S-OFF, LOCKED, Can't root - HTC Desire S

I've bought a phone which has S-OFF, ***LOCKED***, which I'm trying to root. I've seen many guides, read them but they are all from the point you have S-ON. I've tried manual ADB install of CWM but that fails, permission denied.
Any advice before I brick it ? The phone seems to be in a quasi state...not sure how I progress.
C:\Android>fastboot getvar all
(bootloader) version: 0.5
(bootloader) version-bootloader: 2.00.0002
(bootloader) version-baseband: 3822.10.08.04_M
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main: 2.10.401.8
(bootloader) product: saga
(bootloader) platform: HBOOT-7230
(bootloader) modelid: PG8810000
(bootloader) cidnum: 11111111
(bootloader) battery-status: good
(bootloader) battery-voltage: 3963mV
(bootloader) partition-layout: Generic
(bootloader) security: off
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: ebd3df7d
(bootloader) hbootpreupdate: 12
(bootloader) gencheckpt: 0

are you sure you are S-OFF? If so, you can try a pre-rooted rom.(Flash a recovery first)
http://forum.xda-developers.com/showthread.php?t=1183684

Have the same problem. It says ***Locked*** S-OFF. Don't know what to do. Before made RUU I have rooted my phone succesfully (one click root), but now can't do that in the same way. ;/

I wasn't sure if S-OFF was really off but everything I tried was failing. This was from a Win7 64 bit, I switch to Win7 32bit PC and SuperOneClick worked then!
I've got root, CWM recovery installed and all sorted so thank. Not sure why 64bit Windows 7 was causing a problem, nothing indicated it was but a 32 bit pc everything worked perfectly.

How you switch to windows 32bit?

Generally, when S-OFF, the only thing needed to be able to do just about anything - is to use a special PG88IMG.ZIP that includes latest reengineered bootloader and custom recovery.
I'm not sure if there is one in this forum, but it's easy to create.

Jack_R1 said:
Generally, when S-OFF, the only thing needed to be able to do just about anything - is to use a special PG88IMG.ZIP that includes latest reengineered bootloader and custom recovery.
I'm not sure if there is one in this forum, but it's easy to create.
Click to expand...
Click to collapse
Where could I get this? Or how it is called? Because I have no clue what I need to enter in google.

To begin with, search for PG88IMG.ZIP to understand, what it is and what it does.

You need to unlock the bootloader, the ***locked*** indicates its still locked. Use HTCDev or some other tool to unlock your bootloader. Not sure how S-off works for this phone, it might have just been re-locked, so try "fastboot oem unlock" i think is the command and it should unlock
Then you can flash a recovery image and then flash a zip file containing the su binary and app via recovery
Sent from my HTC One X using Tapatalk 2

Just flash a ROM from the INDEX
Do you have a custom recovery?
Swyped from my DesireS

stumpyz9 said:
You need to unlock the bootloader, the ***locked*** indicates its still locked. Use HTCDev or some other tool to unlock your bootloader. Not sure how S-off works for this phone, it might have just been re-locked, so try "fastboot oem unlock" i think is the command and it should unlock
Then you can flash a recovery image and then flash a zip file containing the su binary and app via recovery
Sent from my HTC One X using Tapatalk 2
Click to expand...
Click to collapse
Please, do not give suggestions when you don't know how things work - see the bold part of your own post. You wouldn't want someone that doesn't know exactly how motor works to fix your car, would you?
If he has S-OFF, there is no need to unlock bootloader and void warranty. Moreover, having S-OFF is better and more powerful than having unlocked bootloader. All the info is in the stickies, and you should go read them too.

Jack_R1 said:
Please, do not give suggestions when you don't know how things work - see the bold part of your own post. You wouldn't want someone that doesn't know exactly how motor works to fix your car, would you?
If he has S-OFF, there is no need to unlock bootloader and void warranty. Moreover, having S-OFF is better and more powerful than having unlocked bootloader. All the info is in the stickies, and you should go read them too.
Click to expand...
Click to collapse
Dont talk to me like i dont know what im talking about. Ive rooted and messed with plenty of phones. I based my advice off of my experience. Just because i dont know all of the specifics of a particular device doesnt really matter, all of HTCs devices operate basically the same. So maybe you shouldnt be worried about me and more worried about helping this guy like everyone else is. Its not up to you to decide if he wants to take my advice or not, thats for him to decide.
Sent from my HTC One X using Tapatalk 2

stumpyz9 said:
Dont talk to me like i dont know what im talking about. Ive rooted and messed with plenty of phones. I based my advice off of my experience. Just because i dont know all of the specifics of a particular device doesnt really matter, all of HTCs devices operate basically the same. So maybe you shouldnt be worried about me and more worried about helping this guy like everyone else is. Its not up to you to decide if he wants to take my advice or not, thats for him to decide.
Sent from my HTC One X using Tapatalk 2
Click to expand...
Click to collapse
You basically wrote that you don't know what you're talking about, and by suggesting to unlock bootloader on S-OFF phone you made it obvious beyond any doubt. Indeed, all of HTC devices operate the same, all of HTC devices have bootloader security, all of them more or less since eMMC introduction block write access to /system in bootloader, all of them can be unblocked by turning S-OFF or unlocking the bootloader.
Unlocking the bootloader voids the warranty and prevents /boot from being flashed from recovery, subjecting the user to constant kernel flashing through FASTBOOT for any ROM he wants to flash, while S-OFF allows full and undisturbed recovery functionality. Thus, bootloader unlock is inferior solution that should be avoided if possible, and suggesting it for a phone that already has S-OFF is BAD/not smart/pick whatever negative adjective you want.
Of course, all that is written in stickies, as I said, but I guess that you can't be bothered reading before writing, and when suggested to do so, prefer going all defensive. Yes, you don't know what you're talking about. I'm glad you rooted zillion devices, if you think it makes you know everything - read the info above again.
I already did my part to help the guy, and I don't have enough time for people that want everything laid out for them. If he's willing to use some Google and read - he'll get to his solution using my pointer, or somebody will point him to the relevant guide (and there is one in INDEX thread, AFAIK). The old debate of giving someone a fish vs teaching him fishing. I picked my side a long time ago.

Guys, don't be angry at each other
Thank you, you both helped me a lot. Big thanks )
Rooted my phone. If it's interesting I can tell how

NX3 said:
I've bought a phone which has S-OFF, ***LOCKED***, which I'm trying to root. I've seen many guides, read them but they are all from the point you have S-ON. I've tried manual ADB install of CWM but that fails, permission denied.
Any advice before I brick it ? The phone seems to be in a quasi state...not sure how I progress.
C:\Android>fastboot getvar all
(bootloader) version: 0.5
(bootloader) version-bootloader: 2.00.0002
(bootloader) version-baseband: 3822.10.08.04_M
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main: 2.10.401.8
(bootloader) product: saga
(bootloader) platform: HBOOT-7230
(bootloader) modelid: PG8810000
(bootloader) cidnum: 11111111
(bootloader) battery-status: good
(bootloader) battery-voltage: 3963mV
(bootloader) partition-layout: Generic
(bootloader) security: off
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: ebd3df7d
(bootloader) hbootpreupdate: 12
(bootloader) gencheckpt: 0
Click to expand...
Click to collapse
Lucky!
Looks like you're S-OFF'd and have SuperCID, which means you should be able to install any rom you like.
If I'm guessing correctly you have ENG hboot 2.00?
Just ignore the ***Locked***, as you're S-OFF'd you should do anything. How did you try to flash cwm?
Fastboot flash recovery?

(bootloader) version-bootloader: 2.00.0002
(bootloader) cidnum: 11111111
(bootloader) security: off
Click to expand...
Click to collapse
It looks like a xtcclip s-off so you've got a permanent s-off regardless which hboot you use.

Hi guys, i have the same problem. I'm *****Locked***** but s-off, so i made this: http://forum.xda-developers.com/showthread.php?t=1525100 but as i'm s-offed i don't need the 2nd pass (i think).. so in 3rd pass when i make this, the cmd tells me that im not allowed to install the recovery. What's wrong?

Read the answer in your original thread

Related

Current ROM is not stable, unable to flash most of the roms via TWRP with S-Off

Ok, I'll start from the beginning.
I purchased my phone from Rogers at April 2012. So it was Rogers stock 4.0.x rom, everything was locked at that time. I FORGOT the stock hboot/ruu version number for Rogers ONE XL.
From the time being, I rooted it, superCID, unlocked via HTC DEV. After these, I flashed customer recovery, and successfully flashed several roms from time being. Finally I stayed with ViperXL.
Then, facepalm s-off is released, and I s-offed my phone. Everything worked just fine.
The problem occurred when I started to flash sense 5 roms about couple weeks ago. I did not upgrade my firmware and I flashed sense 5 based roms (this is my bad), so I'm experiencing random reboot and signal drops. Then I upgraded my firmware using the instruction in this tread: http://forum.xda-developers.com/showthread.php?t=2423735 . I verified my installtion with ./fastboot gervar all . At this time, there were two warnings on the top of my bootloader: "tampered" and "unlocked".
So, at this time, I tried several sense 5 roms. My recovery at this time was TWRP 2.6.3.0. All the roms have one common problem on my phone: after I locked the screen and left my phone for a while, if I wanna wake my phone/display, nothing happened by pressing the power button. I have to press the power button for 10+ seconds to restart my phone. If I just left my phone for a short time and wake it, it will work properly.
I was thinking are these sense 5 problems, so I tried to flash cm roms yesterday. I followed the instructions in http://forum.xda-developers.com/showthread.php?t=2382933 to upgrade my RUU to 3.18. I flashed TWRP 2.6.3.0, and tried to flash cm 10.1 and 10.2. For cm 10.2, there were a lot of force close when I boot my phone. For cm 10.1, it is so unstable with random reboots as well as did not respond when I try to wake up the phone. I am not questioning CM's roms, I am sure there were something wrong with my phone or what I've done to it.
So, I tried to flash viper rom again with ruu 3.18 installed. The rom won't even boot...... However I found something interesting when I am flashing the viper rom. The size of ViperXL is 700+ MB while the size of CM 10.1 or 10.2 is around 180MB. The time it took to flash ViperXL was shorter than the time it took to flash CM roms.
Then I re-installed the RUU 3.18 update on my phone. Right now, the AT&T stock rom also will not respond after I left my phone idle for a moment......
User timmaaa kindly reminds me about something. I am posting the original post I started in another tread.
Originally Posted by snake3276120 View Post
After I ran the RUU 3.18 upgrade in this tread: http://forum.xda-developers.com/show....php?t=2382933
I boot into bootloader, and ran fastboot getvar all, the result is:
(bootloader) version: 0.5
(bootloader) version-bootloader: 2.14.0000
(bootloader) version-baseband: 0.24p.32.09.06
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main: 3.18.502.6
(bootloader) version-misc: PVT SHIP S-OFF
(bootloader) serialno: HT246W304864
(bootloader) imei: 359691041684351
(bootloader) product: evita
(bootloader) platform: HBOOT-8960
(bootloader) modelid: PJ8310000
(bootloader) cidnum: 11111111
(bootloader) battery-status: good
(bootloader) battery-voltage: 4122mV
(bootloader) partition-layout: Generic
(bootloader) security: off
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: dirty-97c9a06e
(bootloader) hbootpreupdate: 11
(bootloader) gencheckpt: 0
all: Done!
finished. total time: 0.061s
I'm assuming "(bootloader) version-main: 3.18.502.6" is the RUU version. I also flashed an hboot 2.14, it became 3.17.xxxxxxx. That'w why I am assuming this is the RUU number.
Ok, regardless of the build number or ruu...... I think there is something wrong with my bootloader. It doesn't matter which hboot I flash (hboot 2.14 with version-main 3.17/3.18, or hboot 2.15 with version-main 5.08), and I tried several twrp (2.4.4.0 and 2.6.3.0). The time it took to flash viper xl is really short while viper xl has 700MB. It is even shorter than the time I flash CM, which is around 180 MB. (Sorry for the bad English, I actually mean "The size of ViperXL is 700+ MB while the size of CM 10.1 or 10.2 is around 180MB. The time it took to flash ViperXL was shorter than the time it took to flash CM roms.")
I guess I'll start with the current AT&T stock rom (which still lose respond after I left the phone open for a while, and I have to press the power button for 10 secs to reset my phone)on hboot 2.14 and ruu 3.18. Root it, try to s-off again. Not sure if this will solve the problem.
Something interesting when I'm booting my phone, when the phone displays only the green HTC in the middle of the display, there is some text below it... saying something like "This is an internal build, do not distribute outside of HTC, failure may cause to law action". However, the AT&T stock rom I'm running right now does not have this.
timmaaa:
It's a bit hard to follow what you're saying there but here goes. It's not the RUU number it's the build number. An RUU is the program that updates your phone, the reason you see them referred to as the 3.18 RUU is because they're known by the build number that they update your phone to.
Did you check the md5 of the downloaded file as someone else suggested? It might be corrupt. Also, maybe you should try TWRP 2.6, versions 2.4.x and 2.5.x are well known as being very buggy, and I've seen people have issues with version 2.6.3 too. 2.6 is rock solid though.
The red text you see when the phone boots up is completely normal for a modified phone so you needn't worry about that. The reason the stock ROM doesn't have it is because the RUU has returned your phone to being completely stock, therefore not modified, therefore no red text.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
OK, I am wondering where I can get my RUU number......
Also, in this case, what I should do now? Install TWRP 2.6.0.0 and try to flash everything again?
Currently "tampered" is gone from my bootloader, only "unlocked" stays there.
Lol you've kinda mashed my quote in with your post there so it's hard for people to see where they begin and end.
What do you mean you want to get your RUU number? Like I said an RUU is a program, what exactly do you mean?
Sent from my Evita
timmaaa said:
Lol you've kinda mashed my quote in with your post there so it's hard for people to see where they begin and end.
What do you mean you want to get your RUU number? Like I said an RUU is a program, what exactly do you mean?
Sent from my Evita
Click to expand...
Click to collapse
Because some posts are saying RUU 3.17 or 3.18, so I got confused...... but as long as it's a program, I will assume they are talking about the firmware or bootloader after running RUU 3.17 or 3.18 upgrade.
timmaaa said:
Lol you've kinda mashed my quote in with your post there so it's hard for people to see where they begin and end.
What do you mean you want to get your RUU number? Like I said an RUU is a program, what exactly do you mean?
Sent from my Evita
Click to expand...
Click to collapse
I fixed the qoute
Just to be clear, after you ran the 3.18 RUU you booted the phone without making any modifications and the problem was still occurring, right? It seems to me that it might be some kind of hardware problem that's causing a sleep of death every time the phone goes into sleep mode.
Sent from my Evita
timmaaa said:
Just to be clear, after you ran the 3.18 RUU you booted the phone without making any modifications and the problem was still occurring, right? It seems to me that it might be some kind of hardware problem that's causing a sleep of death every time the phone goes into sleep mode.
Sent from my Evita
Click to expand...
Click to collapse
That's right, I didn't even flash recovery... Well, my stock rom just self-rebooted, and stuck at booting animation while adb is still able to recognize it, and I can issue a reboot from adb. This also applies to my sense 5 roms.
If it's hardware problem, looks like upgrading to hboot 2.15 ruined my hardware, which is hard to believe...... Everything works fine before I upgrade my hboot to 2.15
Unfortunately it isn't under warranty anymore either.
Sent from my Evita
timmaaa said:
Unfortunately it isn't under warranty anymore either.
Sent from my Evita
Click to expand...
Click to collapse
I know... it is unfortunate...
timmaaa said:
Unfortunately it isn't under warranty anymore either.
Sent from my Evita
Click to expand...
Click to collapse
I upgraded my hboot to 2.15 and I flashed MaginRom 4.0. At least it's booting...... looks like my recovery hates aroma installer.
snake3276120 said:
I upgraded my hboot to 2.15 and I flashed MaginRom 4.0. At least it's booting...... looks like my recovery hates aroma installer.
Click to expand...
Click to collapse
Confirm your hboot and baseband version and post here. You said it upgraded, but let's make sure it actually was completely successful.
Also, I think TWRP 2.6.3 has some bugs, not sure if AROMA is one of them. You might check the TWRP thread. But I believe other 2.6.x versions are very stable. I've been on 2.6.0 for a while, and everything seems to be working great, and don't remember any bug reports on that version.
Yeah I can confirm I've seen folks with bugs on 2.6.3 but I've been using 2.6 for months and not a single problem (and no reports of bugs from others).
Sent from my Evita
timmaaa said:
Yeah I can confirm I've seen folks with bugs on 2.6.3 but I've been using 2.6 for months and not a single problem (and no reports of bugs from others).
Sent from my Evita
Click to expand...
Click to collapse
I used 2.6.0.0 to flash my current magiorom 4..... well at least it is usable now, with app/sense/notification bar/wake phone do not respond sometimes... I'm not blaming the rom, I am blaming my phone... probably now it's the time to get a new one lol
redpoint73 said:
Confirm your hboot and baseband version and post here. You said it upgraded, but let's make sure it actually was completely successful.
Also, I think TWRP 2.6.3 has some bugs, not sure if AROMA is one of them. You might check the TWRP thread. But I believe other 2.6.x versions are very stable. I've been on 2.6.0 for a while, and everything seems to be working great, and don't remember any bug reports on that version.
Click to expand...
Click to collapse
Here you are, boss.
PS E:\Program Files (x86)> cd '.\Minimal ADB and Fastboot'
PS E:\Program Files (x86)\Minimal ADB and Fastboot> .\fastboot.exe getvar all
(bootloader) version: 0.5
(bootloader) version-bootloader: 2.15.0000
(bootloader) version-baseband: 1.31a.32.45.16_2
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main: 5.08.111.2
(bootloader) version-misc: PVT SHIP S-OFF
(bootloader) serialno:
(bootloader) imei:
(bootloader) product: evita
(bootloader) platform: HBOOT-8960
(bootloader) modelid: PJ8310000
(bootloader) cidnum: 11111111
(bootloader) battery-status: good
(bootloader) battery-voltage: 3874mV
(bootloader) partition-layout: Generic
(bootloader) security: off
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: dirty-de589c6eef
(bootloader) hbootpreupdate: 11
(bootloader) gencheckpt: 0
all: Done!
finished. total time: 0.061s
PS E:\Program Files (x86)\Minimal ADB and Fastboot>
Click to expand...
Click to collapse
I think the result is the same in thread http://forum.xda-developers.com/showthread.php?t=2423735
Quoted from the thread:
Install:
Installing the rom:
Download the rom and copy to your sdcard
Reboot to Recovery
Flash rom
I recommend you wipe data before or after flashing the rom
For root access, flash this: Flash this in recovery for root access
Reboot
OPTIONAL: Installing the Firmware (Warning: You MUST be S-OFF and Super CID to flash this! Flash at own risk!)
Reboot to bootloader (adb reboot bootloader if "USB Debugging" is enabled in Android)
Run: fastboot oem rebootRUU
Run: fastboot flash zip <PathToFirmware.zip>
If the output ends with "FAILED (remote: 90 hboot pre-update! please flush image again immediately)", run the previous command AGAIN
If it ends with "INFO..... OK", reboot to the bootloader: fastboot reboot-bootloader
Verify everything was successful by running: fastboot getvar all
(bootloader) version: 0.5
(bootloader) version-bootloader: 2.15.0000
(bootloader) version-baseband: 1.31a.32.45.16_2
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main: 5.08.111.2
(bootloader) version-misc: PVT SHIP S-OFF
(bootloader) product: evita
(bootloader) platform: HBOOT-8960
(bootloader) modelid: PJ8310000
(bootloader) cidnum: 11111111
(bootloader) battery-status: good
(bootloader) battery-voltage: 4140mV
(bootloader) partition-layout: Generic
(bootloader) security: off
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: dirty-de589c6eef
(bootloader) hbootpreupdate: 11
(bootloader) gencheckpt: 0
Click to expand...
Click to collapse
Reboot into Android: fastboot reboot or into recovery: fastboot reboot-recovery
Click to expand...
Click to collapse
Please refer to the attachment for a photo of my bootloader
Will TWRP 2.3.3.0 solve my problem? It looks like most roms recommend this recovery.... btw I'm running 2.6.0.0 at the moment.
No, changing TWRP won't solve your problem. You said you're using TWRP 2.6 now and that version is fine. I'd suggest trying one more time to do a clean flash, so wipe cache/dalvik cache/factory reset/system and install the ROM. Hell, do the wipe two or three times to be sure before installing.
Sent from my Evita
timmaaa said:
No, changing TWRP won't solve your problem. You said you're using TWRP 2.6 now and that version is fine. I'd suggest trying one more time to do a clean flash, so wipe cache/dalvik cache/factory reset/system and install the ROM. Hell, do the wipe two or three times to be sure before installing.
Sent from my Evita
Click to expand...
Click to collapse
lol thanks... Every time before I flash a new rom, I just format everything...
I don't know what to tell you then. There's nothing wrong with the ROMs you're using so it's either a case of user error or hardware failure of some kind.
Sent from my Evita
timmaaa said:
I don't know what to tell you then. There's nothing wrong with the ROMs you're using so it's either a case of user error or hardware failure of some kind.
Sent from my Evita
Click to expand...
Click to collapse
Thanks for all the help... I think it is hardware error... because I'm an electrical/computer engineer, I don't think I can't even handle flashing roms... Maybe I need to do more research lol
One XL is a nice phone, I don't wanna switch yet...
snake3276120 said:
Thanks for all the help... I think it is hardware error... because I'm an electrical/computer engineer, I don't think I can't even handle flashing roms... Maybe I need to do more research lol
One XL is a nice phone, I don't wanna switch yet...
Click to expand...
Click to collapse
Could you also try one last thing? Could you upgrade your twrp to latest release and try flashing cm 10.2 0310 nightly please.
Sent from my One X using Tapatalk 4
sandys1 said:
Could you also try one last thing? Could you upgrade your twrp to latest release and try flashing cm 10.2 0310 nightly please.
Sent from my One X using Tapatalk 4
Click to expand...
Click to collapse
Ok I'll do a backup and try tonight....latest twrp do u mean 2.6.3.0, or there is another new release?

[Q] Help with SuperCID/unlocked but unable to s-off

So I have finally decided to root my AT&T HOX and want to flash custom rom, and I am running into a little bit of problem hoping someone could help me out. I have researched maybe a hundred pages/threads and I thought I was ready, until I run into problem and realized there are still many situations that I could get into.
So here is what I did:
- I was originally on ATT 2.20.
1. Download and followed the X-Factor root exploit instruction, changed CID successfully, got the unlock token and successfully unlocked bootloader. (At this point, I 'remember' seeing I had S-OFF without doing any additional step)
2. Flashed recovery with TWRP 2.6.3.0.
3. Flashed CleanROM. Everything went smooth. But after half day of using, it started random reboot.
4. So I did some release on the CleanROM thread, and seeing people mentioned flashing the firmware from Turge would fix the random reboot problem. So I downloaded the firmware and I 'think' here are the steps I have done:
- fastboot oem lock
- fastboot oem rebootRUU
- fastboot flash zip <Turge firmware>
5. Here comes the problem, while flashing zip, I first got error about "remote: not allowed", then I tried it again and got "remote: 12 signature verify fail". Then it's the same error from that time on.
6. So I gave up, thinking to backout of RUU mode and research for another solution, but I couldn't get back to normal system boot, it always boot to bootloader, and now I start to notice it says "Tampered" and "S-On".
7. So I flash my unlocktoken again, now I got back to my system (CleanROM). But it still shows S-ON and Tampered.
8. Wanting to get S-OFF and not Tampered, so I tried to run the ATT RUU of 2.20, it failed many times without much useful error, (mostly unknown error), somehow I was finally able to get it flashed after I issued a "fastboot oem lock". Now I am back on ATT's 2.20 rom with SuperCID and no more Tampering but "RELOCKED".
9. Run X-Factor root exploit again hopping to get S-OFF again, but no luck, instead, it's now "UNLOCKED" and "Tampered" again. but realized I still have supersu, so I am rooted, and my TWRP is still there.
10. Run "revone" script trying to get S-OFF, but I got error code 1. According to revone's guide, error code 1 means I am likely to never get S-OFF again on my phone.
I have also read that:
- Having SuperCID and S-ON would brick the phone when trying to do a upgrade RUU or OTA.
- If I have S-OFF and back to S-ON then I will never get S-OFF again.
(bootloader) version: 0.5
(bootloader) version-bootloader: 1.14.0002
(bootloader) version-baseband: 0.19as.32.09.11_2
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main: 2.20.502.7
(bootloader) version-misc: PVT SHIP S-ON
(bootloader) serialno: HT25XW301606
(bootloader) imei: 359691044520966
(bootloader) product: evita
(bootloader) platform: HBOOT-8960
(bootloader) modelid: PJ8310000
(bootloader) cidnum: 11111111
(bootloader) battery-status: good
(bootloader) battery-voltage: 4053mV
(bootloader) partition-layout: Generic
(bootloader) security: on
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: 1a7fdca3
(bootloader) hbootpreupdate: 11
(bootloader) gencheckpt: 0
So my question is... is it true that my phone is just as-is and can never get S-OFF again? If I really cannot do S-OFF again, then I guess it's my own fault for not preparing enough, but just really wish i can still flash custom rom. So if there is still a way, i would like to give it a try.
Another question is, if I cannot do S-OFF again, how do I avoid running into the problem of a possible ATT OTA and brick my phone with the superCID, cuz seems like I cannot change the CID back without S-OFF.
If this issue was discussed before, I apologize, It's just too many information and scenario on the web and it's just not possible to read though all millions of pages.
Thanks.
1. All good, except that process doesn't give you s-off, that's an entirely different process.
2. All good.
3. All good.
4. Nowhere in the firmware instructions does it say you need to relock your bootloader so I'm not sure why you did that. You need to follow instructions exactly and not deviate from them. You actually need to have an unlocked bootloader, root, SuperCID, and s-off for the firmware to flash.
5. See above.
6. It says tampered because you still have root via Cleanrom, the tampered flag is normal. It says s-on because you never went through the s-off process.
7. All good.
8. The RUU wasn't needed at all.
9. Unlocked and tampered are completely normal for a phone with an unlocked bootloader and root.
10. That revone method isn't even for our phone (that's why it failed) so I don't know why you even tried that. Trying software/firmware/exploits for another device is a great way to brick your phone. Yes SuperCID + s-on + jb RUU = brick. If you get s-off and revert to s-on you can still get s-off again.
Conclusion:
You need to do a lot more research, it seems you're confused about what you're doing. It's very important to have a firm grasp on what you're doing when modifying your device because a lack of understanding leads to bricks, and leads to not being able to recover from situations you get yourself into. You never had s-off, but you absolutely can get s-off on your phone as long as you follow the right method, the Facepalm method (which is the only s-off method for this device).
Sent from my Evita

[Q] How do I remove S-On, Super CID, unroot and get completely back to stock

My phone has been having audio issues and I've ruled out everything on the software side.
Going to send it to HTC but I need to get back to stock obviously. Is there a specific order I should do these in? How does one get back to s-on? I assume removing super cid would be just like getting it only change the cid to HTC_001 or whatever, right?
How do I unroot?
And then of course I need to relock the bootloader, which if I'm not mistaken is as simple as running fastboot oem lock, right?
I basically need a step by step guide. I've searched around but haven't found everything exactly as I need it. Perhaps this could become a useful thread for others, with everything in one place.
Any help would be great, thanks in advance.
DRUMROT said:
My phone has been having audio issues and I've ruled out everything on the software side.
Going to send it to HTC but I need to get back to stock obviously. Is there a specific order I should do these in? How does one get back to s-on? I assume removing super cid would be just like getting it only change the cid to HTC_001 or whatever, right?
How do I unroot?
And then of course I need to relock the bootloader, which if I'm not mistaken is as simple as running fastboot oem lock, right?
I basically need a step by step guide. I've searched around but haven't found everything exactly as I need it. Perhaps this could become a useful thread for others, with everything in one place.
Any help would be great, thanks in advance.
Click to expand...
Click to collapse
IIRC the RUU for your device reverts all of that. Not 100% sure about the S-ON though.
I've read somewhere in another guild that it's necessary to first Relock your bootloader (using the oem lock command) and afterwards use the right RUU for your device...
I thought this could be helpful
Thanks for the tips.
Since I'm super cid, I can flash any RUU at this point. Any idea if locking my bootloader first will cause this to not be the case?
DRUMROT said:
Thanks for the tips.
Since I'm super cid, I can flash any RUU at this point. Any idea if locking my bootloader it first will cause this to not be the case?
Click to expand...
Click to collapse
I think to get S-OFF you have to use for example the All-in-one toolkit, I don't think relocking your bootloader will cause a S-on... But I think others may have more info about that. Planning on running an RUU for the first time myself
FantasyGamer said:
I think to get S-OFF you have to use for example the All-in-one toolkit, I don't think relocking your bootloader will cause a S-on... But I think others may have more info about that. Planning on running an RUU for the first time myself
Click to expand...
Click to collapse
Yeah, I'm assuming I'd have to do some more then just run the RUU.
I'd gladly give it a go but like I posted earlier, I'd like to know if there is a certain order to do this in. If I run the RUU before removing s-off, will that make things easier? Harder? No different?
Anyone?
Personally, I think it's easier to first run the RUU and then go back to S-ON, because while you're S-OFF you won't have problems with the RUU for your CID, and the All-in-one kit says that you need to run stock Rom and stock recovery before you can S-OFF. So actually, I don't think it's recommended first going S-ON and then running an RUU.
FantasyGamer said:
Personally, I think it's easier to first run the RUU and then go back to S-ON, because while you're S-OFF you won't have problems with the RUU for your CID, and the All-in-one kit says that you need to run stock Rom and stock recovery before you can S-OFF. So actually, I don't think it's recommended first going S-ON and then running an RUU.
Click to expand...
Click to collapse
Hmmm, all right. I've never used the all-in-one kit but I've noticed it has a "back to s-on" function so I'll give it a try. I'm on Linux so I need to run it in Wine (Windows emulator) so hopefully there's no hiccups.
DRUMROT said:
My phone has been having audio issues and I've ruled out everything on the software side.
Going to send it to HTC but I need to get back to stock obviously. Is there a specific order I should do these in? How does one get back to s-on? I assume removing super cid would be just like getting it only change the cid to HTC_001 or whatever, right?
How do I unroot?
And then of course I need to relock the bootloader, which if I'm not mistaken is as simple as running fastboot oem lock, right?
I basically need a step by step guide. I've searched around but haven't found everything exactly as I need it. Perhaps this could become a useful thread for others, with everything in one place.
Any help would be great, thanks in advance.
Click to expand...
Click to collapse
1)If you have put on a modified HBoot (such as to remove tampered or red warning) return to stock.
(only added this because if you S-on with modified HBoot it will brick your phone)
2)Run RUU.exe
3)Reset lock status flag
http://forum.xda-developers.com/showthread.php?t=2155955
4)S-ON your phone
http://androidforums.com/one-s-all-...-get-back-stock-moonshine-facepalm-s-off.html
---------- Post added at 01:15 PM ---------- Previous post was at 01:05 PM ----------
Edited that, If anyone notices a problem please post.
So, little question for myself.
Do I need to first Relock my bootloader?
Or can I just go and run an RUU? (I'm S-OFF)
FantasyGamer said:
So, little question for myself.
Do I need to first Relock my bootloader?
Or can I just go and run an RUU? (I'm S-OFF)
Click to expand...
Click to collapse
No, it doesn't need to be locked when S-OFF.
The most important is running the RUU that matches your CID. (since you are s-off it is easy to change the CID to whatever you want, and thus run whatever RUU you want)
i have bought a used htc one s and it had sense 5.5 based JB4.2.2 rom but i want to downgrade to stock firmware. kindly tell me which RUU i should use and how should i procede.
HBOOT shows tampered, unlocked and S-ON
and here is other details
Code:
sudo fastboot getvar all
[sudo] password for hasan:
(bootloader) version: 0.5
(bootloader) version-bootloader: 2.15.0000
(bootloader) version-baseband: 1.11.50.05.28
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main:
(bootloader) version-misc: PVT SHIP S-ON
(bootloader) serialno: SH267W
(bootloader) imei: 35990
(bootloader) product: vle
(bootloader) platform: HBOOT-8960
(bootloader) modelid: PJ4010000
(bootloader) cidnum: VODAP304
(bootloader) battery-status: good
(bootloader) battery-voltage: 4111mV
(bootloader) partition-layout: Generic
(bootloader) security: on
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: dirty-64bedd38
(bootloader) hbootpreupdate: 11
(bootloader) gencheckpt: 0
all: Done!
finished. total time: 0.061s
I tried RUU RUU_Ville_U_JB_45_S_HTC_Europe_3.16.401.8_Radio_1.11.50.05.28_10.27.50.08L_release_301814_signed_2_4 on windows 8.1 64bit but it is not detecting the phone at all
currently I am on linux so i hope you guys can suggest something relevant
thanks a lot

[Q]

Hi
begining statues of my phone:
my phone is one xl(evita) and relock , s-on then read more!
i did change cid of HTC__J15 to CW___001 and then s-on and relock the bootloader but now i can't unlock retry...!!
the old carrier was GCC but then relock is at&t !
please help me...
tnx
Why did you change it to the at&t CID? The at&t CID is blocked by htcdev. You need to go through the hassle of getting SuperCID so you can unlock your bootloader now. Plus, there's no advantage to having the at&t CID because you can't install any firmware from the standard Evita onto your middle eastern variant. This is a great example of why you shouldn't do anything when you don't know what you're doing. All of the information I've just given you is readily available in our forum hag you done some research. Anyway, what are your bootloader details?
Sent from my Evita
timmaaa said:
Why did you change it to the at&t CID? The at&t CID is blocked by htcdev. You need to go through the hassle of getting SuperCID so you can unlock your bootloader now. Plus, there's no advantage to having the at&t CID because you can't install any firmware from the standard Evita onto your middle eastern variant. This is a great example of why you shouldn't do anything when you don't know what you're doing. All of the information I've just given you is readily available in our forum hag you done some research. Anyway, what are your bootloader details?
Sent from my Evita
Click to expand...
Click to collapse
(bootloader) version-baseband: 3.12.38.00.24
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main: 1.01.401.03
(bootloader) version-misc: PVT SHIP S-ON
(bootloader) serialno: HT2CTW303033
(bootloader) imei: 35437005019****
(bootloader) product: evita_utl
(bootloader) platform: HBOOT-8960
(bootloader) modelid: PJ8350000
(bootloader) cidnum: CWS__001
(bootloader) battery-status: good
(bootloader) battery-voltage: 3964mV
(bootloader) partition-layout: Generic
(bootloader) security: on
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: dirty-b27b8968
(bootloader) hbootpreupdate: 11
(bootloader) gencheckpt: 0
all: Done!
my firmware version is 3.12 and i can't super cid with XPwn xploit and then unlock !!
What can I do to get My phone unlocking?
tnx
You can't do anything. You've gotten the phone to a point where it's impossible for you to unlock it now. You can't change the CID again because you're s-on. You can't use the usual way to get SuperCID because you don't have the 3.18 version installed. Why in the world did you do what you did?
Sent from my Evita
timmaaa said:
You can't do anything. You've gotten the phone to a point where it's impossible for you to unlock it now. You can't change the CID again because you're s-on. You can't use the usual way to get SuperCID because you don't have the 3.18 version installed. Why in the world did you do what you did?
Sent from my Evita
Click to expand...
Click to collapse
Would having his device j tagged help him. I think its pretty cheap to get done now , idk about in the middle east tho lol
Senseless Power Unlocked
timmaaa said:
You can't do anything. You've gotten the phone to a point where it's impossible for you to unlock it now. You can't change the CID again because you're s-on. You can't use the usual way to get SuperCID because you don't have the 3.18 version installed. Why in the world did you do what you did?
Sent from my Evita
Click to expand...
Click to collapse
yes , i know...
if i do super cid with XPwn xploit , My phone is bricked?
DESERT.TECH said:
Would having his device j tagged help him. I think its pretty cheap to get done now , idk about in the middle east tho lol
Senseless Power Unlocked
Click to expand...
Click to collapse
The problem is I doubt they have the correct stuff for the middle eastern variant.
Master King said:
yes , i know...
if i do super cid with XPwn xploit , My phone is bricked?
Click to expand...
Click to collapse
Maybe. But I think it just won't work. You can take the risk and try but if it was me I wouldn't.
Sent from my Evita
timmaaa said:
The problem is I doubt they have the correct stuff for the middle eastern variant.
Maybe. But I think it just won't work. You can take the risk and try but if it was me I wouldn't.
Sent from my Evita
Click to expand...
Click to collapse
ok
now can i install RUU from at&t brand for upgrade frimware & then super cid?
As an example:
RUU_EVITA_UL_JB_45_S_Cingular_US_3.18.502.6_Radio_ 0.24p.32.09.06_10.130.32.34_release_signed.exe
I don't know if it's safe. I've seen at least one person brick their phone by installing firmware from the standard Evita onto the middle eastern variant.
Sent from my Evita
What should I do now?
I want to unlock...
please help me
Well first I'd edit out the imei from the post about your bootloader settings..
Like timmaaa said, you're at a point where you have very little options. You could try XPwn or RUU but it's a huge risk. See, this is why you read...so you don't do things like this...
Sent from my One X using Tapatalk
You can't, that's what I've been trying to tell you. The things you've done to your phone have made it impossible.
Sent from my Evita

Help - Nearly Bricked phone

My Old One S (Formerly running one of the ViperOneS Rom's until I buggered something up trying to do a factory reset/wipe) is in dire need of some serious upgrades and I could really use a little guidance on getting started. It's been a few phones and probably ~2 years or so since I've really done anything with this device so I'm pretty rusty as far as HTC processes, etc. go, so please bear with me. I want to make sure that I do this right and save myself from tearing my hair out
Some pertinent info:
I use a linux (Ubuntu 14.04) system with my primary box and prefer to do all work with it, though I do have an old laptop with XP on it if I absolutely HAVE to use Windows for something.
Carrier: T-mobile US
Phone info from Bootloader:
VLE PVT SHIP S-ON RL
hboot: 1.14.0004
Radio: 1.08ts.50.02.16
Fastboot devices: HT2xxx407xxx
Right now I can access the bootloader, fastboot, and recovery (TWRP v2.3.3.0).
Please help me with:
I want to upgrade this to a 4.4.4 ROM such as the CM11s port from the OnePlus One or possibly the latest Venom ROM for the OneS (4.3.1) since I had a great experience with the last version I used I know to do this I'll need to RUU to 2.15 or 2.16, but from what I've been reading/researching here on the forums I'm starting to feel a little overwhelmed and want to make sure that I execute the proper sequence of steps to do this correctly.
Where do I start? Should I work to get S-off first, then try to RUU to the latest hboot? Knowing which ROM I would want to use, which RUU should I download? What do I need to do about the radio? At what point should I try to flash a new recovery?
Much thanks, I really appreciate it!
http://forum.xda-developers.com/showthread.php?t=2527194
---------- Post added at 11:42 AM ---------- Previous post was at 11:42 AM ----------
Try that tool
I appreciate the recommended tool Bad.Fish, but that's for the M7 (not the OneS) so I'm not sure that'll work, especially since it says I need to be S-Off and I'm pretty sure I'm still locked so...
Also, a development...
I just tried pushing the previous Viper rom I was running (2.1 I think) over adb to the sdcard and when I try to flash it I get a bunch of errors that it's unable to mount /cache or /sdcard. What could possibly cause this? After rebooting the recovery, the .zip file I pushed using adb doesn't even appear as available anymore...
More info from fastboot getvar all
(bootloader) version: 0.5
(bootloader) version-bootloader: 1.14.0004
(bootloader) version-baseband: 1.08ts.50.02.16
(bootloader) version-cpld: None
(bootloader) version-microp: None
(bootloader) version-main:
(bootloader) version-misc: PVT SHIP S-ON
(bootloader) serialno: HT2xxx407xxx
(bootloader) imei: 35990xxx3722xxx
(bootloader) product: vle
(bootloader) platform: HBOOT-8960
(bootloader) modelid: PJ4011000
(bootloader) cidnum: T-MOB010
(bootloader) battery-status: good
(bootloader) battery-voltage: 4151mV
(bootloader) partition-layout: Generic
(bootloader) security: on
(bootloader) build-mode: SHIP
(bootloader) boot-mode: FASTBOOT
(bootloader) commitno-bootloader: 8b9e2080
(bootloader) hbootpreupdate: 11
(bootloader) gencheckpt: 0
So, I have the dreaded "can't mound sdcard" issue that requires installing a stock recovery before re-installing a custom recovery. Knowing my CID is T-MOB010 I see 3 different recovery options from THIS THREAD being 4.19.531.10, 3.24.531.3, and 1.27.531.11. How can I tell which of these I should use?
shoot, I'm just really frickin lost at this point guys, I don't know what to do anymore
samstheman42 said:
I see 3 different recovery options from THIS THREAD being 4.19.531.10, 3.24.531.3, and 1.27.531.11. How can I tell which of these I should use?
Click to expand...
Click to collapse
I would guess the 3.24 (just based on age) but it probably doesn't matter, as I doubt the recoveries are different.
Also, in reply to this: http://forum.xda-developers.com/showpost.php?p=55885509&postcount=523....
You can not 'upgrade' from 2.15 to 2.16 by just flashing a hboot. You have to update all firmware. If I remember correctly, there is a RUU-mode zip for that somewhere. (I no longer use this device, and I never went past 2.15.)
-Jobo
Any help/advice you can give me on how to fix this/get back to a working device would be SO appreciated! Right now, about the only thing that I can get it to do is boot to recovery or into the bootloader, so I know that there's hope! I tried running an RUU yesterday but that failed partway through (I'm not sure why, maybe cause I didn't have the right recovery image?). I know I might need a little bit of hand holding, but I will be so grateful to whomever helps me figure this out.
Ok, I might have FINALLY gotten something going here... running an RUU right now that appears to be working, so with any luck, I'll finally have a working device again
This is really good news because now I won't have to spend upwards of $250 on a new phone! lol
Great success! Phone just booted up and we're back on stock! Woohoo!!!!! Now to start the rooting/rom'ing process
samstheman42 said:
I appreciate the recommended tool Bad.Fish, but that's for the M7 (not the OneS) so I'm not sure that'll work, especially since it says I need to be S-Off and I'm pretty sure I'm still locked so...
Also, a development...
I just tried pushing the previous Viper rom I was running (2.1 I think) over adb to the sdcard and when I try to flash it I get a bunch of errors that it's unable to mount /cache or /sdcard. What could possibly cause this? After rebooting the recovery, the .zip file I pushed using adb doesn't even appear as available anymore...
Click to expand...
Click to collapse
I used it on my one s
---------- Post added at 02:02 AM ---------- Previous post was at 02:01 AM ----------
Use rumrunner to s-off

Categories

Resources