Related
Guys,
Due to build issues (gaps in glass) i replaced my B5 into B7.
Now NVFLASH attempt closing the APX mode
Any mathod root and install CWM on the B7? Any ETA for this?
Thanks!!!
When Asus released the B70 revision of the Transformer, they changed the Secure Boot Key.
As I can not post outside links, I'll just include this info (obtained from androidroot.mobi):
The inner workings of Secure Boot key and Nvflash
What is Secure Boot Key and how does it work?
I’ve been getting lots of questions about this, so here is some simple background:
The secure boot key is an AES128 encryption key that can used to encrypt various data on the flash memory. It’s a generic nvidia tegra2 thing, that the manufacturer can optionally use to make their device more “secure”.
When the SBK is set, it’s stored in a one-time-programmable “fuse”. This also means that now that the key is out, they can’t change it on already released devices, only new devices.
When the tegra2 starts up, the AES key is available to the hardware AES engine only. E.g. not even the bootloader can read it back! However, the bootloader can *use* the key to encrypt whatever data it wants through the hardware AES engine. And here is the explanation why the blob flashing method actually works! The bootloader checks for the blob in the staging partition and encrypts and flashes it as needed.
Once the bootloader is done, it clear the key from the AES engine which makes it impossible to encrypt or decrypt things from within the OS.
So what happens when it boots into APX/Nvflash mode?
The basic APX mode is stored in the BootROM and hence can never be changed. It appears to accept only a very limited range of commands, and each command needs to be encrypted using the SBK to be accepted. If it receives a command that’s not properly encrypted, it disconnects the USB and appears to be off. This is the dreaded “0×4″ error that people have been getting when attempting to get nvflash working.
It should be noted, that even with the SBK inputted into nvflash, most regular nvflash commands won’t be available. I’m still not entirely sure why (and I can’t rule out it will change).
What *is* available, is the nvflash –create command. What this command does is repartition and format all partitions, set bct and odmdata and send over all needed partitions to the device (and encrypt them as needed). This means a full recovery is possible, but regular ability to flash e.g. just boot.img or read partitions off of the device is not possible at this point.
So what do we need for nvflash?
In order to get a working (e.g. –create) nvflash, we need a few bits of information as well as some files:
Secure Boot Key
BCT file (boot device setup, ram configuration and a bit more)
ODM data (board-specific bit-field specifying various board settings. *Needs* to be correct
flash.cfg (e.g. list of settings and names/identifiers of partitions.
On top of these files, we also need all the partitions, e.g. bootloader.bin, boot.img, recovery.img and system.img. Luckily, these partition files are available in official ASUS updates and can be extracted from the blob file using my blob tools
The first four peices aren’t readily available, but through lots of effort and a good deal of luck, we have managed to recreate the needed files. Secure Boot Key has already been released (note that this was by far the hardest!) and the rest will most likely follow over the weekend. Keep in mind that we want to keep this legal, so don’t expect us to release any ready-made packs for unbricking! We will however make the recreated files available. Since these are recreated and not actual ASUS files, there should be no problems with them.
I hope this helps give a better understanding of how and what secure boot key is and what it gives us.
Click to expand...
Click to collapse
The previous SBK was leaked on the internet, and allowed us to flash a custom recovery and thus custom roms. AES128 is almost impossible to brute force so I would not count on it getting out soon. They might find a weakness on how the key is stored and extract it like that somehow.
Not all B70's have a new SBK. The first batch produced still had the old one and the old root method still works. My Transformer is an example of this.
You don't appear to be so lucky. You'll have to wait on a new method.
Sorry man
Helaas said:
When Asus released the B70 revision of the Transformer, they changed the Secure Boot Key.
As I can not post outside links, I'll just include this info (obtained from androidroot.mobi):
The previous SBK was leaked on the internet, and allowed us to flash a custom recovery and thus custom roms. AES128 is almost impossible to brute force so I would not count on it getting out soon. They might find a weakness on how the key is stored and extract it like that somehow.
Not all B70's have a new SBK. The first batch produced still had the old one and the old root method still works. My Transformer is an example of this.
You don't appear to be so lucky. You'll have to wait on a new method.
Sorry man
Click to expand...
Click to collapse
I guess this might be the first proof of a new SBK. I've been waiting to see if it did actually change.
Rommark: A bit more info would be nice, script output, etc.
Here is my question: will trying to issue nvflash commands under the wrong encryption brick my device? I want to try to root but I don't want to brick my tab!
Sent from my MB860 using XDA App
msticninja said:
I guess this might be the first proof of a new SBK. I've been waiting to see if it did actually change.
Rommark: A bit more info would be nice, script output, etc.
Click to expand...
Click to collapse
For what i know the output of nvflash on the new B70 is:
Nvflash started
[resume mode]
connection failed NvError 0x8
The same error if you try an incorrect sbk with the "old" revision of tablet.
P.S. in my naivety i was thinking on some massive brute force: build a script that will brute force a modest number of keys (i.e. ~1000) and distrubute it among all the owners of the new b70 so any device would try a reasonable number of keys. Soon I discovered that the SBK permutations are 16^32 = 3,4028236692093846346337460743177e+38 = 3402823669209384634633746074317700000000000000000000000000000000000000
CinderWild said:
Here is my question: will trying to issue nvflash commands under the wrong encryption brick my device? I want to try to root but I don't want to brick my tab!
Sent from my MB860 using XDA App
Click to expand...
Click to collapse
No, it exit with an error and does absolutely nothing on your device.
Ok thanks for the response, I'll try a simple backup tonight and see what happens.
Sent from my MB860 using XDA App
and I thought that ASUS is an "open minded" company :/
rommark said:
and I thought that ASUS is an "open minded" company :/
Click to expand...
Click to collapse
If you have experience with their routers, you'd think that too. This stance really has me confused. Hell, they even flaunt how much they "love the DIY community" here: http://promos.asus.com/US/ASUS_DD-WRT/index.htm
rebound821 said:
For what i know the output of nvflash on the new B70 is:
Nvflash started
[resume mode]
connection failed NvError 0x8
The same error if you try an incorrect sbk with the "old" revision of tablet.
P.S. in my naivety i was thinking on some massive brute force: build a script that will brute force a modest number of keys (i.e. ~1000) and distrubute it among all the owners of the new b70 so any device would try a reasonable number of keys. Soon I discovered that the SBK permutations are 16^32 = 3,4028236692093846346337460743177e+38 = 3402823669209384634633746074317700000000000000000000000000000000000000
No, it exit with an error and does absolutely nothing on your device.
Click to expand...
Click to collapse
Many of the B70s have used NVFlash correctly. Some people that thought it wasn't working were actually using the --resume command before establishing a connection to resume, so they thought it wasn't working.
That's why I'd like to know the OPs script and error output to see if it's a new SBK, or an incorrect script. I already know what the output will be if it's truly a new SBK.
msticninja said:
Many of the B70s have used NVFlash correctly. Some people that thought it wasn't working were actually using the --resume command before establishing a connection to resume, so they thought it wasn't working.
That's why I'd like to know the OPs script and error output to see if it's a new SBK, or an incorrect script. I already know what the output will be if it's truly a new SBK.
Click to expand...
Click to collapse
Well, in my thread in the dev section i have got 2 B70 who can't nvflash :
http://forum.xda-developers.com/showpost.php?p=16297657&postcount=52
http://forum.xda-developers.com/showpost.php?p=16428731&postcount=116
plus one user who PM me saying he owns a chinese (original) model and got the same error (but here i don't know if it's some china-only restriction).
and one who can:
http://forum.xda-developers.com/showpost.php?p=16322484&postcount=67
My script is correct; if the tablet weren't connected or weren't in apx mode the error should be different (i can remember 0x3 or something).
So the new B70s are among us
msticninja said:
Many of the B70s have used NVFlash correctly. Some people that thought it wasn't working were actually using the --resume command before establishing a connection to resume, so they thought it wasn't working.
That's why I'd like to know the OPs script and error output to see if it's a new SBK, or an incorrect script. I already know what the output will be if it's truly a new SBK.
Click to expand...
Click to collapse
This same folder and files worked on tf b5 b4 replacement....
rommark said:
This same folder and files worked on tf b5 b4 replacement....
Click to expand...
Click to collapse
Thank you. That's what I needed to know.
rebound821: I wasn't saying anything about your script. Once again, I was asking the OP, because he didn't say whether he was using a script, using the backup method, etc., and he didn't say whether is was the 0x4 error.
I understand being defensive about your scripts, and I know there are B70s with new SBKs, but I was trying to help the OP make sure his problem was due to the SBK, and not something in his methodology.
I'm not trying to flame, believe me, but if I ask the OP for information about his methodology, please don't reply with guesses about what he's actually doing. From his post, for all we knew, he wasn't necessarily using your script.
just got my replacement b70 through the post, I had a b60 that I had to return because the charger packed up
i an in the UK, so the tablet has the WW firmware tried the Nvflash method and it didn't work for me either
I also got my b60 replaced with a b70 and now I can't nvflash
It's a WW from Portugal...
Brand new TF bought in Norway, ofc a B70 & completely locked...
Which annoys me to no end....
Sent from my GT-I9100 using XDA Premium App
Bought a new TF in Belgium also of the B70 series and it's locked + the SKU starts with TB.
DISCLAIMER
This tool is only to be used to restore your original MEID/IMEI, this tool is not to be used for anything other then that, by downloading this tool YOU agree that you will only be using it to restore a damaged MEID/IMEI. XDA, FTT, I or anyone else is not held accountable for actions that you might consider doing. Any talk of "Cloning", 'Changing" etc will be reported and immediate ban AS THIS IS YOUR ONLY WARNING. So please avoid this. There should be no reason you don't see this, its the first thing you see when reading the thread.
What this is for
Some users when installing a rom, recovery or unlocking the bootloader experience a lose of there IMEI and or ERI. This tool is designed to help them recover it, specially in the case where they didn't make any prior backups.
PLEASE NOTE
If this does not work for you, you can try to use this code in the dialer *2767*3855# using a stock rom. To see if it will factory reset your device.
You may also try ##RTN# to reset device, this will erase all settings and data from the device. In order for this code to you work you must be on a stock touch wiz rom and enable hidden menu.
Prerequisites
Windows XP, Vista, 7 or 8 64bit or 32bit
Microsoft DotNet 3.5 Installed.
Diagnostic Drivers Installed
How To
You must enable the diagnostic port on your device. If you are on a TouchWiz based rom follow TouchWiz Diag else follow ASOP Diag.
1. Find your IMEI under the battery on the device, you should see a sticker. Copy the IMEI down and power on the device.
2. Connect the device to your computer and open "Device Manger"
3. Check under "Ports" and Look for Samsung and Note the Comport it is on.
4. Open the software and under comports select the comport number you found your device on then click connect.
5. Check the IMEI number of to the left, and note the ERI message. If it is red and says your ERI is missing or not found. Please do both methods.
6. If your ERI is not found, click on "Repair" in the ERI section, if your IMEI is missing, when asked to reboot click "NO" other wise click yes and you are done.
7. Type your IMEI in the IMEI box, Do not worry about MEID it will auto fill once IMEI is typed.
8. You will notice that the last number is added automatically this is done using the Luna Algo and is a checksum number.
9. Once you have typed your IMEI click on "Repair" in the IMEI section, once the repair is done your phone will auto reboot.
10. Please check your ERI and IMEI under Settings/System/About/Status. Your IMEI should appear and ERI version 5 should be there.
Thats it you should not be roaming anymore and your IMEI successfully repaired.
TouchWiz Diag
1.) Bring up the Dial Pad on the phone
2.) Press *#22745927
3.) When the "Enable/Disable Hidden Menu" comes up
tap where it says "Hidden Menu Disabled".
4.) Select "Enable" on the popup.
5.) Select "OK"
6.) Press the "Home" key to return to the home screen.
7.) Bring up the Dial Pad on the phone
8.) Press **87284 (USBUI)
9.) On "PhoneUtil" make sure "PDA" is selected.
10.) Select "Qualcomm USB Settings"
11.) Select "DM+MODEM+ADB"
12.) Select "OK"
Note:You can also use "Casual" and invoke the PhoneUtil menu directly.
AOSP Diag
Using adb. or terminal
Execute DiagMode.sh
Code:
echo 0 > /sys/class/android_usb/android0/enable 0
echo smd,bam > /sys/class/android_usb/android0/f_rmnet/transports
echo diag > /sys/class/android_usb/android0/f_diag/clients
echo 1 > /sys/class/android_usb/android0/f_acm/instances
echo rmnet,acm,diag > /sys/class/android_usb/android0/functions
echo 1 > /sys/class/android_usb/android0/enable
To return to normal
Execute MTPMode.sh as root
Code:
echo "" > /sys/devices/virtual/android_usb/android0/f_mass_storage/lun_ex/file
echo 0 > /sys/devices/virtual/android_usb/android0/enable
echo "mtp,acm,adb" > /sys/class/android_usb/android0/functions
echo 1 > /sys/devices/virtual/android_usb/android0/enable
vold
Video How To
How To Upload ERI using Revskills
Manual Method / How This Works
The IMEI part is complex and I wont go into detail on that at all. If you dont have access to a windows machine, then I'm sorry but most of the avail tools that will allow you to repair IMEI is going to be Windows based and you can use a virtual machine. Not with my tool but others. This is mostly going to be focused on the ERI it self.
The ERI is binary file that is stored on the QCOM chipset, this is the primary file the "Radio" and the device use in order to determine certain functionality of the device.
This is stored as /nvm/eri_0 on the QCOM's EFS. You can use QPST EFS Explorer all though it will probably crash, or some other EFS explorer for Qualcomm chipset's.
I have uploaded the original eri_0 file to this forum. All you have to do is download it. User QPST or Bitpim, Revskills, and upload the file to /nvm/eri_0 you can leave it's permissions as 666 or chmod the permissions to 777 your choice the phone will read it either way.
The /nvm/eri_0 that is uploaded to this forum comes from a stock s3, although its the same ERI file Verizon has been using forever. Thats all this tool does. Simply fix's the IMEI and uploads a good eri file to the correct directory.
Questions and Answers
Q) Do I need to do anything special first like back up any part of my phone or anything ?
A) No, as long as you can enable diag port you can restore your IMEI, just look on the back of your device under the battery for your original IMEI. I STILL ADVISE YOU TO BACK UP using this method here http://forum.xda-developers.com/showthread.php?t=1852255
Q) Can this change IMEI?
A) Its purpose is not to change IMEI doing so is illegal and any talk about changing the IMEI will be reported and you may be banned. I advise against it as it could cause unknown issues.
Q) Can you share how this works.
A) No, sorry my position, my family and my job comes first and this would put me in a bad position.
Q) Can you just tell me in pm.
A) No so dont bother asking.
Q) My phones says Roaming and show roaming icon will this fix it ?
A) Yes this should be able to fix that issue, it does that by uploading the ERI back to the QCOM chipset.
Q) Should I / Do I have to donate ?
A) No, you don't need to donate, and I don't want you to fell you need to. Your donation could go to something else EFF, Adam Outler, XDA, Poor kids in any country, some other foundation. If you feel you would like to donate to me you can, I wont stop you and I wont ask you to.
Credits
Not sure who all to credit if you feel your name should be here Just tell me and why and Ill post it here. I did not read any of the other forum really, but ill list who i have seen and who as helped me identify it was the ERI
Also no particular order
Adam Outler - For everything he does, I watch a lot of his videos.
WildZontar - For his thread, not sure if its his info or just info collected. - http://forum.xda-developers.com/showthread.php?t=1852255
TrevE - For what he has contributed, looks like a lot very knowledgeable person
Jay Evans - For doing the initial tests
BillBauman - Discovered the missing ERI
GerardAnthony - For the AOSP mode scripts
Again, for these people as well, I didn't read the whole thread etc to see everything they contributed. If someone would or if they would / want me to update it please ask to me to update so I can give credit where its do.
amoamare said:
This tool will help you restore your IMEI back to your device. Its about ready. I'm a little tired but I will have it up shortly
Click to expand...
Click to collapse
waiting
Exe has been added.
I gotta give you props just for making your own IMEI all 9's, i would never do that on purpose.
Have to make sure it works as intended lol. I'm not to worried as I know I can restore from it.
the program force closes on me when i try to open it is there something wrong with it? i tried downloading it again and it does the same.
Whats the error you are receiving and are you sure you have at lest 3.5 Dot net installed ?
amoamare said:
Whats the error you are receiving and are you sure you have at lest 3.5 Dot net installed ?
Click to expand...
Click to collapse
ya it could be just something messed up with my computer. im trying to redownload it again and update .net and see if it helps
Does this have the roaming glitch?
What roaming glitch ? Sorry not familiar with that. This doesn't modify anything other then the IMEI
amoamare said:
Whats the error you are receiving and are you sure you have at lest 3.5 Dot net installed ?
Click to expand...
Click to collapse
i updated to 4.5 and still it says program has stopped working and self quits.
same...heres a pic...windows 7 64bit. Ran in compat mode for xp as admin, same error. I am fully updated.
edit: I looked into the app, and you have problem with kernelbase.dll
Ok one sec ill recompile again, one reason i really hate C# haha i think i know what it is
Please re-download should be v2. I forgot to compile a dll with it, so should work now.
sweet dude...yea looks like a faulty dll. Nice program though...I deleted my esn/meid/iemi to see if I could restore earlier today and figured out how but one program would save a lot of steps. Many thanks.
Edit: works!!
amoamare said:
What roaming glitch ? Sorry not familiar with that. This doesn't modify anything other then the IMEI
Click to expand...
Click to collapse
It is where it shows that your roaming, Its a Graphical Glitch.
fr8cture said:
It is where it shows that your roaming, Its a Graphical Glitch.
Click to expand...
Click to collapse
We sure its just a graphical glitch?
Sorry if this is a stupid question. Flame me if you must.
Is it possible to port this to another device or edit to make it compatible. I personally don't need it, but anyone with a lost imei would find it immensely useful. As you can see from my sig I have an att galaxy s2 skyrocket. Thanks for your time.
In case you were wondering this thread showed up in the unread list when I opened the xda app
------------------------------------------------
Sent from my Skyrocket i727 running AOKP JB
For a one stop shop are Vincom's threads
Everything Root: http://forum.xda-developers.com/showthread.php?t=1773659
Returning to Stock: http://forum.xda-developers.com/showthread.php?t=1652398
Mike on XDA,
It's possible but it would have to be written for that device, meaning I would have to have test device or some way to check stuff.
Damn, this is legit man. Thanks so much for making this tool. I have yet to lose mine, but I'm sure it'll happen at some point.
Much appreciated, booted up just fine on win8 rtm. This is the stuff legends are made of haha.
Sent from my SCH-I535 using xda premium
Hello,
I'm trying to recover the IMEI for my T869 by following this guide:
http://forum.xda-developers.com/showthread.php?t=1867442
The first step is to put the phone/tablet in diagnostics mode. There are two methods described which do this. The first one ( for TouchWiz devices, which should apply for this device ) involves using codes in the dialer to enable a hidden menu. As my tab doesn't have a dialer, this method doesn't work. I've tried 3rd party software that claim to execute codes on the tablet but they don't work.
The second method involves running a script. This fails because/sys/class/android_usb/android0/f_rmnet/transports doesn't exist on my tablet.
So, any ideas how to put my tablet in diagnostics mode or how to fix the IMEI for it ? I don't have a backup of the efs folder and the current IMEI is the generic 004999010640000.
Thanks.
MichaelIvinov said:
Hello,
I'm trying to recover the IMEI for my T869 by following this guide:
http://forum.xda-developers.com/showthread.php?t=1867442
The first step is to put the phone/tablet in diagnostics mode. There are two methods described which do this. The first one ( for TouchWiz devices, which should apply for this device ) involves using codes in the dialer to enable a hidden menu. As my tab doesn't have a dialer, this method doesn't work. I've tried 3rd party software that claim to execute codes on the tablet but they don't work.
The second method involves running a script. This fails because/sys/class/android_usb/android0/f_rmnet/transports doesn't exist on my tablet.
So, any ideas how to put my tablet in diagnostics mode or how to fix the IMEI for it ? I don't have a backup of the efs folder and the current IMEI is the generic 004999010640000.
Thanks.
Click to expand...
Click to collapse
The Dialer is part of Phone.apk, which won't show up on the T869 normally even if its "installed".
There's a file within framework-res.apk (which is found @ /res/values/bools.xml) which essentially tells the Android OS what features the host device does and does not have. The relevant value is <bool name="config_voice_capable">.
By default the T869 will have:
<bool name="config_voice_capable">false</bool>
Changing that to
<bool name="config_voice_capable">true</bool>
Tells the OS that the device is "voice capable", meaning it can make & receive phone calls. This will then allow the Phone.apk features to show up, provided you have Phone.apk installed.
The process of modifying framework-res.apk is somewhat complicated, and your ROM may or may even have Phone.apk present, depending on what you are using. However, at least now you know why you have no dialer.
DivinityCycle said:
The Dialer is part of Phone.apk, which won't show up on the T869 normally even if its "installed".
There's a file within framework-res.apk (which is found @ /res/values/bools.xml) which essentially tells the Android OS what features the host device does and does not have. The relevant value is <bool name="config_voice_capable">.
By default the T869 will have:
<bool name="config_voice_capable">false</bool>
Changing that to
<bool name="config_voice_capable">true</bool>
Tells the OS that the device is "voice capable", meaning it can make & receive phone calls. This will then allow the Phone.apk features to show up, provided you have Phone.apk installed.
The process of modifying framework-res.apk is somewhat complicated, and your ROM may or may even have Phone.apk present, depending on what you are using. However, at least now you know why you have no dialer.
Click to expand...
Click to collapse
I actually did follow your guide here: http://forum.xda-developers.com/showthread.php?t=1872348 to try to get my native dialer but never got it to work. I know that it should work, but I get endless crashes/reboots if I enable voice capabilities for my tab .. All apps crash seconds from startup. What exact ROM do you have which works for enabling the native dialer? I'm running the official ICS build.
MichaelIvinov said:
I actually did follow your guide here: http://forum.xda-developers.com/showthread.php?t=1872348 to try to get my native dialer but never got it to work. I know that it should work, but I get endless crashes/reboots if I enable voice capabilities for my tab .. All apps crash seconds from startup. What exact ROM do you have which works for enabling the native dialer? I'm running the official ICS build.
Click to expand...
Click to collapse
I pretty much only use CM10. Aorth has nightly builds of it. The last "good" CM10 is cm-10-20130118-UNOFFICIAL-t869.zip, which you can get here: http://goo.im/devs/aorth/roms/t869/
I'm curious, what purpose does retrieving the IMEI serve anyways?
DivinityCycle said:
I pretty much only use CM10. Aorth has nightly builds of it. The last "good" CM10 is cm-10-20130118-UNOFFICIAL-t869.zip, which you can get here: ....
I'm curious, what purpose does retrieving the IMEI serve anyways?
Click to expand...
Click to collapse
Well my tablet has the generic IMEI as stated above. Since about 2 days ago, my tablet hasn't been able to connect to the T-Mobile network. I have had the generic IMEI for some time and it has worked. Now either T-Mobile has decided to start blocking the IMEI from the network or my tablet is physically damaged.
I have bars, I can search for networks and it will find T-Mobile and AT&T, I've tried different SIMs with different plans and also checked the SIMs in other phones and they work. Can you connect to the T-Mobile network with the generic IMEI or do you still have your original IMEI?
MichaelIvinov said:
Well my tablet has the generic IMEI as stated above. Since about 2 days ago, my tablet hasn't been able to connect to the T-Mobile network. I have had the generic IMEI for some time and it has worked. Now either T-Mobile has decided to start blocking the IMEI from the network or my tablet is physically damaged.
I have bars, I can search for networks and it will find T-Mobile and AT&T, I've tried different SIMs with different plans and also checked the SIMs in other phones and they work. Can you connect to the T-Mobile network with the generic IMEI or do you still have your original IMEI?
Click to expand...
Click to collapse
I appear to have my "real" IMEI. I have used CM10 nightlies on this tab pretty much since day 1. Have had no problems connected to the T-Mo data network. I would imagine if the IMEI is messed up you should be able to RMA that device, which sucks
find an app called 'any cut' this will allow you to access all the intents and action your device is capable of.
One of them should be service mode.
be careful....
also , if you really want this I would definetly talk to these guys.. http://mobiletechvideos.mybigcommerce.com/samsung-galaxy-tab-plus-imei-efs-repair/
JTAG'd my GT-P6200. I know yours is the Tmobile variant, but he usually has success with new products, etc.
I would ask him.
He is in Texas US of course..
good luck..
Ok, It's confirmed: T-Mobile has started blocking the generic IMEI from their network. At least that's what I conclude from finding a thread on reddit(can't link but you can google the title) from 3 days ago, exactly when I started having the problem:
Anyone else running a custom ROM and have your IMEI reset to 004999010640000? T-Mobile likely blocked your phone today.
DivinityCycle, Just checked again and your bools.xml edit only works with CM10. I've gotten it successfully going on CM10, but the code that gets entered in the dialer only works on a TouchWiz ROM, as noted in the original thread :facepalm:
When I try the same thing on stock GingerBread / ICS I get endless application crashes / freezes so that basically i can't do anything, even launch an app, not to mention enter a code.
chrisrotolo, AnyCut - Managed to install it and create a shortcut to the ServiceMode action but when I execute that shortcut it crashes and nothing happens.
Any other tips?
you could also try factory mode, which will bring up a calculator.
From there enter the *#*# dialer code to get you into service mode...i forget it off hand but i have posted it numerous times,
also if you try another action shortcut, one that is a submenu of the service,mode main menu, such as network, etc.. and that works, you can usually back all the way up to the main menu in service mode.
also CM ROM may have these .apks removed... should be on stock ROM though.
good luck.
chrisrotolo said:
you could also try factory mode, which will bring up a calculator.
From there enter the *#*# dialer code to get you into service mode...i forget it off hand but i have posted it numerous times,
also if you try another action shortcut, one that is a submenu of the service,mode main menu, such as network, etc.. and that works, you can usually back all the way up to the main menu in service mode.
also CM ROM may have these .apks removed... should be on stock ROM though.
good luck.
Click to expand...
Click to collapse
Factory mode worked for me but did not solve my problem. I managed to put the tablet in "modem" USB mode which from what I understand should be diag mode, what I'm looking for, but Windows( All: 7, XP, 32, 64 ) can't find drivers for it. It's showing up as 7 CDCs.
Anyone have any suggestions or knows what "7 CDCs" is and how do I get to an actual working diag mode from that ?
I dialed *#7284#, got this :
i.imgur.com/5W2HSlN.jpg
for drivers, usually you can dowload heimdall and go to 'zadig' (or something similar), with device in download mode: double click zadig.exe it will install drivers
you should see at least one CDC driver possibly a modem driver as well.
Alternatively another good way to install drivers for me has been PDAnet by june fabrics.
find it download .apk it pretty well walks you through set-up.
Thats the right screen for setting usb to modem, etc..
I've had 2 backup's of my EFS folder since day one.
chrisrotolo said:
for drivers, usually you can dowload heimdall and go to 'zadig' (or something similar), with device in download mode: double click zadig.exe it will install drivers
you should see at least one CDC driver possibly a modem driver as well.
Alternatively another good way to install drivers for me has been PDAnet by june fabrics.
find it download .apk it pretty well walks you through set-up.
Thats the right screen for setting usb to modem, etc..
I've had 2 backup's of my EFS folder since day one.
Click to expand...
Click to collapse
Thanks for the suggestions, but I couldn't get them to work. PDAnet requires that the device be put in regular-ADB mode to install drivers - and does install 'normal' drivers but doesn't install the diag mode drivers. zadig installs a driver for the 7 CDCs device but It's listed as a USB device, not as a COM serial port as required by the application.
chrisrotolo said:
I've had 2 backup's of my EFS folder since day one.
Click to expand...
Click to collapse
Do you really need the extra one or can I have it ? :silly:
Still no success so far.
The only possibility I see Is doing a restore using NsPro, which apparently is the only software that supports the T869.
NsPro v6.5.2 released:
-Added I547, T869, T879 support.
Anybody knows how I can try to fix the tab with NSPro without buying the box + 1 year activation ?
Yeah send it to someone who has one...
Have you contacted mobiletechvideos.com yet? They are US based, but one of the best for these types of things..
chrisrotolo said:
Yeah send it to someone who has one...
Have you contacted mobiletechvideos.com yet? They are US based, but one of the best for these types of things..
Click to expand...
Click to collapse
Thanks, didn't know about them. It seems that they require that the device be shipped.
Has anybody dealt with them before ? How reliable are they / where are they located ?
I got this phone (Lenovo A606) about a month ago with the following problems:
1) Modem (the one with the SIM card) doesn't work, status in the about section shows "invalid IMEI" and "unknown baseband". SIM card settings are greyed out in the settings.
2) Wi-fi works fine, but i always have an additional SSID in wifi menu that says 0x010 something error
According to previous owner, it went bad after bad flash or update, but he might have been lying and modem is physically dead due to some reason.
3) Serial number is also a blank
So far i've tried:
1) Flashing different stock firmwares with full flash format and DA DL flags checked/unchecked in SP Flash tool
2) Fixing nvram/trying to restore IMEI and SN through numerous tools of different versions: Maui Meta 3g, SN Writer tool, SN Station Writer tool, infinity box CM2MTK, etc - every one of tools that i've tried (i've also tried different versions of the same tools) show me different errors, best solutions online for which are "check your drivers, change usb cable or change computer" all of which i've obviously tried with the exact same result
3) Fixing nvram by deleting nvram folder in /dev/nvram
4) Replacing MP0B_001 in the nvram folder (rather putting it in, the target folder is empty after stock flashing)
5) Using nvram fixes through both custom and stock recovery menus prepared by the poor bastards like me, but with more knowledge about this stuff
6) Flashing nvram from a donor working phone through SP Flash tool
And since i'm making this post nothing of the above has worked.
So far i've came up with two possibilities:
1) The modem is physically dead and i lost in total 72 hours of my life on a goose chase. If this case is true, how can I make sure of it? Is there a low-level recovery menu or a factory mode that can confirm/deny it?
2) I'm doing something wrong and there is a simple fix for it. In this case, I ask for help guide me in the right direction, if possible with exact instructions.
fdxcd said:
I got this phone (Lenovo A606) about a month ago with the following problems:
1) Modem (the one with the SIM card) doesn't work, status in the about section shows "invalid IMEI" and "unknown baseband". SIM card settings are greyed out in the settings.
2) Wi-fi works fine, but i always have an additional SSID in wifi menu that says 0x010 something error
According to previous owner, it went bad after bad flash or update, but he might have been lying and modem is physically dead due to some reason.
3) Serial number is also a blank
So far i've tried:
1) Flashing different stock firmwares with full flash format and DA DL flags checked/unchecked in SP Flash tool
2) Fixing nvram/trying to restore IMEI and SN through numerous tools of different versions: Maui Meta 3g, SN Writer tool, SN Station Writer tool, infinity box CM2MTK, etc - every one of tools that i've tried (i've also tried different versions of the same tools) show me different errors, best solutions online for which are "check your drivers, change usb cable or change computer" all of which i've obviously tried with the exact same result
3) Fixing nvram by deleting nvram folder in /dev/nvram
4) Replacing MP0B_001 in the nvram folder (rather putting it in, the target folder is empty after stock flashing)
5) Using nvram fixes through both custom and stock recovery menus prepared by the poor bastards like me, but with more knowledge about this stuff
6) Flashing nvram from a donor working phone through SP Flash tool
And since i'm making this post nothing of the above has worked.
So far i've came up with two possibilities:
1) The modem is physically dead and i lost in total 72 hours of my life on a goose chase. If this case is true, how can I make sure of it? Is there a low-level recovery menu or a factory mode that can confirm/deny it?
2) I'm doing something wrong and there is a simple fix for it. In this case, I ask for help guide me in the right direction, if possible with exact instructions.
Click to expand...
Click to collapse
Greetings and welcome to assist. Changing IMEI numbers is illegal and can not be discussed on xda so we have to be careful. If you have the original IMEI number it may be possible to restore it with an octoplus box or something similar but we are limited to what can be discussed on xda
Regards
Sawdoctor
sawdoctor said:
Greetings and welcome to assist. Changing IMEI numbers is illegal and can not be discussed on xda so we have to be careful. If you have the original IMEI number it may be possible to restore it with an octoplus box or something similar but we are limited to what can be discussed on xda
Regards
Sawdoctor
Click to expand...
Click to collapse
Never tried to change it, since there wasn't any imei in the firmware to begin with. I only fruitlessly trying to return sim functionality
Anyone left with some humanity is requested to PLEASE HELP ME if you have a Redmi 6a device or know a guy with redmi 6a device.
I actually bricked my device unintentionally and did found a way to get out using SP Flash Tool, However the thing I am stuck in right now is worse than bricking a phone.
Both SIM Cards are not working. I did a lot of research and found that I need two files:
[nvdata.img] [nvram.bin]
Unfortunately I don't have any backup for this. Now what I am looking for is some kind hearted person who can take a backup of their [nvdata] [nvram] partition and give it to me and I'll replace all their data like IMEI numbers etc with my own. I have my IMEI numbers ready to be feeded. I did a lot of try using those engineering ROMS and Tools. NOTHING WORKS!
I regret my decision of jumping in something I don't know about. I want you to please have pity on me so that I don't have to live without my phone.
==============CURRENTLY ON NEGHBOURS WIFI WHO CAN CHANGE PASSWORD ANYTHIME IF HE GETS TO KNOW THAT I HAVE HIS PASSWORD BEFORE HE DOES THIS PLEASE GET ME OUT OF THIS SO THAT I CAN USE MY OWN PHONE FOR INTERNET. I AM COMPLETELY DEPENDENT ON CELLULAR DATA!===============
====YA I AM THIS MUCH POOR!!!==== NO MONEY FOR A NEW PHONE====I AM NOT STEALING ANYONE'S IMEI====PLEASE HELP!=====PLEASE HELP FOR HUMANITY
Edit : root your phone, and then follow this page https://forum.hovatek.com/thread-25458.html it worked for me
Tab E said:
Edit : root your phone, and then follow this page https://forum.hovatek.com/thread-25458.html it worked for me
Click to expand...
Click to collapse
I tried it but it still shows imei unknown. What device is your fixed mobile phone? xiaomi or some other?
IMEI gets added to mobile device when it's built. It's stored in device's /EFS and/or /NVRAM partition. If you haven't backed up this partition before you flashed a new ROM then you have lost unless the IMEI is printed on the box in which device has been delivered.
jwoegerbauer said:
IMEI gets added to mobile device when it's built. It's stored in device's /EFS and/or /NVRAM partition. If you haven't backed up this partition before you flashed a new ROM then you have lost unless the IMEI is printed on the box in which device has been delivered.
Click to expand...
Click to collapse
I have both imei numbers on the phone's box, Thank God, but the problem is how to have them working in the phone
Look inside here:
(2023) How To Change IMEI Number of Android Phones (Latest)
Latest tricks to change the IMEI number of android phones easily without rooting your android phone. so change a serial number of your android device in 2023.
itechhacks.com