The purpose of this thread is to provide a guide for users who have Proxyme preloaded in their device's firmware and want to find out how to use it effectively. Ideally, this will be a place to share experiences and ideas to further improve the tool and provide solutions to problems that people may have.
Introduction
Proxyme ( proc-zahym ) represents a system access solution comprised of the following components:
System service - provides access to privileged system environment
SSH daemon - provides secure shell (ssh) and file (scp) access (based on dropbear)
proxyme.apk - user interface module
This solution is offered as a preloaded option in firmware images and consequently cannot (should not) be installed as a regular app, either from the Play Store or being side loaded. The reason for pre-loading stems from the requirements of the system service component to be able to integrate at system level and not be bound by operating restrictions within the Android application and framework platform environment (Zygote and Dalvik sandbox). The Play Store has been enlisted as the primary and preferred source in providing updates to the user interface component; the actual app you will be interacting with.
Proxyme offers the following functionality through its user interface:
Installation/de-installation of the su binary to provide/remove root access
(useful only for other applications which require root level access)
The persistent behaviour of the su binary can be controlled by a one-shot switch
Register/de-register tag-along scripts for su enable and disable actions
(more details on this below)
Control availability and location of busybox toolbox
Start/Stop SSH daemon
Configure listening port for the SSH daemon
Configure user accounts for the SSH daemon
Submit and execute a shell script
SU Binary
The option to enable or disable the su binary switch (on/off) in the user interface is the equivalent of rooting and unrooting the device. When enabled, you are providing root access to apps which require it to perform correctly. Currently, Proxyme does not have built-in support for monitoring and 'policing' the actual access to root.
Auto Root @ Boot
This switch in the Proxyme app allows you to indicate whether the su binary should be installed or removed during a reboot or startup of the device. Setting it to the 'on' position will make the su binary persistent throughout reboot cycles and leave your phone permanently 'rooted'.
Registering Tag-along Scripts
Whenever you enable or disable the su binary with the on/off switch in the user interface, there exists an option to execute a user script just prior to and one unique to each action. This is possible by pre-registering a script for one of or both enable/disable actions. A script can virtually perform anything and is always executed within root context. Note that you must be very cautious about the scripts you are registering and be certain about their intentions, because a rogue script could cause irreparable damage to you device.
Each script has the option to override, and thus block, the intended action (enable or disable) by setting a system property named proxyme.override to anything but blank.
One purpose of having tag-along scripts would be to 'freeze' and 'unfreeze' specific root-shy apps, which do not 'like' rooted systems. This is one area where we can share the experience of pre-coded scripts for certain target apps and I do hope it will be put to good use.
To submit a script file, tap on one of the SU Enable Script or SU Disable Script text elements to start browsing for a file.
Busybox
Busybox is just that, busybox. Options are available to determine one of two hard-configured locations where it can be installed and to enable or disable it.
More to follow later...
SSH Daemon
The SSH daemon is based on dropbear. It has been modified to support logon accounts in Android, which are configured with the following parameters:
username
password
home directory
which shell to use
user ID
group ID
For whatever reasons, you can restrict access by specifying non-root user and group (0:0) IDs. The IDs you can choose from are derived from a system list which was used and known within Android at the moment of booting the device. If you have installed new apps in the meantime and would like to use their newly assigned IDs, then please reboot the phone to update this list.
Executing Shell Scripts
The ability to submit and execute a shell script from the user interface can be considered a convenient and quick way to get some tasks done. Take note however that your scripts are run in a privileged environment under the root account and that there are risks involved. A rogue or insufficiently tested script can cause major problems if/when it makes changes to key system partitions, which are normally mounted read only for obvious reasons.
Most rom images will include a sample de-bloating script,which removes ROM specific branding apps. The script. /sdcard/Proxyme/debloat.sh, shows how this is done and could serve as a base for more extensive clean-up of firmware components, if you so desire.
Operational Notes
Whenever a device boots from a factory reset condition (i.e. after wiping data), there will be no UID/GID list available in the user management screen. The reason for this is that the SuMeD setup process will complete before the app data store, the location where aforementioned list is stored. has been initialised. Restart the device in order to make this list available.
Behind The Scenes
For details regarding how Proxyme's system service components are integrated in a firmware image, please follow this trail...
Device Support
Before taking the next step to flash your phone/device, please be aware of the risks involved with performing such an operation. Prepare the device properly, i.e. sufficient battery charge, and be well informed of the correct flashing procedure(s) for your device's make and model. On Samsung devices, rooting will probably trigger 'custom' flag(s) and consequently render the warranty void. No matter how adventurous you may feel, it is always a bad idea to try to flash a firmware image which is not intended for your device. Having said all that, note that you will be flashing your phone at your own risk. You are solely responsible for anything you do to your phone/device, so make sure you are well informed and well prepared before deciding to flash or install anything on it.
The following list will be updated as soon as new firmware images are prepared for new and old devices.
Samsung Galaxy Note 10.1 2014
SM-P600 - (reference post)
Samsung Galaxy J
SC-02F (Docomo) - (reference thread)
SGH-N075T (Taiwan) - (reference thread)
Samsung Note 3
SM-N9005 - (reference post)
SM-N900A - (reference post - unconfirmed)
Samsung Galaxy S4
SHV-E330K - (reference thread)
SHV-E330L - (reference thread)
SHV-E330S - (reference thread)
SGH-I337 - (reference post - unconfirmed)
SC-04E - (reference post)
Samsung Galaxy Grand 2
SM-G710L - (reference post)
Samsung Galaxy S3
GT-I9300 - (reference post)
SC-03E - (reference thread)
SHV-E210K - (reference thread)
SHV-E210L - (reference thread)
SHV-E210S - (reference post)
SHW-M440S - (reference post)
Samsung Galaxy S2 LTE
SHV-E110S - (reference thread)
Samsung Galaxy S2
SHW-M250K - (reference post)
Planned Changes
built-in control of su access (much like what Superuser currently does)
choice of built-in simple file browser or use intents to initiate external app(s) for browsing and selecting files
...
Proxyme - Behind The Scenes
This section details how Proxyme's system service components are integrated in a firmware image.
If you are not up to speed with how a typical Android system is constructed, then I would like to suggest you at least make yourself familiar with this topic in order to fully understand what to do with the following text.
The system service components are integrated in the /system partition (mount point) in Android. In the case of changing a live system this will require mounting the appropriate partition read/write before applying the updates. If a static firmware image is to be updated, then extract the component which represents the /system partition from the package and apply the updates before re-packing the firmware image.
The following list describes the major system service components:
hijacker - this is a module you need to write, which has the role of initiating the system service in a privileged environment.
hjprepper - this module is started by the hijacker to prepare the environment prior to starting SuMeD
SuMeD - this one is what it's all about. The Proxyme app relies on this daemon to be up and running in order to perform any of its privileged functions
SSHD - the SSH daemon is represented by an updated implementation of dropbear on Android
Hijacker
The hijacker is a program you would normally have to write to replace an existing program in your rom, which is started during the boot process by for example initd. This part of the integration process requires your (creative) input, since you need to analyse the rom you are working on and figure out how and where to position the hijacker module. If you do find an existing module to hijack, make sure to always call that original module from your hijacker once it has managed to execute the hjprepper program. In some roms it suffices to start hjprepper from a shell script, which is run with root access... they exist, you just have to look for them.
This is what your hijacker could look like in C
Code:
#define PROP_HIJACK "proxyme.hijack.system"
#define HIJACKEE "/system/bin/original-program"
#define PREPPER "/system/xbin/hjprepper"
int main( int argc, char *argv[] )
{
char *lArgv[5];
char **lArgList;
int lArgCnt;
pid_t pid;
lArgList = (char **)malloc( sizeof(void *) * (argc + 1) );
for ( lArgCnt = 0; lArgCnt < argc; lArgCnt++ )
{
lArgList[ lArgCnt ] = argv[ lArgCnt ];
}
lArgList[ lArgCnt ] = NULL;
/* Fork parent process */
pid = fork();
if ( pid < 0 )
{
property_set( PROP_HIJACK, (char *)"Hijacker Startup... spawning failed, prep first before xfer" );
system( "/system/xbin/hjprepper" );
execv( HIJACKEE, lArgv );
exit( EXIT_SUCCESS );
}
else if ( pid > 0 )
{
property_set( PROP_HIJACK, (char *)"Hijacker startup... spawned, parent ascends phase 2" );
execv( HIJACKEE, lArgv );
exit( EXIT_SUCCESS );
}
if ( execl(PREPPER, PREPPER, (char *)NULL) < 0 )
{
property_set( PROP_HIJACK, (char *)"Hijacker startup... failed to call prepper" );
}
exit( EXIT_SUCCESS );
}
hjprepper
This program is responsible for setting up an operating environment for the SuMeD daemon. If you have full control over a rom's boot image, then include a call in your init process to start this module once during boot. If not, then use a hijacker program or look for existing and suitable scripts to initiate hjprepper.
hjprepper starts the SuMeD daemon once it completes the setup and configuration procedure.
SuMeD
This bad boy is responsible for the user requested actions through interaction with the Proxyme app.
Prebuilt Packages
To get you started, there are pre-built modules available,which you can download here. Currently, availability is limited to Android 4.3 and 4.4.2 only. The following zip archives are organized in a folder tree structure,which serves as a guide for where to place the modules within the /system path.
4.3 Prebuilts
4.4.2 Prebuilts
Filler 2
Filler 2
Filler 3
Filler 3
Please add support in latest SHV-E110S 4.1.2 rom(s)
Title says/asks it all...
Can You guide build pre-rooted rom by proxyme? Thank you very much.
linhbs said:
Can You guide build pre-rooted rom by proxyme? Thank you very much.
Click to expand...
Click to collapse
Behind The Scenes section has been added to the OP.
Can this method be used to prebuilts S3, S4, Note3 not Korea? Thanks so much.
linhbs said:
Can this method be used to prebuilts S3, S4, Note3 not Korea? Thanks so much.
Click to expand...
Click to collapse
Yes. You need to figure out how to get the SuMeD daemon started and that depends on the rom you want to integrate it in. The Behind The Scenes post highlights what areas to focus on when doing this.
Note that the first post includes 2 firmware images (both Android 4.3 and 4.4.2) for the international Note3 (SM-N9005). It's a no-brainer to copy the files from the appropriate directories to an equivalent and same level version firmware for another region of the same device.
Please add support N900A 4.4.2. Thank you very much.
linhbs said:
Please add support N900A 4.4.2. Thank you very much.
Click to expand...
Click to collapse
Has 4.4.2 been released on that device? If yes, a download link for the official stock firmware will help speed up the process. If not, then we wait or you could send a PM to davidcsv with the 10 or 11 digit s/n and he will monitor and download the latest release as soon as it becomes available...after that your new firmware image will be uploaded within a day.
Link: http://www.androidfilehost.com/?fid=23321874045862490. Thank you for your interest!
linhbs said:
Link: http://www.androidfilehost.com/?fid=23321874045862490. Thank you for your interest!
Click to expand...
Click to collapse
N900AUCECMLG (preloaded with Proxyme) (2014-01-04)
This rom implicitly performs a factory reset, so backup your data before flashing it. Unpack the zip archive and specify the resulting .tar.md5 filename in the PDA/AP section of the latest version of Odin.
Use Proxyme to execute the /sdcard/Proxyme/debloat.sh script to get rid of the k n o x messages.
mega.co.nz
torrent, mirror
Apparently, this firmware image is a pre-release/leaked image and not the final deal. It includes an updated bootloader and related components, meaning that it will not be straightforward to revert back to an older version of the firmware. If you encounter problems with this Proxyme preloaded image, then I'd suggest flashing the image from the original download link.
All feedback is welcome and will be appreciated. Enjoy!
Thank you very much. I ask you to add proxyme in I337 4.4.2 rom. Thank you very much.
Link: http://www.androidfilehost.com/?fid=23329332407566813
linhbs said:
Thank you very much. I ask you to add proxyme in I337 4.4.2 rom. Thank you very much.
Link: http://www.androidfilehost.com/?fid=23329332407566813
Click to expand...
Click to collapse
I337UCUFMLD (preloaded with Proxyme) (2014-01-02)
This rom implicitly performs a factory reset, so backup your data before flashing it. Unpack the zip archive and specify the resulting .tar.md5 filename in the PDA/AP section of the latest version of Odin.
Use Proxyme to execute the /sdcard/Proxyme/debloat.sh script to get rid of the k n o x messages.
mega.co.nz
torrent, mirror
Apparently, this firmware image is also a pre-release/leaked image and not the final deal. It too includes an updated bootloader and related components, meaning that it will not be straightforward to revert back to an older version of the firmware. If you encounter problems with this Proxyme preloaded image, then I'd suggest flashing the image from the original download link. A Google search shows that this image does have a few minor issues, so beware.
All feedback is welcome and will be appreciated. Enjoy!
Thank so much. I find the phone test. Will respond to you.
SC-04E Stock Firmware Proxyme Rooter images
Root Ready Stock Images
(Unfortunately, flashing these ROMs will trigger KNOX)
Kitkat 4.4
SC04EOMUFNI3 (Proxyme) (Build Date 2014-09-19)
This zip archive contains an Odin flashable file. It is not the complete stock image, so you MUST have OMUFNI3 already running on your phone or you will need to download it from the above reference sites, which carry complete stock firmware images, and flash it before continuing with this file. Instructions are included in the zip archive.
uploaded.net
mediafire
torrent, mirror2
I337:
- Before flash rom: I337UCUEMK2 version 4.3
- After flash rom I337UCUFMLD (preloaded with Proxyme) fail.
Good.
linhbs said:
I337:
- Before flash rom: I337UCUEMK2 version 4.3
- After flash rom I337UCUFMLD (preloaded with Proxyme) fail.
Click to expand...
Click to collapse
Please post the complete log from the message box in Odin. One more question, is your phone 16GB or 32GB model?
update: and also try again with newer version of Odin v3.09 instead of v3.07
Related
HI EVERYBODY,I WILL DISCUSS HERE ABOUT DEELOPMENT OF OUR DEVICE A110Q.WE ALL KNOW THAT OUR DEVICE HAS AWESOME HARDWARE SPECIFICATION,I AM MENTIONING SOME IMPORTANT ONES -
Chipset - Mediatek MT6589
CPU - Quad-core 1.2 GHz Cortex-A7
GPU - PowerVR SGX544
RAM - 1GB
SCREEN - 480 x 854 pixels, 5.0 inches (~196 ppi pixel density)
CAMERA - 8MP REAR,2MP FRONT
CURRENT ANDROID VERSION - ANDROID 4.2.1
PLEASE DO NOT POST QUESTIONS IN THIS THREAS AS THIS POST IS WIP. PLEASE DO NOT POST COMMENTS IN THIS THREAD.IF YOU WANT TO MAKE A THREAD CONTRIBUTION ,POST LINKS TO INFORMATION OR INFORMATIVE POST PLEASE.
IF U FINDING DIFFICULTIES IN UNDERSTANDING SOME TERMS THEN SEE AT BOTTOM OF POST FOR ABBREVIATIONS LIST.
FIRST STEP IN DEVELOPMENT OF DEVICE IS "ROOTING".IT MEANS GRANTING ROOT ACESS PERMISSIONS TO CERTAIN APPS
AND MODIFY PROTECTED STORAGE.
CONSEQUENCES - AFTER ROOTING YOUR DEVICE,YOUR WARRANTY WILL BE VOID.THERE ARE SOME WAY TO RETURN BACK TO
WARRANTY.
FOR ROOTING & UNROOTING A110Q-
http://forum.xda-developers.com/mic...l/micromax-a110q-canvas-plus-rooting-t2323893
SECOND STEP COMES IS INSTALLING CLOCKWORKMODE RECOVERY.THIS MEANS REPLACING CURRENT STOCK RECOVEY AND
MODIFYING IT BY INSTALLING CUSTOM ONE.THIS STEP CAN BE DONE AFTER ROOTING DEVICE OR VIA SP FLASH TOOL BUT WE HAVE CURRENTLY GUIDE FOR VIA ROOT AND SOME APPS ONLY.WE HAVE TWO RECOVEY-ClockWorkMod v5.5.0.4 Recovery & Philz Touch Recovery
HERE IS GUIDE FOR INSTALLING CUSTOM RECOVERY--
ClockWorkMod v6.0.0.4 Recovery-Stable & suggested
ClockWorkMod v6.0.4.8 Recovery-Having Backup Bug.
ClockWorkMod v5.5.0.4 Recovery-Stable
Philz Touch Recovery-Lots Of Bugs
THE NEXT THING IS INSTALLING CUSTOM ROMS.THIS MEANS REPLACING YOUR CURRENT ANDROID PROVIDED BY COMPANY BY A CUSTOM ONE DEVELOPED BY OUR DEVELOPERS OR PORTED FROM OTHER DEVICES.
BEFORE INSTALLING ANY CUSTOM ROMS,YOU ARE ADVISED TO TAKE NANDROID BACKUP YOUR CURRENT ROM.IT MEANS TAKING BACKUP OF FULL ROM INCLUDING APP,DATA,CONTACTS,CALL LOGS EVERYTHING.THIS WILL HELP WHEN YOU MESSED UP.
HERE IS LINK-
http://forum.xda-developers.com/micromax-canvas-2/help/how-to-nandroid-backup-t2645983
TO INSTALL CUSTOM ROMS YOU WILL HAVE TO FOLLOW THIS GUIDE-
http://forum.xda-developers.com/micromax-canvas-2/help/how-to-install-custom-roms-t2645977
IF YOU HAVE INSTALLED CUSTOM ROMS AND NEED TO GO TO SERVICE CENTER THEN YOU CAN EASILY FLASH STOCK ROM FROM
HERE(SP FLASH TOOL,THIS METHOD WILL DELEAT EVERYTHING AND BRING YOUR PHONE TO NEW STATE)--
http://forum.xda-developers.com/mic...ide-how-to-unbrick-micromax-canvas-2-t2492344
THIS IS SAME AS UNBRICKING.
OR THIS (THIS IS STOCK ROM FLASHABLE VIA CWM RECOVERY,IF YOU USED THIS METHOD AND YOU NEED TO VISIT SERVICE CENTER UNDER WARRENTY THEN YOU MUST UNROOT YOU DEVICE ALSO AS IT WILL NOT UNROOT)--
http://d-h.st/mZO (BY TEAM DARKDROID.)
DOWNLOAD THIS ZIP AND PLACE INTO SD AND FLASH AS OTHER CUSTOM ROMS.
IF YOUR DEVICE IS SOFT BRICKED THEN USE THIS LINK TO UNBRICK-
http://forum.xda-developers.com/mic...ide-how-to-unbrick-micromax-canvas-2-t2492344
NOW HERE IS A OPTIONAL AND SUGGESTED THING TO DO,IF YOU DO THIS YOU CAN ENJOY BETTER CUSTOM ROMS:-SYSTEM PARTITION INCREASE GUIDE FOR INCREASING SYSTEM PARTITION SO THAT LARGE SIZE BETTER ROM CAN BE INSTALLED.Earlier we were using too old method to increase partition and that was dangerous too as it Corrupts the IMEI
of device but fortunatly i developed a way to increase system partition by CWM without losing IMEI and anything.So no worry now.Go HERE
HERE IS LINK FOR INCREASING SYSTEM PARTITION By SP TOOLS BUT IT WILL CORRUPT YOUR IMEI SO USE ONLY CWM ONE:-
http://forum.xda-developers.com/micromax-canvas-2/general/increase-partition-a110q-canvas-2-t2568182
HERE IS LINK FOR PERMANENT IMEI RECOVERY SOLUTION IF YOU ARE TOO LATE-
http://forum.xda-developers.com/micromax-canvas-2/help/permanent-imei-solution-t2662403
YOU CAN TWEAK YOUR PHONE BY VARIOUS METHODS TO INCREASE PERFORMANCE,STABILITY.FOR TWEAKING YOUR ANDROID HERE SOME GUIDES--
INCREASE RAM BY SWAP MEMORY-
http://forum.xda-developers.com/mic.../mod-increase-extra-ram-canvas-a110q-t2589488
INCREASE APP STORAGE OF DEVICE-
http://forum.xda-developers.com/showthread.php?p=49081376
IF YOU FORGOTTEN YOU LOCK PIN OR SOFT BRICKED YOUR DEVICE THEN USE MY MMX A-I-O TOOL TO MAKE YOUR LIFE EASY:-HERE
ALL ROMS & MODS FOR A110Q
IF YOU ARE A NOOB AND DO NOT KNOW ANYTHING ABOUT THESE,POST YOUR QUERIES ON THIS LINK-
http://forum.xda-developers.com/micromax-canvas-2/help/noob-freindly-post-t2645972
COMMON ABBREVIATIONS.BY@Deadly
XDA RELATED ACRONYMS
DEV: Developer
ERD: Elite Recognized Developer
FM/FSM: Forum Moderator/Forum Specific Moderator
RC: Recognized Contributor
RD: Recognized Developer
RT: Recognized Themer
SM: Senior Moderator
GENERAL
AFAIK: As Far As I Know
ATM - At the moment
BTDT - Been there done that
CRACK: The password / product key / license key illegally used for unauthorized usage are known as a crack of the software . Also please read the warning posted at warez meaning below. The same applies to cracks
ETA - Estimated time of arrival.. Note: Asking ETA in dev section is a big NO NO..!!
FTFY: Fixed that for you
FTW - For the win
FWIW: For what it's worth
FYI: For Your Information
IBTL/IB4L - In before the lock / In Before Lock
IDK: I Dont Know (Thats what it means and i am not saying i dont know about IDK!!)
IIRC - If I recall / remember correctly
IRC - Internet Relay Chat
LOL - Laugh out loud
NEWBIE: Someone who is new to this field/ forum and wants to learn how to do it rather than say "NOT WORKING! FIX IT!".
NOOB: Someone who is new and doesn't want to learn "HOW" its done, just want to "USE" the end product. So, please guys dont be a noob, be a newbie!
OP: Short for Original Poster, or the person who originally started the thread.
OT - Off Topic
PM: Short for Private Message. Allows users of XDA to send and receive non-public messages. Accessed from USER CP.
P.S: stands for Post Script. It is used when u wrote a message on a postcard and u forgot to mention an important information.*
ROFL - Roll on floor laughing
RTL: Right To Left support (In Some languages you have to start reading from right and end towards left side.. as against to usual method of reading from left to right)
SMH: Shake my head
STH: Something
TBH: To Be Honest
TIA: Thanks In Advance
THREAD: An individual issue page on the forum. This thing you're reading is a thread.
TLDR: Too long to read
TM: stands for Trademark.
USER CP: Short for User Control Panel. This button near the top of the XDA page allows users to update their avatar, personal information, and signature. PMs and subscribed threads can also be checked in this location.
WARES/WAREZ: Warez refers primarily to copyrighted works distributed without fees or royalties, and may be traded, in general violation of copyright law. To make it simple, it is any app/software which has to be paid to use them, but are used without paying any money.. PLEASE NOTE: THIS IS NOT TOLERATED AT XDA. SO PLEASE DONT POST WARES ANYWHERE ON XDA FORUMS. YOU WILL GET BANS/INFRACTIONS IF YOU DO SO!
ANDROID DEVICE RELATED:
ADB: Android Debug Bridge, a utility to run on a PC to allow connection to and control of an Android device. Part of the Android Software Development Kit (SDK), it allows for ROOT-level access to the Android device from a computer.
AOSP: Short for Android Open Source Project. The open-sourced code from which individuals can build new distributions of Android.
APK: An Android executable file, similar to the .exe file in Windows. Most programs will install with a .apk file.
Apps2SD:A method of storing applications and cache on the device's microSD card.
Bloatware: Software or 'apps' that you don't need, but come preinstalled to a device's /system partition, meaning that you cannot remove them unless the device has been rooted
Boot Animation: Boot animation is a term for a graphical representation of the boot process of the operating system. After you switch on / reboot phone you see this.
BOOTLOADER: There are two of these; the primary and secondary bootloaders. These programs tell the Android device how to start up, and are critical to its functionality.
Bootloop: When your system recycles over and over without entering the main OS.
BRICK/(HARD BRICK): An Android device that is completely non-responsive, i.e. nothing lights up, the screen does nothing, no combination of button presses cause any reaction. Can only be restored by JTAG or warranty service.
BUILD.PROP: A plain text file which contains environmental variables for the system to use during operation. Can be hacked to fake a different model for increased functionality, among many other operations. It is also used to make tweaks to boost speed/performance, etc.
BUSYBOX: An application that contains many standard Unix tools.
BUTTON COMBO/THREE BUTTON COMBO: The act of pressing several buttons at the same time to produce a desired result (e.g. press and hold volume up+home button+power button for 10 seconds will reboot into the RECOVERY menu at any movement when phone is on or Press and hold volume down+power button+home button to get into ODIN mode/DOWNLOAD mode).
Cache:A component that transparently stores data so that future requests for that data can be served faster.
CM: Short for CyanogenMod. CyanogenMod is an Android build built from the Android Open Source Project, and its builds are usable on multiple different Android Devices.
CPU: It stands for Central Processing Unit and handles all the complex mathematical formulas necessary to do everyday things like surfing the Internet.
CSC - File with Carrier Customizations
Custom bin counter: A line of code in several Samsung Galaxy devices' bootloaders that counts the number of times a user uses ODIN to flash ROMS/KERNELS to the device. Commonly used to detect software modification. This is called custom bin down in ODIN mode and it should be 0 to claim warranty. Can be reset with GALAXY TOOLBOX APP by Doky73
Custom: Independent developers who like to customize their devices beyond the standard options provided often tend to release the fruits of their labor for the rest to enjoy, in form of custom ROMs.
CWM: Short for ClockWorkMod Recovery Menu. This is a program that allows you to install custom ROMS/KERNELS as well as do many other customizations. Often referred to as the "RECOVERY MENU"/"CWM"
DALVIK CACHE: The collection of program information stored for use by the DALVIK program. This can be cleared from the RECOVERY menu to resolve issues with the Android OS.
DALVIK: The Android operating system's memory management tool. This program handles which other programs are running and assigns memory to them
DEODEXED: Removing the .odex files from an APK file. The .odex files contain a list of dependencies for the associated file, and if something changes, the .odex (and similarly, the associated file) not longer function correctly.
DMESG: dmesg (for "display message") is a command on some Unix-like operating systems that prints the message buffer of the kernel..
DOWNLOAD MODE: Read Button combo to know about this.
EFS: The directory /efs on the Android device's internal storage. Contains files with the Android device's IMEI, wireless devices MAC addresses, product code, and other information..
EMMC: Short for Embedded MultiMediaCard. A chip architecture consisting of an embedded storage solution with MMC interface, flash memory and controller, all in a small ball grid array package.
EXT4: A journaling file system (e.g. NTFS, FAT32 are file systems) often used by Linux distributions. Can be used with Android.
EXTERNAL SD: A micro SD card that has been inserted in the micro SD slot in the Android device. Can be removed.
FACTORY RESET: This will remove all user customizations in the Android OS, returning it to a factory state. Note: This will not wipe the Internal SD card. It will just make it as a phone just bought from the store state.
FC/FORCE CLOSE: When a program on the Android device becomes unstable/gets an error, the DALVIK program will force it to terminate to prevent further system instability which appears as a Force Close message usually in phone.
FLASHING: The act of writing code to the Android device. ROMs, MODEMs, KERNELs, and BOOTLOADERs can all be flashed. Independent from, and having nothing to do with, Adobe's Flash product.
FREEZE: Specific to LINK2SD/TITANIUM BACKUP. Using these 2 apps, the user changes a program into a non-functional, but still installed, state. Useful for identifying problem and FCs.
gapps - Google Applications, like GMail, Calendar, Maps, G+, etc
GB - Gingerbread, AKA Android OS 2.3.X
GOVERNOR: A program that interacts with the device hardware to increase or decrease the processor's clock speed (e.g. at low usage, it will set the processor speed to 400 MHz, but as usage increases, it would scale up to 1000 MHz).
HSUPA/HSDPA: Short for High Speed (Up/Down) Packet Access. This is 3G+, and is the Android device's internet speed level between 3G and 4G.
ICS: Short for Ice Cream Sandwich, the Android OS version 4.0.x.
IMEI: Short for International Mobile Equipment Identity. A unique number to identify GSM, WCDMA, and iDEN phones. Used by GSM networks to identify valid devices.
INTERNAL SD: The internal storage memory of the Android device. Not a physical SD card that can be removed.
JB: Short for Jelly Bean, the Android OS version 4.1.x.
JIG: A piece of hardware that makes a physical connection between pins of the USB slot to force the Android device into DOWNLOAD mode.
JTAG: A process of connecting directly to the main board of the Android device to rewrite corrupted BOOTLOADERS.
KERNEL: The kernel is a program that constitutes the central core of a computer operating system. It has complete control over everything that occurs in the system.
LAST_KMESG: last_kmsg is a dump of the printk statements from the kernel before the operating system itself crashed.
LAUNCHER: A program that launches programs in Android. Examples are Touchwiz (Samsung), HOLO Launcher, Launcher Pro, ADW Launcher, and Go Launcher EX.
LCD Density: Pixel density is a measurement of the resolution of devices in various contexts; typically computer displays, image scanners, and digital camera image sensors.
LOGCAT: A command to view messages in one of the system logs. See Android logger.
LTE: Stands for Long Term Evolution. It is based on the GSM/EDGE and UMTS/HSPA network technologies, increasing the capacity and speed using a different radio interface together with core network improvements.
MAI77 method: Its only known here. So dont say this out of SGY forum. This is a method to flash kernel through CWM using Kernel flasher tool made by MAI77. Its basically you have kernel flasher tool and boot.img file in SDCARD root and you select kernel flasher tool in CWM and it will install boot.img file which is the kernel you selected.
MD5 CHECKSUM: A 32-digit (128-bit) hash number generated by a cryptographic program to ensure that a downloaded file matches the original file. The original file is run through the MD5 generator program, which creates the 32-bit number. This number is checked against the md5 number created with the file the end user receives to ensure file integrity.
MIUI: A Chinese built-from-source ROM. Short for "Mobile Internet User Interface". Also can refer to the MIUI music player, which has been included in other ROMs.
Mod: The act of modifying a piece of hardware or software or anything else for that matter, to perform a function not originally conceived or intended by the designer.
MODEM: The software that interfaces with the phone's radio hardware to connect to cell phone towers.
NANDROID BACKUP: A complete system image backup of the Android device except for the MODEM and KERNEL. Can be accessed from CWM.
ODEX: A file that is associated with an APK file, containing a list of the dependencies for the program. See also DEODEXED.
ODIN: A Samsung proprietary program that allows the Android device to be flashed back to stock or with custom software.
OVERCLOCKING/OC: Setting the processor's clock speed to run faster than its default setting, i.e. 1248 MHz (1.2 GHz) vs 832 MHz (Default)
OTA - Over-the-Air (usually used as "OTA update" for firmware updates that can be installed directly via 3G/4G/Wi-Fi without the need of an PC)
PIT FILE: Short for Partition Information Table file. One of the possible file types used while flashing with ODIN or HEIMDALL.
Port: To Take a rom or app from one phone and program it to work on a different one.
Ram: (Random Access Memory) A group of memory chips, typically of the dynamic RAM (DRAM) type, which function as the computer's primary workspace.
RECOVERY: The menu that allows a user to do many low-level operations on the Android Device. This menu can either be the stock Samsung menu, or the CLOCKWORKMOD RECOVERY MENU (CWM). See also CWM.
RFS: A Samsung-proprietary file system (e.g. NTFS, FAT32 are file systems) used on some Android devices. Stands for Robust File System.
RIL - Radio Interface Layer
ROM: The collection of programs, themes, and settings that create the general look-and-feel of your Android device. This is what most users will initially be wanting to change. Or custom ROM firmware file, Can also refer to a Read-only memory.
ROOT: Changing the permission level of the Android system to its most powerful level, the root user, allowing full access to the file system. More like Administrator permission in Windows OS.
SGY /SGYD /SGYP /SGYPD : Samsung Galaxy Y / Samsung Galaxy Y Duos / Samsung Galaxy Y Pro/ Samsung Galaxy Y Pro Duos
Sideloading: It means installing applications without using the official Android Market.
SOFT BRICK: A device that is not functioning correctly, but still shows some signs of operation. See also BRICK.
STOCK: The Android software version that comes installed on new devices, prior to sale to the user. Can also be used to refer to the Android software issued from Samsung or the carrier.
Superuser/SU: On many computer operating systems, the superuser is a special user account used for system administration. Depending on the operating system, the actual name of this account might be: root, administrator or supervisor.
TETHER: Connecting the Android device to a computer via a wired or wireless connection to allow the transfer of data through the Android device's internet connection. Commonly used to provide internet access to a laptop or desktop computer when other methods are not desired or available.
THEME: A collection of images, backgrounds, colors, font types, and other visual items to change the Android device's look and feel. Separate from LAUNCHER, and is usually FLASHed in CWM.
TWRP2 - an alternate recovery mode for your phone
UNDERVOLTING/UV: Setting the voltage levels drawn by the Android device to a lower level to reduce overall battery usage.
Updater Script: When Android devices install updates via CWM/recovery mode they have to perform a wide range of functions on files and permissions. The scripting language is called Edify and is defined primarily in the bootable/recovery/{edify,edifyscripting,updater} directories of the Android source-code tree.
WCDMA: Short for Wideband Code Division Multiple Access. An air interface standard in 3G mobile communications networks that allows higher speeds and more users.
ZIPALIGNED: An archive alignment tool that provides important optimization to APK files. The purpose is to ensure that all uncompressed data starts with a particular alignment relative to the start of the file. Reduces RAM consumption.
ALL THE LINKS,MATERIALS OR THREAD I AM REFERRING IN THIS POST OWN THE CREDIT AND THEIR OP.
I AM ONLY HELPING YOU TO UNDERSTAND AND FIND ALL THINGS EASILY.
NO RIGHTS RESERVED BY ME.
All Available Roms
ROMS-
Stock Romwith flashing unbricking guide.
Stock Rom V3 SP tool (use same V1 method for flashing)
Pre-Rooted Stock Rom
Lewo Rom
MIUI RoM
SGalaxy V1 V2
Baidu Rom
Xperia-Fusion FINAL
Color Os
Xtrme rom
Lewa os 5
Kitkat Themed ROM
BEAST STOCK ROM
MiVo ROM
Note3 Rom
Project Doge Rom
X'Os
CyanogenMod 10.2
Pure Xperia Rom
CyanogenMod 11
MODS
MODS-
INCREASE EXTRA RAM
SYSTEM PARTITION INCREASE
INCREASE APP STORAGE OF DEVICE
Flashable Fonts Via CWM
Helpful Videos
Micromax Canvas 2 plus IMEI Permanent Fixing Solution
How to Increase System Partition Of Micromax Canvas 2 plus.
Rooting + Installing CWM in Micromax Canvas 2 plus.
How to revert to the Stock Rom from increased system partition
reServed
You might wanna check this guide out http://forum.xda-developers.com/micr...k-rom-t2714611
Nyc post helpful
Sent from my A110Q using XDA Premium 4 mobile app
---------- Post added at 05:18 PM ---------- Previous post was at 04:54 PM ----------
Yes
Sent from my A110Q using XDA Premium 4 mobile app
your r awesome bro...
Where is the link of stock recovery?
Sent from my Micromax A110Q using XDA Premium 4 mobile app
Paras1259 said:
Where is the link of stock recovery?
Sent from my Micromax A110Q using XDA Premium 4 mobile app
Click to expand...
Click to collapse
You dont need the link :| you can just disable custom recovery
Front camera
A small mistake in the specifications, our phones has a 2mp front camera not 5 other than that it's a very useful thread good job
Very Useful posts
@digyvijaykumar123 : Can you please help me on this threadhttp://forum.xda-developers.com/micromax-canvas-2/help/camera-proximity-sensors-micromax-a110q-t2962167. All i need is to disable only the Proximity Sensor so that the screen wont go black whenever i try to make a call
sandeep37 said:
Very Useful posts
Click to expand...
Click to collapse
[email protected]� said:
A small mistake in the specifications, our phones has a 2mp front camera not 5 other than that it's a very useful thread good job
Click to expand...
Click to collapse
Thanks for pointing,corrected now.
How can I increase my phone memory
Inception is a set of tools for auto configuring android devices. You can do the following:
Include any apps to be (pre)installed
Remove any stock apps
Root the device
Install busybox
Configure Wifi networks
Generate all device settings
Patch APKs
Replace Kernel, and/or ramdisk data in both boot and recovery imgs
Place your adb keys, configure USB debugging
You specify all this in a JSON config file. And then inception creates the following depending on what you specify in your configuration:
OTA Update Package that applies all your changes once installed
Modified recovery img
Modified boot img
Cache img that bundles the update package and instructs android to install it once in recovery
Odin flashable tar.md5
With the right configuration, you can also generate auto-root update packages, or update packages that just install busybox, or both.
Code:
incept autoroot --code samsung.degaswifi
or
Code:
incept busybox --code samsung.degaswifi
Or out of a stock recovery img:
Code:
incept autoroot --code inception.device --recovery /path/to/recovery.img
Inception does not create a full system image or compile roms. It bundles only the required changes in an Android update package and generates an update script which applies those changes. This results in update packages that are substantially smaller than when flashing a whole ROM.
As an output example, I posted this Samsung SM-T230 auto-root package, and another Samsung SM-T113 auto-root package that were both generated using inception.
Full source code for inception and installation instructions are available here: https://github.com/tgalal/inception
Please post feedback/questions/problems here
XDA:DevDB Information
inception, Tool/Utility for all devices (see above for details)
Contributors
tgalal
Source Code: https://github.com/tgalal/inception
Version Information
Status: Testing
Created 2015-06-11
Last Updated 2015-06-11
i have a file %USERPROFILE%\.android\adbkey.pub in windows, how to incept into /data/misc/adb/adb_keys with odin? (Samsung Galaxy Tab 3 Lite SM-T113)
where exactly place the key? is this a JSON config file?
Code:
{
"update": {
"adb": {
"__make__": true,
"keys": [
"PUBLIC_KEY_DATA_1",
"PUBLIC_KEY_DATA_2"
]
}
}
}
edit: found the README.md but it is a lot of information. can you please post minimal steps how to create a tar.md5 from adbkey.pub?
1. install linux
2. add packages (requirements)
3. download and install inception (at this point it fails with exit 1 older version of dulwich)
4. incept bootstrap?
5. pass the adbkey.pup to json?
6. incept make?
7. generate odin package??
8. ... ?
AOSP 4.4.4 ROM baked with DEXHUNTER built in.
More info for dexhunter can be found here:
https://github.com/zyq8709/DexHunter
https://github.com/zyq8709/DexHunter/blob/master/slide.pptx
Credits to the DEXHUNTER team that put this together.
Usage:
If you want to unpack an app, you need to push the "dexname" file to "/data/" in the mobile before starting the app. The first line in "dexname" is the feature string (referring to "slide.pptx"). The second line is the data path of the target app (e.g. "/data/data/com.test.test/"). Its line ending should be in the style of Unix/Linux. You can observe the log using "logcat" to determine whether the unpacking procedure is finished. Once done, the generated "whole.dex" file is the wanted result which is located in the app's data directory.
Github Project Page Has more information.
String List:
360: /data/data/XXX/.jiagu/classes.dex
Ali: /data/data/XXX/files/libmobisecy1.zip
Baidu: /data/data/XXX/.1/classes.jar
Bangcle/Secneo: /data/data/XXX/.cache/classes.jar
Tencent: /data/app/XXX-1.apk (/data/app/XXX-2.apk)
ijiami: /data/data/XXX/cache/.
Notes:
This ROM is not rooted and has no modifications other than the DEXHUNTER integration(reason is some apps will detect root). If you have a custom recovery you can apply root easily via flash file. This ROM is built to analyze/dump dex data of packages that use heavy anti debugging, dex manipulation and dynamically loaded methods and classes . If you don't understand this, this ROM is probably not for you. Please deffer to the power point slides for more information.
This ROM has only been tested with Nexus Grouper. It May brick other devices.
Tested via Flashing with TeamWin recovery.
DOWNLOAD FILE:
https://www.dropbox.com/s/y7tixw8rfvx6b0v/DEXHUNTER-aosp_grouper-ota-eng.zip?dl=0
Download link does not work please fix
Could you please reupload?
Please reupload this. I really need this to analyze chinese spyware app
FIsH a la carte - A porting guide for the FIsH framework.
Proudly introducing Android FIsH: Fluffy Incredible steadfasterX Hijack
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
FIsH: Fluffy Incredible steadfasterX Hijack
First of all:
All this is for the brain of DEVELOPERS.
Well.. to be more specific: not really for developers but for COMPILERS
For using FIsH You do NOT need to DEVELOP anything - normally - the only thing you should be able to do is COMPILING -> e.g. TWRP.
If you have the knowledge to compile TWRP then FIsH is what you need to bring it on your locked device.
Just follow the menu card in the post #3 "Bring FIsH on the menu card" and your job is done.
If you are a user wanting to have FIsH for your device: FIND A COMPILER (a person who is able to compile TWRP/ROMs/.. for your device!!).
DO NOT ASK IF I CAN PORT FIsH TO YOUR DEVICE!
DO NOT ASK IF I CAN COMPILE [FILL IN WHATEVER YOU WANT] FOR YOU!
-> instead find a person willing to port FIsH plus the ramdisk of your choice (e.g. TWRP) and point him/her here.
When do you feel like a compiler or u want to be one: read on
if not: really still here? I said find a compiler!
Table of content
This whole thing here is damn long.. but that's one of the major difference for the FIsH: I try to explain what I do
For a better handling I splitted the guide into several parts:
This post: Explain me the FIsH (What it is)
Post #2: FIsH bowels (What's inside)
Post #3: Bring FIsH on the menu card (porting FIsH)
Post #4: FIsH cuisine (examples)
Post #5: FIsH hydra (multiboot in FIsH)
Post #6: Chew the FIsH (Copying/License)
Post #6: FIsH mutation history (Changelog)
Post #7: Go FIsHing (enduser installation guide example)
Overview
You can not unlock your bootloader? So now it's all over right?
TWRP and flashing custom ROMs on locked devices is impossible right?
Oh no wait there are hacks (up to KK) which have a workaround for this but I couldn't find anything for LL (sorry if I missed something) and what I found was not easy to port so nothing generic which i could just adapt easily.
Here is where the Android FIsH (refered to just FIsH in this whole doc) steps in
FIsH means: [F]luffy ncredible teadfasterX [H]ijack
FIsH is different from Safestrap or other hijacks because it should be better understood as a kind of framework for any ramdisk image you want to load.
FIsH will not harm the Android boot chain! Means it will not modify /boot, /recovery or aboot partitions. It will just modify /system.
FIsH:
... is NOT MultiROM (see post #5: FIsH hydra)
... is NOT efidroid (see post #5: FIsH hydra)
... is NOT Safestrap
... is NOT TWRP (booting with FIsH is tested and works)
... does NOT root your phone
... does NOT unlock your phone
... is a WORK IN PROGRESS!
... but FIsH could (in theory) "BOOT" any of the above!
U got it? FIsH is the hack to boot whatever you want.
This also means atm it is tested on some devices only and the only FIsHFOOD (ramdisk) FULLY tested and so stated to be working is TWRP.
Nevertheless I'm hard working currently on porting either MultiROM-in-FIsH or efidroid-in-FIsH to bring custom ROMs to locked devices as well (see post #5: FIsH hydra).
What the FIsH is (in short words)
Read about the full details of the implementation of FIsH in the next post (Post #2: FIsH bowels (What's inside)) but to give you a short overview:
FIsH is a boot hijack and wants to be a FRAMEWORK for booting any fishfood (ramdisk) you like.
FIsH is portable to other devices
FIsH gives you all possibilities to make the most of your device by letting you boot whatever you like
FIsH will not provide or contain any ROM or recovery by it's own - THATS YOUR HOLY OWN JOB NOW!
FIsH is the tool -> but building a ROM or recovery is (still) up to you.
These questions may come up in your mind now
Will FIsH void your warranty? Not more or less then rooting your device.
Will FIsH unlock your bootloader? omg NO! read it again!
Is there a risk with FIsH? For example could it soft-brick my device? Well.. absolutely! Safe is the death only. There are always risks especially for untested devices. I do all I can to keep this risk as low as possible and I provided a way to get out of bootloops but again you will get no guarantees here and elsewhere.
Will it work on Android version ICS, KK, LL, MM, N, O, ....? Check the pre-requirements. If you can answer them with yes it should work. If not then not. That easy.
Will I need a recovery partition to use FIsH? No. FIsH ran in RAM only. Even if your device does not have a recovery partition it will work.
Will FIsH work for my device? FIsH is more than just a hack for a special device or model it is a hack for ALL devices of ANY vendor! wtf? yes. Your FISHFOOD is device specific so the question would be better: Will the FISHFOOD (e.g. TWRP) work on my device? The answer is it depends. You need to compile it for your specific device and it should but who knows.
To narrow it a little more down:
you have to met the pre-requirements and there has to be done some things to get a value out of it but those are straight forward for a good compiler/developer like you!
FIsH pre-requirements
Here are the pre-requirements you have to met!
If you can't get them: Close this page and FORGET it (until the day you met those reqs)!
Here are the 2 simple requirements you have to met:
a) root by SuperSU >=v2.76 (greater or equal v2.76)
--> to test this requirement just start the installer of FIsH with --check (see next lines) which will check for all requirements and abort if its not possible
--> for many devices - if not all - this means you HAVE TO downgrade/install LL. It also means that you have to upgrade your SuperSU to this version by e.g. FlashFire if you have a lower version installed!
--> SU by phh is NOT supported => It needs a modified /boot and this would void the boot signing chain!
--> Magisk is NOT supported => It needs a modified /boot and this would void the boot signing chain!
--> I will NOT provide downgrading guides there are plenty of them so search and read.
--> I will NOT provide any guides in rooting your device
--> Before you think about downgrading to LL read about ANTI-ROLLBACK protection some devices and may have! Anti-Rollback means you CAN NOT downgrade - it would HARD-BRICK your device (wtf thinking the vendors who we are?? Is this even legal?!)! Check that before!!
b) you have to be able to disable SELinux in your booted Android
--> You do NOT need to set SELinux permanently to permissive. Just CHECK if you COULD get it MANUALLY. If you can get it OK. If not.. you obviously have not full root access but check the forums maybe there is something you can do about this.
--> I will NOT provide any guides enabling SELinux but some lines later you will see how u can execute the very simple check
--> to test this requirement just start the installer of FIsH with --check (see next lines) which will check for all requirements and abort if its not possible
Those above are hard facts so it may NEVER work with MM. Google has changed the way on how the boot chain will be verified and that means changes in /system will void it from now on.
If MM can get fully rooted somehow/somewhen on your device with SuperSU installed and you are able to disable SELinux the method will work there as well.
If you can not meet ALL of the above 2 requirements lay down and cry.
For the others: calm down and read on!
You can simply test those both requirements by downloading FIsH and execute the installer with the testing parameter:
./install.sh --check
Example output:
############# Checking for busybox
...downloading busybox
--2017-03-24 13:37:44-- https://busybox.net/downloads/binaries/1.26.2-defconfig-multiarch/busybox-armv6l
fishing/busybox 100%[========================>] 1,06M 542KB/s in 2,0s
2017-03-24 13:37:47 (542 KB/s) - »fishing/busybox« saved [1107664/1107664]
Waiting for your device... (you may have to switch to PTP mode on some devices!!)
Android Debug Bridge version 1.0.36
Revision 7.1.1_r13
############# checking Android version
-> Good. Matching exact the required Android SDK: 22
############# checking SuperSU version
-> Matching required SuperSU version: 279
############# temporary disable SELinux
-> command ended successfully (err=0)
SELinux mode: Permissive
... restoring SELinux mode to Enforcing
Tests finished! Check the above output!! Exiting here because in checking mode. Nothing installed.
Click to expand...
Click to collapse
The important lines are:
Matching required SuperSU version: XXX
"SELinux mode: Permissive"
If you see "SELinux mode: Enforcing" or any error messages you may doing something wrong or it just do not work for you.
Limitations!
Keep in mind what I said above: FIsH does NOT unlock your bootloader!
That means with FIsH itself you can NOT "install" anything. FIsH actually is the FRAMEWORK(!) for the FIsHFOOD (ramdisk) you want to load.
One good example is TWRP. This can be loaded even on devices do not having a recovery partition (I believe Sony is one of those).
Let's stay by the example of TWRP.
Keep in mind that when you use FIsH to provide TWRP you can NOT
Install a custom ROM like CM/Lineage (this will modify boot = SOFT-BRICK. for this u would need efidroid or multirom as FIsHFOOD)
Install a custom Kernel (this will modify boot = SOFT-BRICK)
Install a custom recovery (this will modify recovery =may SOFT-BRICK)
In short: do nothing which modifies boot or recovery partitions. Those changes will break your boot signing chain.
You can of course flash everything which is modifying /system /data only (e.g. xposed, Audio mods, etc...)
You're able to backup and restore as well of course and doing any other modifications which you may can't while the Android system is running.
Download
You will get the most current downloads at github but I uploaded all stable releases here at XDA as well to mirror them.
Latest stable (well tested and so hopefully fewest bugs): Download latest release at github (click)
Mirror / older stable versions: DOWNLOAD-TAB (click)
Next stable (lesser chances of issues but may still not released yet): github master branch
LIVE/FRESHEST code u can get (high chances of failures, bugs, unexpected behavior - but the latest and greatest features/bugfixes): github develop branch
FIsH helpers
If you want to reboot directly to an implemented version of FIsH from within Android check out this:
Thanks to @sdembiske who has onboarded the developer @AntaresOne we have an option to reboot into FIsH very comfortable now!
Check it out here: QuickReboot App
Support / IRC Channel
(DEVS/COMPILERS ONLY - NO ENDUSER SUPPORT!)
IRC means Internet Relay Chat and you will get best support here only.
This channel mentioned here is NOT an ENDUSER channel!!
It is for developers and compilers only!)
Endusers should use: #Carbon-user instead !
Choose how to get in:
PC (HexChat and Pidgin are only 2 of them! This list is not complete!)
Android (Yaaic, AndChat, HoloIRC, AndroIRC are only a few of them! This list is not complete!)
Web (KiwiIRC-Web,FreenodeWebchat])
When you have to choose a channel it is: #Carbon-Fusion (this is NOT an ENDUSER channel!! It is for developers and compilers only!)
Endusers should use: #Carbon-user instead !
When you be asked for a server network choose: freenode
Credits (without them - no FIsH!!!)
If you feel that someone / you is missing on this list lemme know!
Chainfire for SuperSU! This is the main part of FIsH.
TeamWin for TWRP
@cray_Doze, @dssmex, @Aaahh and @KeiranFTW for their hijack implementations (e.g. https://forum.xda-developers.com/showthread.php?t=2608408, first steps to a G4 hijack)
@dibbled for creating the android FIsH logo
steadfasterX for the android FIsH !
Famous last words
You may say: When this will work for up to LL only.. Why the hell are u releasing this now? We just see the upcoming Android O and you talk about LL? Well.. This whole thing is just a fun project. I want to learn and I want to give back something which helps others.
So at the end.. If u don't like.. its ok. If you don't need it.. ok. If you can't get any value out of it.. ok..
But maybe it helps others out there instead.
So if you're still not scared and want to continue.. what u r waiting for??
XDA:DevDB Information
android FIsH, Tool/Utility for all devices (see above for details)
Contributors
steadfasterX, BigCountry907, Rees86
Source Code: https://github.com/Carbon-Fusion/android_FIsH
Version Information
Status: Stable
Current Stable Version: v3.0
Stable Release Date: 2017-06-14
Created 2017-03-24
Last Updated 2017-09-11
FIsH bowels (What's inside)
This is for ppl understanding the basics. I will not explain it for dummies
Ok prepare urself for the naked magic
Actually FIsH is mostly similar to other RAM hijacks around with 3 major differences:
1. FIsH is based and depends on SuperSU.
YES - I make my life EASY. You actually need a rooted devices for the most kind of hijacks.
... and I assume the most ppl using SuperSU as their su binary.
... and SuperSU does not require to modify boot (at least until LL)
With this in mind and reading the SuperSU docs I had read that beginning from version 2.76 SuperSU
comes with a special kind of internal init.d support means: It executes custom scripts very early with full SELinux perms available.
Check out the docs here: https://su.chainfire.eu/#updates-sud
2. FIsH tries to be a generic framework with instructions to bring it on all devices.
The hack here is not device specific due to its nature of just executing a custom script by SuperSU.
I've made all scripts inside as easy portable as possible and given hopefully good descriptions and
porting instructions for EACH variable you may need to adjust.
3. it works for up to LL (when u can met the pre-reqs for MM or N, O or whatever comes then - it will work there as well!)
I found only methods for up to KK (e.g. 2nd init and others) but nothing for LL (sorry if I missed someone!) so I started FIsH.
So in sum FIsH is:
a set of scripts and tools which gets executed by SuperSU on early boot stage which hijacks the boot process to bring up your own ramdisk.
FIsH vs Flashfire
Flashfire is absolutely an AMAZING tool! You can backup, installing ZIPs etc all without an unlocked bootloader.
Due to it's nature it is not possible to do EVERYTHING with it (on a locked device), e.g. restoring your whole system partition.
TWRP-in-FIsH (FIsH plus TWRP as FIsHFOOD ramdisk) can provide this - even with a locked bootloader.
Besides this FIsH can do more like (hopefully) bringing you custom ROMs on locked bootloader devices.
FIsH vs Safestrap
Safestrap is supported up to KK and besides this it actually is some kind of MultiROM pendant (+ the hijack part).
FIsH supports any Android version up to LL (GB, ICS, KK, LL,..) as long as the 2 bloody requirements can be met.
Safestrap is a very customized version of TWRP and so limited to updates from there.
FIsH lets you boot any ordinary TWRP completely unmodified. This makes it easier to get new TWRP features on your device.
Besides this FIsH wants to be easy to port for everyone thats why it uses standard components only.
AFAIK it is not supported anymore anyways.
FIsH vs other RAM hijacks
The main reasons why FIsH exists are described already (LL support, easy portable and easy to use) so if you still feel that this is not different from the others... i dunno what to say
FIsHing (Hijacking) means:
FIsH kills all running services, scripts, binaries it can find.
Afterwards it will unmount everything and delete all files left behind from the initial ramdisk.
Now in that more or less clean state it will replace the initrd with the FIsHFOOD - means your own ramdisk like e.g. TWRP.
Some other stuff may happen also but at the end a binary will be started - normally a /init from your own ramdisk
So in sum it is a live replacemnt of the current ramdisk with your own.
Requirement <SuperSU>
It prepares the system to run the FIsH init script and also ensures that SELinux can be run in permissive mode.
Keep in mind that FIsH will enforce permissive mode on boot to do it's job so you do not have to do anything (normally) to let the FIsH boot.
Main components of FIsH:
./install.sh (file)
The installer is the first part you may need to adjust when you want to port FIsH.
This installer is for Linux users only. If you want to have Windows users executing FIsH point them to https://tinyurl.com/FWULatXDA !!
.. but you're free to port the installer to Windows (if u like: bring it back to me so I may include it..)
Your FIsHFOOD (your own ramdisk) has to be compatible to your running STOCK ROM. If you have LL 5.x running your ramdisk has to run / build for it.
important variables:
MINSDK: Adjust this SDK level to match your runnin STOCK ROM which has to be compatible with your FIsHFOOD
MINSU: The minimum SuperSU version required. Do not use anything lower than 279 (means 2.79) because this may not work!
BUSYBOXURI: This is a full URL to a busybox binary compatible with your device. You may have to adjust this but ensure u use a compatible version
because we highly depend on its syntax. The reason why FIsH does not come with busybox bundled is besides license stuff (I do not wanted to provide their
sources ) it may be required that you need another binary then me.
fishing/ (directory)
The real FIsH. Means all files which gets copied to the target device.
fishing/busybox (file - will be auto downloaded by the installer)
You should know what it is..
FIsH comes without busybox but the installer will download it automatically and place it here.
FIsH uses busybox to have all commands with the expected syntax in place and we highly depend on this in the hijack process!
fishing/fishfood.gz (file)
The FIsHFOOD is your own ramdisk - in gziped cpio (e.g. TWRP)
This ramdisk has to be compatible to your device's ROM. Means when you have a STOCK ROM 5.1 installed your ramdisk have to be compatible to LL 5.1.
You can ensure this within the installer (see FIsH Installer) where the Android version will be read and compared before FIsH installs actually.
fishing/fishfood.release (file)
The version and content of your FIsHFOOD
I recommend the following naming convention:
[yourFIsHFOOD]-in-FIsH-v[VERSIONNUMBER]_[DEVICE-MODEL]_[Android-Version]
e.g.
TWRP-in-FIsH-v1_LG-G4_LL
You can write in here whatever you like. The content will be send to the fish.log to identify which version the user has installed (helps debugging).
fishing/callmeFIsH (file)
a caller script which gets executed at very first.
The only task callmeFIsH has is to prepare the whole FIsH to get started out of /system and then starting FIsH from /res. After this it immediately exists to not keep open tasks on /system. callmeFIsH will be placed in /system/su.d/ to get autostarted by SuperSU.
fishing/FIsH (file)
The heart of the FIsH.. Get's called by callmeFIsH.
It will be executed by SuperSU on boot and will hijack the process and prepare and setup everything to let your FIsHFOOD coming up.
fishing/FIsH.me (file)
Functions and vars a user/dev normally wouldn't need to change. They are internal stuff only.
fishing/FIsH.porting (file)
As you're trying to port FIsH this file is your main part when it comes to customization for your device.
Here you should find everything required to be adapted and there are very high chances that you HAVE to adjust this to your device.
fishing/gofishing.sh (file)
The remote installer part. It will actually run as root and prepare your system for FIsH.
You normally will never need to touch this.
FIsH target directories
/system/fish/
All the bowels of FIsH like, FIsH, Busybox, fishfood.gz and fishfood.release go here
/system/su.d/
The FIsH caller (callmeFIsH) goes here
/cache/fish/
The most important directory for you: Here you will find all logfiles required for debugging!
.
Bring FIsH on the menu card (porting FIsH)
So you may now have a little bit understanding of what FIsH can do for you and what not.
When you feel FIsH could work for your device then why not just trying to port it?
This guide should help you for this task.
FIsH was made from scratch with portability in mind.
That means I tried to make it as simple as possible for you to port.
I really hope that task has been accomplished..
1. Met the pre-requirements
You have to understood that FIsH will work ONLY when the pre-requirements are met.
There is no way around or "if i met 1 of the 2 - will it work?" NO. You need BOTH!
If you will be asked by a user to port FIsH -> Ensure that the requirements can be met first before investing your time.
There is an easy test u can go for this: just execute the installer like this:
./install.sh --check
The installer will test and check if it get what it needs and then EXIT without(!) any installation.
2. Build your FIsHFOOD (your custom ramdisk)
I recommend to start with TWRP but choose whatever you like. For this guide i stay with TWRP.
Keep in mind that your FIsHFOOD has to be build with the same sources as your running STOCK ROM.
If you want to support multiple STOCK ROM versions you may have to build multiple FIsHFOOD versions.
Testing your FIsHFOOD is not that easy on locked devices so your only option is to go on once you feel your build is ready.
3. Cook the FIsHFOOD
When you build images or ramdisks you may end up with an image file needed some preparation first:
create a gziped cpio of your initial ramdisk u wanna load
example of twrp build by you:
after your build has finished you will find several img files in your out/ directory and you just need to copy the following file:
out/target/product/<YOURCODENAME>/ramdisk-recovery.img
and move it to:
fishing/fishfood.gz
example of an existing twrp image:
abootimg -x twrp.img (will extract the twrp image)
file initrd.img (should tell something like: gzip compressed data. if NOT: gzip it!)
mv initrd.img fishing/fishfood.gz (moves the extracted initial ramdisk)
Some Notes:
- this cpio has to be compressed with gzip (.gz file ending is importat!)
- the name of this file should be fishfood.gz (exactly this)!
- edit or add a file fishing/fishfood.release and type in what ur fishfood is (e.g. TWRP)
and the version of it course (a good example is: TWRP-in-FIsH-v1_LG-G4_LL)
Click to expand...
Click to collapse
4. Prepare the FIsH installer
Download FIsH and extract it.
open the file install.sh
Check the variables u may need to adjust: Check Post #2 above for some explanations and read the comments within
Note about the Android goFIsHing installer (fishing/gofishing.sh)
You normally do not need to touch this file. It may be required if you cannot install FIsH but that should hopefully not happen..
5. Cook the FIsH
open fishing/FIsH.porting
You will find 2 sections: GLOBAL and PORTING
Each section has hopefully meaningful comments to give you an idea what they do and how you should modify them.
Most vars also have example instructions to find the correct values for your device.
When you're trying to port FIsH you may have to try & error FIsH several times before and you may do not want to use your defined key combo to do so.
For this and also as a convenient option when you want to boot directly into FIsH from Android you can set a special flag to always boot FIsH.
Use it with care because it may let it bootloop while in your testing phase.
The file which activates FIsH without a key press is: /cache/recovery/boot
It can make sense to use this for an easier testing process (don't need any key presses to activate FIsH).
In sum the following command comes very handy while developing:
./install.sh && adb shell "su -c touch /cache/recovery/boot" && adb reboot
So the other way is using a key combo without the need to boot into Android.
For this you will find everything you need in the file fishing/FIsH.porting which you usually have to adjust to your specific device.
Providing user feedback for activating the FIsH:
FIsH gets NOT activated by default. That means if you would reboot your device it will just reboot.
To activate FIsH you need either to use a key combination (provided by you) or using the FIsH file flag.
The idea of the FIsH booting process is (see fishing/FIsH.porting)
a) WAIT_LED: show a LED color indicating FIsH has been STARTED (not ACTIVATED)
---> the user has to press the magic key combo NOW
b) VIBRATE: will vibrate to indicate that the time for pressing the magic key combo is over
c) FISH_LED: show a LED color indicating that FIsH has been ACTIVATED .... or NOT!
d) boot into either Android or your FIsHFOOD depending on what the user wants
If your device does not support different LEDs you can instead use the path to vibrate in the LEDs.
e.g. WAIT_LED="$VIBRATE". This will let the device vibrate instead of showing a LED color.
Whatever you end up with you have to check and adapt the enduser installation guide ofc as well..
6. Let the FIsH swim
Now it's time to test your FIsH port. But BEFORE:
You will take a high risk here at this early stage because it CAN bootloop/soft-brick your device if something goes totally wrong!
I hope I had done all to keep the risk for this low but no guarantees!!
So make a FULL backup of ALL your apps and do not forget to backup your internal storage with all your pictures etc.!!! (just a reminder: TWRP does NOT backup your internal storage!! Read the explanation here)
If the worse case happens you may need to totally bring your device back to pure STOCK so you have been warned!
7. Finally give the FIsH a name
If your FIsH swims... omg.. CONGRATS well done !!! The most hardest stuff is done now! Woot u r a REALLY good dev did u know that?! Your community will praise u!
Of course u r free to choose a name but I recommend to name your FIsH package like this:
[yourFIsHFOOD]-in-FIsH-v[VERSIONNUMBER]_[DEVICE-MODEL]_[Android-Version]
e.g.
TWRP-in-FIsH-v1_LG-G4_LL.tgz
Note: Did u see the different use of dashes and underscores? Keeping it that way is important.
This way we all get a clear understanding what it is, which TWRP-in-FIsH version, for which device and for which STOCK ROM version.
8. Release your FIsH to the wild ocean
Ok I will not tell you how you should release but it would be nice if you tell the users where this all comes from
Do not forget to report back to this thread if you have implemented a port so I can add it here for reference.
An example installation guide for your endusers can be found at Post #7: Go FIsHing
If you struggle somewhere you can find me in the IRC (see OP)
When you have to choose a channel it is: #Carbon-Fusion
When you will be asked for a server network choose: freenode
Trouble / Bootloop fix
if you encounter a bootloop (should never happen but who knows) you have 3 choices at least:
Option 1a: (TWRP-Bootloop) Within TWRP open Advanced -> File Manager -> Goto: /system/su.d and click "select" button -> Delete
Option 1b: (TWRP-Bootloop) From your PC: adb shell rm -rf /system/su.d/
Important: Catch the fish log (see next topic)
Option 2 (this works also for a bootloop without twrp): boot into download mode and use LGLaf to get a shell
then:
setenforce 0 <-- if that doesn't work you may have to do a FULL restore to stock
mount -oremount,rw /system
rm -rf /system/su.d/
reboot. You are out of the bootloop.
Important: Catch the fish log (see next topic)
Option 3: Last resort: Reflash STOCK. sorry.. there is always a risk..
Catch the FIsH logs
when in TWRP (or other ramdisk providing adb shell):
adb shell "cat /cache/fish/fish.log"
adb shell "cat /tmp/recovery.log"
OR - when in Android:
adb shell "su -c cat /cache/fish/fish.log"
adb shell "su -c cat /cache/fish/fish.log.old"
adb shell "su -c tar cvzf recoverylogs.tgz /cache/recovery"
adb pull recoverylogs.tgz
Upload the output to https://paste.omnirom.org and paste the link in the IRC channel
FIsH cuisine (examples)
Example implementations
LG G4 (any model):
TWRP-in-FIsH (https://forum.xda-developers.com/g4/development/locked-twrpinfish-locked-g4-devices-t3573048)
HTC Desire 626s:
FIsH-in-SDCARD - big thx to @BigCountry907 (https://forum.xda-developers.com/showpost.php?p=71630297&postcount=35)
HTC DESIRE 526 VERIZON:
FIsH-in-SDCARD - big thx again to @BigCountry907 (https://forum.xda-developers.com/desire-526/general/super-sd-htc-526-vzw-t3596497)
LG Flex 2 (h955):
TWRP-in-FIsH - big thx @ergo911 (https://forum.xda-developers.com/g-flex2/development/fish-flex-2-t3583093/post71690950)
If you have ported another device or know about one just post to this thread so I can list it here
.
FIsH hydra (multiboot in FIsH)
Bringing multiboot to your device is still not finished yet.
I just wanted to release FIsH now because I was able to proof the working concept based on TWRP and as FIsH is nothing device specific anything else should do so as well.
I have little hope that maybe other developers step in and trying to help me with this but well if not it doesn't matter.. just taking longer
The whole thing of multiboot is a WIP (work in progress) currently.
But now you can prepare yourself for a possible way on this by starting a port of TWRP-in-FIsH first to see if the FIsH concept works for your device. This is strongly recommended to start with whereever we will end up here. Then come back here and hopefully until then I have some news about that topic..
So in theory multibooting by FIsH should be possible. FIsH is just executing your ramdisk so..
The only thing we would need is a way to start any of the tools already available right?
Correct. But.. any of them have its own requirements and way of work. So I need to investigate the bowels of them first to adapt them to FIsH.
Let's think about my first choice: multiboot by efidroid.
While it is quite new for me and it's implementation of booting multiple ROMs is very nice and different from MultiROM. Kudos to MultiROM which provide multi boot of custom ROMs for years but I really like the approach of efidroid (even when I just starting to use it).
When you would be able to boot into efidroid with FIsH you could use as many (unpatched) ROMs as you like. Just 1 or 20 - depending on your disk space mainly. So what does that mean? With FIsH you can hijack the boot and jump in efidroid and now u r able to boot whatever custom ROM you like. That's the theory.
The practice is: efidroid is a bootloader and so completely different to TWRP for example. Using the same hack here will not work without modifications of efidroid and maybe FIsH. The key here is to use the efidroid binary plus the cmdline needed to get a custom ROM booted.
Don't get me wrong what NEVER will work is booting into efidroid like fastboot boot uefi_boot.img can provide. The first thing what I'm trying to achieve is to use the efidroid binary plus the needed cmdline to boot up a manually added custom ROM (thx to the efidroid dev @m1cha by the way.. I promise to bug u as often as possible ). When this works we have won. Well it will be far away from user friendly leaving it this way but it should be possible to write a GUI (e.g. based on AROMA) and then doing the actions efidroid offers in its boot menu. So.. at the end some kind of MultROM but without kexec patches would be possible then.
The other way around: multiboot by MultiROM.
A long player in the game of multiboot and often ported to many devices. The problem here is that it is more than just a ramdisk. It is splitted into a modified TWRP plus MultiROM itself which needs to be flashed from within TWRP. This flashing will inject modifications in your /boot image so it will not work this way on locked devices out of the box.
Before I want to dive into the deeps of a possibly MultiROM implentation for FIsH I want to end my testing for efidroid. So atm I cannot say if there will be a way or not because for this I need to find out what MultiROM really do in the boot image and adapt this change to FIsH. I strongly believe that this can be adapted but my time is limited and my priority lays on efidroid for the moment.
Tbh bringing up the modified TWRP version should be easy because it will work the same way as bringing the ordinary TWRP to FIsH but the other part in the boot image is what I'm not sure about what it does (haven't had the time to look into this yet).
If u feel like a developer and you are able to unbrick a soft-bricked device then feel free to investigate and try on your own and let me know
Update (2017-06-27):
I had the time to look into the possibilities of a multirom port to FIsH.
The bad news: its not easy as thought. Its near impossible yet not complete impossible.
I was a little bit confused by a new compile flag in multirom named MR_NO_KEXEC which allows you to use kernels not patched for kexec-hardboot.
Well but its not that easy..
- using kexec-hardboot needs a patched kernel
- and not using it (MR_NO_KEXEC flag set) will replace the whole boot partition(!) when a secondary ROM boots
So both options will break and can't be used.
The only way to go would be to modify the multirom sources (likely the trampoline part) to behave like efidroid does (heavy usage of loop devices instead of the current phys ones).
You can think of that this modification goes VERY deep, means a LOT of work and requires heavy C / C++ skills.
That's why I can't proceed here. I don't think that it is worth it tbh so I will investigate the other options and abandon the MultiROM approach.
The FIsH plate (sdcard booting)
Thanks to @BigCountry907 we could boot FIsH on every qualcomm device in a manner which has the potential to root any device, boot any ROM and more.
You remember? FIsH can be installed on a rooted device ONLY!
That's still true but with this you can boot e.g. TWRP-in-FIsH even on a not rooted MM / N /... by using the FIsH plate..
The whole process makes use of a qualcomm feature which let you do this.
- the whole process is incredible complicated to get it working!!!
- the whole process is very sensitive and you have to find the right combination of needed partitons to make it work
- the whole process is a complete try & error
- if I mean IF I get this working I could patch the bootloader partition on that sdcard partition without touching the REAL bootloader to test without bricking...
- I work together with @BigCountry907 to get it working but we live in complete diff timezones which makes it not easier
-
If you want to help you can find me in the IRC (see OP)
.
Chew the FIsH (Copying/License)
# This is Android FIsH: Fluffy Incredible steadfasterX Hijack
#
# Copyright (C) 2017 steadfasterX <[email protected]>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see http://www.gnu.org/licenses/
Click to expand...
Click to collapse
FIsH mutation history (Changelog)
android FIsH v3.0
Released: 2017-06-14
Full Changelog: https://github.com/Carbon-Fusion/an...oidFIsH_v2.0...Carbon-Fusion:androidFIsH_v3.0
Download: see the OP
Summary Changelog:
adding the possibility to exclude easily process names/pid's from being killed (coming with a default exclusion list already)
check it out: `fishing/FIsH.porting` --> `EXCLUDEPROCS / EXCLUDEPIDS`
several fixes regarding the ramdisk extraction
heavy speed improvements regarding kill & mount
adding a version string to FIsH to be able to identify which framework is running
added a better `ps` command than the one provided by `busybox ps`
android FIsH v2.0
Released: 2017-04-11
Full Changelog: https://github.com/Carbon-Fusion/an...oidFIsH_v1.0...Carbon-Fusion:androidFIsH_v2.0
Download: see the OP
Summary Changelog:
Improved general speed by factor 4
Many bug fixes
Many improvements for the installer like a new clean function (uninstall FIsH)
android FIsH v1.0
Released: 2017-03-24
Full Changelog: https://github.com/Carbon-Fusion/android_FIsH/commits/androidFIsH_v1.0
Download: see the OP
Summary Changelog:
first general public release
Go FIsHing (enduser installation guide example)
COPY & PASTE template for your own XDA thread (completely pre-formatted)
installguide_XDA_format.txt
.
Special FIsH Dinner (Notes)
TWRP
The first step to get a success with FIsH is to use TWRP as your FIsHFOOD.
Once started the first thing coming in your mind may be backup & restore but use it with care!
FIsH will brutally unmount /system in - afaik - all cases because there will be open files on it which can't be avoided.
In order to use TWRP successfully you should set at least this special flag:
# Always use rm -rf to wipe
TW_ALWAYS_RMRF := true
This is a workaround because it means wiping /system or /data will behave differently then you might expect normally. Without this flag TWRP will format the partition. With this flag set TWRP will use rm and delete all files on it without formatting the partition.
Very interesting. I actually have a locked (bootloader) device which I'm looking for a way to unlock. I feel likr I could get something (*cough*TWRP*cough*) working because of this. Keep it up :good:
veez21 said:
Very interesting. I actually have a locked (bootloader) device which I'm looking for a way to unlock. I feel likr I could get something (*cough*TWRP*cough*) working because of this. Keep it up :good:
Click to expand...
Click to collapse
Just remember the limitations and leave thanks to @steadfasterX
I am very happy to have stumbled on this today.
I cant wait to get a little deeper into it but i must say very nice job.
I have been working on a big project myself. For creating a clone of any device emmc.
Burn the GPT Partition Table to a External_SD Card and flash the images.
What I have found is that If you make the SD Card right the Qualcomm Devices will boot from the sd card.
To the extent that If i unlock a device that normally can not be unlocked using my XTC-2 clip then copy the images ect from the unlocked device burn to sd card and then boot into H-boot or Download mode the Unlocked Status for example Bootloader Unlock and S-off and Super Cid ect ect ect will be present on the locked device. Thus giving elevated permissions. My setback has been there is no normal way for me to write any partitions yet. Anything I flash through H-boot writes to the SD Card. And I have been unable to make TWRP boot this way.
My initial though is to set up my unlocked device with fish and get it all working. Then create the sdcard image that includes the installed fish scripts. It would be simple to modify the external sd to meet all the fish requirements. even if the device itself can not meet the requirements. My device currently meets the requirements but it isnt for me. Its for the community of people that dont have java cards. This could potentially lead to a way of overcoming both of our current limitations.
All i need is a way to boot TWRP from my elevated privileged sd card and I can utilize that to provide unlocking.
Awesome
BigCountry907 said:
I am very happy to have stumbled on this today.
I cant wait to get a little deeper into it but i must say very nice job.
I have been working on a big project myself. For creating a clone of any device emmc.
Burn the GPT Partition Table to a External_SD Card and flash the images.
What I have found is that If you make the SD Card right the Qualcomm Devices will boot from the sd card.
To the extent that If i unlock a device that normally can not be unlocked using my XTC-2 clip then copy the images ect from the unlocked device burn to sd card and then boot into H-boot or Download mode the Unlocked Status for example Bootloader Unlock and S-off and Super Cid ect ect ect will be present on the locked device. Thus giving elevated permissions. My setback has been there is no normal way for me to write any partitions yet. Anything I flash through H-boot writes to the SD Card. And I have been unable to make TWRP boot this way.
My initial though is to set up my unlocked device with fish and get it all working. Then create the sdcard image that includes the installed fish scripts. It would be simple to modify the external sd to meet all the fish requirements. even if the device itself can not meet the requirements. My device currently meets the requirements but it isnt for me. Its for the community of people that dont have java cards. This could potentially lead to a way of overcoming both of our current limitations.
All i need is a way to boot TWRP from my elevated privileged sd card and I can utilize that to provide unlocking.
Awesome
Click to expand...
Click to collapse
cool. your project sounds amazing as well keep us updated please .. !
btw I personally do not need FIsH .. lol.. i have all my devices unlocked but there were many users for my current device which cannot unlock (LG G4 -> only a few models can be unlocked) so I started FIsH..
so don't give up and if u need help.. go to IRC channel #Carbon-Fusion on freenode.. see us there
.
You may have just saved the Verizon sgs4 from total death. We have to see if selinux can be changed first.
ninjasinabag said:
You may have just saved the Verizon sgs4 from total death. We have to see if selinux can be changed first.
Click to expand...
Click to collapse
just use the installer..
./install.sh --check
will tell you..
.
steadfasterX said:
just use the installer..
./install.sh --check
will tell you..
.
Click to expand...
Click to collapse
Knox disables selinux permission changes by default. So I know the install.sh will return with a negative.
I posted the link to this thread on the VZW S4 forums in the hopes someone will pick up.
ninjasinabag said:
Knox disables selinux permission changes by default. So I know the install.sh will return with a negative.
I posted the link to this thread on the VZW S4 forums in the hopes someone will pick up.
Click to expand...
Click to collapse
So no root available there?
.
Sent from my LG-H815 using XDA Labs
@steadfasterX
In my mind it is threads like this and projects like this that make this place so great.
Same reason for my project. To unlock HTC devices. Verizon devices cannot be unlocked easily.
If you ever need any help with the bash script let me know.
I'm pretty good with it. Bells and whistles like menus and whatnot too.
I was glad to see your shell scripts.
I know the language and it makes this easy.
steadfasterX said:
So no root available there?
.
Sent from my LG-H815 using XDA Labs
Click to expand...
Click to collapse
Root, but barely. We've gotta use kingroot to open the door before replacing kinguser with SuperSU.
This is where the sd card trick works well.
See if we can boot TWRP off of it then we automatically have root access in adb.
Then its a matter of flashing the right partitions ( Device Specific ) to unlock permanently.
DevUt said:
Just remember the limitations and leave thanks to @steadfasterX
Click to expand...
Click to collapse
No , I reached my thanks limit. I do know the proper ways of man :good:
repacksuper
===========
Copyleft uluruman 2021-2022
(for LINUX/WSL only)
This is the minimalistic set of tools + a script for Linux for the automated
ground-up repacking and flashing of the Samsung Galaxy super.img, replacing
the stock Android system with something much less intrusive and obtrusive
(e.g. LineageOS). Or just some other GSI (Generic System Image).
Additional included scripts (since v1.1) simplify flashing of stock firmware or
separate image files under Linux using Heimdall.
Theoretically should work for any Samsung A-series phones, and may be even for
some others. Tested on SM-A127F/DSN made in India and Vietnam and SM-A325F/DS
made in India, on Debian Linux 11 x64. There are reports of successful flashing
of SM-A127M, SM-A032M and SM-A226B.
Why this method?
----------------
Repacking of super.img is the only method which allows changing of the phone's
operating system without screwing up the Verified Boot (VB) protection
mechanism. Keeping the VB allows you to be sure that everything besides the
platform was indeed compiled by Samsung and wasn't tampered with, no matter from
where you downloaded your stock firmware.
The other reason is that although there are alternative methods of changing the
OS, for phones with dynamic partitioning and no working version of TWRP
available they may be even more complicated than repacking of super.img
externally by this script.
Requirements
------------
Install the following tools from the official repositories of your Linux distro:
simg2img xz-utils lz4 unzip gzip jq file
Basic instructions
------------------
repacksuper.sh: main script for changing your phone's operating system
heimdall_flash_stock.sh: script for flashing stock firmware under Linux
heimdall_flash.sh: script for flashing any custom image file under Linux
Just run a script without any arguments to see help.
Extra tools used (x64 binaries and sources included)
----------------------------------------------------
GitHub - LonelyFool/lpunpack_and_lpmake: android super.img tools
android super.img tools. Contribute to LonelyFool/lpunpack_and_lpmake development by creating an account on GitHub.
github.com
GitHub - amo13/Heimdall: Heimdall is a cross-platform open-source tool suite used to flash firmware (aka ROMs) onto Samsung Galaxy devices. This is a fork of the original repository with a few crucial pull requests merged.
Heimdall is a cross-platform open-source tool suite used to flash firmware (aka ROMs) onto Samsung Galaxy devices. This is a fork of the original repository with a few crucial pull requests merged....
github.com
Additional notes
----------------
The included binaries for the lpunpack, lpmake and Heimdall were compiled for
the x86_64 architecture. If your PC architecture is different (e.g. x86 32-bit
or ARM) you have to compile these tools yourself. The full source code is
included (or otherwise available on GitHub).
Spoiler: Changelog
0.9: Initial release
0.91: Non-sparse new system is now correctly moved into the super dir
0.91a: Bug in the new system file format checking fixed
0.91b: Better support for spaces in paths
0.92: Added checking for system requirements and an optional parameter for
setting of the final tar archive name.
0.92a: Fixed file ownership issues inside the tar distribution archive
0.93: Added support for SM-A325F. Several minor improvements.
0.94: Added support for gzip-packed GSI images. Packing into .tar is now done
without question if the command line parameter is given. Tar parameter
now can include the full path. Without the full path the default tar
location is now the same as the GSI. Several other minor changes.
1.0: Finally added working native Linux flashing using Heimdall (HUGE thanks
to amo13 and Benjamin Dobell). Two new options: using empty product.img
and silent (non-interactive) mode. Colored text. Bugfixes and minor
changes.
1.01: Option to specify the SUPER partition name manually (needed for flashing
SM-A127F with Heimdall). Now it is possible to place output .img and .tar
files in any directory and give them any name. Text terminology a bit
clarified, help text expanded. Done many internal optimizations,
additional sanity checks and minor changes.
1.02: Support for SM-A032F/M and similar firmwares with non-packed super.img.
Support for firmwares with/without additional partitions. Support for
arbitrary partition group names. Very experimental option to use empty
system_ext.img for additional privacy (applicable to some phone models/
regions). Lots of minor fixes.
1.03: Multiple .img files are now supported in GSI archive files (one of them
should be system.img in that case), e.g. Android AOSP zip files are now
supported directly. The logic of flashing with Heimdall now includes more
complex cases, such as flashing in two steps with a reboot. Unnecessary
code in GZ unpacking removed. Some other small fixes and optimizations.
1.1: New scripts heimdall_flash_stock.sh and heimdall_flash.sh added.
Lots of refactoring in repacksuper.sh (because of that there may be some
bugs left), improved and clarified UI logic, changes in where the files are
now placed (see help for details), direct work with stock Zip firmware
files, lots of minor changes.
1.11: Colored text now should be correctly displayed in almost any shell that
supports it except if it's explicitly disabled with NO_COLOR.
1.11.1: heimdall_flash.sh now can flash Super partitions unconditionally in one
step when using both the -s parameter and manually specifying parition
name (e.g. SUPER for SM-A127F).
1.12: The heimdall_flash_stock.sh script was significantly upgraded with lots of
new features. Now it theoretically allows upgrading of stock firmware
without erasing user data, keeping the GSI and custom recovery, etc.
(although it's not that straightforward, read the help for details).
A couple of fixes in the other scripts.
1.12.1: changed unlz4 to lz4 -d, as some distros don't have the needed symlink
1.13: In repacksuper.sh support added for the Vendor DLKM and ODM DLKM
partitions, as well as the experimental -v option to add or replace Vendor
DLKM with a custom image. A couple of minor fixes.
1.14: Greatly improved logic of heimdall_flash.sh, now it's possible to specify
both or either custom partition name and custom file name, and acquiring
PIT from device is done only when it's needed. Versioning scheme of the
scripts was unified: the script that was updated receives the updated
version number of the whole pack, the rest retain the old numbers.
1.15: up_param_tool.sh script was added: it allows altering of the boot
sequence images (logo, "not official" warning, etc.), as well as the
Recovery and Download internal graphics. Happy hacking, but please pay
attention to the warning displayed after extracting the JPEG files.
A couple of minor fixes in the other scripts.
1.15.1: Bug with failing LZ4 uncompression fixed in repacksuper.sh and
heimdall_flash_stock.sh.
1.15.2: Added the Ctrl+C trap in heimdall_flash_stock.sh, so now the temporarily
renamed files are correctly renamed back in case of flashing being
aborted with Ctrl+C. Upgraded Heimdall with the git pull requests, but
it seems those still do not cure the relatively rare issue when flashing
specific files gets completely stuck at some point.
1.15.3: The "file" tool used to identify PIT files was replaced with direct
reading of the file header as the first method proved to be unreliable.
1.15.4: Fixed a bug in heimdall_flash.sh (missing g flag in sed)
1.15.5: Fixed the compatibility issue with the older LZ4 compressors
1.15.6: Fixed compatibility issues with systems where /bin/sh is Bash, such as
ArchLinux
1.15.7: repacksuper.sh: fixed using the existing "repacksuper" dir as source,
also in this mode you can now specify "-" as new system image to reuse
everything inside the "super" subdir. New experimental -w parameter.
All scripts: the Ctrl+C trap now switched on and off the correct way.
Several other fixes.
1.15.8: Fixed using the heimdall_flash_stock dirs as source for repacksuper.sh.
A couple of other fixes.
1.15.9: heimdall_flash_stock.sh: fixed skipping of duplicate partitions (e.g.
vbmeta) for some shells; fixed upgrade-flashing of Galaxy A32 (default
behavior).
Spoiler: Known issues
During the script run you can see several "Invalid sparse file format at header
magic" warnings, just ignore them.
For some firmware files Heimdall may not work at all (freeze indefinitely or
exit with an error), in that case you have to resort to Odin. In many cases
Heimdall freezes when uploading files for some time, but that does not mean it
is completely frozen, just be patient.
In LineageOS, Dot OS and some other GSIs I tried on SM-127F the touch screen
remains not responsive for about 6 seconds after waking up. The problem is not
present at least with SM-127F/DSN phones made in India, but present at least in
those made in Vietnam. Another problem in the most, if not all, GSIs is that the
MTP USB file transfer does not work (at least on Linux) because of the "wrong"
(Samsung's instead of Google's) default MPT driver used by the kernel.
Both of the aforementioned problems can be solved by installing the fixed and
recompiled kernel.
For the last problem alternative solutions include using apps such as
Warpinator, Syncthing or ftpd.
Spoiler: Food for thought
When choosing a GSI to install I really don't recommend using ones which include
GApps and therefore use any of the Google services. Don't let corporations
gather your data. You bought the phone and from now on it should be all yours,
with all of its data, like a PC in the good old days. You own your device, and
nobody has the right to stick their nose into how you use your phone, gather any
statistics and push you any ads. You always have a choice to turn down
privacy-unfriendly stuff, the price of that "inconvenience" is actually
ridiculous. From my point of view, there is simply no point in using non-stock
systems if they are still littered with the privacy-unfriendly bloatware.
For the step-by-step guide (slightly outdated) read this and this post. Also be sure to read this post concerning the importance of optics.img. Concerning the up_param_tool.sh be sure to read this post.
The included binaries for the lpunpack, lpmake and Heimdall were compiled for the x86_64 architecture. If your PC architecture is different (e.g. x86 32-bit or ARM) you have to compile these tools yourself. The full source code is included (or otherwise available on GitHub).
Latest stable combinations of stock firmware and LineageOS (updated February 5, 2023):
SM-A127F: A127FXXU7BVI4 + LineageOS 20.0-td 20230115 arm64 bvS
SM-A325F: A325FXXU2CVK3+ LineageOS 20.0-td 20230115 arm64 bvS
Some recommendations (updated February 5, 2023):
If you are a newbie and don't know how to do unlock the bootloader and other such stuff, here is a good guide by LAST_krypton (follow the "Unlocking the booloader" section) or a shorter guide by cldkrs.
First flash the phone with the whole set of stock firmware using the heimdall_flash_stock.sh (Linux only) script with the -d parameter: the latter forces flashing the unsafe partitions, which are needed for complete re-flashing.
If you're on Windows use Odin instead. Although there is a "leaked" Linux version of Odin, it's still closed-source (of course), so I don't recommend using it on your main Linux PC. For using the Windows version of Odin on Linux you have to either use Windows in QEMU (tested and works) or probably Wine (untested). When using QEMU remember to add the SUBSYSTEM=="usb", ATTRS{idVendor}=="04e8", ATTRS{idProduct}=="685d", MODE:="0666" line to the udev rules (e.g. /etc/udev/rules.d/30-qemu.rules) to enable the write access to the phone.
Sometimes Heimdall cannot flash the stock firmware and gets stuck at some particular file. Although you can successfully flash such a firmware using Odin, I recommend to better to find another firmware, may be one release older, because that may indicate some sort of incompatibility with your particular version of the phone.
The stock firmware comes in different revision numbers (also known as the baseband version), which are upgraded about once a year. Generally it should be beneficial to use the latest revision, but note that once you have upgraded it to a later revision there is no way back (at least known to me). In case you want to experiment with flashing of special kernels and other flavors provided by the XDA developers, if possible, you should probably stick to the very first revision.
If you already have the bootloader unlocked (OEM unlock) then after flashing the stock firmware there is no need to set up the Android, just go straight into the download mode again and flash the repacked super.img.
When downloading LineageOS or any other GSI select the normal arm64 bvS version, not vndklite version.
After flashing the OS go into the Recovery mode (hold volume up and power when rebooting) straight away and do the Factory reset. If you cannot get into the Recovery mode be sure to connect the USB cable before trying to.
If flashing with Heimdall completely freezes at some point make sure you've downloaded and repacked the correct arm64 b or a/b GSI and not arm and not a or a-only variant. If "sw rev check fail" message appears on the screen at some point just ignore it.
You can forcefully reboot your phone at any time, even if it seems bricked, by holding the volume down and power buttons for several seconds.
To upgrade your system to the recent version of the same OS just repackage it again using the same script and flash it normally. If the phone does not boot, get into the Recovery mode and try wiping the Cache partition (all your apps and settings should remain intact).
Most probably you don't need TWRP or any other 3rd party recovery tool at all, as the stock recovery tool works fine for just the factory reset after flashing the super file.
Try to avoid using Magisk if you just want to install another OS and nothing else. It is also not needed for LineageOS bvS version as it already has the su utility integrated, you just need to install the additional Superuser app by Pierre-Hugues HUSSON from the F-Droid store (although it's very old it works just fine).
It's possible that SM-127F/DSN internally is not A12 but actually M12, at least most of the tools and kernels made for M12 work on SM-127F/DSN while those made specifically for SM-125 and even other SM-127 versions do not. Therefore you can find more relevant info and tools in the corresponding XDA thread (my script is still remains relevant though).
I should test this for a127f
Bugs fixed: v0.91 & v0.91a
Bug fixed: v0.91b
Added the "file" utility to the list of requirements, updated readme.txt.
Thanks A LOT, this works! I am finally able to run LineageOS on my phone!
For Windows 10+ users: WSL runs this script just fine with a few additional steps.
1. Install WSL 2 and any Linux distribution from Microsoft Store
2. Run the distribution to finish setup
3. Install the required packages from the post (sudo apt install for Ubuntu/Debian)
4. Shift + Right Click in the folder where you have the script, the AP and the GSI packages
5. Open Linux shell there
6. Unpack & run script as stated in its help
Voila!
Wow ! Great job! I want to try it, but i'm getting many "Invalid sparse file format at header magic" while running the script, is it OK to flah the super.tar anyway?
jadfa said:
Wow ! Great job! I want to try it, but i'm getting many "Invalid sparse file format at header magic" while running the script, is it OK to flah the super.tar anyway?
Click to expand...
Click to collapse
It is totally OK
jadfa said:
Wow ! Great job! I want to try it, but i'm getting many "Invalid sparse file format at header magic" while running the script, is it OK to flah the super.tar anyway?
Click to expand...
Click to collapse
Yes, it is fine. These are just warnings produced by lpmake, they can not be suppressed. I could only suppress all the stdout/stderr from lpmake but it's no good in case of more serious warnings.
Updated to v0.92 with a couple of minor improvements.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
What should I do next with the raw file?
"Unknown super file format" is this how it should be?
ANDARXapi said:
View attachment 5490897What should I do next with the raw file?
"Unknown super file format" is this how it should be?
Click to expand...
Click to collapse
Of course not. The format of each file is checked using the "file" utility, it should return the string "Android super image". Try to run file /home/toor/APfilles/super.stock.raw . What is the response? And try doing it all without sudo. There is no need in root privileges.
uluruman said:
Of course not. The format of each file is checked using the "file" utility, it should return the string "Android super image". Try to run file /home/toor/APfilles/super.stock.raw . What is the response? And try doing it all without sudo. There is no need in root privileges.
Click to expand...
Click to collapse
The raw file opens as a picture
uluruman said:
Of course not. The format of each file is checked using the "file" utility, it should return the string "Android super image". Try to run file /home/toor/APfilles/super.stock.raw . What is the response? And try doing it all without sudo. There is no need in root privileges.
Click to expand...
Click to collapse
run without sudo: 168: ./lpunpack_and_lpmake/lpunpack: Permission denied Cannot correctly unpack the super file. Exiting ...
I managed to fix the script, you just need to give chmod +x rights to the files in the folder "lpunpack_and_lpmake": lpunpack, lpmake, lpflash, lpdump, lpadd
ANDARXapi said:
I managed to fix the script, you just need to give chmod +x rights to the files in the folder "lpunpack_and_lpmake": lpunpack, lpmake, lpflash, lpdump, lpadd
Click to expand...
Click to collapse
Hmmm. I have updated it, may be it'll help. Could you please test the latest version (v0.92a)? I want to work it out of the box for everyone, without sudo or any tweaks.
uluruman said:
Hmmm. I have updated it, may be it'll help. Could you please test the latest version (v0.92a)? I want to work it out of the box for everyone, without sudo or any tweaks.
Click to expand...
Click to collapse
Okay, I'll test it tomorrow, today I want to relax at the computer all day
uluruman said:
Hmmm. I have updated it, may be it'll help. Could you please test the latest version (v0.92a)? I want to work it out of the box for everyone, without sudo or any tweaks.
Click to expand...
Click to collapse
Checked, it works right away
Is there a way to install magisk and root?