Related
After my new Desire updated by OTA to 2.2, my HBoot upgraded to 0.93.001
As a result, I am no longer to root it again or flashing any cooked rom.... It is such a nightmare for me. So I decided went to HTC service center and asking for a factory restore to Android 2.1, unfortunately the guy stated that due to my personal's fault - to hack the bootloader, there is no way to downgrade the software anymore. I need to pay extra money for a circuit board replacement. I am so angry with the replied, my phone actaully working fine with OTA 2.2 version (it is official release for Taiwan), all I want to do is requested for downgrade to official 2.1, why I need to replace a circuit board????
Anyway after a few hours, I figure out a solution and now working fine with Hboot 0.8 and then re-flashed to customized cooked FroYo rom
Here is the steps: (be careful, I am not responisable for any demage due to these procedures, also you need to have basic knowledge on using Android adb tools)
0.) Download this good program: http://evo4g.me/downloads/evo-root.zip (Credit goes to djR3Z)
Download this file to "PB99IMG.zip" http://shipped-roms.com/shipped/Bra...8U_4.06.00.02_2_release_126984_signed_txt.zip
1.) Make a NEW Goldcard (best using FAT32 format micro SD 4GB or 2GB)
http://www.klutsh.com/dlfiles/GoldCardTool-0.0.5.rar
2.) Find your CID ==> e.g HTC__622 (someone said all 11111111 also worked, but if you can query, why not to input your own?)
fastboot oem boot <--- run this command, will show your own CID
3.) http://ks33673.kimsufi.com/misc/
and Create your own "mtd0.img"
>adb push flash_image /data/local/
>adb push rageagainstthecage-arm5.bin /data/local/tmp/
>adb push mtd0.img /sdcard/
>adb push PB99IMG.zip /sdcard/
>adb shell
chmod 0755 /data/local/tmp/rageagainstthecage-arm5.bin
chmod 0755 /data/local/flash_image
cd /data/local/tmp
./rageagainstthecage-arm5.bin
If you see:
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3319, 3319}
[*] Searching for adb ...
[+] Found adb as PID 74
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] [email protected] so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
$
> adb shell
# <---- you will see this good prompt
cd /data/local
./flash_image misc /sdcard/mtd0.img <---- make sure your connected to PC not in Disk drive mode
5.Shutdown your device
6.Hold volume DOWN and press power button
7.Wait until PB99IMG.ZIP was found and verfied. If that fails, check if you named the file the right way and it’s located in the root of your SD.
8.Press volume UP to start the update.
9.Wait until all steps are done. DON’T POWER OFF YOUR DEVICE!
10.After the downgrade progress has finished press volume UP to reboot.
Now you back to 2.1 with HBoot 0.80
(Please remember to delete the file PB99IMG.zip from your SDcard / folder)
If you want root again:
Navigate to http://www.unrevoked.com for rooted as usual
Interesting, a root exploit for froyo has been found? Though any downgrade of hboot is unnecessary. The rooting allows you to fix the misc partition which will let you flash any RUU you want.
My Desire show : Main Version is older! Update Fail!
setupspeed said:
My Desire show : Main Version is older! Update Fail!
Click to expand...
Click to collapse
what is the issue?
tell me what steps being failed...
hkfriends said:
what is the issue?
tell me what steps being failed...
Click to expand...
Click to collapse
read PB99IMG.ZIP finish , then checking PB99IMG.ZIP => fail
setupspeed said:
read PB99IMG.ZIP finish , then checking PB99IMG.ZIP => fail
Click to expand...
Click to collapse
Have u flashed Mtd0.img ok?
hkfriends said:
Have u flashed Mtd0.img ok?
Click to expand...
Click to collapse
Mtd0.img ok , pursuant step => still fail
better add some screenshoot bro
I have got hboot 0.93 with vodafone froyo and an amoled-display (no slcd).
Do the method of
android-tutorials.org/dev/?page_id=78
work (sorry, can't post the hole link because I an new registered, add www)?
Or do I have to use the method from post #1 in this thread?
cordezz said:
I have got hboot 0.93 with vodafone froyo and an amoled-display (no slcd).
Do the method of
android-tutorials.org/dev/?page_id=78
work (sorry, can't post the hole link because I an new registered, add www)?
Or do I have to use the method from post #1 in this thread?
Click to expand...
Click to collapse
Try teppic74's tool, i think it will be more easy and the same as mine too!
http://forum.xda-developers.com/showthread.php?t=768256
C:\adb>adb push flash_image /data/local/
adb server is out of date. killing...
* daemon started successfully *
774 KB/s (26172 bytes in 0.033s)
C:\adb>adb push rageagainstthecage-arm5.bin /data/local/tmp/
478 KB/s (5392 bytes in 0.011s)
C:\adb>adb push mtd0.img /sdcard/
1807 KB/s (655360 bytes in 0.354s)
C:\adb>adb push PB99IMG.zip /sdcard/
1550 KB/s (144169877 bytes in 90.807s)
C:\adb>adb shell
$ chmod 0755 /data/local/tmp/rageagainstthecage-arm5.bin
chmod 0755 /data/local/tmp/rageagainstthecage-arm5.bin
$ chmod 0755 /data/local/flash_image
chmod 0755 /data/local/flash_image
$ cd /data/local/tmp
cd /data/local/tmp
$ ./rageagainstthecage-arm5.bin
./rageagainstthecage-arm5.bin
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3319, 3319}
[*] Searching for adb ...
[+] Found adb as PID 671
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] [email protected] so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
$
C:\adb>adb shell
adb server is out of date. killing...
* daemon started successfully *
# cd /data/local
cd /data/local
# ./flash_image misc /sdcard/mtd0.img
./flash_image misc /sdcard/mtd0.img
# exit
exit
C:\adb>
-------------------------------------------------------------
my step , correct?
Yes, seems corrected..
have you made gold card?
what is your phone? OEM or branded?
what is the original Hboot version?
setupspeed said:
C:\adb>adb push flash_image /data/local/
adb server is out of date. killing...
* daemon started successfully *
774 KB/s (26172 bytes in 0.033s)
C:\adb>adb push rageagainstthecage-arm5.bin /data/local/tmp/
478 KB/s (5392 bytes in 0.011s)
C:\adb>adb push mtd0.img /sdcard/
1807 KB/s (655360 bytes in 0.354s)
C:\adb>adb push PB99IMG.zip /sdcard/
1550 KB/s (144169877 bytes in 90.807s)
C:\adb>adb shell
$ chmod 0755 /data/local/tmp/rageagainstthecage-arm5.bin
chmod 0755 /data/local/tmp/rageagainstthecage-arm5.bin
$ chmod 0755 /data/local/flash_image
chmod 0755 /data/local/flash_image
$ cd /data/local/tmp
cd /data/local/tmp
$ ./rageagainstthecage-arm5.bin
./rageagainstthecage-arm5.bin
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3319, 3319}
[*] Searching for adb ...
[+] Found adb as PID 671
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] [email protected] so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
$
C:\adb>adb shell
adb server is out of date. killing...
* daemon started successfully *
# cd /data/local
cd /data/local
# ./flash_image misc /sdcard/mtd0.img
./flash_image misc /sdcard/mtd0.img
# exit
exit
C:\adb>
-------------------------------------------------------------
my step , correct?
Click to expand...
Click to collapse
hkfriends said:
Yes, seems corrected..
have you made gold card?
what is your phone? OEM or branded?
what is the original Hboot version?
Click to expand...
Click to collapse
gold card => yes
My phone => HTC Desire
Hboot version => 0.93.0001
i have this error "error writing misc: Permission denied"
in this step: "./flash_image misc /sdcard/mtd0.img"
Noob question
Using your method wont brick my phone right? My phone details are below:
Unit: HTC Desire
ROM: FroYo OTA (Unbranded)
BOOTLoader: 0.93
Software:2.13.707.1
Kernel:2.6.32.15
Just use my tool instead, it's much easier.
Doesn't Unrevoked3, the tool that is used to root phones, support hboot 0.93 on unbranded / unlocked phones? So this step is un-necessary on unbranded / unlocked phones?
Did it work at all?
Hi,
I too want to downgrade my HTC Desire from 2.2 to 2.1 because after the upgrade to 2.2 with hboot 0.93 my desire has stopped connecting to the H or 3g network.
Did this guide work for anyone at all?
HI
CAN SOME HELP ME TO GET THE ROM IMAGE VERSION 2.13.707.1 I NEED THE EXE. FILE THATS THE ONLY WAY I KNOW TO INSTALL THE ROM!!!!
MY PHONE TRIED TO UPGRADE FROM THE PHONE SOMETHING WENT WRONG AND IT SWITCH ON AND GET STUCK IN WHITE SCREEN WITH htc GREEN LOGO . . . I TRIED TO INSTALL THE ROM FROM MY COMPUTER THE LATEST BUT THE IMAGE ON THAT IS 2.10.405.2 . I REALLY APPRECIATE IF SOMEONE CAN HELP ME
black screen
I got a black screen after downgrade. Also after restart the phone
Desire
So I tried to clear my GPS EFS and it did more than that. On boot, instead of seeing the splash screen, I get colorbars and skateboards and then it jumps to the splash animation. I flashed the HBOOT, Radio, Orig and CWM Recovery, boot splash, boot animation with no change. I suppose I could flash the ROM again, but it boots fine. Really, I don't need a fix, just posting this in case someone else has the same problem.
update: I ended up flashing the original rom image and then flashing back
What I did to cause the problem, the efs batch didn't appear to run correctly, so I ran it manually as well.
C:\TEMP\ADB>adb push vision_wipe_efs /data/local/tmp/
2408 KB/s (577228 bytes in 0.234s)
C:\TEMP\ADB>adb shell
# su
su
# stop rmt_storage
stop rmt_storage
# chmod 777 /data/local/tmp/vision_wipe_efs
chmod 777 /data/local/tmp/vision_wipe_efs
# /data/local/tmp/vision_wipe_efs
/data/local/tmp/vision_wipe_efs
Backing up partition /dev/block/mmcblk0p13 to /sdcard/part13backup-1312554352.bin ...
Backing up partition /dev/block/mmcblk0p14 to /sdcard/part14backup-1312554352.bin ...
Wiping partition /dev/block/mmcblk0p13...
Error writing output file.
# dd if=/dev/zero of=/dev/block/mmcblk0p13
dd if=/dev/zero of=/dev/block/mmcblk0p13
/dev/block/mmcblk0p13: write error: No space left on device
65+0 records in
64+0 records out
32768 bytes transferred in 0.010 secs (3276800 bytes/sec)
# dd if=/dev/zero of=/dev/block/mmcblk0p14
dd if=/dev/zero of=/dev/block/mmcblk0p14
/dev/block/mmcblk0p14: write error: No space left on device
12289+0 records in
12288+0 records out
6291456 bytes transferred in 2.728 secs (2306252 bytes/sec)
Thanks,
-mix
Please help, I have the same issue I tried to wipe efs data because my gps is not working and now I get the same issue... but is still booting, and because I'm flashoolic I dislike to have any little or huge issue... So can someone please help me ?
This is not my work but I did not see it in the dev section so I thought this would be a perfect repost. I read this in the HTC one X thread and I followed it EXACTLY as wrote and it worked for the One S. I have the Tmo version.
http://forum.xda-developers.com/showthread.php?p=26516911#post26516911
This is not my work.
My phone is only unlocked via HTCdev and is NOT s-off and it worked flawlessly.
You need S-OFF for SuperCID but okay.
no you don't so check it out before you do it. duh. I'm unlocked via htcdev but not s-off. Like I said it worked on my One S and you know the ONE s hasn't recieved s-off has it. Look into stuff a little better before you tare it down.
[email protected] ~ $ adb shell
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
[email protected]:/ $ su
[email protected]:/ # dd if=/dev/block/mmcblk0p4 of=/sdcard/mmcblk0p4
2+0 records in
2+0 records out
1024 bytes transferred in 0.002 secs (512000 bytes/sec)
[email protected]:/ # exit
[email protected]:/ $ exit
[email protected] ~ $ adb pull /sdcard/mmcblk0p4
12 KB/s (1024 bytes in 0.078s)
[email protected] ~ $ adb reboot-bootloader
[email protected] ~ $ fastboot oem readcid
...
(bootloader) cid: T-MOB010
OKAY [ 0.005s]
finished. total time: 0.005s
[email protected] ~ $ fastboot reboot
[email protected] ~ $ adb push mmcblk0p4MOD /sdcard/mmcblk0p4MOD
8 KB/s (1024 bytes in 0.112s)
[email protected] ~ $ adb shell
[email protected]:/ $ su
[email protected]:/ # dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4
2+0 records in
2+0 records out
1024 bytes transferred in 0.365 secs (2805 bytes/sec)
[email protected]:/ # exit
[email protected]:/ $ exit
[email protected] ~ $ adb reboot-bootloader
[email protected] ~ $ fastboot oem readcid
...
(bootloader) cid: 11111111
OKAY [ 0.005s]
finished. total time: 0.005s
[email protected] ~ $ fastboot reboot
shootind5nukes said:
[email protected] ~ $ adb shell
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
[email protected]:/ $ su
[email protected]:/ # dd if=/dev/block/mmcblk0p4 of=/sdcard/mmcblk0p4
2+0 records in
2+0 records out
1024 bytes transferred in 0.002 secs (512000 bytes/sec)
[email protected]:/ # exit
[email protected]:/ $ exit
[email protected] ~ $ adb pull /sdcard/mmcblk0p4
12 KB/s (1024 bytes in 0.078s)
[email protected] ~ $ adb reboot-bootloader
[email protected] ~ $ fastboot oem readcid
...
(bootloader) cid: T-MOB010
OKAY [ 0.005s]
finished. total time: 0.005s
[email protected] ~ $ fastboot reboot
[email protected] ~ $ adb push mmcblk0p4MOD /sdcard/mmcblk0p4MOD
8 KB/s (1024 bytes in 0.112s)
[email protected] ~ $ adb shell
[email protected]:/ $ su
[email protected]:/ # dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4
2+0 records in
2+0 records out
1024 bytes transferred in 0.365 secs (2805 bytes/sec)
[email protected]:/ # exit
[email protected]:/ $ exit
[email protected] ~ $ adb reboot-bootloader
[email protected] ~ $ fastboot oem readcid
...
(bootloader) cid: 11111111
OKAY [ 0.005s]
finished. total time: 0.005s
[email protected] ~ $ fastboot reboot
Click to expand...
Click to collapse
Hey mate, you tried flashing a different RUU using this?
Sent from my HTC One S using xda premium
I will try flashing new radio from the 1.78 RUU right now and I'll post back
shootind5nukes said:
I will try flashing new radio from the 1.78 RUU right now and I'll post back
Click to expand...
Click to collapse
Awesome, good luck. If that works this is a brilliant find. Good trolling
Sent from my HTC One S using xda premium
haha awesome, Ignore the negativity.. Some people just dont learn...
Can we skip
Change CWS_001 to ROGER001 and save the file as mmcblk0p4MOD
Click to expand...
Click to collapse
and just change it straight to 11111111 instead of doing this as the last step ?
azzledazzle said:
haha awesome, Ignore the negativity.. Some people just dont learn...
Can we skip and just change it straight to 11111111 instead of doing this as the last step ?
Click to expand...
Click to collapse
I appears so from the other thread. Unless you like roger
Sent from my HTC One S using xda premium
as you see above I went strait to 11111111.
shootind5nukes said:
no you don't so check it out before you do it. duh. I'm unlocked via htcdev but not s-off. Like I said it worked on my One S and you know the ONE s hasn't recieved s-off has it. Look into stuff a little better before you tare it down.
Click to expand...
Click to collapse
Ah.
Thanks.
Stock recovery keeps saying can't mount /sdcard...I'm trying to install ruu
Awesome I knew when I saw the alternate method to flash a radio worked this wouldn't be far along. I'd expect we'll get a few more goodies from type of method soon.
Also, I knew it was great news when I saw the ATT One X specs. It's so close to the One S we'll be able to benefit from it's development for the entire life cycle of the One S
---------- Post added at 07:44 PM ---------- Previous post was at 07:15 PM ----------
This was quick and easy. My TMOUS phone is now 11111111. Just want to point out to others that you should stop at step 11.
dc211 said:
Awesome I knew when I saw the alternate method to flash a radio worked this wouldn't be far along. I'd expect we'll get a few more goodies from type of method soon.
Also, I knew it was great news when I saw the ATT One X specs. It's so close to the One S we'll be able to benefit from it's development for the entire life cycle of the One S
---------- Post added at 07:44 PM ---------- Previous post was at 07:15 PM ----------
This was quick and easy. My TMOUS phone is now 11111111. Just want to point out to others that you should stop at step 11.
Click to expand...
Click to collapse
I agree I think the roms will be interchangeable just like the att and tmobile gs2 are interchangeable
sent from a guy living in a van down by the river
sorry for the question but what exactly does this do?
SuperCID gives you ability to flash any RUU you want, regardless your original phone brand.
Antubis said:
SuperCID gives you ability to flash any RUU you want, regardless your original phone brand.
Click to expand...
Click to collapse
would superCID'ing also allow OTA update? let's say I flashed a RUU to my US t-mobile phone, will i get the 1.78 update?
How lucky I was already SuperCID.
My phone was a demo from Vodafone.
So you should be able to de brand this way . Just Change the CID to HTC__001 then flash lates RUU . Correct?
wardy said:
So you should be able to de brand this way . Just Change the CID to HTC__001 then flash lates RUU . Correct?
Click to expand...
Click to collapse
Thats correct yes.. But you could change it to 11111111 and you can flash ANYTHING.. no more worrying about CID Mismatches again !
hy guys
I want to downgrade my htc desire z, and i am follwing all the steps only the thing is that on ./flashgc it gives me this: permission denied.
and finally and the most important, when i begin to downgrade it gives me this message: CID Incorrect update fail.
please help me
amiraria said:
hy guys
I want to downgrade my htc desire z, and i am follwing all the steps only the thing is that on ./flashgc it gives me this: permission denied.
and finally and the most important, when i begin to downgrade it gives me this message: CID Incorrect update fail.
please help me
Click to expand...
Click to collapse
Can you post the original post you are following? You might need to create your own goldcard.
CID Incorrect update failed
iSkanky said:
Can you post the original post you are following? You might need to create your own goldcard.
Click to expand...
Click to collapse
after doing all the settings as instruction shows i started writing the cammonds like below:
> adb shell cat /dev/msm_rotator
/dev/msm_rotator: invalid length
> adb push fre3vo /data/local/tmp
> adb shell
$ chmod 777 /data/local/tmp/fre3vo
$ /data/local/tmp/fre3vo -debug -start FAA90000 -end FFFFFFFF
Buffer offset: 00000000
Buffer size: 8192
Scanning region fb7b0000...
Scanning region fb8a0000...
Scanning region fb990000...
Scanning region fba90000...
Potential exploit area found at address fbb4d600:a00.
Exploiting device...
> adb shell
# exit
> adb push misc_version /data/local/tmp/misc_version
> adb push flashgc /data/local/tmp/flashgc
> adb shell chmod 777 /data/local/tmp/*
> adb shell
# cd /data/local/tmp
# ./misc_version -s 1.00.000.0
--set_version set. VERSION will be changed to: 1.00.000.0
Patching and backing up partition 17...
./flashgc (In this part when i am writing this code i will get this massage: ./flashgc permission denied, then i countinued typing the rest of the codes).
# sync
# dd if=/dev/block/mmcblk0p17 bs=1 skip=160 count=10
1.00.000.010+0 records in
10+0 records out
10 bytes transferred in 0.001 secs (10000 bytes/sec) (here also instead of getting 10000 bytes/sec i get 5000 bytes/sec)
(here i downloaded PC10IMG.zip and copied to my sdcart)
(then for Fastboot Downgrade i wrote these codes)
> adb reboot bootloader
> fastboot devices
(My device is recognized by typing the above command)
> fastboot oem rebootRUU
(but after finishing all the procedure it will give me this error: CID Incorrect update failed)
flashgc is not working and it gives the error: CID incorrect
amiraria said:
after doing all the settings as instruction shows i started writing the cammonds like below:
> adb shell cat /dev/msm_rotator
/dev/msm_rotator: invalid length
> adb push fre3vo /data/local/tmp
> adb shell
$ chmod 777 /data/local/tmp/fre3vo
$ /data/local/tmp/fre3vo -debug -start FAA90000 -end FFFFFFFF
Buffer offset: 00000000
Buffer size: 8192
Scanning region fb7b0000...
Scanning region fb8a0000...
Scanning region fb990000...
Scanning region fba90000...
Potential exploit area found at address fbb4d600:a00.
Exploiting device...
> adb shell
# exit
> adb push misc_version /data/local/tmp/misc_version
> adb push flashgc /data/local/tmp/flashgc
> adb shell chmod 777 /data/local/tmp/*
> adb shell
# cd /data/local/tmp
# ./misc_version -s 1.00.000.0
--set_version set. VERSION will be changed to: 1.00.000.0
Patching and backing up partition 17...
./flashgc (In this part when i am writing this code i will get this massage: ./flashgc permission denied, then i countinued typing the rest of the codes).
# sync
# dd if=/dev/block/mmcblk0p17 bs=1 skip=160 count=10
1.00.000.010+0 records in
10+0 records out
10 bytes transferred in 0.001 secs (10000 bytes/sec) (here also instead of getting 10000 bytes/sec i get 5000 bytes/sec)
(here i downloaded PC10IMG.zip and copied to my sdcart)
(then for Fastboot Downgrade i wrote these codes)
> adb reboot bootloader
> fastboot devices
(My device is recognized by typing the above command)
> fastboot oem rebootRUU
(but after finishing all the procedure it will give me this error: CID Incorrect update failed)
Click to expand...
Click to collapse
I even made a goldcard but i dont know how to use it, i mean the file name is Goldcard.img, i dont know whether i should place it in the related folder or not ? what should be the extension of the file.
one thing more: my device is htc desire z 2.3.3 . and i downloaded the ( Desire Z: PC10IMG.zip
Mirrors:
PC10IMG.zip
Vision_DZ_1.34.405.5_PC10IMG.zip
Vision_DZ_1.34.405.5_PC10IMG.zip) the first one is it correct or not? or i should download the (G2: PC10IMG_Vision_TMOUS_1.19.531.1_Radio_12.21.60.09b _26.02.01.15_M2_release_149459_signed.zip
Mirrors:
Vision_G2_1.19.531.1_PC10IMG.zip
Vision_G2_1.19.531.1_PC10IMG.zip
MD5: 531c08dc402e15577b947bf4cd22aec2)
please help me
I'm having some problems here. I tried to get superCID but strangely the CID never changes. Here's the commands. They all looked like they worked but the CID didn't change. (This is after I did the HEX editor and pushed the file back onto the SD card.)
Since that didn't work I tried rumrunners s-off script but that said it couldn't work with my ROM Beanstalk 4.4.2 or kernel.
HTC One S, Rooted, Beanstalk 4.4.2
S4 1.5Ghz Dual Core
HBOOT - 2.15
Kernel 3.4.76-ge75b9c0 phoenixita
Baseband 1.13.50.05........
Code:
C:\fastboot>adb shell
[email protected]:/ # su
su
[email protected]:/ # ls -l /sdcard/mmcblk0p4MOD
ls -l /sdcard/mmcblk0p4MOD
-rwxrwx--- root sdcard_r 1024 2014-02-23 13:32 mmcblk0p4MOD
[email protected]:/ # dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4
dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4
2+0 records in
2+0 records out
1024 bytes transferred in 0.015 secs (68266 bytes/sec)
[email protected]:/ # exit
exit
[email protected]:/ # exit
exit
C:\fastboot>adb reboot bootloader
C:\fastboot>fastboot oem readcid
...
(bootloader) cid: T-MOB010
OKAY [ 0.016s]
finished. total time: 0.016s
Wrong section. Next time Q&A.
Switch for a moment to a sense 2.15 Rom and try facepalm S-off.
fonnae said:
I'm having some problems here. I tried to get superCID but strangely the CID never changes. Here's the commands. They all looked like they worked but the CID didn't change. (This is after I did the HEX editor and pushed the file back onto the SD card.)
Since that didn't work I tried rumrunners s-off script but that said it couldn't work with my ROM Beanstalk 4.4.2 or kernel.
HTC One S, Rooted, Beanstalk 4.4.2
S4 1.5Ghz Dual Core
HBOOT - 2.15
Kernel 3.4.76-ge75b9c0 phoenixita
Baseband 1.13.50.05........
Code:
C:\fastboot>adb shell
[email protected]:/ # su
su
[email protected]:/ # ls -l /sdcard/mmcblk0p4MOD
ls -l /sdcard/mmcblk0p4MOD
-rwxrwx--- root sdcard_r 1024 2014-02-23 13:32 mmcblk0p4MOD
[email protected]:/ # dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4
dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4
2+0 records in
2+0 records out
1024 bytes transferred in 0.015 secs (68266 bytes/sec)
[email protected]:/ # exit
exit
[email protected]:/ # exit
exit
C:\fastboot>adb reboot bootloader
C:\fastboot>fastboot oem readcid
...
(bootloader) cid: T-MOB010
OKAY [ 0.016s]
finished. total time: 0.016s
Click to expand...
Click to collapse
Try rumrunner s-off and when your finished with that reboot to bootloader then go into fastboot, open up a command window and type "fastboot oem writecid 11111111" (without quotes)
Did you edit that file via hex editor?
EDIT: oh sorry... :cyclops:
dd98 said:
Try rumrunner s-off and when your finished with that reboot to bootloader then go into fastboot, open up a command window and type "fastboot oem writecid 11111111" (without quotes)
Click to expand...
Click to collapse
Unfortunately, I already tried Rumrunner. It didnt' work and mentioned something about the "cap is on too tight" and try a custom kernel or different ROM.
I also tried Firewater and after typing 'Yes' it just exited.
I'm pretty much out of ideas here.
fonnae said:
Unfortunately, I already tried Rumrunner. It didnt' work and mentioned something about the "cap is on too tight" and try a custom kernel or different ROM.
I also tried Firewater and after typing 'Yes' it just exited.
I'm pretty much out of ideas here.
Click to expand...
Click to collapse
Try moonshine
Sent from my SPH-L710 using Nightmare Rom
Thread Moved to Q&A, Help & Troubleshooting
As per the Forum Rules (which you agreed to when you signed up to XDA), development sections are only for development work to be posted, NOT for questions.
Please remember that in future so we don't have a repeat situation.
Regards,
- KidCarter93
Forum Moderator