locked down phones.
So yeah, at various points, it's been possible to get root--which, when trying to read up on this stuff, makes it a tad hard to follow.
No root now, though, not if you're already on KitKat 4.4.
Sorry for the disappointment. Keep your ear to the ground in case someone offering codes pops up again and is legit--but I wouldn't hope too hard.
I am one among those few lucky people who got code and unlocked the BL and enjoying root now in 4.4.
@Jumnhy
However, the Moto X DOES have root on 4.4. It's a complicated process that involves downgrading to 4.2, installing a backdoor, and upgrading again to 4.4, then using the backdoor to regain root access. However, as the Droid Maxx/Ultra/Mini have locked bootloaders, it is not possible to downgrade after accepting the OTA upgrade to KitKat 4.4,
Click to expand...
Click to collapse
I want to add only one extra info to make things more clear. Actually BigRed's Moto X is also coming with locked / encrypted BootLoaders like DroidMini/Maxx/Ultra, but since its 4.4 update came first and without signature verification / check and hence downgrading was possible in its case. But in 4.4 of Droid series, the mistake was corrected and downgrade was IMPOSSIBLE.
So Droid users with 4.4 and NO root has to live without root in the future, unless any wonder occurs (like the earlier code purchase).
Moral of the Story:
If you want root access in Droid or other BigRed's phones, buy their Dev edition in future.
Good clarification. Missed that point myself!
This is really disheartening. I had one Droid Maxx back before the update and like an idiot, I updated without researching first. Now I got my insurance to replace the phone hoping that they'd send me one which hasn't been updated yet and instead they sent me one with 4.4 pre-installed. So I started researching and I thought it was possible because I saw a thread where an XDA user... Einstein something or other... said he got the downgrade to work. I think I'm just going to sell the phone and either try to buy one without the update or get a different phone.
ThunderWulf said:
This is really disheartening. I had one Droid Maxx back before the update and like an idiot, I updated without researching first.
Click to expand...
Click to collapse
my dear thunder, you are not alone.... i miss tethering my internet....
nerdyplayer said:
my dear thunder, you are not alone.... i miss tethering my internet....
Click to expand...
Click to collapse
Tethering does not require root. Now if you want wireless hotspot no frills then yes you need root.
You could use easy tether pro to tether just fine without root. But if you wanted to share that connection with more devices the first one would have to remain on. You can bridge the connection to your wireless card and share it.
Sent from my Nexus 7 using Tapatalk
kanagadeepan said:
I am one among those few lucky people who got code and unlocked the BL and enjoying root now in 4.4.
@JumnhyI want to add only one extra info to make things more clear. Actually BigRed's Moto X is also coming with locked / encrypted BootLoaders like DroidMini/Maxx/Ultra, but since its 4.4 update came first and without signature verification / check and hence downgrading was possible in its case. But in 4.4 of Droid series, the mistake was corrected and downgrade was IMPOSSIBLE.
So Droid users with 4.4 and NO root has to live without root in the future, unless any wonder occurs (like the earlier code purchase).
Moral of the Story:
If you want root access in Droid or other BigRed's phones, buy their Dev edition in future.
Click to expand...
Click to collapse
Do you mind sort of breaking down the process you did once you got the code and how the code was styled. Alpha-numeric? 10 digits? Things like that. I am considering that since there is a code and method for unlocking the device in an offline setting, that could be bruteforced using strong hardware GPU. (Which I tend to have these days thanks to virtual currencies.)
I am going to run on the assumption Motorola won't lock out a user for multiple incorrect attempts but who knows.
netuoso said:
Do you mind sort of breaking down the process you did once you got the code and how the code was styled. Alpha-numeric? 10 digits? Things like that. I am considering that since there is a code and method for unlocking the device in an offline setting, that could be bruteforced using strong hardware GPU. (Which I tend to have these days thanks to virtual currencies.)
I am going to run on the assumption Motorola won't lock out a user for multiple incorrect attempts but who knows.
Click to expand...
Click to collapse
It's a 20 digit Alpha numeric code. You enter the code in fastboot mode using the command fastboot oem unlock <code> Since there are 36^20 possible combinations good luck bruteforcing THAT
I think the BL unlock is no longer available from what I have been reading. If anyone has had success lately please correct me.
Sent from my DROID MAXX using Tapatalk
BladeRunner said:
It's a 20 digit Alpha numeric code. You enter the code in fastboot mode using the command fastboot oem unlock <code> Since there are 36^20 possible combinations good luck bruteforcing THAT
Click to expand...
Click to collapse
I know that this question is rhetorical, as reverse engineering this is probably not possible, but is it full alphabet, or only the hex characters a-f for the alpha characters? That's a smaller alphabet. (Also, if it is upper and lower case letters, that's at least a 62 character alphabet, so 62^20. If they are just hex digits, that's "just" 16^20.)
doogald said:
I know that this question is rhetorical, as reverse engineering this is probably not possible, but is it full alphabet, or only the hex characters a-f for the alpha characters? That's a smaller alphabet. (Also, if it is upper and lower case letters, that's at least a 62 character alphabet, so 62^20. If they are just hex digits, that's "just" 16^20.)
Click to expand...
Click to collapse
full alphabet and I have only seen upper case letters
unlock code
an21281 said:
I think the BL unlock is no longer available from what I have been reading. If anyone has had success lately please correct me.
Sent from my DROID MAXX using Tapatalk
Click to expand...
Click to collapse
I just tried to purchase the code. Be guy says no more 2013 codes. Only 2014 production
JarMagic said:
I just tried to purchase the code. Be guy says no more 2013 codes. Only 2014 production
Click to expand...
Click to collapse
Very interesting...
JarMagic said:
I just tried to purchase the code. Be guy says no more 2013 codes. Only 2014 production
Click to expand...
Click to collapse
Some late '13 are getting it anyway...

StraightTalk SCH-968C info

I am basing this thread on "[Q] How To Root the Straight Talk SCH-S968C Samsung Galaxy S III" (the latter portion of it)
Hey all, creating a new thread on this as it has blew up in the past couple of days and got the original thread all sorts of off topic. I am sharing my findings here in hopes that it will help others get Lollipop running on their StraightTalk S3 (or KK roms based off of CM after the 9/7 updates).
First a little history. Before the unified roms I was running d2vzw LiquidSmooth without any issue, then in late Feburary (2/26) the S3Unified rom was built, putting the correct rilblobs in /system/lib upon boot (if I am reading the code right that is). This was when I noticed that the Unified rom broke the S3 ST phone (no data), so I spent a couple of days researching and learning how to build roms and came up with this commit to LiquidSmooth, I noticed a few days later that it was pulled into the CM source, so all roms were back to working with our phone. I also vaguely remember something with rilblobs needing reverted around this time. So at this time, everything was working, up until the 9/7 CM updates where the rilblobs were once again changed. I worked with one of the CM devs (invisablek) on this issue and we were never really able to figure out what the issue was, the radio was throwing all sorts of odd error messages and would never connect. During that time there was enough of a change that even the old rilblobs wouldn't work (spent about a week worth of evenings trying to no avail). So I ended up giving up until 5.0 hit.
Yesterday I came across a d2lte CM12 build! Flashed it and was quite impressed to see everything working except mobile (both calling and data). In that thread I ran across the first linked thread here and seen that inserting a sim card seemed to work, so I hit up a coworker (on AT&T) and asked him if I could borrow his sim. He agreed, so I pulled the battery, popped in the sim and was AMAZED to see mobile working again, did a test call, browsed on 3g, and everything was working quite well. Got home last night and found an old (deactivated) sim card in my basement, popped it and have ran CM12 all day. Hooked it up to the bluetooth head unit in the car, setup a second account for my son, taken a few pictures, everything seems to be working fine.
One thing that has bugged me for a while (which I rarely use) was that MMS stopped working (not sure exactly when, but I'd guess back on 2/26), so I spent some time today pulling apart files, modifying things, and really haven't gained much (at least for the stock MMS). I did get hangouts working as MMS by adding an apn (Hangouts -> Settings -> SMS -> SMS Enabled, then scroll to the bottom and click on Access Point Names, Add one with the following settings Name Verizon Internet, MMSC http://mms.vtext.com/servlets/mms MMS proxy and port are blank, MCC 311 and MNC 480 ). I haven't completely given up on the stock messenger app, but I am done with it tonight.
Here are the things I have done so far:
Modified build prop to include TracFone Settings
added apns-conf.xml to /system/etc (and modified it a few times)
a few different apps to change APN settings (seems like all of them fail)
If anyone wants, my wifes S3 hasn't been touched, so I can get any of the 4.1.2 rom files from it if its helpful to anyone. I did run across this but I haven't had time to try it yet, and I ran across another page where they modified the messenger.apk and changed some of the apn settings in there (definitely interested in looking into this).
Also to clarify, what I believe is happening here with the sim card is this, Verizon updated their RIL's to require a SIM (make sense since they use 4G), and if it doesn't find one it shuts down the radio in the phone, so until ST updates their RIL's, we will probably be stuck. It might be interesting to see if some could 'emulate' having a sim card in using a 3rd party app (its well beyond my programming capabilities I am afraid).
Sorry for my rambling, but I hope this has been helpful to someone, and I am hopeful that this will take off and let the ROOTING thread go back to helping people root . Please post any other SCH-968C findings you have here, maybe we can get a good collection of information in one place.
RiXtEr
@rixter13 so you're telling us that what we already suspected was true, we have figured out that the verizon device the roms are for requires a SIM so that's why we needed it also, we have suspected that the rom is trying to drive our device the same way it does the verizon, now, how do we remove the 4g function from the ROM so it bypasses needing the SIM or 4g function and just go straight for 3g as our phones normally would? or how do we mod the stock MMS apk so it plays nice with our 3g
also I consulted with motorhead at AA51 and explained what was happening with the roms on our device and he mentioned that the rils were gonna be a b****h, we've all been digging at this trying to get it surrounded, we've approached from every angle we can think of, its to the point that its gonna take some dev to fix
or call straight talk and get them to enter the APNs because they can't be entered manually on straight talk so we need a volunteer to call them and see if them doing the APNs will fix our issue, I have a feeling it won't because if the sim is required for the rom to work then even if the APNs are done by straight talk the SIM might mess that up because with the SIM in the system pulls the APNs from the SIM, so what is on the SIM might wipe out the APNs that straight talk enters from their end. I've stopped trying to think like the phone and started trying to think like the ROM, its gonna follow its programming unless we change the ROM, I no longer think the data tricks and edits are gonna work unless the ROM is cracked open and things for our phone spliced in and the verizon stuff taken out. Can this be done?
Sent from my SCH-S968C using Tapatalk
N_psycho_PD_uh? said:
@rixter13 so you're telling us that what we already suspected was true, we have figured out that the verizon device the roms are for requires a SIM so that's why we needed it also, we have suspected that the rom is trying to drive our device the same way it does the verizon, now, how do we remove the 4g function from the ROM so it bypasses needing the SIM or 4g function and just go straight for 3g as our phones nornally would? or how do we mod the stock MMS apk so it plays nice with our 3g
Sent from my SCH-S968C using Tapatalk
Click to expand...
Click to collapse
Well, unless StraightTalk (or someone else) comes out with android 4.4.4 rilblobs that don't force a SIM check we are stuck with the SIM card hack. The cm patches from 9/3/14 on are what caused our phones radio's to stop working properly.
As for the MMS issues, I haven't yet had the time to dig through the code to see what changed where (I am assuming I would be looking for a pre Unified commit 2/26 or around that time). I will try to tear apart that apk and look around in there for a smoking gun, but currently my PC is dead (lightening wiped out my motherboard) and I don't have any android tools on my wifes machine. So it may be a few days before I can get that done.
I will keep you posted on any progress (or lack thereof) on this, if anyone tries anything in this area (even if it doesn't work) I'd like to know about it so we don't waste more time running down the wrong path.
how about we have everybody pull logs, would that help?
Sent from my SCH-S968C using Tapatalk
N_psycho_PD_uh? said:
how about we have everybody pull logs, would that help?
Sent from my SCH-S968C using Tapatalk
Click to expand...
Click to collapse
So the radio logs often have the IMEI number in them, so we need to be careful there posting them, I can pull logs from a VM I have on my work computer and compare them to my wifes 'virgin' ST S3.
rixter13 said:
Well, unless StraightTalk (or someone else) comes out with android 4.4.4 rilblobs that don't force a SIM check we are stuck with the SIM card hack. The cm patches from 9/3/14 on are what caused our phones radio's to stop working properly.
As for the MMS issues, I haven't yet had the time to dig through the code to see what changed where (I am assuming I would be looking for a pre Unified commit 2/26 or around that time). I will try to tear apart that apk and look around in there for a smoking gun, but currently my PC is dead (lightening wiped out my motherboard) and I don't have any android tools on my wifes machine. So it may be a few days before I can get that done.
I will keep you posted on any progress (or lack thereof) on this, if anyone tries anything in this area (even if it doesn't work) I'd like to know about it so we don't waste more time running down the wrong path.
Click to expand...
Click to collapse
so users with non SIM compatable devices are screwed, I've got 4.4.4 on my KFHD7 and my S2E4GT and neither one of them are SIM compatable so how do they run 4.4.4 without one?
wait! let me guess, those devices have an internal SIM?
so you're saying that even if we strip all the verizon stuff we'll still need the SIM for anything 4.4.4 and up?
there's even a 5.0 for the S2E4GT
Sent from my SCH-S968C using Tapatalk
N_psycho_PD_uh? said:
so users with non SIM compatable devices are screwed, I've got 4.4.4 on my KFHD7 and my S2E4GT and neither one of them are SIM compatable so how do they run 4.4.4 without one?
wait! let me guess, those devices have an internal SIM?
Sent from my SCH-S968C using Tapatalk
Click to expand...
Click to collapse
Not exactly, you are comparing separate things here. Are either of those verizon phones? Also do they have a 'unified' build? If you look above at some of the commits for the d2lte unified build that I posted earlier, the proprietary file list changed around that time, which is where things like the gps, radio, camera, and barometer (along with other hardware specific) 'drivers' come from. We can go back and branch off of the cm build from early September which still uses the 4.1.2 rils from ST, but we would also have to modify certain other things that have changed from that point on to get to where CM is today. There is quite a bit of work involved trying to maintain a separated branch from them, a LOT of roms are based on CM and then they put their 'tweaks' on top of that.
rixter13 said:
Not exactly, you are comparing separate things here. Are either of those verizon phones? Also do they have a 'unified' build? If you look above at some of the commits for the d2lte unified build that I posted earlier, the proprietary file list changed around that time, which is where things like the gps, radio, camera, and barometer (along with other hardware specific) 'drivers' come from. We can go back and branch off of the cm build from early September which still uses the 4.1.2 rils from ST, but we would also have to modify certain other things that have changed from that point on to get to where CM is today. There is quite a bit of work involved trying to maintain a separated branch from them, a LOT of roms are based on CM and then they put their 'tweaks' on top of that.
Click to expand...
Click to collapse
so you're saying this only applies to verizon and the unified d2lte builds? Gotcha
Sent from my SCH-S968C using Tapatalk
---------- Post added at 08:46 PM ---------- Previous post was at 08:43 PM ----------
rixter13 said:
Not exactly, you are comparing separate things here. Are either of those verizon phones? Also do they have a 'unified' build? If you look above at some of the commits for the d2lte unified build that I posted earlier, the proprietary file list changed around that time, which is where things like the gps, radio, camera, and barometer (along with other hardware specific) 'drivers' come from. We can go back and branch off of the cm build from early September which still uses the 4.1.2 rils from ST, but we would also have to modify certain other things that have changed from that point on to get to where CM is today. There is quite a bit of work involved trying to maintain a separated branch from them, a LOT of roms are based on CM and then they put their 'tweaks' on top of that.
Click to expand...
Click to collapse
has anyone got anything from the ST S3 with 4.4? could we work with the ST 4.4 instead of the 4.1.2 to go off of? I think that model is the AT&T version instead of the verizon version of ST S3
Sent from my SCH-S968C using Tapatalk
N_psycho_PD_uh? said:
so you're saying this only applies to verizon and the unified d2lte builds? Gotcha
Sent from my SCH-S968C using Tapatalk
---------- Post added at 08:46 PM ---------- Previous post was at 08:43 PM ----------
has anyone got anything from the ST S3 with 4.4? could we work with the ST 4.4 instead of the 4.1.2 to go off of? I think that model is the AT&T version instead of the verizon version of ST S3
Sent from my SCH-S968C using Tapatalk
Click to expand...
Click to collapse
The good news (if there is such a thing) is we get a fresh start with Lollipop. It looks like the first efforts for the SIII was to DE-Unify the rom . The flipside of this coin is that the Lollipop builds are still buggy. Once I get my main machine back up and running, I may try to roll my own rom for the SCH968. I have compiled CM and Liquid roms, but never ventured out on my own yet.
N_psycho_PD_uh? said:
so you're saying this only applies to verizon and the unified d2lte builds? Gotcha
Sent from my SCH-S968C using Tapatalk
---------- Post added at 08:46 PM ---------- Previous post was at 08:43 PM ----------
has anyone got anything from the ST S3 with 4.4? could we work with the ST 4.4 instead of the 4.1.2 to go off of? I think that model is the AT&T version instead of the verizon version of ST S3
Sent from my SCH-S968C using Tapatalk
Click to expand...
Click to collapse
So RIL stands for Radio Interface Layer (essentially the radio drivers), so even if you could get them for the AT&T, they don't help us since our phone uses Verizon towers. And as far as I know, they are closed source and carrier specific, which is what makes this an almost impossible feat.
rixter13 said:
So RIL stands for Radio Interface Layer (essentially the radio drivers), so even if you could get them for the AT&T, they don't help us since our phone uses Verizon towers. And as far as I know, they are closed source and carrier specific, which is what makes this an almost impossible feat.
Click to expand...
Click to collapse
its a good thing that anything is possible, the trick is HOW? I'm actually kind of enjoying the challenge with this phone, my other devices have been easy compared to this one, this things like a finicky @$$ cat that got rubbed the wrong way! I'm actually learning something from you guys on this one, I might just go get another pain in the @$$ device when we get this one beat, I know everyone has tried with the H2 device but I'd like to find an exploit to root it so we can get what is in the H2 because its not available, I thought about just pulling what I can from it before I downgrade to root, kinda why I've waited to root it, gotta be a way to root this one
Question, does anyone know what part of the H1 had the vulnerabilities and is there a way to take these parts out of H1 while leaving everything else and apply those parts to the H2 to give it the same vulnerabilities so that stock H2 can be rooted, I've been trying to track down every root method I can find, I've read about rooting devices with another rooted device but they both have to be OTG capable, I've also wondered if there's a way to use the s-beam feature on this device to root it since it is another way to push or pull data to and from it, I know nothing of these things though, I'm just a thinker, but I do wonder about that and if anyone has tried even if its only remotely possible its worth a shot but it would take someone that knows way more than I, I learn fast but I wouldn't know where to start with that.
Sent from my SCH-S968C using Tapatalk
N_psycho_PD_uh? said:
its a good thing that anything is possible, the trick is HOW? I'm actually kind of enjoying the challenge with this phone, my other devices have been easy compared to this one, this things like a finicky @$$ cat that got rubbed the wrong way! I'm actually learning something from you guts on this one, I might just go get another pain in the @$$ device when we get this one beat, I know everyone has tried with the H2 device but I'd like to find an exploit to root it so we can get what is in the H2 because its not available, I thought about just pulling what I can from it before I downgrade to root, kinda why I've waited to root it, gotta be a way to root this one
Question, does anyone know what part of the H1 had the vulnerabilities and is there a way to take these parts out of H1 while leaving everything else and apply those parts to the H2 to give it the same vulnerabilities so that stock H2 can be rooted, I've been trying to track down every root method I can find, I've read about rooting devices with another rooted device but they both have to be OTG capable, I've also wondered if there's a way to use the s-beam feature on this device to root it since it is another way to push or pull data to and from it, I know nothing of these things though, I'm just a thinker, but I do wonder about that and if anyone has tried even if its only remotely possible its worth a shot but it would take someone that knows way more than I, I learn fast but I wouldn't know where to start with that.
Sent from my SCH-S968C using Tapatalk
Click to expand...
Click to collapse
Chainfire could root the H2's. It'd be best to ask him.
heXacode said:
Chainfire could root the H2's. It'd be best to ask him.
Click to expand...
Click to collapse
how do I go about doing that? He's a complete stranger to me, I've used plenty of things that are his though
Sent from my SCH-S968C using Tapatalk
Speaking of the H2, what android version is on it?
N_psycho_PD_uh? said:
how do I go about doing that? He's a complete stranger to me, I've used plenty of things that are his though
Sent from my SCH-S968C using Tapatalk
Click to expand...
Click to collapse
You could find his profile here. Or G+. He will probably be extremely busy and probably has 100's of people talking to him.
rixter13 said:
Speaking of the H2, what android version is on it?
Click to expand...
Click to collapse
4.1.2.
As stated by Straight Talk they never push out new android versions. Whatever phone you get is gonna stay on that version for good.
heXacode said:
You could find his profile here. Or G+. He will probably be extremely busy and probably has 100's of people talking to him.
4.1.2.
As stated by Straight Talk they never push out new android versions. Whatever phone you get is gonna stay on that version for good.
Click to expand...
Click to collapse
yeah its 4.1.2 why?
the H1 and H2 are identical except for the patched kernel and the fact that H2 has two different versions itself, a qcom and a exynos
Sent from my SCH-S968C using Tapatalk
N_psycho_PD_uh? said:
yeah its 4.1.2 why?
Sent from my SCH-S968C using Tapatalk
Click to expand...
Click to collapse
No explanation as to why. They just don't handle that kind of thing which sucks.
heXacode said:
You could find his profile here. Or G+. He will probably be extremely busy and probably has 100's of people talking to him.
4.1.2.
As stated by Straight Talk they never push out new android versions. Whatever phone you get is gonna stay on that version for good.
Click to expand...
Click to collapse
yeah I know, I'd rather try myself than bother him, he has bigger fish to fry than a prepaid ST, even if it is one of the better S3's (H2/qcom anyways)
Sent from my SCH-S968C using Tapatalk
---------- Post added at 10:37 PM ---------- Previous post was at 10:33 PM ----------
Im gonna like seeing what I can do with CM on 2Gb RAM with no bloat!
Sent from my SCH-S968C using Tapatalk
So to give an idea of what we need, here are the ST (older) rilblob files (ignore the dates listed below):
-rw-r--r-- 1 root root 3.7M Dec 3 19:46 libril-qc-qmi-1.so
-rw-r--r-- 1 root root 49K Dec 3 19:45 libril.so
and here are the new ones (VZW):
-rw-r--r-- 1 root root 2.5M Feb 28 2008 libsec-ril.so
-rw-r--r-- 1 root root 53K Feb 28 2008 libril.so
(the same files as the later ones are found on Lollipop as well)
I am looking into how to decompile a .so file at the moment.
rixter13 said:
So to give an idea of what we need, here are the ST (older) rilblob files (ignore the dates listed below):
-rw-r--r-- 1 root root 3.7M Dec 3 19:46 libril-qc-qmi-1.so
-rw-r--r-- 1 root root 49K Dec 3 19:45 libril.so
and here are the new ones (VZW):
-rw-r--r-- 1 root root 2.5M Feb 28 2008 libsec-ril.so
-rw-r--r-- 1 root root 53K Feb 28 2008 libril.so
(the same files as the later ones are found on Lollipop as well)
I am looking into how to decompile a .so file at the moment.
Click to expand...
Click to collapse
so do you intend to swap or decompile both and paste parts of the ST into the other? Just trying to reason out what you are doing for myself so I understand it better, I am pretty new at this depth, been rooting and romming a short time but only been into modding system for about two months or so so don't get too far over my head, I can follow you but don't take it for granted that I understand what you are saying, I'm learning, you won't have to wait on me ill catch up quick just give ne the time and resources.
Sent from my SCH-S968C using Tapatalk
---------- Post added at 11:18 PM ---------- Previous post was at 11:05 PM ----------
to give you an idea when, CM11 4.4 was the first ROM I ever flashed lol
Sent from my SCH-S968C using Tapatalk

A huge help here guys... soft or hard bricked?

First things first... bear with me because the story is long
A friend of mine was trying to update his Xoom 2 MZ608 to some custom rom from here (I really don't remember which one was).... but it seems he is a very anxious person and tried to flash a MZ602 into this MZ608 tablet... well, unnecessary to say he bricked the tablet...
Few days later, after he struggled at all efforts he could find, he totally gave up and sold this device to me.... I really thought it would be an easy job, as long I'm used to do these things.... but, turns out, it wasn't =D
what is happening?
the tablet got stuck on Motorola logo with Dual-Core written below of it...
- i cannot access RSD, for some weird reason
- when I try to go to Android Bootloader, i got a "battery low, cannot program" message ((even if the tablet spent 2 days plugged))
- for some reason, SOMETIMES i can access using fastboot, but, as long something is completely messed up inside, the tablet can't read the battery values property and turn off way before i can send any command to it....
what you guys advice me to do?? I took this tablet into a Motorola certified shop here and they said me they don't do this kind of job anymore.... all 3 shops said the same thing....
any help?? =)
Cheers =)
Are you selling it? I would be interested in buying at a fair price.
I am the one compiling the Xoom roms again for Wingray. (using Schischu's sources)

Categories

Resources