TWRP recovery 3.0.0 for the Nabi Dreamtab HD8. (t8400n)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
At this point this recovery is still considered in testing. The normal disclaimers apply.
IMPORTANT!!!! If you have an IN08A version do not use this recovery, this will only work on NV08A
For IN08A see a tethered recovery and rooting method here: http://forum.xda-developers.com/showpost.php?p=57825022&postcount=25
This is for Nabi Dreamtab
Nabi2 is HERE
Nabi JR 4GB is HERE
Nabi JR 16GB is HERE
NabiXD is HERE
Updates
READ THIS FIRST!!
03/22/2016 Latest TWRP 3.0.0 files http://forum.xda-developers.com/showpost.php?p=65989774&postcount=66
10/5/2015 older TWRP 2.8.7 files http://forum.xda-developers.com/showpost.php?p=63151136&postcount=46
Initial TWRP 2.7.1 Direct Link
Stock recovery for Nabi version 1.3.7
http://forum.xda-developers.com/showpost.php?p=59290754&postcount=41
For more information on TWRP and change log see the TeamWin Website
Information
You do not need root to install this, in fact you can use the recovery to root your Dreamtab HD8. Upon exiting TWRP it will ask to root the device if it is not already, I ran in to an issue where I had to download SuperSU from play store afterwards to get it properly rooted.
Installation
Video tutorial https://www.youtube.com/watch?v=V_JML4wN3QM&feature=youtu.be
Having trouble? http://forum.xda-developers.com/nabi-2/general/nabi-information-t3229119
Start with Nabi booted to android, ADB debugging enabled, windows adb and fastboot drivers installed. (PDAnet drivers are popular)
-Method 1 (Recommended install , guided installer)
-Download Dreamtab Auto Installer from above
-Extract DTTWRPinstaller.zip
-Run install.bat
Code:
Select option 1 for installing recovery and immediate backup of tablet
Select option 2 to just install TWRP
Select option 3 to install the original stock recovery
-Method 2 (manual temporary install, will keep your current recovery)
-Download "TWRP 3.0.0.0 for Nabi Dreamtab"
-Extract recovery.img from zip to your adb directory
-From a command prompt in your adb directory
Code:
adb reboot-bootloader
fastboot boot recovery.img
-Method 3 (manual permanent install, will overwrite your current recovery)
-Download "TWRP 3.0.0.0 for Nabi Dreamtab"
-Extract recovery.img from .zip to your adb directory
-From a command prompt in your adb directory
Code:
adb reboot-bootloader
fastboot flash recovery recovery.img
Other
Device source https://github.com/aicjofs/android_device_fuhu_t8400
TWRP source https://github.com/omnirom/android_bootable_recovery
Credits
Geohot for towelroot (version 1 specifically)
TeamWin and OmniROM teams for TWRP.
Dees_Troy for build tutorials.
are you playing with new goodies again ? lol
Cant wait for you to " port " this to another nabi :victory:
aicjofs said:
.
Click to expand...
Click to collapse
You are awesome! :highfive:
Now for the $10^6 question....did Fuhu pull a Nabi2 and screw up the filesystem on the Dreamtab?
Thanks
Sno
Snoshrk said:
You are awesome! :highfive:
Now for the $10^6 question....did Fuhu pull a Nabi2 and screw up the filesystem on the Dreamtab?
Thanks
Sno
Click to expand...
Click to collapse
Better. /cache is ridiculously large, and while system is big, their ROM takes most of it and this time they left a little wiggle room. Dumbest by far is recovery being only 8MB. I may not be right on my markup below because I don't have my notes handy, but it's close
C:\Users\JON\Downloads\V50020_aboot_twrp_v2>adb shell
adb server is out of date. killing...
* daemon started successfully *
[email protected]:/ $ su
su
[email protected]:/ # df
df
Filesystem Size Used Free Blksize
/dev 959256.0K 128.0K 959128.0K 4096
/sys/fs/cgroup 959256.0K 12.0K 959244.0K 4096
/mnt/asec 959256.0K 0.0K 959256.0K 4096
/mnt/asec/com.mojang.minecraftpe-1 29688.0K 28108.0K 1580.0K 4096
/mnt/obb 959256.0K 0.0K 959256.0K 4096
/system 1548144.0K 1427960.0K 120184.0K 4096 Some free space for grow or user add system apps
/cache 1548144.0K 703612.0K 844532.0K 4096 I don't see using all this space in normal system operation
/data 10234424.0K 5400448.0K 4833976.0K 4096 I think I have a whole bunch of stuff on here so ignore this
/forever 64496.0K 4172.0K 60324.0K 4096
/forever/addon 1548144.0K 1010428.0K 537716.0K 4096
/mnt/shell/emulated 10234424.0K 5400448.0K 4833976.0K 4096
/storage/emulated 959256.0K 0.0K 959256.0K 4096
/mnt/media_rw/sdcard1 31154688.0K 27072640.0K 4082048.0K 32768
/storage/sdcard1 31154688.0K 27072640.0K 4082048.0K 32768
/storage/emulated/0 10234424.0K 5400448.0K 4833976.0K 4096
/storage/emulated/0/Android/obb 10234424.0K 5400448.0K 4833976.0K 4096
/storage/emulated/legacy 10234424.0K 5400448.0K 4833976.0K 4096
/storage/emulated/legacy/Android/obb 10234424.0K 5400448.0K 4833976.0K 4096
[email protected]:/ # cat /proc/partitions
cat /proc/partitions
major minor #blocks name
7 0 30177 loop0
179 0 15267840 mmcblk0
179 1 8192 mmcblk0p1
179 2 4096 mmcblk0p2
179 3 8192 mmcblk0p3
179 4 1572864 mmcblk0p4 system
179 5 1572864 mmcblk0p5 cache
179 6 2048 mmcblk0p6
179 7 65536 mmcblk0p7
179 8 1572864 mmcblk0p8 addon
179 9 2048 mmcblk0p9
179 10 32768 mmcblk0p10
179 11 2048 mmcblk0p11
179 12 10397696 mmcblk0p12 data
179 32 4096 mmcblk0boot1
179 16 4096 mmcblk0boot0
179 48 31166976 mmcblk1
179 49 31162880 mmcblk1p1
254 0 30177 dm-0
[email protected]00n:/ # ^C
These thing at $200 at Walmart a week ago, very good deal, considering they had the Nabi2 at $179 right next to it.
Hi, just got this tablet today and I'm puzzled as why the Nabi website says this is supposed to have a Tegra 4 CPU but in CPU-Z it says is an Intel Atom Z3745. Many thanks for any info.
Sent from my DMTAB-IN08A using Tapatalk
Omegadrive said:
Hi, just got this tablet today and I'm puzzled as why the Nabi website says this is supposed to have a Tegra 4 CPU but in CPU-Z it says is an Intel Atom Z3745. Many thanks for any info.
Sent from my DMTAB-IN08A using Tapatalk
Click to expand...
Click to collapse
Interesting. Initially this was to be an Intel CPU tablet(see CES articles from Feb), then it came out as Tegra4. Look at you model number. The "IN08A" versus the "NV08A". This is a first for Fuhu. So this recovery certainly won't work. Do you have fastboot?
aicjofs said:
Interesting. Initially this was to be an Intel CPU tablet(see CES articles from Feb), then it came out as Tegra4. Look at you model number. The "IN08A" versus the "NV08A". This is a first for Fuhu. So this recovery certainly won't work. Do you have fastboot?
Click to expand...
Click to collapse
Haven't attempted to root or install recovery, but it could be that they have both tablets at Costco, first one she tried to scan didn't matched the sku and she went and got another one, I will take it back today and make sure the model number starts with NV, I was actually expecting a Tegra CPU which is way better than a crappy Atom.
Sent from my DMTAB-IN08A using Tapatalk
Omegadrive said:
Haven't attempted to root or install recovery, but it could be that they have both tablets at Costco, first one she tried to scan didn't matched the sku and she went and got another one, I will take it back today and make sure the model number starts with NV, I was actually expecting a Tegra CPU which is way better than a crappy Atom.
Sent from my DMTAB-IN08A using Tapatalk
Click to expand...
Click to collapse
This recovery definitely won't work on the Intel one. I think I typo'd above, it NV08B not A
aicjofs said:
This recovery definitely won't work on the Intel one. I think I typo'd above, it NV08B not A
Click to expand...
Click to collapse
Just came back from Costco, ended up returning it, there is no info on the boxes that says the model number anywhere, so didn't risk it. Thanks anyway.
Sent from my XT910 using Tapatalk
So is there any viable method to root the Intel version? At this point I'd be happy with just knocking out the bloat so my kid can actually install apps.
pm1066 said:
So is there any viable method to root the Intel version? At this point I'd be happy with just knocking out the bloat so my kid can actually install apps.
Click to expand...
Click to collapse
You can try towelroot. Only version 1 worked on the nvidia. Likely depends on software version and if futex exploit was patched in kernel.
I'll check it out. Don't want to brick my kid's toy!
Warning !! Locked Bootloader after OTA 1.3.7 Update
Seems they might have locked the bootloader in the OTA 1.3.7
adb reboot-bootloader
fastboot boot recovery.img
downloading 'boot.img'...
FAILED (remote: Bootloader is locked.)
finished. total time: 0.003s
The OTA 1.2.9 didn't do this, and I as able to still fire over the TWRP custom recovery just fine
fastboot oem unlock
...
(bootloader) Showing Options on Display.
(bootloader) Use device keys for selection.
(bootloader) erasing userdata...
(bootloader) erasing userdata done
(bootloader) erasing cache...
(bootloader) erasing cache done
(bootloader) unlocking...
(bootloader) Bootloader is unlocked now.
OKAY [ 71.105s]
finished. total time: 71.105s
Bootloader is now unlocked again but at the expense of basically a factory reset (losing all outside data and apps)
And the question I'm left with now is how do I apply any future OTA without having to dump the data again *Grin* ?
Thanks again aicjofs
Since this is the only thread I've found that even mentions the DreamTab, I'm going to hope someone can help me. Basically my DreamTab was bricked with the latest OTA. Upon restarting after the update, I get the DreamTab logo "powered by android" and then after, it goes to the generic "android" boot animation, rather than the DreamTab animation. (The word android in the old font in a greenish color that has a "shine" moving across it) I've let it sit on this screen for a while, but it never moves beyond it. I've done a factory reset through the recovery kernel, but that doesn't seem to have helped anything. I am RMAing the device, but if I can avoid the 2+ of transit and such, I would like to. Any chance I can flash the OTA through the recovery kernel and possibly fix this? If so, any chance someone actually has the OTA zip? Thanks in advance.
chikimonke said:
Since this is the only thread I've found that even mentions the DreamTab, I'm going to hope someone can help me. Basically my DreamTab was bricked with the latest OTA. Upon restarting after the update, I get the DreamTab logo "powered by android" and then after, it goes to the generic "android" boot animation, rather than the DreamTab animation. (The word android in the old font in a greenish color that has a "shine" moving across it) I've let it sit on this screen for a while, but it never moves beyond it. I've done a factory reset through the recovery kernel, but that doesn't seem to have helped anything. I am RMAing the device, but if I can avoid the 2+ of transit and such, I would like to. Any chance I can flash the OTA through the recovery kernel and possibly fix this? If so, any chance someone actually has the OTA zip? Thanks in advance.
Click to expand...
Click to collapse
Do you know if it's the Intel or Nvidia version?
I am sure I have stock backup of nvidia in my archives somewhere, but haven't uploaded it.
aicjofs said:
Do you know if it's the Intel or Nvidia version?
I am sure I have stock backup of nvidia in my archives somewhere, but haven't uploaded it.
Click to expand...
Click to collapse
How would one tell?
chikimonke said:
How would one tell?
Click to expand...
Click to collapse
I'm at work, but I think on the back in says something like NV8B, or IN8A. nv for nvidia, in for intel.
aicjofs said:
I'm at work, but I think on the back in says something like NV8B, or IN8A. nv for nvidia, in for intel.
Click to expand...
Click to collapse
nvidia it is. Is this something that can flashed through the stock recovery? Because if this doesn't work, I still want to be able to use the RMA that I have setup.
chikimonke said:
nvidia it is. Is this something that can flashed through the stock recovery? Because if this doesn't work, I still want to be able to use the RMA that I have setup.
Click to expand...
Click to collapse
No you would have to temp load TWRP to RAM(no flashing to nand), then restore. I could upload the OTA that's flashable with stock recovery, it might work if it happens to update the right files but if you have something corrupt it will fail the SHA1 checks. You were going from 1.2.9 to 1.3.7?
Let me know how you want to proceed.
aicjofs said:
No you would have to temp load TWRP to RAM(no flashing to nand), then restore. I could upload the OTA that's flashable with stock recovery, it might work if it happens to update the right files but if you have something corrupt it will fail the SHA1 checks. You were going from 1.2.9 to 1.3.7?
Let me know how you want to proceed.
Click to expand...
Click to collapse
Alright, if I understand correctly, I could try the OTA first, then if that doesn't work try with TWRP. The temporary TWRP method, does it require unlocking the bootloader? I'm not familiar with loading a recovery only in RAM. And yes, going from 1.2.9 to 1.3.7. Thanks for your help.
Related
We recently got the Galaxy S2 ICS kernel booting on the Exynos 4210-based tablets. As with the Galaxy S2, this new kernel exposes a previously-hidden partition on the mmcblk0 device, mmcblk0boot0. TriangleAway now works (if you're running the ICS kernel!):
Old, historical info
Samsung counts the number of times you flash non-Samsung kernels to the GT-P6200, presumably so they can tell if you've voided your warranty or not when you bring the device in for service. This is similar to other recent Samsung devices, such as the Galaxy SII (though the SII displays a yellow warning triangle on the boot screen if your flash count != 0).
The count is visible when you boot the device into "Download" / "Odin" mode, as seen on my GT-6200 here:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Recently, teamhacksung and Chainfire discovered the location where the flash count is stored on the Galaxy SII. Chainfire has subsequently released a write up on how to reset the counter, as well as a utility called TriangleAway which can automate the process. Interestingly enough, it has been discovered that the tool also Galaxy Note and other devices which use the same Exynos SoC as the Galaxy SII. Our device uses the same SoC!
I am hoping that we can do the same on the GT-6200 (and hopefully its variants), so I started to poke around in the device's partitions with the goal of both understanding and documenting what I find (so others can follow along and search for themselves).
Partitions, mount points, and analysis.
Honeycomb 3.2 (DXKL3) presents the following partitions on my GT-P6200:
Code:
major minor #blocks name
179 0 15388672 mmcblk0
179 1 20480 mmcblk0p1
179 2 1280 mmcblk0p2
179 3 1280 mmcblk0p3
179 4 8192 mmcblk0p4
179 5 8192 mmcblk0p5
179 6 8192 mmcblk0p6
179 7 204800 mmcblk0p7
179 8 16384 mmcblk0p8
179 9 786432 mmcblk0p9
179 10 13791232 mmcblk0p10
179 11 524288 mmcblk0p11
179 12 8192 mmcblk0p12
179 16 7761920 mmcblk1
179 17 7760896 mmcblk1p1
I came across some lovely strings in both /dev/block/mmcblk0p2 and /dev/block/mmcblk0p3:
Code:
CUSTOM BINARY DOWNLOAD: YES (%d counts)
CUSTOM BINARY DOWNLOAD: NO
CURRENT BINARY: %s
SAMSUNG OFFICIAL
CUSTOM
I wonder where the count is stored?!
If Im not mistaken there are 2 counters. I would investigate that hidden.img partition.
Im not worried about it, unless I have to return for warranty, which I probably cant because I'm in US and product is from Malaysia.
chrisrotolo said:
If Im not mistaken there are 2 counters. I would investigate that hidden.img partition.
Click to expand...
Click to collapse
Go read the description given by Chainfire in the TriangleAway thread, he mentions that the kernel in the Samsung Galaxy SII ICS leaks expose hidden partitions that weren't exposed by the mmc block driver in the Gingerbread kernels. It's possible our Honeycomb/2.6.36 kernel doesn't even expose this; we'll probably have to wait until Samsung releases ICS for the P6200.
chrisrotolo said:
Im not worried about it, unless I have to return for warranty, which I probably cant because I'm in US and product is from Malaysia.
Click to expand...
Click to collapse
Yeah, I'm not worried either, but it's good to understand the hardware.
btw, I just noticed that the counter doesn't show if you adb reboot download (if your kernel supports it):
http://forum.xda-developers.com/showthread.php?t=1271890
quoted from thread:
No, unfortunately Samsung has very clear in mind what it's doing.
It seems there is a second counter, which counts the number of times the custom flash counter has been reset, and the bad news is that its position/folder has not been discovered yet.
old thread, I think there was another with @AdamOutler, discussing a 2nd hidden counter counting the # of times the 1st counter has been reset! Doh!
Download mode is the same its just a different way to get to it which doesn't display the info. Pretty Sure.
Not an easy task, I think we'll be ok when ICS is out. But this would help for people in trouble now.
cheers.
chrisrotolo said:
http://forum.xda-developers.com/showthread.php?t=1271890
quoted from thread:
No, unfortunately Samsung has very clear in mind what it's doing.
It seems there is a second counter, which counts the number of times the custom flash counter has been reset, and the bad news is that its position/folder has not been discovered yet.
old thread, I think there was another with @AdamOutler, discussing a 2nd hidden counter counting the # of times the 1st counter has been reset! Doh!
Download mode is the same its just a different way to get to it which doesn't display the info. Pretty Sure.
Not an easy task, I think we'll be ok when ICS is out. But this would help for people in trouble now.
cheers.
Click to expand...
Click to collapse
1. Hmm, a backup flash counter seems a bit paranoid on Samsung's part to be honest. This is starting to sound like a conspiracy... hehe.
2. That thread you link to gets its information from a thread on Darky's ROM forum. Darky and his whole team are a bunch of elitist idiots if you ask me. Hoarding ROM leaks and other childish behaviors.
3. If there is a second flash counter... we'll find it.
4. Oh well. Like you said, we can't bring our units in for service anyways (I live in Kenya!).
5. The bootloader is still open... so it really doesn't matter. Unless of course there's ANOTHER behavior of the bootloader to start rejecting flashes if the count reaches a certain point. hhahaha.
I don't have the custom binary counter on mine.
It has been flashed several times, including being rooted on day 1. However I do use mobile odin and not odin from my pc.
Sent from my GT-I9100 using Tapatalk
I think Mobile Odin doesnt change the counter. Pretty Sure.
Chainfire is BOSS.
no, it doesn't...
Still doesn't account for my original flash via recovery of your rooted kernel
Unless..... custom kernel counts are only done when **** is flashed via desktop odin
yes I think that may be the case. Not sure as to why. I think chanfire does it stealthily (is that a word?), but I would think flashing in recovery we would get bagged.
Good to know. Thanks
chrisrotolo said:
yes I think that may be the case. Not sure as to why. I think chanfire does it stealthily (is that a word?), but I would think flashing in recovery we would get bagged.
Good to know. Thanks
Click to expand...
Click to collapse
Flashing via recovery and or Mobile Odin use the same technique; writing directly to the boot partiton from the phone's shell, for example (as root):
Code:
cat zImage > /dev/block/mmcblk0p2
Not trickery
good to know.
thank you.
chrisrotolo said:
yes I think that may be the case. Not sure as to why. I think chanfire does it stealthily (is that a word?), but I would think flashing in recovery we would get bagged.
Good to know. Thanks
Click to expand...
Click to collapse
Mobile Odin flashes via CWM recovery
acolwill said:
Mobile Odin flashes via CWM recovery
Click to expand...
Click to collapse
Yup, and CWM recovery flashes by writing directly to the mmc partition.
Mobile ODIN only uses CWM as "a place to live", it does all the flashing itself. On half of the devices CWM isn't even used.
Anyways, you will simply be able to use TriangleAway as soon as you have a working Linux 3.0 based kernel, so yeah, that means ICS.
Neither GB nor HC expose the hidden partitions.
what if we flash a bad kernel, assuming to the correct partition, is there anyway to get to Mobile Odin to reflash stock kernel?
i have the brickbug and i am going to return my p6200 to service. before do that, i want to be sure that everything is ok. but i did not understand where this triangle shpuld be.
I can get into download mode, and my counter is not increased (it is like shown in the first image of your post)
Where should i look for the yellow triangle? when i hold power+vol - to get into download mode, i see a yellow triangle before pressing the vol up buttom to continue... is THAT triangle? or is it just a warning?
can someone post a picture of it to let me understand?
thank you
you will see yellow triangle under samsung logo prior to bootanimation start up. it is just couple second show up then disappear
So i am pretty sure that mine doesnot have it. With my brickbug that screen doesn't even show up, it goes straight to the "Samsung galaxy tab 7 plus" screen... Do you think that i should check something else before takin'it to samsung service?
Thank you man
re flash original firmware, and you will get all original stuff inside. good luck
Hi every one !
Our Odin version doesn't support repartition , so we can't do any thing while we have a Brocken partition ! Brocken partition are software related or hardware related , If you used the method bellow with no success your problem is hardware related and you need to at least replace your EMMC ic . OK I will describe more on method , the alternative method is flashing whole of empty partitions on +8 partitions except some partitions such as efs and ...
1- you need to check out which partitions are Brocken ! Choose format/wipe option in recovery mod to find out which are brocken , mostly data or cache partitions are Brocken , or in harder situation may system !
2- you need to create empty partitions for Brocken ones , you need terminal emulator to run this ( for data and cache )
Code:
su
dd if=/dev/zero of=/data.img.ext4 count=1413120
dd if=/dev/zero of=/cache.img.ext4
count=102400
# ... do Like this for other brocken partitions
continue for every Brocken partitions
3- tar every empty partitions you have created in step 2
4- flash tar file by Odin in one package
5- When your device boots up check out Brocken partitions are fixed or not if yes wipe them in recovery if not your problem is hardware related and you need to change EMMC ! I hope all Brocken partitions fix by this method and you won't need to hardware fixing .
# Do At Your Own Risk ! # I'm not responsible any more ! #
Just do this when you have Brocken partitions ! This can cause some problems to non damaged devices !(thanks to Broodplank for reminding )
Credit:
BroodPlank1337 - Helping me
Cheers
AliReza
Ok some additional info:
You can get the block size by looking at the /proc/partitions table
Code:
major minor #blocks name
7 0 2111 loop0
179 0 7757824 mmcblk0
179 1 106495 mmcblk0p1
179 2 500 mmcblk0p2
179 3 3596 mmcblk0p3
179 4 1 mmcblk0p4
179 5 5120 mmcblk0p5
179 6 20000 mmcblk0p6
179 7 3072 mmcblk0p7
179 8 5120 mmcblk0p8
179 9 7000 mmcblk0p9
179 10 3072 mmcblk0p10
179 11 3072 mmcblk0p11
179 12 8192 mmcblk0p12
179 13 7680 mmcblk0p13
179 14 5120 mmcblk0p14
179 15 532480 mmcblk0p15
179 16 102400 mmcblk0p16
179 17 1413120 mmcblk0p17
179 18 204800 mmcblk0p18
179 19 500 mmcblk0p19
179 20 3596 mmcblk0p20
179 21 5120 mmcblk0p21
179 22 20000 mmcblk0p22
179 23 5120 mmcblk0p23
179 24 7000 mmcblk0p24
179 25 5120 mmcblk0p25
179 26 5120 mmcblk0p26
179 27 5120 mmcblk0p27
179 28 5230592 mmcblk0p28
179 64 1024 mmcblk0boot1
179 32 1024 mmcblk0boot0
254 0 2110 dm-0
Also our odin has no default repartition box idd, but I made a package a while ago which resets "all" partitions:
Code:
adsp.mbn (mmcblk0p5)
amss.mbn (mmcblk0p6)
boot.img (mmcblk0p8)
cache.img.ext4 (mmcblk0p19)
data.img.ext4 (mmcblk0p17)
dbl.mbn (mmcblk0p1)
EMMCBOOT.MBN (mmcblk0p4)
emmcparam.bin (mmcblk0p14)
osbl.mbn (mmcblk0p2)
partition.bin (mmcblk0p0)
persist.img.ext4 (mmcblk0p12)
preload.img.ext4 (mmcblk0p18)
recovery.img (mmcblk0p13)
system.img.ext4 (mmcblk0p15)
oh and a global message to all, if you don't have to use dd, don't use it. when you have non corrupted partition that you want to wipe use "cd /partition && rm -Rf *" its always the safest option. (unless executed in root hehe)
AW: [Tut][I9001] How To Repartition Brocken Partitioned I9001 devices
Thats very usefull! Thanks to you both!
Sent from my GT-I9000 using xda app-developers app
XeLLaR* said:
Thats very usefull! Thanks to you both!
Sent from my GT-I9000 using xda app-developers app
Click to expand...
Click to collapse
Thanks for supporting ... but I wish you won't ever need to use this
alireza7991 said:
Thanks for supporting ... but I wish you won't ever need to use this
Click to expand...
Click to collapse
Idd hehe, I've had some crazy moments that I accidentally removed a partition (when having over 50 windows open, and 10 of them are a commandline), but when flashing broodROM RC5 it was restored anyways ;p
broodplank1337 said:
Idd hehe, I've had some crazy moments that I accidentally removed a partition (when having over 50 windows open, and 10 of them are a commandline), but when flashing broodROM RC5 it was restored anyways ;p
Click to expand...
Click to collapse
Hehe
You were in the software damaged case , so you could restore but if you had hardware damaged emmc you had to change it ! Some thing like Buffo had done to its device was hardware Brocken emmc
UP !
Hi! Is this useful if my SGS+ always freezes when I wanna make a factory reset? And it freezes at the Samsung galaxy screen.... I tried to format with a few recoveries but always the same problem. It started after I failed to flash the newest CM 10b4.
I tried already to flash a few stock-roms over odin and other custom roms over CWM / FeaMod / TeamWin recovery.... Nothing helped. How can I find out if that emmc is brocken?
Imanidiot said:
Hi! Is this useful if my SGS+ always freezes when I wanna make a factory reset? And it freezes at the Samsung galaxy screen.... I tried to format with a few recoveries but always the same problem. It started after I failed to flash the newest CM 10b4.
I tried already to flash a few stock-roms over odin and other custom roms over CWM / FeaMod / TeamWin recovery.... Nothing helped. How can I find out if that emmc is brocken?
Click to expand...
Click to collapse
Did you flash the CM10 with a to old version of CWM? (it needs to be 5.4.0.4 atleast). this could have caused it, if not, did you do excessive rom flashing? (sometimes when im hours and hours of trying to flash things on my phone it seems to get "tired" and the formatting/installing goes so slow that you almost manually pull the batter)
Have you tried to flash broodROM RC5? don't want to advertise for it but it's generally known that it "unbricks" devices because of the large number of partitions
Have you tried the CWM bootloop solution btw? http://forum.xda-developers.com/showpost.php?p=24831012&postcount=1330
I tried the bootloop solution but it didn't work... And I don't think that my phone went "tired" cuz cache formating is still working...but the phone turns automatically off after a few seconds.
No i never tried the other rom solution cuz someone other with the same problem tried it already but it didn't work... Well I'll try it anyway.
And thanks for the fast answer! I would give you a "thanks" but i gave already 8 sorry..
Edit:
I can't remember which CWM I used before... but after I saw the "Symlinks failed" "Status 7" error I flashed the latest CWM but there it was just the same :/
How can i know about broken partitions ?
Because i have ~7 months left to change my phone, and i don't want to brick my phone which i love much <3
AW: [Tut][I9001] How To Repartition Brocken Partitioned I9001 devices
DiKei said:
How can i know about broken partitions ?
Because i have ~7 months left to change my phone, and i don't want to brick my phone which i love much <3
Click to expand...
Click to collapse
If your device is booting and running fine, you dont have to worry about these things at all.
Sent from my GT-I9001 using xda app-developers app
Okay, i flashed the broodROM RC5 over Odin, but i can't still boot the phone.
And i can't make a factory reset / deleting data. The phone just freezes while the process ... Any ideas? Please :/
R: [Tut][I9001] How To Repartition Brocken Partitioned I9001 devices
Imanidiot said:
Okay, i flashed the broodROM RC5 over Odin, but i can't still boot the phone.
And i can't make a factory reset / deleting data. The phone just freezes while the process ... Any ideas? Please :/
Click to expand...
Click to collapse
Flash stock ROM via odin. Then flash broodROM again. Make sure you followed the instructions in the thread.
Grammar™ is freeware; this means you can use it without paying anything. Though, Grammar™ is not open-source; this means you can't edit source code.
edisile said:
Flash stock ROM via odin. Then flash broodROM again. Make sure you followed the instructions in the thread.
Grammar™ is freeware; this means you can use it without paying anything. Though, Grammar™ is not open-source; this means you can't edit source code.
Click to expand...
Click to collapse
I know about my grammar, sorry. And yes okay, I'll try this one
Edit:
Factory reset is still not working...so how can I follow the instructions? :/
Imanidiot said:
I know about my grammar, sorry. And yes okay, I'll try this one
Edit:
Factory reset is still not working...so how can I follow the instructions? :/
Click to expand...
Click to collapse
Can you stil mount /data & /cache ??
Can you go in /data partition via twrp file manager or aroma file manager ?
Yes I can mount data and cache over the FeaMod recovery.
Well...should I flash twrp again?
Imanidiot said:
Yes I can mount data and cache over the FeaMod recovery.
Well...should I flash twrp again?
Click to expand...
Click to collapse
You can use aroma file managed too !
just check out that you can enter in /data and remove or.copy files there !
Phone is finally dead now...I got a reset.md5 to reset all partitions, but now it won't even start...I think I can trow it now out of the window
Okay a short summary please.
What are the thing you have done to try to get your phone back to life?
In this thread I would like to gather all information about custom roms, recoveries, kernels and root methods suitable for the Samsung Galaxy Core LTE SM-G386F, so that people don't have to look up every single thread in order to find (or, which is true in most of the cases, to not find) their desired solutions. Also this may get developers interested which would be good since there is nearly no developing going on at the moment. It would be very kind of the mods if they'd made this thread a sticky so that everybody can easily access the information.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
DEVICE SPECIFICATIONS
Display - PLS capacitive touchscreen, 16M colors; 540 x 960 pixels, 4.5 inches (~245 ppi pixel density)
Internal Memory - 8 GB, 1 GB RAM
Connectivity - GPRS; EDGE; HSPA; LTE, Cat4, 50 Mbps UL, 150 Mbps DL; Wi-Fi 802.11 b/g/n, Wi-Fi Direct, DLNA, Wi-Fi hotspot; Bluetooth v4.0, A2DP; NFC;
Camera - Back: 5 MP, 2592 х 1944 pixels, autofocus, LED flash; Front: 0,3 MP
CPU - Renesas MP5232 dual-core SoC (1,2 GHz)
Graphics Chip - PowerVR SGX544
Sensors - Accelerometer, proximity, compass
GPS - with A-GPS, GLONASS
LATEST STOCK ROM
Android OS, v4.2.2
Release date: August 2014
Country: Italy
PDA: G386FXWUANG1
CSC: G386FITVANH1
Download: http://rapidgator.net/file/6a9315a968157e27400354cc6850bfcd/XEF-G386FXWUANG1-20140805095652.zip.html
HOW TO ROOT
First of all: I am NOT responsible for any damage the following guides may do to your phones. Use them at your own risk! If you don't know what you're doing - stop! You have been warned.
Currently there is only one working root method (thanks to freb123 for letting me know!).
Root via Chimera tool
EDIT: You can now manually root your devices!
The necessary files can be downloaded from here: sendbox.fr/pro/yagmbf4ke22i/g386froot.zip.html (thanks to freb123 again for providing us with the files! )
These files can be flashed through ODIN and/or adb. The only thing you need to do is to change the file extension from .md5 to .tar (thanks to mstefanski1987 for figuring that out!)
Note: You still need to install supersu from Google Play after flashing.
Again: Use this at your own risk and only if you're completely aware of what you're doing.
Download ODIN 3.07: http://www.mediafire.com/download/khxp78iwthsukji/Odin+3.07+BY+taringuero_d+.rar
Download Samsung USB driver: http://developer.samsung.com/board/download.do?bdId=0000000700&attachId=0000000001
Requirements - Computer running Windows XP or above; Chimera Tool: https://chimeratool.com/application/142; All-in-one driver package: https://pics.chimeratool.com/drivers/chimera_drivers.exe; USB debugging enabled in phone
1. Download the linked packages
2. Install the drivers first and the program itself afterwards
3. Launch chimera tool
4. You will have to log in in order to proceed. To do so you'll need to sign up for a free chimera account here: https://chimeratool.com/register (this account expires after three days)
5. Connect your phone via USB with USB debugging enabled
6. If the phone is recognized correctly, the program will display your device model and five options (Info, Repair, Root/Unroot, Firmware Update and Factory Unlock)
7. Click "Root/Unroot"
8. The rooting process is automated so everything from 7. on should happen automatically. However, the program prompted me to manually enter download mode. If that's the case, simply disconnect your phone from USB, turn it off and enter download mode by following the on-screen instructions. After entering download mode reconnect your phone via USB and rooting should finish.
9. Since the program does NOT install supersu, you'll have to manually install it via Google Play.
10. That's it - your device is rooted!
CUSTOM ROMS & KERNELS
None yet
CUSTOM RECOVERY (TWRP,CWM)
None yet
Note: This thread will be updated as soon as I receive new information about the listed sections. If there is anything you wish to add or contribute (I'd love you to do that, believe me ) feel free to comment!
Thx for this thread.
Could we use the root.tar.md5 downloaded by chimera and root directly with adb or odin ?
freb123 said:
Thx for this thread.
Could we use the root.tar.md5 downloaded by chimera and root directly with adb or odin ?
Click to expand...
Click to collapse
It should work, I'll give it a try when I'm on my Windows PC and report back.
Btw: You can also use the thanks-button if you want to thank me
Thx for this thread, my Core LTE will appreciate :good:
freb123 said:
Thx for this thread.
Could we use the root.tar.md5 downloaded by chimera and root directly with adb or odin ?
Click to expand...
Click to collapse
Do you know where chimera tool puts the downloaded files? I can't seem to find them.
If they can be taken from any directory, flashing via ODIN or adb should be no problem, since that's what the tool does as well.
bchzmlsn said:
Do you know where chimera tool puts the downloaded files? I can't seem to find them.
If they can be taken from any directory, flashing via ODIN or adb should be no problem, since that's what the tool does as well.
Click to expand...
Click to collapse
Yes, in the directory where you launh chimera (/backup/gm-386), but files are deleted after root. You can get them just after chimera asks you to put the phone off.
If you are already rooted, you need to unroot your phone to see them again ! (voodoo ota root keeper can help you...)
I send you the link to the file in PM (can't include a link, not enough posts in the forum).
sendbox.fr/pro/yagmbf4ke22i/g386froot.zip.html
freb123 said:
Yes, in the directory where you launh chimera (/backup/gm-386), but files are deleted after root. You can get them just after chimera asks you to put the phone off.
If you are already rooted, you need to unroot your phone to see them again ! (voodoo ota root keeper can help you...)
I send you the link to the file in PM (can't include a link, not enough posts in the forum).
sendbox.fr/pro/yagmbf4ke22i/g386froot.zip.html
Click to expand...
Click to collapse
Thank you!
I've updated the initial post and attached the files.
When i try to use attached file with Odin 3.07 I get this:
Code:
<OSM> Enter CS for MD5..
<OSM> Check MD5.. Do not unplug the cable..
<OSM> Please wait..
<OSM> MD5 hash value is invalid
<OSM> sm-g386f_root.tar.md5 is invalid.
<OSM> End...
What am I doing wrong?
I am trying to get root so I can dump recovery image and start working on it. Any help is appreciated.
EDIT:
Figured it out, I had to change extension from .tar.md5 to .tar.
MANUAL ROOT METHOD IS WORKING.
EDIT 2:
I've added CWM to builder queue: builder-clockworkmod-com/done?build_id=16f0aab3c75f41c0a46f1aa4fdb4b407
There is a recovery.img file in the archive (open the .tar with winrar).
it made my day, can confirm that manual root works
By uploading this file I can void some flag or triangle or it is with samsung signature ?
PS I know root is nonlegal
I've dumped boot.img and I'll try to create recovery later today.
Partition table for reference:
Code:
major minor #blocks name
253 0 153600 zram0
179 0 7634944 mmcblk0
179 1 1024 mmcblk0p1
179 2 20480 mmcblk0p2
179 3 6144 mmcblk0p3
179 4 6144 mmcblk0p4
179 5 6144 mmcblk0p5
179 6 2048 mmcblk0p6
179 7 2048 mmcblk0p7
259 0 8192 mmcblk0p8
259 1 10240 mmcblk0p9 - kernel
259 2 10240 mmcblk0p10 - recovery
259 3 2048 mmcblk0p11
259 4 6144 mmcblk0p12
259 5 32768 mmcblk0p13
259 6 6144 mmcblk0p14
259 7 6144 mmcblk0p15
259 8 256 mmcblk0p16
259 9 2048 mmcblk0p17
259 10 204800 mmcblk0p18
259 11 1510400 mmcblk0p19 - system
259 12 51200 mmcblk0p20
259 13 5730304 mmcblk0p21 - data
179 16 4096 mmcblk0boot1
179 8 4096 mmcblk0boot0
Well, I tried. Any idea why I get this after trying to boot freshly compiled recovery? Is bootloader locked or what?
Normal boot logo byt with red exclamation mark in the top left corner and then nothing.
i-imgur-com/32XyqR5.jpg
EDIT: Trying again, will post results. Here is my recovery.fstab:
Code:
# mount point fstype device [device2]
/tmp ramdisk
/efs ext4 /dev/block/mmcblk0p2
/boot emmc /dev/block/mmcblk0p9
/recovery emmc /dev/block/mmcblk0p10
/cache ext4 /dev/block/mmcblk0p18
/system ext4 /dev/block/mmcblk0p19
/preload ext4 /dev/block/mmcblk0p20
/data ext4 /dev/block/mmcblk0p21
/sdcard vfat /dev/block/mmcblk1p1
mstefanski1987 said:
I've dumped boot.img and I'll try to create recovery later today.
Partition table for reference:
Code:
major minor #blocks name
253 0 153600 zram0
179 0 7634944 mmcblk0
Well, I tried. Any idea why I get this after trying to boot freshly compiled recovery? Is bootloader locked or what?
Normal boot logo byt with red exclamation mark in the top left corner and then nothing.
i-imgur-com/32XyqR5.jpg
Click to expand...
Click to collapse
Maybe because your recover is not valid ( samsung signature )
Like in my question above.
If you upload sm-g386f_root.tar you will have red exclamation ? or something else ?
No, everything worked ok.
After uploading of this file all work fine, root working, but in samsung phone info app we have "Bootloader version: unknow". But I think, after reflash of original ROM it will be overwrited.
freb123 said:
There is a recovery.img file in the archive (open the .tar with winrar).
Click to expand...
Click to collapse
There is but flashing it won't get you to CWM recovery (or I am doing something wrong). That's why I am trying to compile ClockWorkMod on my own.
I have little to none experience with compiling anything for android (built sony xperia j kernel from sources once). So far I've managed to fail once - compiled CM11 CWM instead of CM 10.1 and without modyfing recovery.fstab, which I presumed would be autogenerated from boot.img. I've fixed thoe mistakes and I will try to compile it again today.
In the meantme I've found that little red exclamation mark signifies that the device has been rooted at least once, so I guess it is not a problem to boot custom recovery once I get compiling it right.
Many fails are inbound, as I learn all the things along the way. Wish me luck.
mstefanski1987 said:
Figured it out, I had to change extension from .tar.md5 to .tar.
MANUAL ROOT METHOD IS WORKING.
Click to expand...
Click to collapse
Thank you very much, manual root method is really working if you rename the file ! For me this is the only root method that works :good: (root method with chimera tool does not work for me (device is listed as "unknown") )
mstefanski1987 said:
Figured it out, I had to change extension from .tar.md5 to .tar.
MANUAL ROOT METHOD IS WORKING.
Click to expand...
Click to collapse
Thank you very much!
I've put this into the initial post
Core 4G - Best price now
In France the Samsung Core 4G is at 119 euros
Compared to Wiko Kite or Archos 45 HELIUM 4G, I'd like to buy that one.
But, the best configuration would be with the last kitkat OS.
So, I'd like to root, install if possible CyanogenMod...
If I understand all the discussion, it seems to be possible to root it (possible for France ?)
Can we install CyanogenMod ?
eleger91 said:
If I understand all the discussion, it seems to be possible to root it (possible for France ?)
Can we install CyanogenMod ?
Click to expand...
Click to collapse
Salut. Oui le root est possible (la méthode manuelle semble bien marcher), par contre il n'y a pour l'instant ni custom recovery, ni rom kitkat.
Root is possible (manual method is ok) but no custom recovery and no kitkat rom.
Hello everyone,
I figured I'd give a forum thread a shot, this phone needs some XDA love!
I have an LG Escape 2 (H443) on AT&T, its currently running 5.0.2 H44310k and is offering an OTA to 5.1.1 H44311W but when I reboot to flash the update it gives error 0x112500.
Next it will reboot and display "This device is suspected in rooting. Software update is not available for rooted device."
That message appears to be very common with LG phones, but none of the solutions mentioned for other phones have worked.
I've tried the following:
LGMobile Support Tool and LG PC Suite, neither say there is an update.
Full unroot from SuperSU and factory reset.
I didn't remove any stock APKs, most of the bloat was disabled in the Apps tab but not removed. Due to how obscure this phone is there was no chance of a custom recovery or rom to flash to it, hell, I can't even find the stock rom to use with any of the various flashing tools.
Is there any potential locations for a log file? Does anyone know what exactly LG looks for to determine if the device was rooted?
wingzeroismine said:
Hello everyone,
I figured I'd give a forum thread a shot, this phone needs some XDA love!
I have an LG Escape 2 (H443) on AT&T, its currently running 5.0.2 H44310k and is offering an OTA to 5.1.1 H44311W but when I reboot to flash the update it gives error 0x112500.
Next it will reboot and display "This device is suspected in rooting. Software update is not available for rooted device."
That message appears to be very common with LG phones, but none of the solutions mentioned for other phones have worked.
I've tried the following:
LGMobile Support Tool and LG PC Suite, neither say there is an update.
Full unroot from SuperSU and factory reset.
I didn't remove any stock APKs, most of the bloat was disabled in the Apps tab but not removed. Due to how obscure this phone is there was no chance of a custom recovery or rom to flash to it, hell, I can't even find the stock rom to use with any of the various flashing tools.
Is there any potential locations for a log file? Does anyone know what exactly LG looks for to determine if the device was rooted?
Click to expand...
Click to collapse
Your best bet, would be to flash the stock firmware if it's available. Using the unroot features of SuperSU doesn't fully remove all traces of root.
Evolution_Tech said:
Your best bet, would be to flash the stock firmware if it's available. Using the unroot features of SuperSU doesn't fully remove all traces of root.
Click to expand...
Click to collapse
Yeah thats the unfortunate thing, I haven't found it anywhere, since its such a low end obscure phone it seems like its just ignored.
With the new Moto G finally out I'll probably switch to the 2GB version of that, 1GB on this phone did NOT perform well, things like Music and Maps open would close Music within 10-15 minutes of using Maps, had to root and use RAM Manager to force better multitasking, which also made switching between apps or launching new ones slow to a crawl after a couple days.
Kinda wish I didn't burn $180 on this, and then another $220 on the Moto G but that's the price to pay for not wanting a giant phone.
wingzeroismine said:
Yeah thats the unfortunate thing, I haven't found it anywhere, since its such a low end obscure phone it seems like its just ignored.
With the new Moto G finally out I'll probably switch to the 2GB version of that, 1GB on this phone did NOT perform well, things like Music and Maps open would close Music within 10-15 minutes of using Maps, had to root and use RAM Manager to force better multitasking, which also made switching between apps or launching new ones slow to a crawl after a couple days.
Kinda wish I didn't burn $180 on this, and then another $220 on the Moto G but that's the price to pay for not wanting a giant phone.
Click to expand...
Click to collapse
did you ever find it? I also need it for a friends phone, he tried rooting it and now its stuck on the lg boot logo, if you have the firmware let me know!
No I never found it. But, when its stuck on the logo like that... keep retrying the root in fastboot mode, I've rerooted mine several times now and it getting stuck isn't a big deal, just keep retrying the shell script until it boots. You *may* have slightly better luck if you remove any SD cards.
unsoft brick h334
Does anybody have a way to undo the soft brick for the LG H443? Mine will load to the at&t screen, but it gets stuck there and won't pass it. These are the steps I followed to try and root it were called "ONE CLICK SCRIPT TO ROOT LG ESCAPE2 H443" It will still load into download mode. Is there a compatible clockwork mod? What shell script did you use to reboot it? Is there any other rom I can flash to make it work again? Thanks in advance.
When it gets stuck on the boot logo after attempting to root it, keep retrying the root until it finally boots. I've had it take anywhere from 2-3 tries, to over an hour, but it will eventually work.
While we are getting root access, we aren't unlocking the bootloader, so there won't be any TWRP or CWM support.
I'm not using any scripts to reboot it, if its stuck just pull the battery and unplug the USB cable.
soft bricked
wingzeroismine said:
When it gets stuck on the boot logo after attempting to root it, keep retrying the root until it finally boots. I've had it take anywhere from 2-3 tries, to over an hour, but it will eventually work.
While we are getting root access, we aren't unlocking the bootloader, so there won't be any TWRP or CWM support.
I'm not using any scripts to reboot it, if its stuck just pull the battery and unplug the USB cable.
Click to expand...
Click to collapse
Thank you! I shall keep trying to root it. I have tried several times so far, but it still gets stuck at the at&t logo. I saw a comment on the tutorial I used to attempt rooting my phone that says "ATT just pushed a software update as of July 9, 2015. Both of these tools will softbrick your phone now." I can still get it to load into firmware update/download mode. That's it though. Is there any way I can just restore it to the way it was before? I can't find it's original firmware for it anywheres. Any advice you have to give is appreciated. Is there a way I can up your thanks meter? Because I'd totally do that. If I could.
ChrimsonReign said:
Is there any way I can just restore it to the way it was before? I can't find it's original firmware for it anywheres. Any advice you have to give is appreciated. Is there a way I can up your thanks meter? Because I'd totally do that. If I could.
Click to expand...
Click to collapse
Well you can try to boot into factory reset mode, which I just found working directions for.
With the phone off press and hold power + volume down
When you see the LG logo release BOTH buttons for 1 second and then press and hold both of them again
It should ask if you want to factory reset.
h443
wingzeroismine said:
Well you can try to boot into factory reset mode, which I just found working directions for.
With the phone off press and hold power + volume down
When you see the LG logo release BOTH buttons for 1 second and then press and hold both of them again
It should ask if you want to factory reset.
Click to expand...
Click to collapse
I tried it, and it let me factory reset, but now instead of freezing at the AT&T symbol, it freezes at the LG logo. It will still let me factory reset and go into download mode. Never loads passed the LG logo (Splash screen maybe?) I guess that's progress of sorts? Thanks for the help!
ChrimsonReign said:
I tried it, and it let me factory reset, but now instead of freezing at the AT&T symbol, it freezes at the LG logo. It will still let me factory reset and go into download mode. Never loads passed the LG logo (Splash screen maybe?) I guess that's progress of sorts? Thanks for the help!
Click to expand...
Click to collapse
Maybe, you could try flashing the firmware for LG H440n, which is available. But now that I think again, it may not let you proceed with the installation, because it may consider the two devices different.
Anyway, this could be a temporary solution until the h443 firmware is released..
polfrank said:
Maybe, you could try flashing the firmware for LG H440n, which is available. But now that I think again, it may not let you proceed with the installation, because it may consider the two devices different.
Anyway, this could be a temporary solution until the h443 firmware is released..
Click to expand...
Click to collapse
Thanks! I'll try it out. If I were to buy another H443, would it be possible to copy the firmware off of it, or somehow mirror it exactly onto the broken one?
ChrimsonReign said:
Thanks! I'll try it out. If I were to buy another H443, would it be possible to copy the firmware off of it, or somehow mirror it exactly onto the broken one?
Click to expand...
Click to collapse
I would like to know this as well. I would like to do so before I attempt any root method.
H443
UPDATE: I tried flashing the H440n firmware, it didn't work, quite the opposite in fact. My phone is now hard bricked, and doesn't respond to the attempt to power it on, or to being plugged in to charge. When I plug it in to my computer, instead of the normal noise it makes to indicate that a device is connected, it makes three lower beeps I've never heard it make before. So don't try that, it doesn't work. If anyone does know a way to fix it (although I find that highly unlikely) feel free to let me know. If anyone knows a way to copy firmware from a working phone to use on a different phone, I'd also like to know about that, too.
Since you can't get it to boot into any mode I can't think of any way to recover it....
I also don't know of any way to capture / restore the rom as there is no TWRP or CWM or bootloader unlock that I'm aware of for this phone. And to make matters worse, none of the LG restore tools seem to be usable on this phone either....
ChrimsonReign said:
UPDATE: I tried flashing the H440n firmware, it didn't work, quite the opposite in fact. My phone is now hard bricked, and doesn't respond to the attempt to power it on, or to being plugged in to charge. When I plug it in to my computer, instead of the normal noise it makes to indicate that a device is connected, it makes three lower beeps I've never heard it make before. So don't try that, it doesn't work. If anyone does know a way to fix it (although I find that highly unlikely) feel free to let me know. If anyone knows a way to copy firmware from a working phone to use on a different phone, I'd also like to know about that, too.
Click to expand...
Click to collapse
Whaaat? If it was to behave like this, did LG Flash tool let you install it with no problems at all?
Damn, why won't they just release the h443 software....
All I know is you can backup and restore boot.img and recovery.img from within the rom with flashify. but only within the rom :/
The_Merovingian said:
Your best bet, would be to flash the stock firmware if it's available. Using the unroot features of SuperSU doesn't fully remove all traces of root.
Click to expand...
Click to collapse
thank
Hello again. Could somebody use this guide to make a dump of a H443 working system partition and upload it? This would be lifesaving for those stuck on bootloop after trying to root.
http://forum.xda-developers.com/showthread.php?t=2450045
Interesting, I'll have to read through that guide. My phone isn't completely clean though so I'll need some time to clean it up, reset it, reroot it, then try the capturing. I'll try to give this a shot over the next couple of days and see what happens.
Updates:
I don't know if this partition information will be of any use to anyone at all.. but since the guide had me gather it might as well share it:
cat /proc/partitions
Code:
major minor #blocks name
253 0 452080 zram0
179 0 7634944 mmcblk0
179 1 512 mmcblk0p1
179 2 512 mmcblk0p2
179 3 512 mmcblk0p3
179 4 512 mmcblk0p4
179 5 2048 mmcblk0p5
179 6 1536 mmcblk0p6
179 7 512 mmcblk0p7
179 8 512 mmcblk0p8
179 9 512 mmcblk0p9
179 10 512 mmcblk0p10
179 11 2048 mmcblk0p11
179 12 16384 mmcblk0p12
179 13 16384 mmcblk0p13
179 14 512 mmcblk0p14
179 15 1536 mmcblk0p15
179 16 1536 mmcblk0p16
179 17 24576 mmcblk0p17
179 18 24576 mmcblk0p18
179 19 24576 mmcblk0p19
179 20 1536 mmcblk0p20
179 21 512 mmcblk0p21
179 22 512 mmcblk0p22
179 23 512 mmcblk0p23
179 24 512 mmcblk0p24
179 25 512 mmcblk0p25
179 26 512 mmcblk0p26
179 27 512 mmcblk0p27
179 28 8192 mmcblk0p28
179 29 32768 mmcblk0p29
179 30 32768 mmcblk0p30
179 31 8192 mmcblk0p31
259 0 24576 mmcblk0p32
259 1 65536 mmcblk0p33
259 2 4096 mmcblk0p34
259 3 2967552 mmcblk0p35
259 4 1253376 mmcblk0p36
259 5 3098624 mmcblk0p37
259 6 13807 mmcblk0p38
179 32 512 mmcblk0rpmb
parted /dev/block/mmcblk0
Code:
Model: MMC QN1SMB (sd/mmc)
Disk /dev/block/mmcblk0: 7818MB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Number Start End Size File system Name Flags
1 524kB 1049kB 524kB sbl1
2 1049kB 1573kB 524kB tz
3 1573kB 2097kB 524kB hyp
4 2097kB 2621kB 524kB rpm
5 2621kB 4719kB 2097kB aboot
6 4719kB 6291kB 1573kB pad
7 6291kB 6816kB 524kB sbl1bak
8 6816kB 7340kB 524kB tzbak
9 7340kB 7864kB 524kB hypbak
10 7864kB 8389kB 524kB rpmbak
11 8389kB 10.5MB 2097kB abootbak
12 10.5MB 27.3MB 16.8MB misc
13 27.3MB 44.0MB 16.8MB ext4 persist
14 44.0MB 44.6MB 524kB metadata
15 44.6MB 46.1MB 1573kB modemst1
16 46.1MB 47.7MB 1573kB modemst2
17 47.7MB 72.9MB 25.2MB laf
18 72.9MB 98.0MB 25.2MB boot
19 98.0MB 123MB 25.2MB recovery
20 123MB 125MB 1573kB fsg
21 125MB 125MB 524kB fsc
22 125MB 126MB 524kB ssd
23 126MB 126MB 524kB DDR
24 126MB 127MB 524kB sec
25 127MB 127MB 524kB encrypt
26 127MB 128MB 524kB eksst
27 128MB 128MB 524kB rct
28 128MB 137MB 8389kB ext4 sns
29 137MB 170MB 33.6MB factory
30 170MB 204MB 33.6MB fota
31 204MB 212MB 8389kB ext4 drm
32 212MB 238MB 25.2MB ext4 mpt
33 238MB 305MB 67.1MB fat16 modem
34 305MB 309MB 4194kB persistent
35 309MB 3348MB 3039MB ext4 system
36 3348MB 4631MB 1283MB ext4 cache
37 4631MB 7804MB 3173MB ext4 userdata
38 7804MB 7818MB 14.1MB grow
According to those, block 35 is the system partition, 18 is boot, and 19 is recovery, so I'm dumping those (dunno if they will all be of value to anyone, they are only 24MB). Are there any other partitions that I should grab?
The goods:
System.img, boot.bin, recovery.bin
Do those images work? Has anyone tried them in their own devices yet? I downloaded them, but I'm shy about flashing them sight-unseen. I may or may not have softbricked an Escape2 already trying to root it. I had to mail it off and wait for a replacement...
My new phone is actually the old software version. It's an H44310K. My old one came as an H44311W, I think. That was the one that died tragically. As far as I can tell, I lucked out and got the previous version that was rootable.
For anyone who has successfully rooted their LG Escape2, what did you use to do it? I've seen the "One Click Script to Root LG Escape2 H443" tutorial, and I've also seen the Kingo rooter something-or-other.
EDIT: I've got the AT&T version of the phone, if that matters. (Are they the only carrier for it?)
EDIT2: Also, wingzeroismine, even if those don't work, thank you. You are awesome for starting a thread asking for help, and then ending up being the one sharing the most valuable info and software. Thank you.
I was just wondering if the partition structure on the 5th gen fire hd tablet was the same as the 6th gen.
Looked at
HTML:
https://developer.amazon.com/public/solutions/devices/kindle-fire/specifications/01-device-and-feature-specifications
to compare hardware. It does bear same chipset manufacture as Fire HD 6 (2014)<KFARWI>,Fire HD 10 (2015)<KFTBWI>, and Fire (2015)<KFFOWI>, so maybe they retain the same partitioning structure/scheme, which would be nice. Now that root is possible, can anyone advise if they have had any luck with flashing a custom recovery. I was about to cancel this post because I realize the bootloader is locked. However I was wondering if this might provide some pathways: https://forum.xda-developers.com/fire-hd/development/bootloader-unlock-t3129630 and apply to the 6th gen unit.
Food for thought. I might try it and see what happens. Unless someone more braver than me wants to try it, please advise. I'll look into it later.
TWRP on this would be sweet.
I did run this real quick:
Code:
C:\dump\adt-bundle\sdk\platform-tools>adb shell
[email protected]:/ $ su
[email protected]:/ # cat /proc/partitions
major minor #blocks name
7 0 79688 loop0
179 0 15388672 mmcblk0
179 1 3072 mmcblk0p1
179 2 5120 mmcblk0p2
179 3 10240 mmcblk0p3
179 4 10240 mmcblk0p4
179 5 256 mmcblk0p5
179 6 500 mmcblk0p6
179 7 16268 mmcblk0p7
179 8 16384 mmcblk0p8
179 9 6144 mmcblk0p9
179 10 512 mmcblk0p10
179 11 8192 mmcblk0p11
179 12 10240 mmcblk0p12
179 13 1024 mmcblk0p13
179 14 5120 mmcblk0p14
179 15 5120 mmcblk0p15
179 16 40320 mmcblk0p16
179 17 1024 mmcblk0p17
179 18 1024 mmcblk0p18
179 19 1653024 mmcblk0p19
179 20 434176 mmcblk0p20
179 21 512 mmcblk0p21
179 22 16384 mmcblk0p22
179 23 4320 mmcblk0p23
179 24 13138927 mmcblk0p24
179 96 4096 mmcblk0rpmb
179 64 4096 mmcblk0boot1
179 32 1024 mmcblk0boot0
179 33 2 mmcblk0boot0p1
179 34 2 mmcblk0boot0p2
179 35 256 mmcblk0boot0p3
179 36 747 mmcblk0boot0p4
[email protected]:/ #
15388672 mmcblk0 might be the recovery partition as noted from that other thread linked above.
eh...scratch that..i guess based on older rsa bug which later fire OS fixed. oh well.might still try it though since have more powerful permissions now (su).
For Reference <or enlightenment>
MT8163
CPU ISA CPU CPU cache GPU Memory technology Wireless radio technologies Released
ARMv8 1.3 GHz quad-core ARM Cortex-A53 Mali-T720 MP2 @ 520 MHz Wi-Fi, Bluetooth, FM, GPS Q2 2015
Acer B3-A20-K8UH
BQ Aquaris M10
Asus ZenPad 10 (Z300M)
Asus ZenPad 8.0 (Z380M)
Amazon Fire HD (6th generation)
from: https://en.wikipedia.org/wiki/List_of_devices_using_Mediatek_tablet_processors
https://www.asus.com/zentalk/thread-88877-1-1.html
https://forum.xda-developers.com/android/general/guide-bq-aquaris-m10-freezerhd-twrp-root-t3523833
I found bootimg.exe and extracted the boot.img from the .bin file to take a peek...but I think if any changes were made and file recreated and flashed over would presumably fail due to locked bootloader. Not sure if this unit is unlocked, just had the same chipset..I dunno.Just looking at things.lol.
smokejumper76 said:
For Reference <or enlightenment>
MT8163
CPU ISA CPU CPU cache GPU Memory technology Wireless radio technologies Released
ARMv8 1.3 GHz quad-core ARM Cortex-A53 Mali-T720 MP2 @ 520 MHz Wi-Fi, Bluetooth, FM, GPS Q2 2015
Acer B3-A20-K8UH
BQ Aquaris M10
Asus ZenPad 10 (Z300M)
Asus ZenPad 8.0 (Z380M)
Amazon Fire HD (6th generation)
from: https://en.wikipedia.org/wiki/List_of_devices_using_Mediatek_tablet_processors
https://www.asus.com/zentalk/thread-88877-1-1.html
https://forum.xda-developers.com/android/general/guide-bq-aquaris-m10-freezerhd-twrp-root-t3523833
I found bootimg.exe and extracted the boot.img from the .bin file to take a peek...but I think if any changes were made and file recreated and flashed over would presumably fail due to locked bootloader. Not sure if this unit is unlocked, just had the same chipset..I dunno.Just looking at things.lol.
Click to expand...
Click to collapse
I'm thinking it's definitely locked. I ran a few commands from adb while in fastboot mode and always get back that the commands aren't allowed on locked hw.
unlock
try fastboot getvar all
it will shows an unlock_code
emas73 said:
try fastboot getvar all
it will shows an unlock_code
Click to expand...
Click to collapse
yes. However, is this the public key? They (mediatek <chipset manufacture SOC>/amazon <brand name>/quanta computer <the actual manufacturer> might use 2 key firmware signing. So, they will have a master private (secret) key. and each device has a generated public key unique to each device. Those 2 keys get crypto'd together to sign the firmware/bootloader. So, as a result only firmware signed by the master key can be loaded on the device. I can be totally wrong. But the more people asking questions, researching, arguing (lol), etc., the closer we may get to trying to find a way to unlock the bootloader. I hope a way will be found. I will give the first person to find a way a big shinny nickel (I'm a cheap bastard).
Under developer options is a setting called OEM unlocking.
I tried enabling it, but it will not stick.
I wonder where this is located in the code...
Sent from my KFGIWI using Tapatalk
I don't have this tablet, but I have the Asus Z380M (same chipset). I was just wondering, has anyone even tried to build and flash a custom recovery onto this device? We just made a TWRP build for the Z380M and it boots and works perfectly. Best part: you don't even have to unlock the bootloader! Everyone's just assuming that a locked bootloader will refuse to boot unofficial images. But has this been tested? It should at least be able to boot self-signed images. Since you have root already, it shouldn't be too hard to flash a recovery. See this thread here for some information that might help you. There's even a method to flash stuff onto a locked MediaTek device from a PC that might work for this Fire HD.
diplomatic said:
I don't have this tablet, but I have the Asus Z380M (same chipset). I was just wondering, has anyone even tried to build and flash a custom recovery onto this device? We just made a TWRP build for the Z380M and it boots and works perfectly. Best part: you don't even have to unlock the bootloader! Everyone's just assuming that a locked bootloader will refuse to boot unofficial images. But has this been tested? It should at least be able to boot self-signed images. Since you have root already, it shouldn't be too hard to flash a recovery. See this thread here for some information that might help you. There's even a method to flash stuff onto a locked MediaTek device from a PC that might work for this Fire HD.
Click to expand...
Click to collapse
You win the internet today! I looked at that thread:
https://forum.xda-developers.com/android/development/twrp-custom-recovery-asus-zenpad-8-0-t3588765
You need a scatter file (partition structure file) for the particular device. However making a scatter seems to be pretty easy <and i wouldn't be surprised if the partition structure is somewhat similar due to being same the same chipset..but I'd rather have one for the actual device..lol> I'm sure there is a thread here on XDA too on how to make a scatter file. Then just apply those instructions to that that zenpad thread. Very interesting indeed!
:
https://androidmtk.com/create-scatter-file-for-mtk-devices
So, maybe this is theoretically possible. I might try it, but someone else I'm sure will beat me to it (hint hint)...<and maybe do a write up>. I'll hmm and haw and look into it. Good work!
diplomatic said:
I don't have this tablet, but I have the Asus Z380M (same chipset). I was just wondering, has anyone even tried to build and flash a custom recovery onto this device? We just made a TWRP build for the Z380M and it boots and works perfectly. Best part: you don't even have to unlock the bootloader! Everyone's just assuming that a locked bootloader will refuse to boot unofficial images. But has this been tested? It should at least be able to boot self-signed images. Since you have root already, it shouldn't be too hard to flash a recovery. See this thread here for some information that might help you. There's even a method to flash stuff onto a locked MediaTek device from a PC that might work for this Fire HD.
Click to expand...
Click to collapse
So I tried creating a scatter file, but I'm not having much luck. I don't think MTK Droid Tools works with later MediaTek Chipsets like the mt8163.
It brings up the following info when I load it up USB debugging enabled and phone connected and device shows up via "adb devices" command:
Code:
Hardware : MT8163
Model : KFGIWI
Build number : LVY48F
Build date UTC : 20160918-002858
Android v : 5.1.1
Baseband v: -----
Kernel v : 3.18.19-g9fc382b ([email protected]) (gcc version 4.9 20140514 (prerelease) (GCC) ) #1 SMP Sun Sep 18 00:32:41 UTC 2016
But clicking on the "Blocks Map" button just shows
Code:
bmtpool scatter/00000000 byte size 0
And that's it.
Then, I tried to "manually" create it. In an ADB shell there are tutorials that show you to issue the command:
Code:
cat /proc/mtd
but I don't get anything:
Code:
[email protected]:/ $ cat /proc/mtd
dev: size erasesize name
Tried it via su and same thing. Any ideas?
Wait, before you bother with creating the scatter file and what not, have you checked to see if your tablet exposes the MediaTek USB interface that Flashtool can use? When you plug in the USB cable with the tablet powered off, do you get a Mediatek Preloader USB VCOM device (VID 0E8D, PID 2000) on your PC? What about when you hold the volume up or volume down as you plug in? Do you see a Mediatek USB Port (VID 0E8D, PID 0003)? If you get the first one, that's good. If you get the latter one, that's very good, because that's the boot ROM that's built into the SoC. It's independent of any code on the EMMC, so may be able to flash stuff even to a bricked unit.
When I made the scatter file for the Z380M, I did it the cowboy way. The droid tools didn't work for me either, of course. All the information you need to make the scatter file is already on the GPT. You just need to read back the first few sectors of the "disk" and save it on your computer. Then use your favorite hex editor and a hex calculator to crunch the LBA numbers into partition addresses and sizes. This is the information that every scatter file boils down to.
I believe you don't need to have an accurate scatter file to read back data. You can start with the one from the Z380M, and then see if you can read back anything with SP Flash Tool. At the same time, you can check if your tablet exposes the low-level USB interfaces.
But if you already have root, why don't you just try to build a recovery for your device and flash it with Busybox/dd? I mean, I don't think there's anything that SP Flash Tool can do for you that you can't already do with a root shell...except to serve as an emergency flashing option. That was kind of the point of my last post.
smokejumper76 said:
You need a scatter file (partition structure file) for the particular device. However making a scatter seems to be pretty easy <and i wouldn't be surprised if the partition structure is somewhat similar due to being same the same chipset..but I'd rather have one for the actual device..lol> I'm sure there is a thread here on XDA too on how to make a scatter file. Then just apply those instructions to that that zenpad thread. Very interesting indeed!
Click to expand...
Click to collapse
Did you or anyone else ever get anywhere with this? I didn't mean to say you have to do it all yourself. I can help you build the scatter file, etc. if you send me the GPT (i.e. first 4KB or so of mmcblk0).
diplomatic said:
Did you or anyone else ever get anywhere with this? I didn't mean to say you have to do it all yourself. I can help you build the scatter file, etc. if you send me the GPT (i.e. first 4KB or so of mmcblk0).
Click to expand...
Click to collapse
So far as I know, it's not possible to make a scatter file for the HD 8...at least not possible for UNROOTED ones. Amazon has several security and locking features in place which lock that information on the other side of the bootloader. So programs such as MTK Droid Tools, won't be able to read the code to create a scatter file. Unfortunately this is the case with nearly every phone with a locked bootloader, unless your provider or manufacturer allows it to be unlocked through official channels.
Looking on the deepweb I've seen posts in forums in China (where a significant portion of one click rooting software comes from) and there is supposedly exploits for the newest MTXXXX's, but I have yet to find anything. There are very few exploits for the MT8XXX types. Most exploits are for the MT6XXX types.
DragonFire1024 said:
So far as I know, it's not possible to make a scatter file for the HD 8...at least not possible for UNROOTED ones. Amazon has several security and locking features in place which lock that information on the other side of the bootloader. So programs such as MTK Droid Tools, won't be able to read the code to create a scatter file. Unfortunately this is the case with nearly every phone with a locked bootloader, unless your provider or manufacturer allows it to be unlocked through official channels.
Click to expand...
Click to collapse
Well, I'm talking about creating the scatter file manually, like I did for my locked/unrooted Asus ZenPad 8.0. No root tools or any special apps necessary. I'm not sure you understand what a scatter file contains. It is simply the partition layout of the device's flash memory and some parameters of each partition relevant to SP Flash Tool. If you have root and busybox you already have everything you need to make one. Just read back the GPT (dd if=/dev/block/mmcblk0 of=gpt.bin bs=4K count=1) and open with a hex editor and do some number crunching. It might even be possible to read the flash memory of a locked device with SP Flash Tool.
diplomatic said:
Well, I'm talking about creating the scatter file manually, like I did for my locked/unrooted Asus ZenPad 8.0. No root tools or any special apps necessary. I'm not sure you understand what a scatter file contains. It is simply the partition layout of the device's flash memory and some parameters of each partition relevant to SP Flash Tool. If you have root and busybox you already have everything you need to make one. Just read back the GPT (dd if=/dev/block/mmcblk0 of=gpt.bin bs=4K count=1) and open with a hex editor and do some number crunching. It might even be possible to read the flash memory of a locked device with SP Flash Tool.
Click to expand...
Click to collapse
I'm just saying. Plug my Fire HD 8 into the PC> load MTK Droid Tools> Click blocks map> bmtpool 00000000 000000 size: 0
DragonFire1024 said:
I'm just saying. Plug my Fire HD 8 into the PC> load MTK Droid Tools> Click blocks map> bmtpool 00000000 000000 size: 0
Click to expand...
Click to collapse
Did you get a chance to try the dd method above, sounds like that should work to get a peek at the partitions?
growlre said:
Did you get a chance to try the dd method above, sounds like that should work to get a peek at the partitions?
Click to expand...
Click to collapse
I have not.