Related
Good afternoon
My device is the alcatel a5 LED (5085y) which has the MT6753 chip and is running android 6.0 and is network unlocked. I have been trying to unlock my bootloader and have tried the usual way of booting into fastboot but when i attempt "adb reboot bootloader" it reboots the phone back to the normal mode.
I have a little understanding of other android devices but i am fairly new to mediatek devices so my question is do they have a fastboot/bootloader mode and if they do is there any other step i need to do besides setting the allow oem unlock setting in the developer options?
I am trying to unlock the bootloader so i can then try to port twrp and then root my device and the only available online guides all require using fastboot so am at a loss
thank you in advance for any information/help
Is no one able to shed a little light on my problem. I have recently acquired the auth file for my device and scatter file to use with sp flash tool which would I be right in it being able to flash a custom recovery without unlocking the bootloader
wow i cant believe how helpful (sarcasm) the forums have become in my 10 years of being a member, i am more than certain that someone can shed a little light on my issue.
friartuckme said:
wow i cant believe how helpful (sarcasm) the forums have become in my 10 years of being a member, i am more than certain that someone can shed a little light on my issue.
Click to expand...
Click to collapse
Hello man, I have the same problem. Did you find any solution?
KalenJr said:
Hello man, I have the same problem. Did you find any solution?
Click to expand...
Click to collapse
Unfortunately i have had no look as of yet, I know that it should be possible using flashtool to flash a custom recovery, as it has a secure boot/locked bootloader it will require a special DA.BIN file (downloader file for flashtool), i have extracted all the files from the official firmware recovery software and obtained some DA.BIN files but i think that they are wrote some sort of protection to stop them being used in spflashtool, this is something im looking into and if i gain any progress i will write here
What does the manufacturer do to the phone to make it un-rootable?
This quote: "Strictly speaking, when we talk about a platform as open as the Android OS, it is almost impossible for a manufacturer to make an ‘un-rootable’ device."
would suggest that most likely the manufacturer is not making the phone un-rootable. So then that would leave the OS, but my 4.2.2 KitKat has and is rooted on other devices.
So who and what is at fault here? Seems to me that if it was software, that would be easy. Find an exploit and root. But if it was that easy then all phones/devices would be rootable.
That brings us back to hardware and the manufacturer.
RealRobD said:
What does the manufacturer do to the phone to make it un-rootable?
This quote: "Strictly speaking, when we talk about a platform as open as the Android OS, it is almost impossible for a manufacturer to make an ‘un-rootable’ device."
would suggest that most likely the manufacturer is not making the phone un-rootable. So then that would leave the OS, but my 4.2.2 KitKat has and is rooted on other devices.
So who and what is at fault here? Seems to me that if it was software, that would be easy. Find an exploit and root. But if it was that easy then all phones/devices would be rootable.
That brings us back to hardware and the manufacturer.
Click to expand...
Click to collapse
It is more a matter of the carriers trying their hardest to prevent us from being able to unlock/root the devices they offer and less a matter of the manufacturer trying to prevent it.. They do this for several reasons. But the main reasons are to prevent security breaches, to protect the information on their customer's devices, to prevent having to repair/replace devices that have been broken due to failed rooting/flashing/modifying attempts and to prevent us from using their devices on another carrier's network.
It is considered to be impossible to make devices that absolutely can't be rooted. They are all vulnerable in some manner, these vulnerabilities are called exploits, it's just a matter of finding the right exploit. When exploits are found, the manufacturer or carrier will patch the exploit and release an update for their devices to apply the patch.
The main thing they do to make devices unrootable is to use a locked bootloader, some even use specific hardware components to prevent unapproved software from booting.
It's a combination of things really, there is not necessarily one certain thing they do to keep us from rooting, because there are many different ways to unlock/root devices, they try their best to account for them all.
Sent from my SM-S767VL using Tapatalk
It is considered to be impossible to make devices that absolutely can't be rooted. They are all vulnerable in some manner, these vulnerabilities are called exploits, it's just a matter of finding the right exploit.
Click to expand...
Click to collapse
Can you direct me to the recommended newbie reading to get my learn on?
My Alcatel onetouch has stumped current one click methods, so it's time to learn and crack this puppy on my own.
RealRobD said:
Can you direct me to the recommended newbie reading to get my learn on?
My Alcatel onetouch has stumped current one click methods, so it's time to learn and crack this puppy on my own.
Click to expand...
Click to collapse
If all one click methods have failed, the only option left is to flash some kind of customized software or methods to modify parts of your boot and/or system partitions. Flashing custom software and modifying boot or system requires the device to have an unlocked bootloader.
This means that your first step is to determine whether or not your device has an unlocked bootloader. If it is unlocked, you can flash/modify the device, if it is locked, you can't flash/modify unless you find a method to unlock the bootloader, then you can flash/modify. Do some searches for methods to check your bootloader status.
If you find that the bootloader is unlocked, then you have a few choices:
1) if you can obtain a copy of your stock firmware then you can use the Magisk rooting method to modify the boot.img from your firmware to create a patched boot.img then flash that boot.img using the appropriate flash tool for your device brand.
2) if you can find a copy of TWRP custom recovery for your specific device model number you can flash the TWRP file using the appropriate flash tool for your device brand.
3) if there is no TWRP for your specific model number, you can build your own version of TWRP if the necessary resources are available for your specific model number.
4) if the necessary resources to build TWRP for your specific model number are not available, you can try finding a TWRP for a similar device with the same exact CPU that your device has and port that TWRP to be compatible with your own device.
Do your own searching and researching about each of these options, the more you read about them, the more you will understand.
Sent from my SM-S767VL using Tapatalk
Droidriven said:
If all one click methods have failed, the only option left is to flash some kind of customized software or methods to modify parts of your boot and/or system partitions. Flashing custom software and modifying boot or system requires the device to have an unlocked bootloader.
This means that your first step is to determine whether or not your device has an unlocked bootloader. If it is unlocked, you can flash/modify the device, if it is locked, you can't flash/modify unless you find a method to unlock the bootloader, then you can flash/modify. Do some searches for methods to check your bootloader status.
If you find that the bootloader is unlocked, then you have a few choices:
1) if you can obtain a copy of your stock firmware then you can use the Magisk rooting method to modify the boot.img from your firmware to create a patched boot.img then flash that boot.img using the appropriate flash tool for your device brand.
2) if you can find a copy of TWRP custom recovery for your specific device model number you can flash the TWRP file using the appropriate flash tool for your device brand.
3) if there is no TWRP for your specific model number, you can build your own version of TWRP if the necessary resources are available for your specific model number.
4) if the necessary resources to build TWRP for your specific model number are not available, you can try finding a TWRP for a similar device with the same exact CPU that your device has and port that TWRP to be compatible with your own device.
Do your own searching and researching about each of these options, the more you read about them, the more you will understand.
Sent from my SM-S767VL using Tapatalk
Click to expand...
Click to collapse
Can't get past "Waiting on devices" when using
Code:
fastboot oem device-info
.
Device manager shows the phone is connected just fine.
The phone has no manual way to set fast boot, whether it be the buttons or entering numbers on the keypad.
Device recognized.
Code:
fastboot devices
returns nothing. I guess that means it's not in fast boot mode.
Code:
adb reboot bootloader
and
Code:
adb reboot fastboot
only reboots the phone.
On the other hand,
Code:
adb reboot recovery
does work.
RealRobD said:
Can't get past "Waiting on devices" when using
Code:
fastboot oem device-info
.
Device manager shows the phone is connected just fine.
The phone has no manual way to set fast boot, whether it be the buttons or entering numbers on the keypad.
Device recognized.
Code:
fastboot devices
returns nothing. I guess that means it's not in fast boot mode.
Code:
adb reboot bootloader
and
Code:
adb reboot fastboot
only reboots the phone.
On the other hand,
Code:
adb reboot recovery
does work.
Click to expand...
Click to collapse
Your device probably doesn't even have fastboot mode, some carriers remove fastboot from their devices, especially MVNO(subcontracted) networks.
Sent from my SM-S767VL using Tapatalk
Yep, looks like no Fastboot onboard...
galaxys said:
Yep, looks like no Fastboot onboard...
Click to expand...
Click to collapse
If it's just software, why can't it be bypassed, cracked, hacked, blown up etc?
RealRobD said:
If it's just software, why can't it be bypassed, cracked, hacked, blown up etc?
Click to expand...
Click to collapse
If you're asking about what was said about not having fastboot, it is a lack of software, as in, the software is not even there.
If you're asking if the software can be bypassed, it can, the trick is to find the right exploit. That is the problem, a working exploit has not been discovered for this device.
Without fastboot, there is no way to flash custom files such as TWRP or patched boot.img. This means, the only chance of rooting the device is if one of the one-click universal rooting apps or universal PC rooting programs has an exploit that just happens to network on this device.
Sent from my SM-S767VL using Tapatalk
Droidriven said:
If you're asking about what was said about not having fastboot, it is a lack of software, as in, the software is not even there.
If you're asking if the software can be bypassed, it can, the trick is to find the right exploit. That is the problem, a working exploit has not been discovered for this device.
Without fastboot, there is no way to flash custom files such as TWRP or patched boot.img. This means, the only chance of rooting the device is if one of the one-click universal rooting apps or universal PC rooting programs has an exploit that just happens to network on this device.
Sent from my SM-S767VL using Tapatalk
Click to expand...
Click to collapse
Have any fastboot-less phones in the past been rooted?
If so, do you have any recommended reading as far as exploit hunting is concerned?
Hi everyone.
I'm thinking in buying a phone from CAT (CAT S42) and I'm not sure if I can unlock its bootloader. But I've seen on another forum that the CAT S31 has root available for it through Magisk, and I didn't see anyone mentioning having unlocked the bootloader. S42 has a MediaTek chipset and S31 has a Qualcomm chipset, if that helps.
So my question is: is unlocking bootloader MANDATORY to root a device? Can I just run a custom recovery, root the phone with that, and then the recovery gets overwritten on system boot? Or can I root through USB debugging without even needing custom recovery?
The CAT S31 I mentioned was rooted with Magisk, and as I said, I didn't see anyone talking about unlocked bootloader. But I also read Magisk changes the boot partition and the bootloader checks if it was modified. So I'm a bit confused with this too. It's also written that MiracleBox was used and I'm not sure that's the reason that I'm getting confused or not (I had never heard of this tool until now).
A set of software for obtaining ROOT privileges.
Driver_Qualcom_m.7z (9.27 MB) [link]
Enter HS QDSLoad 9008 mode from Vol + and Vol- off state and connect without releasing to USB
MiracleBox [link]
The Boot image is processed on the phone by the Magisk manager, then uploaded to the phone using Miracle again from the computer.
MagiskManager-v7.3.2.apk (2.71 MB) [link]
Just in case,
Backup firmware without / Data partition
Attached files
XposedInstaller_3.1.5-Magisk.apk (2.96 MB) [link]
Click to expand...
Click to collapse
How may they have done that?
I'm sorry, I don't understand a lot of the root requirements part, since I was lucky and my 1st phone had the bootloader unlocked alreaedy for some reason and the second was as easy as writting a single command. But about this phone there's almost nothing and I'd like to know the general about this. If it's really necessary to have the bootloader unlocked, for example. And if it's not, then what methods can I use with it still locked?
Thanks in advance for any help!
Hello DADi590,
Unfortunately I can't answer all of your questions about S42. I have one of them and I am also looking for and confused with root procedures. But I can tell you that unlock boot loader was just a matter of get developer options on (tapping version # 10 times), and inside you can toogle lock/unlock bootloader...
How to root it safely is what I do not know yet.
good luck!
@DADi590
Rooting the Android OS of a device in practice is nothing more than adding the su cmdlet known from Linux OS to the Android OS. To root Android OS in no case requires device's bootloader must get unlocked to do so.
FYI: The bootloader of an Android device is comparable to the BIOS of a Windows computer.
Actually, after some time I decided to leave CAT alone and buy a Blackview one. If I'd break the phone, at least it wouldn't be as expensive as the CAT S42 (I bought a BV9500 - not Pro or Plus, the normal one).
Since then (with help of adventures with a tablet of mine) I've learned some more things. One of them I was suspecting and was now confirmed (thank you @jwoegerbauer) which is to root the device, just a binary file is needed to be on the correct place: su. I didn't know it was on other Linux OSes though. Interesting!
So the idea is that just a recovery must be installed to root a device. That's it and nothing else, I believe. To install the recovery is the part where one might need to unlock the bootloader - or not, if the chipset manufacturer left a tool to write partitions directly, like MediaTek or Rockchip. On these 2 it's possible to write partitions directly with a locked bootloader (this means the bootloader on my 1st phone was and still is probably locked - like my BV9500 one is, and I flashed various partitions on it already, one of them, a TWRP recovery).
This explanation is for anyone else like me who would have this question. Bootloader is just to flash partitions and I think run modified ROMs too, but not too sure about that (I never use custom ROMs). [Btw, if I said something wrong, I'm happy to be corrected!]
armandrix said:
Hello DADi590,
Unfortunately I can't answer all of your questions about S42. I have one of them and I am also looking for and confused with root procedures. But I can tell you that unlock boot loader was just a matter of get developer options on (tapping version # 10 times), and inside you can toogle lock/unlock bootloader...
How to root it safely is what I do not know yet.
good luck!
Click to expand...
Click to collapse
I believe I asked this because I prefer that it's not required to unlock a bootloader to do stuff. If you screw the phone somehow with the bootloader locked and there's no tool to flash partitions on it and you must be on fastboot with an unlocked bootloader or whatever, you just bricked the phone. And I'd prefer that not to happen. That's why I chose to buy phones that don't need me to unlock the bootloader to do anything on them. That might mean I can't ever brick them (at least I never bricked my 1st phone with the various things I did on it which I later found out not being recommended at all XD).
I've unlocked the bootloader on my Cat S42. Can be done.
I can't find anything definitive about whether it's rootable or not
Same here i tried every root app possible and failed.
just unlock bootloader and flash twrp
after that flash latest magisk zip hope it will work
Bhanu8082 said:
just unlock bootloader and flash twrp
after that flash latest magisk zip hope it will work
Click to expand...
Click to collapse
No need to flash TWRP: Booting into it is sufficient.
Bhanu8082 said:
just unlock bootloader and flash twrp
after that flash latest magisk zip hope it will work
Click to expand...
Click to collapse
How did you unlock the bootloader?
sCriptKittY1987 said:
How did you unlock the bootloader?
Click to expand...
Click to collapse
simple , go to about phone and try to find build number,
after you find build number tap on it until it says you are in developer mode
after that head on to developer option (it may be inside about phone section or above about phone section) turn on the option which says allow oem unlock. then,
just reboot to recovery mode either by pressing volume up or volume down key with power button.
after you enter recovery connect usb cable and open command prompt in pc and make sure that lg device drivers are installed on your pc also make sure you have adb and fastboot installed.
ok, after all this type command
adb devices
if any thing shows us then you have successfully connected your device.
after it type
adb reboot bootloader
then your mobile should restart and show fastboot mode in screen
type command
fastboot oem unlock
and done your bootloader is unlocked.
Bhanu8082 said:
just unlock bootloader and flash twrp
after that flash latest magisk zip hope it will work
Click to expand...
Click to collapse
Where did you find a tarp img for the LG k51?
sCriptKittY1987 said:
Where did you find a tarp img for the LG k51?
Click to expand...
Click to collapse
tarp image????? just follow the tutorial.
I meant TWRP recovery . After you've unlocked the bootloader where did you get a custom recovery to flash for the LG k51. From what I saw on Team Wins website, there isn't one.
Bhanu8082 said:
simple , go to about phone and try to find build number,
after you find build number tap on it until it says you are in developer mode
after that head on to developer option (it may be inside about phone section or above about phone section) turn on the option which says allow oem unlock. then,
just reboot to recovery mode either by pressing volume up or volume down key with power button.
after you enter recovery connect usb cable and open command prompt in pc and make sure that lg device drivers are installed on your pc also make sure you have adb and fastboot installed.
ok, after all this type command
adb devices
if any thing shows us then you have successfully connected your device.
after it type
adb reboot bootloader
then your mobile should restart and show fastboot mode in screen
type command
fastboot oem unlock
and done your bootloader is unlocked.
Click to expand...
Click to collapse
When I typed fastboot oem unlock I get a reply saying <waiting for any device>
sCriptKittY1987 said:
When I typed fastboot oem unlock I get a reply saying <waiting for any device>
Click to expand...
Click to collapse
I doubt that's going to work, but let me know if it does. Carriers and manufacturers use a variety of sophisticated security schemes like requiring lengthy codes that only they can provide, etc to purposely make it very difficult to unlock bootloaders. Tmobile gave me a K51 for free. They apparently feel the have to pay for it by spying on me. I bought a moto g7 plus unlocked for $117 directly from Moto and put Lineage on it, no gapps Would love to use thie k51 though if anyone figures it out because it's more waterproof and bigger battery.
mgsgta3 said:
I can't find anything definitive about whether it's rootable or not
Click to expand...
Click to collapse
Whether device's bootloader is unlockable / device's Android is root-able or not you easily can find out by means of ABB:
Code:
adb shell "getprop ro.oem_unlock_supported"
If returned value is 1, then it's supported otherwise it's not.
sCriptKittY1987 said:
Where did you find a tarp img for the LG k51?
Click to expand...
Click to collapse
and let me guess my doofus luck im guessing no way to unlock it with out a P.C. like nuttin at all?
Absolutely no of the crap above works at all in any capacity especially sprint. Generic postings like hold volume down and power also doesn't work to go into fastboot so if you guys are following the advice of some of these guys don't because you'll drop more money on a new phone then you will unlocking it some variants verizon is one I think you have to call LG I know I spent 6 hrs on the phone with "tech support" aka "jokes with a screen to read from" to FINALLY get into touch with an engineer who told me the only way "NOW" to unlocked the bootloader is in his office which means it has to be depot to be unlocked which as of this moment lg is not doing that WILL change in the future that was 12/03/2020. Even running external adb with kali linux to hack it broke the bootloader and sends you into an infinite reboot loop
jwoegerbauer said:
Whether device's bootloader is unlockable / device's Android is root-able or not you easily can find out by means of ABB:
Code:
adb shell "getprop ro.oem_unlock_supported"
If returned value is 1, then it's supported otherwise it's not.
Click to expand...
Click to collapse
This returns no value on a locked bootloader because even with Dev. Opt. Enables its still read only until bootloader is unlocked this is verified on two carriers k51's sprint and att. However it is unlockable we haven't found it and/or LG has not added this service to their site which is where you will get the info needed for the unlocked.
Oh my. You know you need to do all this from a computer, right? Can't do it in an Android terminal because fastboot commands are only valid in a phone's bootloader environment. And if you didnt know that then rooting and all of the dangers that come with it just isnt for you. But yes, it's rootable. So here you go anyway.
Reboot the phone to download mode.
Install LG's K51 usb drivers, and install adb and fastboot, on your computer.
Open a command prompt and type: fastboot oem unlock
If it does anything other than pat you on the back and tell you it's proud of you and how well you follow instructions, then go back and follow the effing instructions.
Otherwise, type: fastboot reboot.
Download magisk manager.
Do the magisk manager.
Use the LG flash tool on your computer to flash what you just did when you did the magisk manager.
And presto, you're rooted. Or I successfully left out enough info and you dont know how to use Google, leaving your device still not rooted. And thank god for that.
Ive been learning from xda for some time now. Bricked a few phones in my learning curve and tonight i had my first success with my g7, and wrighting this on my new k51. This is my first post and I think that was pretty rude of you to say. This is supposed to be a place to learn, share knowledge, and help those who are less educated. Not look down on people and say crap like that. If he wants to learn even if it takes a couple bricked phones to do it, let him. Either give him the proper procedures or dont say nothing at all. How long did it take you? How many phones? Its taking me quit a while but i am finaly getting somewhere. Keep with it guy. Dont let this dude, or any one else for that matter, bring you down.
Kenwoodquality69 said:
Ive been learning from xda for some time now. Bricked a few phones in my learning curve and tonight i had my first success with my g7, and wrighting this on my new k51. This is my first post and I think that was pretty rude of you to say. This is supposed to be a place to learn, share knowledge, and help those who are less educated. Not look down on people and say crap like that. If he wants to learn even if it takes a couple bricked phones to do it, let him. Either give him the proper procedures or dont say nothing at all. How long did it take you? How many phones? Its taking me quit a while but i am finaly getting somewhere. Keep with it guy. Dont let this dude, or any one else for that matter, bring you down.
Click to expand...
Click to collapse
Yo Ken,
So your K51 rooted?
If so, maybe you could provide a step by step?
I haven't done this yet but is it verified working? I did a google search came across the method to do the unlocking but it showed it was a failed project?
TexasPride said:
I haven't done this yet but is it verified working? I did a google search came across the method to do the unlocking but it showed it was a failed project?
Click to expand...
Click to collapse
O lord i hope this isnt true
Hello. Looking at different forums for answers on this subject, I've found many people who also want to root their Hot Pepper VLE5 devices. I really want to root this thing, and in most forums instead of answering the question, people point out that this device is cheap and not worth rooting. I have tried ADB root, which returns with something like "cannot root production builds", and so I went to see how to change that. Spoiler, that also requires root. Then I saw the push/pull command and SuperSU tutorial, but once again you need root to do that, and to be honest, why would you put that on your device if you already have root?? I'm not exactly sure about how the twrp and magisk stuff works but from what I've seen those also require some kind of super user access or something. I have unlocked the bootloader with ADB, which is one problem out of the way, but I'm running out of options and need some help with it, if anyone wants to help, that is. I need root on this because it is currently the only device I have, besides a laptop made for Windows Vista running 7 Ultimate on it (I have a better PC, just not with me), and I want to do WiFi pentesting and other things because I'm very interested in cyber security and such and it's becoming difficult to find anymore help with this. I really am not concerned with the specs limiting the usage of the device, I just want a solution and there's many others I have found with the same issue.
Thank you for your time.
Only devices running Android of build type ENG and/or USERDEBUG can get rooted, AFAIK.
Only devices running a properly rooted Android can apply command "adb root" what allows you to write to device's /system partition.
To unlock device's bootloader you have to apply the appropriate Fastboot commands: You can't unlock the bootloader via ADB. At least I never have heard or read that this would be possible.
jwoegerbauer said:
Only devices running Android of build type ENG and/or USERDEBUG can get rooted, AFAIK.
Only devices running a properly rooted Android can apply command "adb root" what allows you to write to device's /system partition.
To unlock device's bootloader you have to apply the appropriate Fastboot commands: You can't unlock the bootloader via ADB. At least I never have heard or read that this would be possible.
Click to expand...
Click to collapse
It allowed me to unlock it with ADB or Fastboot or something I forget, it was something via the command line
PulseJaymes said:
It allowed me to unlock it with ADB or Fastboot or something I forget, it was something via the command line
Click to expand...
Click to collapse
1. https://android.tutorials.how/adb-fastboot-installation/
2.
Unrelated, i just sent a DM to user diplomatic asking/offering a low bounty for sharing their mediatek temp-root exploit... They has already posted for other CPU architectures (incl armv8), but not the armv71, which iiuc is what the VLE5 runs on.
Idk diplomatic hasnt been active in a couple months so we'll see if they respond.
jwoegerbauer said:
Only devices running Android of build type ENG and/or USERDEBUG can get rooted, AFAIK.
Only devices running a properly rooted Android can apply command "adb root" what allows you to write to device's /system partition.
To unlock device's bootloader you have to apply the appropriate Fastboot commands: You can't unlock the bootloader via ADB. At least I never have heard or read that this would be possible.
Click to expand...
Click to collapse
@jwoegerbauer
Thanks for the info.
Sounds like the OP did use Fastboot commands.
Their OP question was on rooting... I have the exact same device, so am wondering:
If I unlocked the bootloader (via Fastboot tool commandline),
Can i then break the stock boot image to either:
A.) replace it (eg. with Lineage OS), and/or
B.) extract and patch the existing stock ROM?
(Note, the mgfr oem does not provide any updates nor firmware images, neither ota nor otherwise of any kind.
So i have to work strictly w what is on the device.
Another Q:
If i replace the stock rom w lineage and cannot backup the stock rom first.... Will i need to worry about drivers for Android (eg. wifi/bluetooth chips, GPU, etc.) ? I'm used to working w windows or linux, is why i ask..)
while I have no experiance with qualcomm devices, the procedure is near identical to mediatek devices, so to back up your system partition just boot into EDL mode and read the flash using a qualcomm flashing tool. Then, unpack the system image throw in a su binary under /system/sbin/ repack it and flash it!
it's optional to then install magisk or supersu for a root manager for security.
That's atleast how I mangled my cellphone and did unspeakable things to the system!
I just got this phone using it as a backup right now till I can fix my other phone so I'm assuming nobody got it rooted?
I found this VLE5 if this helps anybody I haven't tried it yet but I see the VLE5 on there