So, you managed to trip the flash counter.
Here are the commands to reset the flash counter. This works on my VZW rooted phone. Since all of the other variants have a very similar (same?) partition setup, this "might" work for them as well ("might" is the key word).
I take no responsibility for you voiding warranty.
I used this post as the basis for my theory and then used my phone as the test for said theory: http://forum.xda-developers.com/showpost.php?p=28953690&postcount=67
The "'\x00'" portion tells it what resets it to 0. If you wanted to be funny, you could set it to a different number.
adb shell
su
echo -n '\x01' | dd obs=1 count=1 seek=4193796 of=/dev/block/mmcblk0
I can only confirm that this works on the VZW variant. Until I get some dumps of the other variants, I can only assume it will work for them.
TRY AT YOUR OWN RISK!!!!
This is great news! Is there a way to read the value to confirm it's been incremented? (I have an AT&T phone, and would like to confirm the value is 1 right now - which is my current flash count).
enderblue said:
So, you managed to trip the flash counter.
Here are the commands to reset the flash counter. This works on my VZW rooted phone. Since all of the other variants have a very similar (same?) partition setup, this "might" work for them as well ("might" is the key word).
I take no responsibility for you voiding warranty.
I used this post as the basis for my theory and then used my phone as the test for said theory: http://forum.xda-developers.com/showpost.php?p=28953690&postcount=67
The "'\x00'" portion tells it what resets it to 0. If you wanted to be funny, you could set it to a different number.
adb shell
su
echo -n '\x01' | dd obs=1 count=1 seek=4193796 of=/dev/block/mmcblk0
I can only confirm that this works on the VZW variant. Until I get some dumps of the other variants, I can only assume it will work for them.
TRY AT YOUR OWN RISK!!!!
Click to expand...
Click to collapse
johnhazelwood said:
This is great news! Is there a way to read the value to confirm it's been incremented? (I have an AT&T phone, and would like to confirm the value is 1 right now - which is my current flash count).
Click to expand...
Click to collapse
go to download mode and look on top left of the screen , small text in white.
Raul77 said:
go to download mode and look on top left of the screen , small text in white.
Click to expand...
Click to collapse
Sorry, I might not have worded that correctly. I'd like to read that memory block that he's proposing we change and see if the value stored is the same as what's displayed on the Download screen (which I can see). Basically, as I understand it, his command will reset the counter. I just want to confirm that on an AT&T flavor of the phone, the results of that memory block are the same.
johnhazelwood said:
Sorry, I might not have worded that correctly. I'd like to read that memory block that he's proposing we change and see if the value stored is the same as what's displayed on the Download screen (which I can see). Basically, as I understand it, his command will reset the counter. I just want to confirm that on an AT&T flavor of the phone, the results of that memory block are the same.
Click to expand...
Click to collapse
I think this will work:
Code:
dd bs=1 count=1 skip=4193796 if=/dev/block/mmcblk0 2>/dev/null | od -t
Actually Chainfire just released v1.70 of Triangle Away today that resets the counter on the US/Canadian variants. Not sure if he used the same method as the OP here, but thanks for your research into this as well!
Not seeing that release got a link?
gunnyman said:
Not seeing that release got a link?
Click to expand...
Click to collapse
In his main thread - http://forum.xda-developers.com/showthread.php?t=1494114
can anyone confirm triangle away or this method works on ATT version of the s3?
I'm about to try it on my AT&T, but he does callout our version as being supported in his latest release. Wohoo!
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
johnhazelwood said:
I'm about to try it on my AT&T, but he does callout our version as being supported in his latest release. Wohoo!
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
Click to expand...
Click to collapse
ok let me know how it goes
Confirmed it works on AT&T. Counter from 1 to 0.
johnhazelwood said:
Confirmed it works on AT&T. Counter from 1 to 0.
Click to expand...
Click to collapse
k ill try next lol
johnhazelwood said:
This is great news! Is there a way to read the value to confirm it's been incremented? (I have an AT&T phone, and would like to confirm the value is 1 right now - which is my current flash count).
Click to expand...
Click to collapse
Change 01 to 00 and have No counts on my AT&T!!!!!!
worked for me too!! from 1 to 0!:good:
How does this compare to someone who has not tripped their counter?
CUSTOM BINARY DOWNLOAD: No
CURRENT BINARY: Samsung Official
SYSTEM STATUS: Official
If this is correct then we got it and returns are possible
Just tried triangle away and it worked for me as well. AT&T S 3
Chainfire u the man.
Thanks..
Sent from my SAMSUNG-SGH-I747 using Tapatalk 2
Worked for me as well, flash counter from 6 to 0! Thanks CF!
Sent from my Incredible 2 using Tapatalk 2
it works on Rogers SGS 3 SGH-i747m :good:
enderblue said:
So, you managed to trip the flash counter.
Here are the commands to reset the flash counter. This works on my VZW rooted phone. Since all of the other variants have a very similar (same?) partition setup, this "might" work for them as well ("might" is the key word).
I take no responsibility for you voiding warranty.
I used this post as the basis for my theory and then used my phone as the test for said theory: http://forum.xda-developers.com/showpost.php?p=28953690&postcount=67
The "'\x00'" portion tells it what resets it to 0. If you wanted to be funny, you could set it to a different number.
adb shell
su
echo -n '\x01' | dd obs=1 count=1 seek=4193796 of=/dev/block/mmcblk0
I can only confirm that this works on the VZW variant. Until I get some dumps of the other variants, I can only assume it will work for them.
TRY AT YOUR OWN RISK!!!!
Click to expand...
Click to collapse
Works like a charm on the ATT Variant here!
Related
This has been observed in at least one post, buried deep within another thread, but I thought it is important enough to have its own thread.
The latest JH7 OTA update seems to remove the file containing the unlock code for the Captivate. I unlocked my phone a couple of weeks ago, and after receiving the upgrade I verified that the phone is still unlocked. However, the SGS Unlock app no longer finds the code. Presumably, other PC/Mac-basede unlock techniques will be affected, as they look for the unlock code in the same file.
Anybody else can confirm this? In a word (two, really), what now? I was about to buy another Captivate for my wife, but the only reason she was willing to get it instead of the iPhone 4 was the possibility to unlock it (we travel to Europe twice a year).
If I manually peek at the bml3 or nv_data files, I still see my unlock code after JH7. I haven't used any apps to unlock, but it sounds like they just need an update if they are failing.
Well, if you bought the phone today, it wouldn't have the JH7 update, I would presume. So, you can run the unlocker to get the code. It sounds like, though I cannot confirm because the update failed on my phone, that it just deletes a file with a number in it. If that's the case, it shouldn't be able to undo any existing unlocks, and there's no time limit once you have the code.
Then you better buy one now and extract the unlock code before you upgrade. It typically takes AT&T a few months to sell phones with new firmware.
Even though new firm ware makes current unlock method useless, it won't chang your unlock code.
Sent from my SAMSUNG-SGH-I897 using XDA App
Ok, so maybe the SGS unlock app fails but could be fixed in the future, or perhaps one of the other methods still works...
Sent from my SAMSUNG-SGH-I897 using XDA App
One question: are you rooted? I tried copying the nv_... file to the sd card using adb, but got a "permission denied" error.
Sent from my SAMSUNG-SGH-I897 using XDA App
Yup. That may be what is breaking the apps... I don't remember it needing it before to access /efs/nv_data.bin. I can read it after su though.
edit: If you want to try and get it manually, the following grep works for me, but I'm not exactly sure if it work on others...
su
busybox grep -E "^[0-9]{8}$" /efs/nv_data.bin
You should see 2 identical sets of numbers.
aloant said:
Yup. That may be what is breaking the apps... I don't remember it needing it before to access /efs/nv_data.bin. I can read it after su though.
edit: If you want to try and get it manually, the following grep works for me, but I'm not exactly sure if it work on others...
su
busybox grep -E "^[0-9]{8}$" /efs/nv_data.bin
You should see 2 identical sets of numbers.
Click to expand...
Click to collapse
OK, so this is very good news.
To clarify (here's the noob asking...): rooting does *not* affect your ability to get the update, right? If all rooting does is install su & friends (and uninstall removes them), there should be no adverse consequences at all, especially if you unroot prior to getting the update. I'm just worried about the reports of updates failing (everything went smoothly for me, but I'm 100% stock and not rooted). Thanks!
MarcianoS said:
To clarify (here's the noob asking...): rooting does *not* affect your ability to get the update, right? If all rooting does is install su & friends (and uninstall removes them), there should be no adverse consequences at all, especially if you unroot prior to getting the update. I'm just worried about the reports of updates failing (everything went smoothly for me, but I'm 100% stock and not rooted). Thanks!
Click to expand...
Click to collapse
I am rooted and the install went fine for me. I had not done any of the lag fixes, overclocking, or flashing custom ROMs though.
Same. Rooted before the update. It even stayed rooted after the update.
If the grep above doesn't work btw, look here for how to manually copy the files to your computer, and view the code using a hex editor: http://forum.xda-developers.com/showthread.php?t=761045 . Just remember you need to use "su" first now. Or just wait... One of the devs will probably update their app soon enough.
Ok, thanks! This helps a lot.
Sent from my SAMSUNG-SGH-I897 using XDA App
WTF!!
I reflash back to stock rom JF6 from JH7.
it seems like flashing back to stock rom JF6 wont restore the unlock code!
aloant said:
If I manually peek at the bml3 or nv_data files, I still see my unlock code after JH7. I haven't used any apps to unlock, but it sounds like they just need an update if they are failing.
Click to expand...
Click to collapse
how do you manually peek at bml3 or nv_data file?
netnerd said:
how do you manually peek at bml3 or nv_data file?
Click to expand...
Click to collapse
Posted it in the previous page. The files are still there for me in JH7, it's just that nv_data requires root access now.
aloant said:
Posted it in the previous page. The files are still there for me in JH7, it's just that nv_data requires root access now.
Click to expand...
Click to collapse
thanks! manually peeked, unlock code still there!
aloant said:
Yup. That may be what is breaking the apps... I don't remember it needing it before to access /efs/nv_data.bin. I can read it after su though.
edit: If you want to try and get it manually, the following grep works for me, but I'm not exactly sure if it work on others...
su
busybox grep -E "^[0-9]{8}$" /efs/nv_data.bin
You should see 2 identical sets of numbers.
Click to expand...
Click to collapse
Ok...total noob here...how and where do I actually do this(on the phone or in some program on the pc)? I too lost ability to retrieve code after JH7..... on a good note...I did get my 3 button recovery that was missing....
Hy, Can you explain to my how you did the Update? I have mine unlocked and I keep getting a mesage "can´t conect to at&t servers".
I had mine rooted but I unrooted it to intall the update
I had mine lag fixed but I unfiexed it to intall the update
I removed all at&t blowatware.
Please Help.
robertoaste said:
Hy, Can you explain to my how you did the Update? I have mine unlocked and I keep getting a mesage "can´t conect to at&t servers".
I had mine rooted but I unrooted it to intall the update
I had mine lag fixed but I unfiexed it to intall the update
I removed all at&t blowatware.
Please Help.
Click to expand...
Click to collapse
It could just that the servers are currently overloaded... take a look at the thread on successful updates; although there are still only a few reports, phones that did not have a lagfix at the time of the update did OK, and rooting does not seem to matter. In any case, it's not like your update failed: you haven't even downloaded it yet.
netnerd said:
WTF!!
I reflash back to stock rom JF6 from JH7.
it seems like flashing back to stock rom JF6 wont restore the unlock code!
Click to expand...
Click to collapse
That makes sense, because the JH7 update changed the *permissions* of the nv_data file. So, even if you reflash the stock ROM, the permissions on that file stay the same.
BTW, I suppose this means that one way to fix this would be to create a very simple update.zip that changes the permissions on that particular file. Although, if you go down that route, you might as well root your phone, I guess!
aloant said:
Yup. That may be what is breaking the apps... I don't remember it needing it before to access /efs/nv_data.bin. I can read it after su though.
edit: If you want to try and get it manually, the following grep works for me, but I'm not exactly sure if it work on others...
su
busybox grep -E "^[0-9]{8}$" /efs/nv_data.bin
You should see 2 identical sets of numbers.
Click to expand...
Click to collapse
Thank you, thank you, thank you aloant. My Captivate is now 'reunlocked'
How To Unlock:
Best way to unlock: Play Store app that does it automatically
Visit Adam's original announcement post:
http://forum.xda-developers.com/showpost.php?p=30274025&postcount=317
Huge thanks to everyone in the Research thread spending countless hours to get the job done and the person that made the leak possible!
Old Info (for reference only!):
(Text in RED are my safety additions):
Hilbe said:
Here's how to do it manually without CASUAL. All credits to Adam.
From a computer with adb on a rooted device:
Code:
adb push aboot.img /sdcard/aboot.img
adb shell
su
dd if=/sdcard/aboot.img of=/dev/block/mmcblk0p5
Verify you got a good flash:
Code:
dd if=/dev/block/mmcblk0p5 of=/sdcard/abootTEST.img
Now, check the MD5 of abootTEST.img BEFORE you turn your phone off. If it is wrong, reflash again until it is correct. It should be the same as the original aboot.img you already checked the MD5 of.
Also can be done via downloading the attachment, putting at root of /sdcard/ and doing these commands in terminal on a rooted device:
Code:
su
dd if=/sdcard/aboot.img of=/dev/block/mmcblk0p5
Verify you got a good flash:
Code:
dd if=/dev/block/mmcblk0p5 of=/sdcard/abootTEST.img
Now, check the MD5 of abootTEST.img BEFORE you turn your phone off. If it is wrong, reflash again until it is correct. It should be the same as the original aboot.img you already checked the MD5 of.
MD5 (aboot.img) = 0ba9ad45fc15cf3d62af7dd363686b3f
Click to expand...
Click to collapse
So who am I buying a beer or three for, do they wish to remain anonymous for the time being? Maybe I just missed the reference in the research thread.
Limitations on my newbie account are killing me.
Thanks for all the hard work everyone who was involved in the research, I enjoyed following the process over the last few weeks!
jmw03j said:
So who am I buying a beer or three for, do they wish to remain anonymous for the time being? Maybe I just missed the reference in the research thread.
Click to expand...
Click to collapse
I'd look in the bounty thread. I think the info of who gets the bounty will be posted in there.
Congrats to Everyone Involved. Very big achievement.
Thank you to all the people that made this happen!!!!!!!!!!!!!!
im on synergy..do i have to be stock to do this?
Nice,,,I won't get to excited,until its implemented for the end ROM user.
Works for CM10 from Linux
Verizon, when the f*ck will you learn that you will never win? This is such good news!
Sweet, I am in the process of ordering 3 S3's.
Flippin sweet...
GEAUX TIGERS
starscrean said:
Nice,,,I won't get to excited,until its implemented for the end ROM user.
Click to expand...
Click to collapse
It pretty much already is. Doesn't really get any easier...
LLStarks said:
Works for CM10 from Linux
Click to expand...
Click to collapse
Does that mean you unlocked your bootloader using the instruction in the thread?
All i can say is...
Take that Verizon :highfive:
Damn now i got break out Vmware
Karl said:
Damn now i got break out Vmware :highfive:
Click to expand...
Click to collapse
Wubi is much easier.
jlokos said:
Does that mean you unlocked your bootloader using the instruction in the thread?
Click to expand...
Click to collapse
I'm currently unlocked. Did it on my Mac....now we just need non kexec kernels!
so can i use windows or not???
OK so I ran the program on my wife's mac (I can't stand mac) and followed the instructions and it said it was successful but the phone never rebooted. How do I known if it worked?
Sent from my SCH-I535 using Tapatalk 2
jgrimberg1979 said:
OK so I ran the program on my wife's mac (I can't stand mac) and followed the instructions and it said it was successful but the phone never rebooted. How do I known if it worked?
Sent from my SCH-I535 using Tapatalk 2
Click to expand...
Click to collapse
Reboot! Lol.
THE SKATER DUDE said:
so can i use windows or not???
Click to expand...
Click to collapse
no one has built a windows version yet
I am trying to be able to get root on 4.4. I am currently on 4.2.2 (12.15.15) (camera update). I just rooted using RockMyMoto and ran through the MotoWPNoMo and I still get a "1" status when I type "adb shell getprop ro.boot.write_protect". Why is this happening?
Edit: By the way I have a Verizon carrier (if that matters).
Dreadlord12p said:
I am trying to be able to get root on 4.4. I am currently on 4.2.2 (12.15.15) (camera update). I just rooted using RockMyMoto and ran through the MotoWPNoMo and I still get a "1" status when I type "adb shell getprop ro.boot.write_protect". Why is this happening?
Edit: By the way I have a Verizon carrier (if that matters).
Click to expand...
Click to collapse
Carrier doesn't matter. Can you give a couple more details?
Can you paste the output of the motowpnmoto?
When I ran it initially, the output indicated to me it completed without error but I was still getting a 1. After I got it working properly, it fully ran and was clearly successful and i got a zero. I am thinking perhaps it didn't run properly and complete and it did not tell you that.
Check the main motowpnmoto thread and see if you can find my post. I think I posted a complete successful run for reference.
Sent from my XT1080 using Tapatalk
Dreadlord12p said:
I am trying to be able to get root on 4.4. I am currently on 4.2.2 (12.15.15) (camera update). I just rooted using RockMyMoto and ran through the MotoWPNoMo and I still get a "1" status when I type "adb shell getprop ro.boot.write_protect". Why is this happening?
Edit: By the way I have a Verizon carrier (if that matters).
Click to expand...
Click to collapse
How many times have you run it, and did you keep your phone screen on? I think it requests a Give Root pop up for ADB
Another question.
I was on 4.2.2, get root with RMM. Then i suceed with WPNoMo. I get "0" code.
Then I just got messed with SlapMyMoto - cant get it done. I decide to wipe Maxx with House of Moto. Wiped, install 4.4 ota. Now I'm without root, but adb script from WPNoMo still show me "0" code. Can I get root? Any help? :fingers-crossed:
livinitwarrior said:
How many times have you run it, and did you keep your phone screen on? I think it requests a Give Root pop up for ADB
Click to expand...
Click to collapse
I have run it twice with no errors. I had my screen on the whole time. I granted the SU access popup for ADB. I will give you my log report after this post.
Dreadlord12p said:
I have run it twice with no errors. I had my screen on the whole time. I granted the SU access popup for ADB. I will give you my log report after this post.
Click to expand...
Click to collapse
Never mind, I just tried it on my windows 7 laptop and it worked. It said "removed pesky write protection..."
F***!!
I followed all the steps for slapmymoto but when I try to install the 4.4 update, IT FAILS!! PLEASE HELP.
Dreadlord12p said:
I followed all the steps for slapmymoto but when I try to install the 4.4 update, IT FAILS!! PLEASE HELP.
Click to expand...
Click to collapse
did you try the command to see if write protection is still off?
livinitwarrior said:
did you try the command to see if write protection is still off?
Click to expand...
Click to collapse
Yes and it gave me a blank. Not a 1 or a zero. If I did the last step on slapmymoto with the adb commands before I updated to 4.4, would that mess it up?
[email protected]:/ $ su
[email protected]:/ # getprop boot.write_protect
[email protected]:/ #
Dreadlord12p said:
Yes and it gave me a blank. Not a 1 or a zero. If I did the last step on slapmymoto with the adb commands before I updated to 4.4, would that mess it up?
[email protected]:/ $ su
[email protected]:/ # getprop boot.write_protect
[email protected]:/ #
Click to expand...
Click to collapse
What Failure are you getting?
Sent from my KitKat Ultra
Dreadlord12p said:
Yes and it gave me a blank. Not a 1 or a zero. If I did the last step on slapmymoto with the adb commands before I updated to 4.4, would that mess it up?
[email protected]:/ $ su
[email protected]:/ # getprop boot.write_protect
[email protected]:/ #
Click to expand...
Click to collapse
I'm pretty sure, at least for me, that for the command prompt to work with adb the best, have one in the folder you have the adb stuff in and open it from there, because it sounds like your adb shell isn't running. Did you check processes on ctrl+shift+escape?
Edit: try "adb shell getprop ro.boot.write_protect"
Caseyk621 said:
What Failure are you getting?
Sent from my KitKat Ultra
Click to expand...
Click to collapse
When it is installing the update with the little android icon, it gets about halfway and then it says "error". Then it reboots and tells me that the software update failed.
Dreadlord12p said:
When it is installing the update with the little android icon, it gets about halfway and then it says "error". Then it reboots and tells me that the software update failed.
Click to expand...
Click to collapse
So one, did you do all the steps including getting back a 0 after MotoWPNoMo? And then flashed back to stock 4.2.2 on the 12.15.15 update?
livinitwarrior said:
So one, did you do all the steps including getting back a 0 after MotoWPNoMo? And then flashed back to stock 4.2.2 on the 12.15.15 update?
Click to expand...
Click to collapse
Yes. I got a "0" after running MotoWPNoMo and I flashed the 4.2.2 (12.15.15).
Edit: I actually did not get either a 1 nor a 0. It was just blank. But MotoWPNoMo said was, "removed pesky write protection successfully".
Dreadlord12p said:
Yes. I got a "0" after running MotoWPNoMo and I flashed the 4.2.2 (12.15.15).
Edit: I actually did not get either a 1 nor a 0. It was just blank. But MotoWPNoMo said was, "removed pesky write protection successfully".
Click to expand...
Click to collapse
hmm ok. Until you make sure the files have been sent over. It sounds like there might not have been a full overwrite of the FXZ... you might want to try it again with the 12.15.15 on RSDLite version, and then try from there. If you tried to keep data, that might be the issue and it never reloaded the stock recovery back
livinitwarrior said:
hmm ok. Until you make sure the files have been sent over. It sounds like there might not have been a full overwrite of the FXZ... you might want to try it again with the 12.15.15 on RSDLite version, and then try from there. If you tried to keep data, that might be the issue and it never reloaded the stock recovery back
Click to expand...
Click to collapse
I used houseofmoto. I will try with rsd. And I did a full fxz. I kept no data.
Dreadlord12p said:
I used houseofmoto. I will try with rsd. And I did a full fxz. I kept no data.
Click to expand...
Click to collapse
idk why, but RSD has never given me an issue, even though it takes longer. Keep us updated
Dreadlord12p said:
When it is installing the update with the little android icon, it gets about halfway and then it says "error". Then it reboots and tells me that the software update failed.
Click to expand...
Click to collapse
Here is the MotoWPNoMo log:
==================== Moto-WP-NoMo 0.0.4 ==============================
Moto-WP-NoMo comes with NO WARRANTY (express or implied)
and NO GUARANTEE OF FITNESS for any particular task.
We have made every effort we can to make this a safe process for users
however the authors disclaim any liability for damage to your phone
or other materials or devices used during this process.
The entire risk of running Moto-WP-NoMo lies with you, the user.
By using this software you acknowledge and accept that the authors
are not liable for any loss, material or otherwise howsoever caused.
Do you understand the implications of this warning?
(Yes/No)
Yes
Dear User: We will expect that YOU:
(1) Know how to use ADB and FASTBOOT binaries
---- [Yes, use these tools to test USB connection BEFORE running Moto-WP-NoMo] -
---
(1) Know how to enable USB-debugging on YOUR device (Yes, do that now)
(2) Understand that you may NOT repack or redistribute Moto-WP-NoMo
Ok?
(Yes/No)
Yes
!! Do NOT for any reason bite, punch, or molest your device !!
Please wait....
..........
Checking for updates......
Test 1: Rebooting into bootloader
Waiting for fastboot (7/120)
Waiting
Test 2: Booting device
Waiting for ADB (40/120)
must play a little while longer...
it's so cold in here
hmm, hold please
..............................................
[---------------------------------------------]
doing some *stuff*..................
this is getting boring, let's go ahead and get started..
clobbering (1).....
Waiting for ADB (39/120)
must play a little while longer...
lets put some things back in place...
installing root stuff, thanks chainfire
wait for it.........
yep, done. bye bye pesky write protection!
send your money, ALL OF YOUR MONIES to - [email protected]
Press ENTER to exit
write protection log
Here is the log when I check for write protection:
C:\adt-bundle-windows-x86_64-20131030\sdk\platform-tools>adb shell getprop ro.bo
ot.write_protect
0
C:\adt-bundle-windows-x86_64-20131030\sdk\platform-tools>
Alright, I have done all the steps except installing the 4.4 OTA. I will keep you posted on whether or not the update fails. *crossing my fingers*.
Good Afternoon,
I'm not sure what I did incorrectly but I am stuck at the screen with the Android belly open when trying to boot after using the Low Effort Method. I tried doing a factory restore and got nowhere with it. I do not see a stock KDZ for the ATT variant, what can I do at this point? Am I SOL until a dump is released for stock ATT or should I take my chances and bring it to ATT.
I'm assuming flashing the KDZ for any other variant would be a giant no no at this point.
(update) I see i'll need to wait for a TOT or take my chances with ATT, still anyone with a suggestion I appreciate it.
Any help is appreciated.
I am in the same boat, as of now there is no fix.
keeper22 said:
I am in the same boat, as of now there is no fix.
Click to expand...
Click to collapse
See the link below, i'll be trying in a little bit.
http://forum.xda-developers.com/g4/...are-to-stock-kdz-t3107848/page10#post62072832
EDIT: Confirmed WORKING. No issues so far.
Do you have root after your fix? (Thank you for the info and fix)
keeper22 said:
Do you have root after your fix? (Thank you for the info and fix)
Click to expand...
Click to collapse
No root yet, but I read the system.img was available to the developers. Possibly will see a file shortly.
Please post if you find any issues with your phone while using H810pr. So far I think I'm keeping it.
Just to let yall know that i've already submitted an image of PR to thecubed so we can get root
Mine bricked also. Not sure what went wrong. It went through the process like everything worked, the phone rebooted and that was it.
you can try the H810PR kdz to get you out of bootloop
phineous said:
Please post if you find any issues with your phone while using H810pr. So far I think I'm keeping it.
Click to expand...
Click to collapse
The only issues that I have had is not being able to get my LTE working. Other than that it seems to be running better than it was.
So just a heads up, I took a system image(PR version) and injected root but after flashing the image back I ended up with a bricked device (screen doesn't turn on, device recognized as Qualcomm HS-USB QDLoader 9008. I'm almost certain I didn't mess up in terms of the commands I entered when in send command mode. Anyways, I'm going to see if I can either fix this or get it replaced.
playgameo said:
So just a heads up, I took a system image(PR version) and injected root but after flashing the image back I ended up with a bricked device (screen doesn't turn on, device recognized as Qualcomm HS-USB QDLoader 9008. I'm almost certain I didn't mess up in terms of the commands I entered when in send command mode. Anyways, I'm going to see if I can either fix this or get it replaced.
Click to expand...
Click to collapse
Thanks for trying mate. I've been trying to find a Linux to do this myself. I guess there is more than to just follow the instruction of injection.
playgameo said:
So just a heads up, I took a system image(PR version) and injected root but after flashing the image back I ended up with a bricked device (screen doesn't turn on, device recognized as Qualcomm HS-USB QDLoader 9008. I'm almost certain I didn't mess up in terms of the commands I entered when in send command mode. Anyways, I'm going to see if I can either fix this or get it replaced.
Click to expand...
Click to collapse
Check the second post on the root thread. H810PR seems to be partitioned differently (see below). I'm glad they posted this and I checked the thread this morning because I was almost screwed again. The devs had said that the partition info was easy to view so we could figure it out for ourselves, but all the one click rooting has made me a lazy rooter.
H810PR
dd if=/dev/block/mmcblk0 bs=8192 skip=55296 count=529920 of=/data/media/0/system.img
H810
dd if=/dev/block/mmcblk0 bs=8192 skip=65536 count=579584 of=/data/media/0/system.img
Sorry for your loss!
Good news is that the warranty phone I got was a pristine H81010b. Hopefully you'll get the same. I made an image of it and now have dev upload on androidfilehost.com.
I'm posting unrooted images of H81010b, H81010e, and a hopefully properly extracted H810PR10a-310-410 now. If I have time today I'll give root injection another shot and upload the rooted files too.
phineous said:
Check the second post on the root thread. H810PR seems to be partitioned differently. I'm glad they posted this and I checked the thread this morning because I was almost screwed again.
H810PR
dd if=/dev/block/mmcblk0 bs=8192 skip=55296 count=529920 of=/data/media/0/system.img
H810
dd if=/dev/block/mmcblk0 bs=8192 skip=65536 count=579584 of=/data/media/0/system.img
Sorry for your loss!
Good news is that the warranty phone I got was a pristine H81010b. Hopefully you'll get the same. I made an image of it and now have dev upload on androidfilehost.com.
I'm posting unrooted images of H81010b, H81010e, and H810PR10a-310-410 now. If I have time today I'll give root injection another shot and upload the rooted files too.
Click to expand...
Click to collapse
I actually did see that and used the command they provided for getting the image and flashing it back. The inject script might have done something weird though because it failed at the umount command but i just ran that one command manually and figured everything would be okay but I guess it wasn't. I called ATT like 2 days ago before i flashed the PR kdz and they told me I can go to their device support store and that they would replace my device right there for me so hopefully that can still happen. I have an appointment at 5pm today
playgameo said:
I actually did see that and used the command they provided for getting the image and flashing it back. The inject script might have done something weird though because it failed at the umount command but i just ran that one command manually and figured everything would be okay but I guess it wasn't. I called ATT like 2 days ago before i flashed the PR kdz and they told me I can go to their device support store and that they would replace my device right there for me so hopefully that can still happen. I have an appointment at 5pm today
Click to expand...
Click to collapse
There's a new root injection thread here I'm going to try.
Let us know how it goes at with Device Support. I was told the one nearest me wouldn't have G4s yet.
Good luck!
Hopefully we can get these files tested by another sucker so you don't have to risk it!
playgameo said:
I actually did see that and used the command they provided for getting the image and flashing it back. The inject script might have done something weird though because it failed at the umount command but i just ran that one command manually and figured everything would be okay but I guess it wasn't. I called ATT like 2 days ago before i flashed the PR kdz and they told me I can go to their device support store and that they would replace my device right there for me so hopefully that can still happen. I have an appointment at 5pm today
Click to expand...
Click to collapse
I'm willing to test it out. I have a fully functioning h810pr and a backup phone in case my G4 toasted, it wont be a problem
bobimbap said:
Can you try this root injection instruction. It seem pretty well instructed. I dont have a Linux around to try
Click to expand...
Click to collapse
Well I don't have a working device right now to test on. I'm currently at work and need to stay on windows (all my IDEs are set up on windows). After work I'm going to head to the AT&T store to try and get my phone replaced. If no one was tried it by then I can. Also, it's not that hard to set up a bootable USB ubuntu drive (and is actually quite useful to have) so you could always do that.
playgameo said:
Well I don't have a working device right now to test on. I'm currently at work and need to stay on windows (all my IDEs are set up on windows). After work I'm going to head to the AT&T store to try and get my phone replaced. If no one was tried it by then I can. Also, it's not that hard to set up a bootable USB ubuntu drive (and is actually quite useful to have) so you could always do that.
Click to expand...
Click to collapse
I thought you can flash h810pr to unbrick your h810?
Well i dont have any knowledge in ubuntu either
bobimbap said:
I thought you can flash h810pr to unbrick your h810?
Well i dont have any knowledge in ubuntu either
Click to expand...
Click to collapse
No, I'm not stuck in the same mode I was before. I can't get into download mode. My screen stays black and I basically can't do anything (Which hopefully means ATT won't be able to see I had the PR firmware on there.)
playgameo said:
No, I'm not stuck in the same mode I was before. I can't get into download mode. My screen stays black and I basically can't do anything (Which hopefully means ATT won't be able to see I had the PR firmware on there.)
Click to expand...
Click to collapse
I've read through ubuntu pendrive instruction and root injection instruction. Looks like i might be able to do it. I will give it a shot when i get off work tonight.
bobimbap said:
I've read through ubuntu pendrive instruction and root injection instruction. Looks like i might be able to do it. I will give it a shot when i get off work tonight.
Click to expand...
Click to collapse
Good luck! Feel free to PM me if you need any help and I'll respond if I can.
I haven't flashed either of these so I don't promise that they work. They ought to though.
I suggest you follow the instructions in the original root post under Commands to dump system.img and dump an image from your working phone. Name it something you'll remember and keep it on your internal storage. If something goes wrong from flashing the rooted image you can hopefully recover by changing the filename in the flash command to your original image. Don't run a factory reset or the original image will be deleted.
You'll want to rename the image file you extract from the RAR file. I named them with detail so I wouldn't get them confused.
Good luck!
A user reported that the H81010b image bootlooped their phone. Use at your own risk. You can flash the H810PR KDZ to recover but there's no going back to AT&T stock then. Keep a good copy of your original system.img on internal memory to recover and don't factory reset!
ATT_H81010b_Rooted.system.rar
ATT_H81010e_Rooted.system.rar
Why'd I use RAR? Why not? I'm one of those weirdos that paid for it. A site license even!
Here's my H810 repository on Androidfilehost if you're looking for other H810 files.
It says the img is not mountable, is it safe?
Edit: For 10e, yes it works.
thanks
and winrar 5 is awesome, love it. I've always been a fan of winrar
yoavst said:
It says the img is not mountable, is it safe?
Edit: For 10e, yes it works.
Click to expand...
Click to collapse
Here's a way to open the img file in Windows, but it's much easier to make an Ubuntu boot flash drive and mount it in Linux.
@phineous, it seems the 10e file works so I will give it a try tomorrow morning.
For my personal knowledge of the whole process, how did you determine the dd command parameters (block size, count, skip, etc) for the system.img dump command as well as the flashing command that fit the 10e software version? Are all 810 software versions (10e, 10b, 10g, etc) all the same command parameters of is there a way to determine the correct parameters to enter. Regardless of if all 810 versions are the same parameters, I'm sure there is a process to figure out the right things to enter into the dd command?
Thanks!
Sent from my LG-H810 using Tapatalk
Norcalz71 said:
@phineous, it seems the 10e file works so I will give it a try tomorrow morning.
For my personal knowledge of the whole process, how did you determine the dd command parameters (block size, count, skip, etc) for the system.img dump command as well as the flashing command that fit the 10e software version? Are all 810 software versions (10e, 10b, 10g, etc) all the same command parameters of is there a way to determine the correct parameters to enter. Regardless of if all 810 versions are the same parameters, I'm sure there is a process to figure out the right things to enter into the dd command?
Thanks!
Sent from my LG-H810 using Tapatalk
Click to expand...
Click to collapse
Yes I did with the original params for the G version (I had e).
Norcalz71 said:
@phineous, it seems the 10e file works so I will give it a try tomorrow morning.
For my personal knowledge of the whole process, how did you determine the dd command parameters (block size, count, skip, etc) for the system.img dump command as well as the flashing command that fit the 10e software version? Are all 810 software versions (10e, 10b, 10g, etc) all the same command parameters of is there a way to determine the correct parameters to enter. Regardless of if all 810 versions are the same parameters, I'm sure there is a process to figure out the right things to enter into the dd command?
Thanks!
Sent from my LG-H810 using Tapatalk
Click to expand...
Click to collapse
@autoprime posted the commands to flash the different versions in the original root thread. All the AT&T H810 versions use the same command to flash.
The variables for the flash command are determined based on the location of the partition you want to overwrite in the partition table on the phone. There's a little discussion about it in the original root thread, but I'm sure it's discussed more in depth in rooting threads for earlier phones and threads about Android rooting in general.
phineous said:
@autoprime posted the commands to flash the different versions in the original root thread. All the AT&T H810 versions use the same command to flash.
The variables for the flash command are determined based on the location of the partition you want to overwrite in the partition table on the phone. There's a little discussion about it in the original root thread, but I'm sure it's discussed more in depth in rooting threads for earlier phones and threads about Android rooting in general.
Click to expand...
Click to collapse
Got it, thanks @phineous. I can follow directions like these pretty easily (it is all indeed low effort) but I like to try and understand the process behind the commands. So the seek/count/block size parameters, whether dumping a system.img or flashing a stock or rooted system.img are all the same for each command and for each software version across the H810? In this case they are:
bs=8192
seek=65536
count=579584
I'll have to dig a little more to learn how they figured out the proper parameters for each model.
Thanks again
Norcalz71 said:
Got it, thanks @phineous. I can follow directions like these pretty easily (it is all indeed low effort) but I like to try and understand the process behind the commands. So the seek/count/block size parameters, whether dumping a system.img or flashing a stock or rooted system.img are all the same for each command and for each software version across the H810? In this case they are:
bs=8192
seek=65536
count=579584
I'll have to dig a little more to learn how they figured out the proper parameters for each model.
Thanks again
Click to expand...
Click to collapse
It's the same for the AT&T H810s. The Claro H810pr that some us used after we killed our AT&T phones is different.
Look for posts about android partitions. @rightonred has a couple of posts where they show the partition table from our phones.
Here's the man(ual) page for dd where the commands (BS,SEEK,COUNT) are documented.
phineous said:
It's the same for the AT&T H810s. The Claro H810pr that some us used after we killed our AT&T phones is different.
Look for posts about android partitions. @rightonred has a couple of posts where they show the partition table from our phones.
Here's the man(ual) page for dd where the commands (BS,SEEK,COUNT) are documented.
Click to expand...
Click to collapse
Have a question for OP, this is just came into my head but flashing this img into 810pr fw will break the system itself as the seek and count partition are totally different..or what if we used code seek and count from PR??
faizalotai said:
Have a question for OP, this is just came into my head but flashing this img into 810pr fw will break the system itself as the seek and count partition are totally different..or what if we used code seek and count from PR??
Click to expand...
Click to collapse
That could work, but I don't know much about how the system checks itself and the bootloader. I think it would probably end up with the security error boot screen.
phineous said:
That could work, but I don't know much about how the system checks itself and the bootloader. I think it would probably end up with the security error boot screen.
Click to expand...
Click to collapse
autoprime said:
I just looked into the H810PR 10A files and it seems it's about equal to the AT&T H810 10G (newest ATT OTA). The H810PR 10A and the H810 10G (and I think 10E as well) have updated bootloaders with the "1" version... which was updated from the initial version out of box.. i think it was 10A (or 10b/10c/d.. not e/f).
So... obviously for people who were "bricked" (stuck in download mode) you should use this KDZ as that's about you're only hope at this point. KDZ will upgrade bootloader and you will be set at "1".. never to be at "0" again. 0 vs 1 doesnt mean anything yet... so it may not matter. But any possible bootloader exploit that may happen in the future that somehow only works on v0 bootloaders... you'll be out of luck. But lets hope that isn't the case. And who knows if there will even be an unofficial unlock.
For those who ARENT stuck in download mode but don't care about being on an updated "1" bootloader.. feel free to flash H810PR KDZ all you want.
For those who are on the original AT&T sw (10a/b/c/d) with a "0" bootloader who want root and wanna stay at "0"... someone with your 10a/b/c/d sw will need to dump and upload that system.img and then someone will have to root it.. then upload that img... then H810 10a/b/c/d users will have a safe root method that won't cause a security error and also won't update the bootloader. And maybe it'd be safe for now to keep the pre-rooted system.img (the one that doesnt yet exist as of the moment i am typing this) on your internal storage so if anything were to happen you could reflash system.. never needing an H810 KDZ/TOT (as long as you don't mess with other partitions).
Click to expand...
Click to collapse
@autoprime
I forgot about that post. It wouldn't work then. There was a version # in the build.prop that made me think H810PR had an older bootloader.
How do we determine/confirm if a software version bootloader count is at 0 or 1? I thought 10e was at 0 still but maybe not? Hopefully it is...
Sent from my LG-H810 using Tapatalk
Have we confirmed this works with 1010e? I just got the phone and that is the version installed and I want me some root
Edit, nvm it worked perfectly, thanks!
Rooted my at&t 10e with your image. Work great. Thanks.
Sent from my LG-H810 using Tapatalk
Obsolete
GvIn2it said:
Has anyone rooted their H81010b with this file?
---------- Post added at 09:01 AM ---------- Previous post was at 08:48 AM ----------
How can this work with the original root post, that file is 4GB. This one is only 1.6GB. Just interested to know. It's a little scary when someone posts:
"I haven't flashed either of these so I don't promise that they work. They ought to though." Where did they come from? Did you make them, or someone else who tested them? I would really like to try the H81010b but need a little verification.
Click to expand...
Click to collapse
You must extracted zip/rar to image..than copy to internal memory.
have you tried the H810 10b yet. I tried it on my phone and i keep getting a bootloop......
I really want my 4g back
scabbie1980 said:
have you tried the H810 10b yet. I tried it on my phone and i keep getting a bootloop......
I really want my 4g back
Click to expand...
Click to collapse
I don't think anyone has tested it yet.
Are you flashing it on an AT&T H810 with 10b or on the H810PR? It won't work on the H810PR.
If my 10b image really is broken I'll take it down.
Since none of the updates have prevented root, I doubt LG has made security changes to the bootloader. It's probably safe to upgrade to a new version. They're having a hard enough time making the phone work. I hope they're not wasting time patching, especially when we haven't even found a bootloader unlock. I could be wrong though.