Database Info

permroot for S-off MyTouch 4G Slide

How i got perm root on my MT4GS (does not give S-off just permroot of an S-off device)
YOU NEED TO HAVE A S-OFF device!
1)Start off with a fresh install of the TMO 1.28 ROM
2)Used temp root from MT4GSROOT.zip Thanks TeamWin for the temproot method Here is thread for orgnial files)
open MT4GSROOT\ADB (on pc)
Make sure that you have USB debugging turned on (on phone) and drivers installed to PC
Run Fre3voMT4gS.bat (from MT4GSROOT\ADB)
3)check in ternimal ((on phone) need to install from market)) and see if you have root (I got permission denied)
4)ran superonclick with Gingerbreak exploit (thanks CLShortFuse for making this tool) (on pc) - S1C thread
open MT4GSROOT and click on Superoneclick.exe
change exploit to Gingerbreak
hit root
Installed busybox when asked by S1C
Run Su test and looked on phone and Superuser asked for permission
5)Tried opening a app that uses root (root explorer) and SU FC on me
6)go to market and make sure you had latest version Installed (i had an update I needed)
7)Update binary when opening SU for the first time
Allow the SU app SU priviliages (funny I know)
8)Open a root app (root explorer again) and SU asked for permission
Test for permroot
turned off fastboot
deleted a system/app file (in this case htcfmwidget and htcfmwidge.obex) -using the r/w option in root explorer
Rebooted phone and reopened root explorer and looked for removed files and they were not there
None of the tools that I included were made by me they were made by the people I thanked. I just wrote the script for the tools to work. go to their threads and thank them.
Disclaimer I am not responsible for breaking your phone, melting it, or anything that may happen when doing this. Remember this is your choice
I have been able to use Root explorer, Titanium backup, terminal emulator and was able to remove APKs from the system folder that I do not want.

This is awesome!
So how did you get s-off? Did it ship that way?

raycaster3 said:
So how did you get s-off? Did it ship that way?
Click to expand...
Click to collapse
Mine was shipped s-off ordered online
Sent from my HTC Sensation Z710e using XDA App

crackeyes said:
Mine was shipped s-off ordered online
Click to expand...
Click to collapse
That's awesome that we've acheived perm root already.
If you don't mind me asking, did you do the preorder process from t-mobile?
I am extremely interested in this, but I hate preorders

crackeyes said:
Mine was shipped s-off ordered online
Sent from my HTC Sensation Z710e using XDA App
Click to expand...
Click to collapse
Killer. Mine is being shipped the 27th. I can't wait to give this a try. Now all we need is miui for this phone and we're all set! Haha
Sent from my demonSPEED Glacier

raycaster3 said:
Killer. Mine is being shipped the 27th. I can't wait to gibe this a try. Now all we need is miui for this phone and we're all set! Haha
Sent from my demonSPEED Glacier
Click to expand...
Click to collapse
Oh no, I just realized he is probably talking about the DoubleShot.
For some reason I have a feeling that the delay for T-Mobile USA customers is due to HTC installing a S-On bootloader

poormanq45 said:
That's awesome that we've acheived perm root already.
If you don't mind me asking, did you do the preorder process from t-mobile?
I am extremely interested in this, but I hate preorders
Click to expand...
Click to collapse
I didn't preorder I acquired at a meet and greet where they gave me place to get it
Sent from my HTC Sensation Z710e using XDA App

Please don't ask for ETA's people would start coming in MT4GS section soon It come's with stock 2.3.4 so all we need is a custom ROM & were fine . I will be creating a TouchWiz 4.0 ROM w/Sense w/ MIUI icon's .
raycaster3 said:
Killer. Mine is being shipped the 27th. I can't wait to give this a try. Now all we need is miui for this phone and we're all set! Haha
Sent from my demonSPEED Glacier
Click to expand...
Click to collapse

No S-OFF on retail devices folks.
P

I cant get to get my computer to find it, is asking for the driver.... I try but I need the drivers it only appears as android phone on the management.
Update the driver comes on the original SD card, i swapped it which I didn't realized till now
Update 2: After finding the driver I still cant get root access.... anyone done it already?

waiting89 said:
I cant get to get my computer to find it, is asking for the driver.... I try but I need the drivers it only appears as android phone on the management.
Click to expand...
Click to collapse
Install htc sync but make sure it is not running
Sent from my HTC Sensation Z710e using XDA App

I got it working and follow the step of rooting, but I still dont get any root access...

is it possible to extract the s-off boot-loader from a device with s-off already? My understanding of these procedures is rudimentary at best, but if my understanding is correct, the boot-loader is a specific partition on the device, if someone with an s-off device could copy that image to their computer or just a folder on their sd-card, it should be possible then to share that with others who could then write that image to their boot-loader partion using fastboot. or can you not use fastboot until s-off is achieved? i hate that i always forget these things once i have my device running the way i want it to.

shizenyasuya said:
is it possible to extract the s-off boot-loader from a device with s-off already? My understanding of these procedures is rudimentary at best, but if my understanding is correct, the boot-loader is a specific partition on the device, if someone with an s-off device could copy that image to their computer or just a folder on their sd-card, it should be possible then to share that with others who could then write that image to their boot-loader partion using fastboot. or can you not use fastboot until s-off is achieved? i hate that i always forget these things once i have my device running the way i want it to.
Click to expand...
Click to collapse
The Stupid Noob wants to know...
What the heck is "S-off"??

shizenyasuya said:
is it possible to extract the s-off boot-loader from a device with s-off already? My understanding of these procedures is rudimentary at best, but if my understanding is correct, the boot-loader is a specific partition on the device, if someone with an s-off device could copy that image to their computer or just a folder on their sd-card, it should be possible then to share that with others who could then write that image to their boot-loader partion using fastboot. or can you not use fastboot until s-off is achieved? i hate that i always forget these things once i have my device running the way i want it to.
Click to expand...
Click to collapse
In order to flash the s-off bootloader you would have to have a eng bootloader. to put that on you would need s-off dont you love loop 22
As for s-off it means you can flash what ever you want to your device and it will not check to see if HTC signed it and approved it for you

thanks for that works great!!!!!!!!! also mine is from a retail store same day it came out

is it possible to build a PG59IMG file and pack the S-Off hboot into there?? possibly use HexEdit to make sure the version numbers match so that the phone will think it's just a factory reset/update file??

DJAeroX26 said:
is it possible to build a PG59IMG file and pack the S-Off hboot into there?? possibly use HexEdit to make sure the version numbers match so that the phone will think it's just a factory reset/update file??
Click to expand...
Click to collapse
I think just by making that one hexedit you instantly invalidate the sign on the the zip. Mainly because hashing the new file would give you a different result.
This mechanism actually prevents OTA updates from flashing if the file was changed due to (for example) corruption.
Not entirely sure but I think it's how it works.
That being said I was wondering what would happen if someone with an S-OFF hboot were to dump it and someone with S-ON would simply DD the right partition after achieving temp root.
On any normal computer that process would work. Wondering what secret HTC things happen under the hood though.

Akujin said:
I think just by making that one hexedit you instantly invalidate the sign on the the zip. Mainly because hashing the new file would give you a different result.
This mechanism actually prevents OTA updates from flashing if the file was changed due to (for example) corruption.
Not entirely sure but I think it's how it works.
That being said I was wondering what would happen if someone with an S-OFF hboot were to dump it and someone with S-ON would simply DD the right partition after achieving temp root.
On any normal computer that process would work. Wondering what secret HTC things happen under the hood though.
Click to expand...
Click to collapse
There's only one way to find out.
Sent from a Western Union telegram.

Akujin said:
I think just by making that one hexedit you instantly invalidate the sign on the the zip. Mainly because hashing the new file would give you a different result.
This mechanism actually prevents OTA updates from flashing if the file was changed due to (for example) corruption.
Not entirely sure but I think it's how it works.
That being said I was wondering what would happen if someone with an S-OFF hboot were to dump it and someone with S-ON would simply DD the right partition after achieving temp root.
On any normal computer that process would work. Wondering what secret HTC things happen under the hood though.
Click to expand...
Click to collapse
Oh ok. Thanks for clarifying that. I thought it would work because last time I did a warranty exchange, I had to return to stock but I had an ENG hboot and I was scared of bricking by using a factory image, so I took the factory image zip, unpacked it, "injected" the original hboot (which I hex edited to match the version number so that it'll take it as an update) and rezipped it and named it PC10IMG.zip. and yea I have a G2 but I want this phone :]
Sent from my T-Mobile G2 using XDA App

[Q] Returning a Desire S to S-ON

Hi all
I would like to know if it is possible to return a Desire S to S-ON if it were made it S-OFF, rooted and then upgraded from a network-specific ROM to a higher generic HTC ROM.
I've seen various threads about this, but can't find any specific steps for a relative newbie.
The revolutionary.io method would be used to go S-OFF.
Any input very much appreciated.

schnidex said:
Hi all
I would like to know if it is possible to return a Desire S to S-ON if it were made it S-OFF, rooted and then upgraded from a network-specific ROM to a higher generic HTC ROM.
I've seen various threads about this, but can't find any specific steps for a relative newbie.
The revolutionary.io method would be used to go S-OFF.
Any input very much appreciated.
Click to expand...
Click to collapse
Go to shippedroms and download the RUU for your phone. Although why you'd want to return to stock is beyond me?

You're saying that just running a branded RUU will return it to S-ON? Are you sure about that?
It's because I'd need the phone sent back under warranty, which S-OFF invalidates.

schnidex said:
You're saying that just running a branded RUU will return it to S-ON? Are you sure about that?
It's because I'd need the phone sent back under warranty, which S-OFF invalidates.
Click to expand...
Click to collapse
+1 sending my phne back on Monday. I read the guide, but I still don't get it. It's too confusing. What's adb shell etc?

olyloh6696 said:
+1 sending my phne back on Monday. I read the guide, but I still don't get it. It's too confusing. What's adb shell etc?
Click to expand...
Click to collapse
ADB is Android Debug Bridge. It's installed on your PC and enables you to control the phone over USB (if you have USB debugging on) and HTC drivers installed on PC.
adb shell - is simply when you run a shell through a command prompt on a PC so that you're able to directly type commands into the phone from the PC.
You should be able to see the adb drivers as a link within my signature, download and install these as a quick workaround which should enable you to run adb shell or you could follow the full correct method of installing the full Android SDK and JDK see below:
kartkk said:
do a nandroid backup & also set up your adb beforehand
setting up adb saved me from possibly bricking my device a few times
try this guide
Click to expand...
Click to collapse

ben_pyett said:
ADB is Android Debug Bridge. It's installed on your PC and enables you to control the phone over USB (if you have USB debugging on) and HTC drivers installed on PC.
adb shell - is simply when you run a shell through a command prompt on a PC so that you're able to directly type commands into the phone from the PC.
You should be able to see the adb drivers as a link within my signature, download and install these as a quick workaround which should enable you to run adb shell or you could follow the full correct method of installing the full Android SDK and JDK see below:
Click to expand...
Click to collapse
Thanks Ben! Makes sense! But to s-on again, can I just flash the h-boot., but then how do I use RUU to get back to stock? Will u need to wipe data first etc?
Sent from my HTC Desire S using XDA Premium App

olyloh6696 said:
Thanks Ben! Makes sense! But to s-on again, can I just flash the h-boot., but then how do I use RUU to get back to stock? Will u need to wipe data first etc?
Click to expand...
Click to collapse
I'm afraid that I don't know about S-ON after S-OFF with AlphaRevx as I used XTC clip to get S-OFF myself, which is one way process.
So as I've never gone through the process myself I can't really confirm its success or failure.
But, I assume that you're following this GUIDE which involves running an RUU as the final step.
I wouldn't bother wiping data first as I imagine that the RUU process will do that as part of its operation. If not and it works you can always run a factory reset afterwards.

ben_pyett said:
I'm afraid that I don't know about S-ON after S-OFF with AlphaRevx as I used XTC clip to get S-OFF myself, which is one way process.
So as I've never gone through the process myself I can't really confirm its success or failure.
But, I assume that you're following this GUIDE which involves running an RUU as the final step.
I wouldn't bother wiping data first as I imagine that the RUU process will do that as part of its operation. If not and it works you can always run a factory reset afterwards.
Click to expand...
Click to collapse
cheers ben. will this also remove cutom recoveries from the phone (cwm) ?
so it would be truly stock then?

olyloh6696 said:
cheers ben. will this also remove cutom recoveries from the phone (cwm) ?
so it would be truly stock then?
Click to expand...
Click to collapse
If the ruu runs successfully to competition I believe that it will return the device do that it's identical to stock
Swyped from HTC Desire S using XDA Premium

After many, many hours of trying to figure out what the hell half the terminology about Android actually means and wondering whether or not I would brick my phone..
..I'm now back to S-ON. It's been a pretty horrible experience all in all. Yes, it's easy when you know how but knowing how has been through trial and fortunately not much error.
From being on 6.98.1002, I used the Jorgen method in Ben's link above to get to 0.98.0000. I should note that when my phone was first supplied, I was on 0.98.0002 and very worried that the earlier software wouldn't work - but I tried it anyway, and it did. However, I was still S-OFF.
I then re-installed my stock network ROM using the RUU. This kept me on 0.98.0000 but put the phone to S-ON. I flashed the branded ROM that the phone was shipped with thinking that this would take me to 0.98.0002 but to my surprise it didn't. Otherwise though, the phone is now stock condition again.
So I then tried to update OTA to the problematic software which caused me all this grief in the first place - and it appears my network have withdrawn it. And rightly so, pending a fix.

schnidex said:
Ben, I've seen elsewhere you've said:
"If you load the latest RUU you may end up updating the HBOOT so that it can't be downgraded."
..in which case, Houston, we may have a problem. The latest HTC non-branded ROM (1.47...) gives you HBOOT 6.98.1002.
Click to expand...
Click to collapse
You're right, I'm afriad that this is an area where I'm no expert, But HBOOT = 6.98.1002. = Alpharevx = so you've not upgraded it simply failed to downgrade (which is slightly better- I think )
I notice that there are a couple of guides, allow I've obviously not tried either of them both are in the [GUIDE] A Complete Tutorial for the Beginners and Others sticky
The second guide looks quite complex and not for beginners...
Although I've just spotted a note within the second guide which says says
Note 2: RUU 1.46 or greater can not be downgraded as yet, since gingerbreak does not work on these RUUs.
So Opps....a full nights sleep may shed some more light on this.....and hopefully so sound advice from someone who has already performed this task.
Good luck. (I'll back online in the morning) - but, only really able to answer easier questions and not unfortunately not provide you with a solution.....but I'll do what I can!

Alternate way to restore your phone to S-ON and stock
If your attempts are unsuccessful, there's another potential way to go S-ON.
http://forum.xda-developers.com/showpost.php?p=17481836&postcount=2
Maarten

[S-Off] Facepalm S-Off for HTC Devices One S, One XL, Droid DNA

http://www.youtube.com/watch?v=zNswkPGYtLc
note: updated 2/20 @ 9:20 EST, better ICS compatibility.
Welcome to Facepalm S-Off for the HTC One S (S4 only).
Credits and terms:
Exploit by beaups. Full guide, testing, and concept by jcase and beaups. Thanks to dsb9938 and dr_drache for support and testing. Thanks also to all of the regulars at teamandirc.
Both beaups and jcase will collect the applicable active bounties. Further donations are greatly appreciated and can be sent to:
beaups - [email protected] - http://forum.xda-developers.com/donatetome.php?u=711482
jcase - [email protected] - http://forum.xda-developers.com/donatetome.php?u=2376614
dsb9938 - [email protected] - http://forum.xda-developers.com/donatetome.php?u=2963256
dr_drache - [email protected] - https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=6LRSY8MT8P3A6
You can also come by irc for support or just to say thanks: #FacePalm http://chat.andirc.net:8080/?channels=facepalm
While this process shouldn’t be too risky, bricks can happen. None of us will be accountable. If you are worried, don’t do it.
This is a pretty simple method, however, you will need to have a working adb and fastboot environment. This method will work on any operating system that supports adb and fastboot. You should understand how to use a terminal window in your O/S. If you don’t understand adb and fastboot, you probably don’t need S-off.
Lastly, the work herein should not be stolen, repackaged, one clicked, bat’d, etc. soffbin3 is not GPL and may not be reused, integrated into other work, reposted, or redistributed without our permission.
For this to work, you must be rooted and have superCID (unlock/custom recovery is optional), see the threads below for help and information regarding obtaining superCID, unlock, root, etc. Note these threads are provided for convenience only. Please look for support for them in each respective thread if you need it, do NOT clutter this thread with support requests regarding obtaining superCID and/or root! If you try this process without superCID, it will not work, and you may have issues!:
HTC One S superCID: http://forum.xda-developers.com/showthread.php?t=1671643
Once you have confirmed you have SuperCID, get started (read it through first so you understand it all):
Special note for One S users - flashing the OTA firmware (which you are initiating, but not actually doing here) likes to BRICK superCID phones for some reason. Follow these instructions EXACTLY. After the error 92 in step 5, whatever you do, do NOT run the fastboot flash command again. Make sure you procede on to step 6.
Let's get started:
1.) Download patcher and unzip it in your working directory:
soffbin3.zip http://d-h.st/WrZ Mirror http://goo.im/devs/dsb9938/soff/soffbin3.zip
2.) Download zip that matches your model id and move it in your working directory (do not unzip it!):
OneS PJ4010000-OneS.zip http://d-h.st/sE6 Mirror http://goo.im/devs/dsb9938/soff/PJ4010000-OneS.zip
3.)
Code:
adb reboot bootloader
(wait for bootloader)
4.)
Code:
fastboot oem rebootRUU
(wait for black HTC Screen)
5.)
Code:
fastboot flash zip <appropriate zip filename from above>
After a while, You should see the following error “FAILED (remote: 92 supercid! please flush image again immediately)”
6.) Immediately issue the following command:
Code:
fastboot oem boot
You may see some errors, just wait for the device to boot into Android (only now, you should be booted into Android with no eMMC write protection of any kind active).
7.) Issue the following 3 commands to update the security partition with S-off flags (one command at a time!):
Code:
adb push soffbin3 /data/local/tmp/
adb shell chmod 744 /data/local/tmp/soffbin3
adb shell su -c "/data/local/tmp/soffbin3"
(wait for a few seconds)
8.)
Code:
adb reboot bootloader
9.) You should see what you are looking for!
If you need help or just care to say thanks, join us on IRC: #FacePalm http://chat.andirc.net:8080/?channels=facepalm
Enjoy.

YES
I love you man!
Goodbye bootloader restrictions, hello OTA's! <3
Edit: I made a Tutorial Video! If there's anything wrong that you guys want me to remove or anything, let me know. Once again, good work!

Worked. <33333 oodles of love!

Very simple....thank you guys so much!!!!!!!!

Wow....thank you guys
Sent from my HTC One S using Tapatalk 2

oh yea! thanks a million

Odp: [S-Off] Facepalm S-Off for HTC Devices One S, One XL, Droid DNA
w00t. Sensation work!
Its possible to edit Scid to any "official" and relock BL after s-off?

Problem resolved

i dont even have this phone and im happy for u guys!! s-off!!! good **it!!!!:good::victory::highfive:

I read earlier on http://chat.andirc.net:8080/?channels=facepalm that higher hboots were having issues. What hboot are you on?

Qs5 said:
I read earlier on http://chat.andirc.net:8080/?channels=facepalm that higher hboots were having issues. What hboot are you on?
Click to expand...
Click to collapse
1.14, so I guess that would do it. I'll downgrade and try again, thanks.
I just don't understand why I'm not getting the vital CID error anymore. I still have SuperCID...

Jewcifer said:
1.14, so I guess that would do it. I'll downgrade and try again, thanks.
I just don't understand why I'm not getting the vital CID error anymore. I still have SuperCID...
Click to expand...
Click to collapse
Hmm he did it. Weird. http://forum.xda-developers.com/showpost.php?p=38176024&postcount=776

Qs5 said:
Hmm he did it. Weird. http://forum.xda-developers.com/showpost.php?p=38176024&postcount=776
Click to expand...
Click to collapse
His HBOOT is actually higher than mine. Odd.

Jewcifer said:
His HBOOT is actually higher than mine. Odd.
Click to expand...
Click to collapse
You could always try redownloading the PJ4010000-OneS.zip, might be a bad download?

Qs5 said:
You could always try redownloading the PJ4010000-OneS.zip, might be a bad download?
Click to expand...
Click to collapse
Come to think of it, when I was downloading the soffbin3 package the download was behaving oddly and kept stalling. Could have been server problems? I'll try redownloading that.

Guy S3 device work or not? Please report.:victory:

Jewcifer said:
Come to think of it, when I was downloading the soffbin3 package the download was behaving oddly and kept stalling. Could have been server problems? I'll try redownloading that.
Click to expand...
Click to collapse
If all else fails try a new cable and or usb port. That seemed to help other people back in the day xD
http://forum.xda-developers.com/showpost.php?p=30845333&postcount=38

Beaups just advised me that some custom roms could have issues, failing S-Off which I had as well. He said better re-clock bootloader, revert to stock rom, unlock bootloader, root, super CID, then s-off

teerapong.g said:
Guy S3 device work or not? Please report.:victory:
Click to expand...
Click to collapse
Definitely do NOT attempt this on an S3 yet. I don't want to speak on behalf of the creators, but seeing as there's a difference between the S4 and the XL, there's got to be a difference between the S4 and the S3.
uvt_novice said:
Beaups just advised me that some custom roms could have issues, failing S-Off which I had as well. He said better re-clock bootloader, revert to stock rom, unlock bootloader, root, super CID, then s-off
Click to expand...
Click to collapse
This was my original plan, actually x) I'm on a CM10.1 base. I'm thinking it should work fine with a sense-based ROM though, I'll try that first.

Amazing job guys.
Confirmed S-OFF on HTC One S (S4) T-Mobile US HBOOT 1.14.0004.
Man...S-OFF....and 2.1.0 Viper??? It's like I'm holding a brick of gold in my hand, lol.
Sent from my One S using xda app-developers app

How to know if you're s-off?

Hi, I realize I will get a lot of flame for this, but how do I know if my AT&T One X is S-off?
See, I'm trying to flash this custom boot screen from here (http://forum.xda-developers.com/showthread.php?t=2173665) and the requirements say I must be S-off and have an unlocked bootloader.
I know for sure my bootloader is unlocked (via the HTCDev method). I also read some places that S-off means your bootload is locked? So kind of confused here.
Thanks very much XDA geniuses!!!!

toughtrasher said:
Hi, I realize I will get a lot of flame for this, but how do I know if my AT&T One X is S-off?
See, I'm trying to flash this custom boot screen from here (http://forum.xda-developers.com/showthread.php?t=2173665) and the requirements say I must be S-off and have an unlocked bootloader.
I know for sure my bootloader is unlocked (via the HTCDev method). I also read some places that S-off means your bootload is locked? So kind of confused here.
Thanks very much XDA geniuses!!!!
Click to expand...
Click to collapse
Reboot into boot loader. It'll either say S-On or S-Off.

Okay, I've done that and it says I'm S-On.
What are the benefits of S-Off and any cons? Thanks given

System write protection is turned off. Reduces chance of bricking with ruu and allows you to change things like hboot and splash screen without the need for them to be signed. It's good to have if you're knowledgeable enough to read and follow instructions.
Sent from my One X using xda app-developers app

toughtrasher said:
Okay, I've done that and it says I'm S-On.
What are the benefits of S-Off and any cons? Thanks given
Click to expand...
Click to collapse
No need to flash boot.img
Less vernerable to brick etc...
There's really no disadvatage of gaining soff, so why not?
http://forum.xda-developers.com/showthread.php?t=2155071
Sent from my HTC One X using xda app-developers app

Thug_4_Life said:
No need to flash boot.img
Less vernerable to brick etc...
There's really no disadvatage of gaining soff, so why not?
http://forum.xda-developers.com/showthread.php?t=2155071
Sent from my HTC One X using xda app-developers app
Click to expand...
Click to collapse
There is one disadvantage. S-OFF stands for Security Off. Security Off disables security checks, verifying your hboot, software version, CID, etc. If you flash something that you're not supposed to to the emmc partitions or something not designed for evita, you will brick.

exad said:
There is one disadvantage. S-OFF stands for Security Off. Security Off disables security checks, verifying your hboot, software version, CID, etc. If you flash something that you're not supposed to to the emmc partitions or something not designed for evita, you will brick.
Click to expand...
Click to collapse
Lol I remember what happened when I flashed Sense5 rom specifically for Evo 4g lte.
Sent from my HTC One X using xda app-developers app

S-off if you need it... If not play it safe.
Sent from my HTC One X using xda app-developers app

Thug_4_Life said:
No need to flash boot.img
Less vernerable to brick etc...
There's really no disadvatage of gaining soff, so why not?
http://forum.xda-developers.com/showthread.php?t=2155071
Sent from my HTC One X using xda app-developers app
Click to expand...
Click to collapse
exad said:
There is one disadvantage. S-OFF stands for Security Off. Security Off disables security checks, verifying your hboot, software version, CID, etc. If you flash something that you're not supposed to to the emmc partitions or something not designed for evita, you will brick.
Click to expand...
Click to collapse
For some reason, these two just seem to coincide the hell out of each other someone explain
T4L, I've followed the steps on that thread you pointed me to, but I'm stuck on step 7, inputting this to the command prompt:
adb shell chmod 744 /data/local/tmp/soffbin3
See, I read one of the posts in there that says I can use the files from Hassoon's all in one tool and just point the command prompt there, however when I type in "adb shell chmod 744" itdoesn't do anything. Then when I type in anything else after "adb shell chmod 744" it says error: cannot find device.
What do?

toughtrasher said:
For some reason, these two just seem to coincide the hell out of each other someone explain
T4L, I've followed the steps on that thread you pointed me to, but I'm stuck on step 7, inputting this to the command prompt:
adb shell chmod 744 /data/local/tmp/soffbin3
See, I read one of the posts in there that says I can use the files from Hassoon's all in one tool and just point the command prompt there, however when I type in "adb shell chmod 744" itdoesn't do anything. Then when I type in anything else after "adb shell chmod 744" it says error: cannot find device.
What do?
Click to expand...
Click to collapse
What rom are you using? a root access request pops up on your phone screen after, did you grant root?

exad said:
What rom are you using? a root access request pops up on your phone screen after, did you grant root?
Click to expand...
Click to collapse
I am using CleanROM 6 R2. It didn't pop up anything after step 7

toughtrasher said:
I am using CleanROM 6 R2. It didn't pop up anything after step 7
Click to expand...
Click to collapse
pastebin your cmd please

Make sure you're plugged into a USB 2 port, not USB 3. Anytime I get that error, it's cause I forgot to plug it in the right one.
Sent from my One X using xda app-developers app

Thanks for all your responses, guys! Really appreciate it.
I've succesfully got s-off thanks a lot to beaups! Very great person.
Now for some theming...

[Q] HTC ONE XL Hboot 2.15 superCID+s-off issues-please halp

hi guys, im not new to this, and i have a good understanding of adb and fastboot. i have just purchased a htc one xl (telstra) im running Hboot 2.15 and have unlocked bootloader via htc dev, installed TWRP ver; 2.6.0.0, rooted via flashing superSU and am currently running stock android ver 4.2.2 htc sense 5.0. i sim unlocked it so i could run my vodafone sim, and radio is working fine but i think the telstra RUU isnt allowing the sims internet conectis-on, therefore i am deciding to flash another rom. i first tried flashing pacman rom unsuccessfully but have yet to flash the boot.img as i havent got S-OFF and figure it wont allow writing to that partition yet, i have had alot of problems rewriting the CID for superCID, have tried many methods including xfactor and manually via fastboot and have been unsucessfull thus far, i understand that its not possible to downgrade Hboot unless S-off is achieved, alas facepalm is not possible unless superCID is achieved, and i cannot rewrite the CID manually or using any scripts i have found, is my Hboot version the problem or is there something im missing here?
help would be much appreciated

Have you tried the hex edit method?
Sent from my Evita

Yeah it returns with an error in adb, system mounted read only, and its deffinatly rooted so I'm not sure how to make system readwrite
Sent from my Wildfire S A510e using xda app-developers app

It would seem there s no sure fire way around this. Unless someone can help me figure out the read only issue in adb using the hex edit method
Sent from my Wildfire S A510e using xda app-developers app

hex edit progress
ok so i fixed the problem by uninstalling htcsync and re installing adb and fastboot via sdk tools, i got the file pulled from my phone and hex edited it, from cid; TELST001 to cid; 11111111 and pushed the file back onto my phone as per instructions, yet when i reboot into bootloader and do fastboot oem readcid it still comes back TELST001. somehow the phone knows what is happening and is changing the hex back to original form..??

ok scratch that, it actually never pulled the file from my phone, that was a file leftover from some script that didnt work, it had a cid of telus001 and my cid reads telst001 so i know that wasnt my file, the adb shell is able to read my phone but not ble to take the mmcblk0p4 file, so when i enter the command dd if=/dev/block/mmcblk0p4 of=/sdcard/mmcblk0p4 i get 2.0 records in 2.0 records out 1024 bytes transferred at <40960> bytes. so im guessing it was successful, yet when i check my sd root the file is nowhere to be seen!? where am i going wrong here

I just remembered someone had posted a different method, try this one:
http://forum.xda-developers.com/showthread.php?t=2460148
Sent from my Evita

argh
O..K so i rebooted the one xl ad the file was there, i copied to desktop, hex edited, and did dd if=/sdcard/mmcblk0p4 of=/dev/block/mmcblk0p4 to push the file back. read as successful in adb, so i did reboot fastboot and fastboot oem readcid, CID READS TELST001 STILL i must be retarded or something

timmaaa said:
I just remembered someone had posted a different method, try this one:
http://forum.xda-developers.com/showthread.php?t=2460148
Sent from my Evita
Click to expand...
Click to collapse
ok thanks man, ill give it a go now

st3wy said:
ok thanks man, ill give it a go now
Click to expand...
Click to collapse
yeah i tried it both ways and still gets cid TELST001 :l it seems im so close, the file was the same size the names were right, all commands i entered were spot on. just cant figure this one out

st3wy said:
yeah i tried it both ways and still gets cid TELST001 :l it seems im so close, the file was the same size the names were right, all commands i entered were spot on. just cant figure this one out
Click to expand...
Click to collapse
i even tried doing echo -ne "22222222" | dd of=/dev/block/mmcblk0p5 bs=1 seek=20
and still get INFOcid: TELST001
is it possible that my cid is stored somewhere other than mmcblk0p4 or mmcblk0p5??

You might be stuck in the same situation that at&t users were in after taking the 3.18 update. Basically the system partition is read only, so temp root was needed to get SuperCID in order to unlock their bootloader. The only difference being that you can unlock your bootloader just fine but can't get SuperCID in order to get s-off. I'm not sure on this, just spitballing ideas.
Sent from my Evita

timmaaa said:
You might be stuck in the same situation that at&t users were in after taking the 3.18 update. Basically the system partition is read only, so temp root was needed to get SuperCID in order to unlock their bootloader. The only difference being that you can unlock your bootloader just fine but can't get SuperCID in order to get s-off. I'm not sure on this, just spitballing ideas.
Sent from my Evita
Click to expand...
Click to collapse
sounds about right, i did read about this. so im guessing because i used temp root to spoof cid and unlock bootloader using the unlock code from that process, that there is no way to 'officially' relock the bootloader, and start the whole process again using a different method, say for instance using adb.. and thus getting bootlocker unlocked without spoofed cid and temp root possibly resulting in the ability to obtain supercid and full root? i have got supersu flashed through recovery.. but yeah obviously having serious issues with supercid atm.. thanks so much for your help this far man came a long way this arvo, just cant see the light at the ed of the tunnel... its like if i was able to flash Hboot i may be able to get around, but that requires s-off, which reuires super cid, which requires different Hboot lol

you wouldnt happen to know anyone else that might be able to brainstorm on this would you? although from looking at the threads youve made, it seems your possibly THE most educated person on this matter... idk might just have to wait for a dev to look into this and find a loophole. im not that good unfortunately. again, thanks for your help man. if you do get any ideas dont hesitate to post em up on this thread. cheers.

I'm definitely not the most educated person in this kinda stuff, I just read a lot on here and remember the ins and outs of this device. Finding a loophole around this is something that the HTC experts would have to work on, people like beaups, jcase, those kinda guys. Like I said though I'm not even sure if what I said is what's stopping you, I could be completely wrong.
Sent from my Evita

well, ive had one thaught that might be a stupid one but possibly one of the only things i am yet to try.. if i go through with the s-off and see if it works, although my phone is reading cid it may actually have supercid because like i say, its been successful in adb just hasnt returned a supercid through the fastboot commands, i guess the only question is will i brick my device if i follow through with s-off when i dont have supercid or will it just fail and all will be gravy

is there anyway to get them in on this thread so they know where im up to, or would i have to PM them exclusively and explain all over again

btw i think your right, system is read only. thats why the pushes arent working, even though they say they are in adb, either that or the phones cid and the RUU's cid are different and fastboot oem readcid is reading softwares cid and not the phones cid?

either way im going to drink a beer and go outside for a while, thanks again timmaaa, i didnt expect anyone to reply to this thread for a good while. like i said if u happen to have contact with the devs or anyone else that might be able to help, id be stoked. cheers bro and peace out!

You can try SuperCID but it just won't work. You can try contacting them and pointing them to this thread, but I think they're pretty busy guys so I don't know if they'll be able to help. The CID that shows up when using the fastboot command is definitely the phone CID and not the software CID.
Sent from my Evita