Hi, is it possible to backup original locked bootloader for any restore?
For example via dd command.
BR
maframan
I do not know for sure, but given the wizards we have in here -- like sbdags, _that, dasunsrule32, and many others that I look up to -- I would wager a finger that if it could be done they would've found a way by now and published it. I would definitely not hold my breath, mate.
It's not possible to restore the locked bootloader.
Thanks a lot.
After your response, Just now i unlocked the bootloader.
Actually, unlocking the bootloader does not even change the bootloader. It just writes a small data block into the hidden "CER" partition.
_that said:
Actually, unlocking the bootloader does not even change the bootloader. It just writes a small data block into the hidden "CER" partition.
Click to expand...
Click to collapse
OK, I'm interested, if we know (not me personally) where the memory position is, and we know what it is before and after the unlock, what is the barrier to just resetting value to the pre-unlock value? Is it encrypted, obviously we can change the value so it's writable?
I'm not trying to be contrary, and I been reading on these forums for over two years, I know the "unlocker" comes from ASUS, but NONE of the wizards have figured it out? I'm just a half step above a noob, not a developer, just asking for basic information.
mbamberg said:
OK, I'm interested, if we know (not me personally) where the memory position is, and we know what it is before and after the unlock, what is the barrier to just resetting value to the pre-unlock value? Is it encrypted, obviously we can change the value so it's writable?
I'm not trying to be contrary, and I been reading on these forums for over two years, I know the "unlocker" comes from ASUS, but NONE of the wizards have figured it out? I'm just a half step above a noob, not a developer, just asking for basic information.
Click to expand...
Click to collapse
Mind you: it would serve no effective purpose at all, because ASUS registers the serial number of the unlocked device before probably even writing the block. The only reason you would want to be able to relock is for warranty purposes, but you'd be scr**ed anyway.
mbamberg said:
OK, I'm interested, if we know (not me personally) where the memory position is, and we know what it is before and after the unlock, what is the barrier to just resetting value to the pre-unlock value?
Click to expand...
Click to collapse
As Marty said: It may be possible, but it's pointless.
Related
Hi all,
I've been quite happy with my TF300, but after RMA (like many, many, MANY before me), there's no way to unlock the bootloader. I know there have been numerous threads here on XDA, and they all end in "It can't be done, unless you have some sort of genious working for you". So: I went out and got myself a genious!
Dan J. Rosenberg, The one who unlocked the Moto bootloader, made -through motochopper- root available for our RMA'd TF300's, the genious himself. I've been in touch with him through e-mail, and basically he's more than willing to have a look at our bootloader. For him it's just another hobby
...But... I'm not a dev in any sense. I'm just a user who wants freedom when it comes to his purchase. And now the e-mails get technical. So I need your help, my dearest XDA'ers!
Here's the e-mail I received from him:
"I'd be happy to take a look at your bootloader, but I can't make any
promises, since it's entirely possible Asus has implemented the unlock
process in a cryptographically strong way that is impossible to bypass.
Would you be able to pull the boot partition from your device and send
it to me? Let me know if you need instructions on how to do this."
Is there anyone out here able to help me out??!
I guess if there is ANYONE out there who can do this, Dan is the man. Let's do this!
If your tablet went through RMA you can't unlock it? Seriously?
Sphinix said:
"I'd be happy to take a look at your bootloader, but I can't make any
promises, since it's entirely possible Asus has implemented the unlock
process in a cryptographically strong way that is impossible to bypass.
Would you be able to pull the boot partition from your device and send
it to me? Let me know if you need instructions on how to do this."
Click to expand...
Click to collapse
Our bootloaders encrypted which is probably what he means.
Also the bootloader has changed from version 4.0 to 4.1 to 4.2!
It would be interesting to find out if you can do a brute force attack to try and work out the keys.
I've always been curious about the way the developers/"hackers" actually root/unlock the phone. It seems that many release their rooting/bootloader unlocks but never explain how they did so. Why is that?
It just doesn't make sense that people go through all the work and never explain the how and what...So, my question to all of the bootloader/root developers is; how did you figure it out/get it working/un hard brick/etc. your phone? What exactly did you do to root/unlock your phone?
Note: I'm referring not to the '1-click' utilities that people use, but rather to the people who made them (Just to avoid confusion).
The only resource I've found on how someone unlocked a bootloader is the azimuth security blog post on unlocking the Atrix HD bootloader (I can't post a link)
Yes, I would like to know this as well. What little I do know, is that Developers use SDK/Android tools for the rooting (and as far as I know, unlocking the bootloader) process.
I'll admit my guilt in not searching XDA for these answers, but hopefully someone will chime in and give us a path to follow.
is that mean we must mastering java languange to be able modifying? or is there anothar way?
OK, so I've been doing some reading around the forums and obviously from what I have gathered there is currently no way to obtain WP off or BL unlock on 4.4.4 atleast not on SU6-7 or higher. Atleast I haven't seen any way so I'm assuming if a method does exist then its being closely guarded for now and not being released.
My question isn't about rather its possible or not, I'm sure there is probably a way just not one that has been found or is publicly available. My question is, assuming you did have an exploit that would allow you to remove the write protection how would you actually go about doing it?
I have some free time and access to a second unused Droid Maxx so I was considering poking around. Looking for exploits in software security is kind of a pass time hobby of mine and I have a little training from previous military training. I by no means am an expert but I figure it can't hurt to play around with the second phone that isn't being used (has problems with speaker not working etc). Anyway, I realized I need to learn a few things and can't seem to find any real info as I was reading around on the forums about how write protect off is actually achieved once an exploit gains access to do so.
Worst case scenario I learn a bit of useless info is the way I see it, kind of like reading an entire write up of how the motorola bootloader was being unlocked before they blocked the exploit in these phones. Doesn't help me but its information and I love to learn new things, even useless ones.
OK, so I guess nobody who knows cares to help me out. I was hoping to try and find a way to achieve write protect off again but its hard to find a valid exploit and method when I'm not sure what I need to do to turn off write protect. I am assuming its in the kernel somewhere as I can edit system the same way I rooted on 4.4.4 SU6-7. I don't know what needs to be changed or where its at though so not sure how to attack it. Would love some information, not asking for any other assistance.
arcaios26 said:
OK, so I guess nobody who knows cares to help me out. I was hoping to try and find a way to achieve write protect off again but its hard to find a valid exploit and method when I'm not sure what I need to do to turn off write protect. I am assuming its in the kernel somewhere as I can edit system the same way I rooted on 4.4.4 SU6-7. I don't know what needs to be changed or where its at though so not sure how to attack it. Would love some information, not asking for any other assistance.
Click to expand...
Click to collapse
All I now is that wp is set in the kernel of the phone, I think at least
From what I managed to learn the permanent off was achieved in aboot. I've moved on to exploring the tz kernel, figure if I'm going to spend hours deciphering binaries might as well go for bootloader unlock instead. Don't know if I'll find anything as I'm having to relearn assembly as I go also but who knows
Hi there, I need your help,
I'll try to make a bootloader keygen, and for that, I need guys who already have your bootloader code for compare and find the algorithm
Just pm with your models, IMEI, serial and your bootloader code
If some dev Can help the project, pm me too
Hope it will work ?
Noetmi said:
Hi there, I need your help,
I'll try to make a bootloader keygen, and for that, I need guys who already have your bootloader code for compare and find the algorithm
Just pm with your models, IMEI, serial and your bootloader code
If some dev Can help the project, pm me too
Hope it will work ?
Click to expand...
Click to collapse
There's another thread with this topic. You should contact these members. https://forum.xda-developers.com/huawei-p20/how-to/bootloader-code-generator-huawei-p20-t3913213
You ask for some stuff dangerous to share. I don't really think someone will bring you these informations. I've already seen someone switch his IMEI, serial and much more with a computer and his main goal : steal an IMEI working and not blacklisted.
Another point, someone else already tried to make a keygen without success. Maybe you are right to try if you are honest, but IMO it's not possible to generate the unlock key because it's unique for each phone and not related to the IMEI (just a way to find your code in Huawei database when they could give us our bootloader code). I can say bullshits, because I am not really developer, but that's my opinion
Sorry if my English is sometimes bad
Ps: don't take this post like an agression, it's not. But we have to be careful with our expensive stuff
Doghan13 said:
You ask for some stuff dangerous to share. I don't really think someone will bring you these informations. I've already seen someone switch his IMEI, serial and much more with a computer and his main goal : steal an IMEI working and not blacklisted.
Another point, someone else already tried to make a keygen without success. Maybe you are right to try if you are honest, but IMO it's not possible to generate the unlock key because it's unique for each phone and not related to the IMEI (just a way to find your code in Huawei database when they could give us our bootloader code). I can say bullshits, because I am not really developer, but that's my opinion
Sorry if my English is sometimes bad
Click to expand...
Click to collapse
Non worries for your English speaking, I understood for the risk but for this is how the keygen is make, need to have a lot of database for compare and see how it's works
I already seen the older post, but I don't think it's the way
But, you just said something important, if a Huawei database exist and it's not a key generator, so someone know the URL for this database, and maybe this is why FH and others can't unlock for now
If someone have the information, please tell to us
Noetmi said:
Non worries for your English speaking, I understood for the risk but for this is how the keygen is make, need to have a lot of database for compare and see how it's works
I already seen the older post, but I don't think it's the way
But, you just said something important, if a Huawei database exist and it's not a key generator, so someone know the URL for this database, and maybe this is why FH and others can't unlock for now
If someone have the information, please tell to us
Click to expand...
Click to collapse
I think a database is existing because there is no other way to find the right code for X phone. Except if Huawei generate it themselves, but it's not the case (bootloader code is in NVROM of each phone). At this point, I think they simply use the IMEI to make research and then copy/paste the right code for someone who asked for it before they stop the service.
If I'm right, we just have to find someone who know where these key's were placed, and hoping the database has not been erased.
You seems to be good. But I cannot help you more cause I haven't unlocked my bootloader. Good luck with that, Huawei made a very gigantic mistake by stopping to provide us our bootloader code. Their phones are just excellent, but lack of liberty
Noetmi said:
Non worries for your English speaking, I understood for the risk but for this is how the keygen is make, need to have a lot of database for compare and see how it's works
I already seen the older post, but I don't think it's the way
But, you just said something important, if a Huawei database exist and it's not a key generator, so someone know the URL for this database, and maybe this is why FH and others can't unlock for now
If someone have the information, please tell to us
Click to expand...
Click to collapse
I don't think its a database type thing. Mostly because if you enabled dual sim, which modify's the IMEI if I remember correct, the code changes. Which would mean its somehow based off of the IMEI.
I could also be completely wrong, but I'm just thinking out loud!
Hello it would be really cool if you manage to create a bootloader keygen, thank you for your search
I've tried looking around online and whatnot and have asked many people (even going as far as to email Samsung's team in hopes they might help out somehow) but I always end up back at square one. I genuinely doubt that it's impossible, but I don't know where else to go or what else to do. Does anybody know of a device with a similar situation that I might be able to work a method off of? Perhaps another Samsung device previously thought of to be "impossible to unlock" that I may learn something from? I'd really love to be able to unlock and root and flash this device, as its hardware is quite nice and fast: it's just unfortunate that it gets stuck with OneUI (I know everyone has different opinions on the matter, but I just really don't like Samsung's OS, personally).
Any help or guidance or advice - no matter how small - will be greatly appreciated. Thank you in advance.
you are not having the able to unlock the locked phone that has locked bootloader because they don't wnat you to unlock your phone
TringQuack said:
you are not having the able to unlock the locked phone that has locked bootloader because they don't wnat you to unlock your phone
Click to expand...
Click to collapse
Realme RMX2155 was previously thought to be not unlockable for awhile but somebody ended up cracking it via editing firmware files via hexeditor and some other stuff. Eventually, somebody found an even easier exploit. It's not quite the same as the A53, which is why I'm asking if anybody has any ideas. Tons of unofficial methods exist for different models - some easier and some more difficult. If everybody thought that an official method had to be the only way, I'm near-certain XDA forums would be mostly dead with only a few device-forums active.
I've asked on here previously about unlocking the bootloader for my A536U, but it really went to dead ends. The best asset to cracking these devices is time. Just be patient, someone may find an exploit soon.
Although, finding an exploit has been done for phones, I read years ago that someone who did that for one only got it by chance. Its not easy.
Anyone however can sell it or trade it in and buy a device that's unlockable. Much easier.