Database Info

Sapphire Touch international Mobile Hot Spot - Need help getting into developer mode

Sapphire touch / GlocalMe G3
makes international hotspot's and seem to market primary to US Service members, I am in Kuwait and many people deployed here or come through have them. I have a Sapphire Touch which is android based. The device works well but the ROM it runs is very limited. Im interested in building / finding a custom rom that would add more features and usefulness. I took it apart and found it has all the features of a phone how ever many are not used by the stock ROM.
It has Wifi, 4G 3 Sim card slots also appears to have have an SD card slot, camera, speaker, microphone, GPS (No antenna) etc.
I took the Device apart and got some pictures in case anyone else is interested in the internals.
I need help with how to enable developer mode for start, would like to see if I can side load apps from ADB tools.
About shows a software version: G3_HTSv2.1.001.028.190613
I attempted to access the boot loader by power on holding Power and Vol Down, it seems to be a restricted boot loader as the only 2 options.
Recovery mode shows:
Android System Recovery <3e>
reboot system now
wipe data Factory reset.
When I plug the phone into a windows pc it shows a drive that I can not access or format (removable device)
I have the android ADB driver installed from the ADK, can not get the driver to show the device connected from command prompt.
I tried all the menus no amount of tapping on any options enables developer mode. On power on shows powered by android, has an android boot loader
Overview
Stay in touch with friends and family while traveling abroad with Sapphire Touch, the most advanced international mobile hotspot. With 100+ country international coverage, Sapphire Touch saves you time and money compared to buying a new puck, SIM card and data plan in each country you visit. Sapphire Touch has all that and a touchscreen that displays how much data remains. It's like having 100+ SIM cards, pre-installed. Unlike traditional pucks and SIMs, you're not locked in to one carrier. Sapphire Touch automatically searches for the strongest carrier, wherever you go, giving you the best coverage worldwide. Completely eliminate waiting in line and recharging in-store - Sapphire allows you to add and manage your data using the iOS/Android App or website from your phone or tablet. Stay connected to what matters most with 4G LTE Speeds. Keep up to 5 devices connected all day with Sapphire's 15+ hour battery life, plus use it as a USB Power Bank. Unlike many devices, Sapphire is also scanned for Malware by Norton before shipping. Model: ST1.
About Sapphire: Sapphire is an unlocked international mobile network solution designed to bring world travelers premium Wi-Fi on-the-go.
International coverage
4G LTE speeds
Secured WiFi - connect up to 5 devices
Travel friends - perfect for deployments, TDY or family vacations
Touch screen, shows data level
Power Bank - up to 15 hours
After some research I found this device is the same as a GlocalMe G3, I think sapphire may be re-branding, they both have apps that look the same as well.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Updates
From the pictures I found that the device uses it uses Qualcomm Snapdragon 210 MSM8909
Searching for that led me to instructions on how to put the device int EDL Mode and use Fastboot commands . The instructions were for a Hisense F20.
Basically I Made a "Deep Flash" Cable with this wiring diagram.
And followed these instructions:
Power off device,Hold VOL - key,Put Deep flash cable Into device usb port with switch On (short the 2 wires) condition,Switch OFF the deep flash cable (disconnect the jumpered wires)
At that point it showed in windows device manager with a driver from ADB Driver package
Then I was able to see the device connected with the fastboot devices command
The oem unlock command would not work
At this point I am look for a way to be able to enable usb debugging to use ADB commands and possibly side load apps, Unlock the boot loader and install a different rom, possibly from a phone with the same processor. Any help or suggestions of where to go from here would be greatly appreciated.
List of fastboot oem commands that run, I have tried many from different manufactures most do not work.
fastboot oem device-info
(bootloader) Device tampered: false
(bootloader) Device unlocked: true
(bootloader) Charger screen enabled: true
(bootloader) Display panel: 0x00000091
OKAY [ 0.004s]
Finished. Total time: 0.007s
fastboot oem unlock
FAILED (remote: 'oem unlock is not allowed')
fastboot: error: Command failed
fastboot oem unlock-go
OKAY [ 0.001s]
Finished. Total time: 0.002s

I'd be interested to know if you found more. Currently have the glocalme g4 pro, and it asks for a password when trying to unlock developer options (clicking version). Not sure if this can be uncovered from the ROM.

arcane47 said:
I'd be interested to know if you found more. Currently have the glocalme g4 pro, and it asks for a password when trying to unlock developer options (clicking version). Not sure if this can be uncovered from the ROM.
Click to expand...
Click to collapse
Same here. I have the Sapphire Touch 2 (Glocalme G4 Pro) and have been able to interface with it through EDL mode with a deep flash cable. Was only able to access Fastboot mode after wiping the system image off of it with Miracle Box/Miracle Thunder. Fastboot commands that do run are the same as above. Miracle Box/QFIL can be used to flash stock system images but the only way I have found to get a copy of the stock image is through backing it up with Miracle Box. I haven't found anything online relating to it other than this post. Only stock images can be flashed and I cannot unlock the bootloader because the "OEM Unlock" option in the OS is restricted by the Developer Settings passcode. Cannot access ADB or file system through MTP or other means. If you can find more information or make some progress on this topic, please post about it.

ZoronicElysium said:
Same here. I have the Sapphire Touch 2 (Glocalme G4 Pro) and have been able to interface with it through EDL mode with a deep flash cable. Was only able to access Fastboot mode after wiping the system image off of it with Miracle Box/Miracle Thunder. Fastboot commands that do run are the same as above. Miracle Box/QFIL can be used to flash stock system images but the only way I have found to get a copy of the stock image is through backing it up with Miracle Box. I haven't found anything online relating to it other than this post. Only stock images can be flashed and I cannot unlock the bootloader because the "OEM Unlock" option in the OS is restricted by the Developer Settings passcode. Cannot access ADB or file system through MTP or other means. If you can find more information or make some progress on this topic, please post ab
Click to expand...
Click to collapse
you are amazing and please continue.

Hello, do you think that in the future there will be how to unblock the debug mode and be able to install applications?
keep going

bump

[IDEA] Some idea to install Android 10 internal build for Nokia 3.1 Plus

This is not totally a guide! It's only meant for experienced users!
Besides, this topic is never meant for Nokia 3.1 Plus C (TA-1124 RHD), as Nokia 3.1 Plus C uses Qualcomm Snapdragon processor.
Click to expand...
Click to collapse
WARNING!
Downgrade Nokia 3.1 Plus is pretty dangerous!
If you didn't make any backup before, you may break your phone!
During partition backup, you'll need to backup following partitions:
proinfo, nvram, nvdata, protect1, protect2 - and most importantly, fdp!
I needn't to mention about proinfo, nvram, protect1 and protect2. Excluding fdp, all these partitions could be recovered by utilizing MTK-SU.
Let me make brief introduce to FDP partition. On Security Patch Level 0x8 based device (you needn't to care about what it means), there's an extra partition called fdp, might related to remote lockdown feature for anti-theft AFAIK(implemented by FIH Mobile, but unused by HMD).
During SP Flash Tool flashing procedure, this partition is easily get broken, so make sure it's backed up before doing any flashing attempt. This partition cannot be reproduced with any known free method or borrowed from other devices, so once it's damaged and you just don't have backup, your phone will stuck at Magenta State (like picture shown below) and now damaged and not recoverable for free. There's some mysterious GSM tool that capable to fix broken FDP but cost a lot, which unsuitable to explain details here.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
This is undocumented on source.android.com , definitely something FIH Mobile made themselves. In some cases, it's displayed as " Your device is corrupt. It can't be trusted and please contact support. ".
Besides of that, Nokia 3.1 Plus is not that easy to be downgraded without unlocked bootloader by yourself. To prevent of FRP lock, you should perform regular factory reset at Settings before you downgrade. The only known firmware that acceptable by MTK SP Flash Tool 5.1824 is ROO-2230-0-00WW-B02 on my FIH-Firmware Site. But even that's flashed, the phone still cannot boot properly and will get red state due to system failed dm-verity check when flashed via SP Flash Tool instead of fastboot. However, it could still be possible to boot the phone to recovery and sideload a full OTA. As I don't have bootloader locked Nokia 3.1 Plus right away and limited efforts, cannot write a detailed downgrade guide.
Here's a known full OTA link newer than ROO-2230-0-00WW-B02: https://android.googleapis.com/pack.../0f83ed888b1a5b17d31bb576b9a629d79d097df4.zip
Build version: ROO-225K-0-00WW-B03
Security Patch Level: August 5th, 2019
So, it should be vulnerable to MTK-SU.
Anyone should archive this to somewhere.
Now let's talk about the main topic - internal Android 10 build.
FIH already tested Nokia 3.1 Plus Android 10 internal pretty early (This build for example, October 5th, 2019), but I'm not sure about it's stability. We only made simple test on a Nokia 3.1 Plus TA-1117 (Which is Nokia 3.1 Plus sold in China) and it runs nicely.
Just like Nokia 5.1 Plus, there's no applicable internal OTA packages, instead we only provide full dump. If you don't have unlocked bootloader, you have to install them via MTK-SU leak. The procedure is almost identical to Nokia 5.1 Plus as you'll need to write vbmeta partition individually. As Nokia 3.1 Plus lacks cam_vpu1, cam_vpu2, cam_vpu3 partitions, just ignore errors during flashing cam_vpu1, cam_vpu2, cam_vpu3 partitions.
For some paranoid reason, FIH didn't use 00WW_3_120 as I would expect (they wrote ROO-3120-0-00WW-B02 in systeminfo partition), instead they use 00WW_4_120 in About phone page.
DL: https://www.androidfilehost.com/?fid=4349826312261774372
SHA256: 3140e0ee26f3a23ee479eb4846baaa28a9166c420e76e8e2424a4c223a47682e

Reserved

Reserved #2

sir how to to it without unlocking bootloader ??

Likely yet another question about sd-card decryption

Hello Android Enthusiasts, warm welcome from automotive industry sofware engineer.
At first, I wanted to point out even though I am programmer
(armv7 - C, scalar and vector Assembly) I used an Android phone as a regular user. Never
rooted, never unlocked bootloader, no modifications - typical stock ROM user.
Shame to admit, but never attracted to phone modifications. Also have no Android internals
experience.
Although my question applies to Xiaomi A2 Lite, I think that it is a generic question about a
problem that can occur on any device running Android (9 in my case)
Whats the problem?
- My 128GB SD card I used to have inside my Xiaomi A2 Lite 4/64GB was formated as
internal storage and as a consequence of that it got AES encryption. Ofcourse I was not aware about this until now.
And I did not have any cloud synchronization - Why do I ever need it, all my stuff in on my SD card obviously, Oh wait... ;-)
Why do I care?
- Had a tons of private photos and videos. Especially I miss photos of my growing up
kids. I will have a 3 years hole in my photo albums.
Ask me What happened?
- Suddently my Xiaomi A2 Lite 4/64GB stopped working. Got stuck/hung during YouTube playback
and then never booted again (endless Android One logo)
What did I do?
- As Linux desktop user first what came to my mind was to backup everything I can, so
i dd'ed complete SD card image to my hard drive (128GB sdcard.img) and using EDL mode
I downloaded complete internal eMMC memory content (64GB emmc.img)
What did I try already?
- I tried to unbrick my phone using Android update (still using version 9)
I was getting sideload error 1 when using SD card method and verification failures at
some random sectors when was attempting with Xiaomi tool via USB.
- wipe to factory state also fails (hang for 30+ hours) I suspect that it is not working at all
since even after that wipe /userdata partition content is the same as the original one)
Summarizing:
* Xiaomi A2 Lite 4/64GB with Android 9 is bricked (looping on Android logo)
* Device is open I have access to testpoints
* I suspect eMMC electrical issue likely I need to replace it.
* Have a complete dump of sd-card and internal eMMC memory on my hard drive.
* I do not care about phone device anymore, what do I care is only the sd-card data.
Question:
Is there even a little chance to recover the data from sd-card?
I am familiar with secure boot concept + data encryption, so not asking about any tools to decrypt the data
using bruteforce or anything like that. AES is AES no argues here - I know I need the key nothing else.
My idea (in steps):
The only one idea that come to my mind is the following. Please tell me if I'm correct or not.
1. I need to unbrick my phone, so I can unlock the bootloader.
(I assume it is kind of r&d cert that is written to one of the partitions by Xiaomi?)
2. To unbrick my phone I will need to solder new eMMC memory and copy all content I have from the old one.
3. Phone is still bricked on new eMMC, but I hope recoverable either using recovery menu or by EDL'ing new
Android 9 image.
4. If success with unbrick, try to unlock the bootloader.
5. Restore /userdata partiton from old phone image. To access sd-card's (/data/misc/vold) AES key.
6. Either phone boots fine and I have access to sd-card data, or flash TWRP and try to recover only the AES key from /data/misc/vold.
7. Having the key, I can decrypt sd-card data on my desktop's Linux PC using dm tools.
Big unknows to me (very appriciated if someone can clarify)
1. Where is stored key that encrypt /userdata partition? I assume that if I for example sacrifice my wife's
A2 Lite the key is different and I wont be able to decrypt /userdata? (Like flashing whole 64GB dump to her phone using EDL)
2. Unlocking process itself - is it some r&d certificate written by Xiaomi? Which partition? Probably based
on some Public-ID that is unique on every Qualcomm chip, so it is not moveable betweeen devices else
it would be very easy to crack it(?)
3. What partition(s) should I skip with update/recovery process in order not to change /userdata AES key.
In general my main focus is to access /data/misc/vold file. Having that key I can carefully say "mission complete". This
is my current understanding (correct?)
I will try to decrypt my sd-card until some Android Guru/Wizard tells me that my chance of decrypt sd-card in current situation is 0% ;-)
Anything above will motivate me to work to recover my precious data. Ofcourse if the chance of success is 0% I won't hurt myself either -
**** happens and we have to live on.
Lessons learned from this situation - done. My new phone is actively synchronized with my home's Synology NAS.
Extras - partitions list in my emmc.img and strings found inside userdata.img (extracted from whole 64GB emmc.img):
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Thanks in advance for any valuable hints and have a great weekend!

Look inside here:
How to decrypt Adopted Storage?
Using the SD card as Adopted Storage encrypts it. How can it be decrypted?
android.stackexchange.com

jwoegerbauer said:
Look inside here:
How to decrypt Adopted Storage?
Using the SD card as Adopted Storage encrypts it. How can it be decrypted?
android.stackexchange.com
Click to expand...
Click to collapse
Unfortunately your link do not apply to my case. Following it:
How to decrypt adopted storage.​
Your device must be rooted.
Click to expand...
Click to collapse
My device is *not* rooted and it is bricked (likely electrically) - so my issue is more complex.
Your link is like step two in my case. Step one is access /userdata to grab sd-card AES key. This is my
main problem now.
Still unknown to me is if I resolder eMMC and perform full write-back old eMMC content to new one the /userdata will be accessible. Where the AES key for /userdata is kept? What HW changes will make /userdata no longer accessible for sure?

[TWRP][ARM64]Unevirsl Rom Installer for android | Auto Repack Rom | MFP-NEO | Fastboot to twrp flash

Unevirsl Rom Installer for android | Auto Repack Rom | MFP-NEO | Fastboot to twrp flash​Let your device install fastboot rom via twrp​
State - Alpha
Build - 0.0.1
Spoiler: Screenshots
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Support format rom supported:
fastboot with super into "sparse or row"
fastboot with single sub-partition like Vendor system "sparse or row"
new.dat ( soon )
payload.bin ( soon )
new.dat.br ( soon )
Just specify the name of the ROM archive, or the path to the ROM in the config.txt file located inside the archive, and run this zip through TWRP
Be careful, all image names must match the name of the partition like boot.img|vendor.img|super.img|xbl.img withou slot suffix, if you do not follow this rule, you can get a hard brick. Only available on slot _A, if script is run on slot _B there will be an error​
I was finally able to make a working stub for MFP-NEO either URI or AutoRepack. I made the main logic, it remains to cram the functionality
DOWNLOAD - SourceForge
TG Group
Telegram support chat for quick feedback
Donate only TG link https://t.me/mfpupdate/47

URI summary : Support for installing different ROM versions will be implemented, additional support for reading installation files. "First install - then patch" mode - a function that first installs the ROM using the means that the developers put in the installation package, and only then everything else will be patched based on the already installed firmware, as well as support for factory fastboot ROM formats that manufacturers provide for Miflash, for example, and etc
Summary of DFE-NEO. I'm going to study the wonderful script Zackptg5 Universal DM-Verity, ForceEncrypt, Disk Quota Disabler, which I used before the implementation of my project, in some cases my script does not work properly on some, those problems that are in DFE-NEO have already been studied and understood because for which it does not work properly, but to implement a set of problems, some parts of the code need to be rewritten, and this is not subject to manual correction by the end user.
My Telegram support group and link to full message blog

LeeGarChat said:
Unevirsl Rom Installer for android | Auto Repack Rom | MFP-NEO | Fastboot to twrp flash​Let your device install fastboot rom via twrp​
State - Alpha
Build - 0.0.1
Spoiler: Screenshots
View attachment 5801927View attachment 5801933View attachment 5801929
Support format rom supported:
fastboot with super into "sparse or row"
fastboot with single sub-partition like Vendor system "sparse or row"
new.dat ( soon )
payload.bin ( soon )
new.dat.br ( soon )
Just specify the name of the ROM archive, or the path to the ROM in the config.txt file located inside the archive, and run this zip through TWRP
Be careful, all image names must match the name of the partition like boot.img|vendor.img|super.img|xbl.img withou slot suffix, if you do not follow this rule, you can get a hard brick. Only available on slot _A, if script is run on slot _B there will be an error​
I was finally able to make a working stub for MFP-NEO either URI or AutoRepack. I made the main logic, it remains to cram the functionality
DOWNLOAD - SourceForge
TG Group
Telegram support chat for quick feedback
Donate only TG link https://t.me/mfpupdate/47
Click to expand...
Click to collapse
Why only in Slot A?

azteria2000 said:
Why only in Slot A?
Click to expand...
Click to collapse
azteria2000 said:
Why only in Slot A?
Click to expand...
Click to collapse
Because the first alpha version does not provide for the reassembly of super, and re-partitioning. if you install fastboot firmware with super included. then this will cause problems, since the system partitions are located in slot _a and everything else will be installed in slot _b

LeeGarChat said:
Because the first alpha version does not provide for the reassembly of super, and re-partitioning. if you install fastboot firmware with super included. then this will cause problems, since the system partitions are located in slot _a and everything else will be installed in slot _b
Click to expand...
Click to collapse
No problem on Android 12 Motorola Qualcomm XT2215-4 SM6375.. For either. Dfe-neo I use every flash to kill decryption at first before I put my custom fstab.qcom in vendor after getting RW thanks to you guys. But I didn't know about the ROM flash tool. Two-part question number one what's going on with the source forge website all the files are missing? And part two, I've got a friend that has a arm7 device and the 64 binaries aren't working any clues there? arm7 binaries?

Accidental double post* stupid full screen immersive gestures ;p

ghettiguru said:
No problem on Android 12 Motorola Qualcomm XT2215-4 SM6375.. For either. Dfe-neo I use every flash to kill decryption at first before I put my custom fstab.qcom in vendor after getting RW thanks to you guys. But I didn't know about the ROM flash tool. Two-part question number one what's going on with the source forge website all the files are missing? And part two, I've got a friend that has a arm7 device and the 64 binaries aren't working any clues there? arm7 binaries?
Click to expand...
Click to collapse
It's alpha, and now not supported arm32. Waiting full release

I got it started till it looks for a system_ext partition. Is there a way to use it without one on my phone

Littlemether said:
I got it started till it looks for a system_ext partition. Is there a way to use it without one on my phone
Click to expand...
Click to collapse
You're going to want that partition if you've got it on your device. As there's a lot of important white list xmls and some of the most important system apps they've got tucked away on that little system partition there. @LeeGarChat tool here is one of the few, in the case of his RO2RW that manages to see the almost non-existent system slot b that even imjtool says is not part of the "Motorola Group" or something that affect. I've noticed you don't need that one it's only 32 KB or something ridiculous you would think and you can live without it but I also believe it's what handles at least the touch on our virtual devices on slot b or possibly even the binary for switching the slots because I have had trouble without it. And that's a 32 KB m possibly unnecessary image now yours is part of the super block and housing important stuff, I'm sure he will work it out in the meantime you might want to just manually flash, then run his others such as RO2RW

[GUIDE][FIRMWARE] Hot Pepper™ Chilaca 4G-LTE (HPP-L60A) | Factory Firmware Restoration/Unbricking Guide

Hot Pepper™ Chilaca
4G-LTE Smartphone
T-Mobile® Certified
Model No. HPP-L60A
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Factory Firmware
Restoration /
Unbricking Guide​
OVERVIEW
ThIs guide will outline detailed instructions for restoring the factory firmware on the Hot Pepper Chilaca (HPP-L60A) smartphone. This procedure can be used to unbrick your device, recover from a persistent boot loop, resolve issues involving corrupt firmware, or simply revert a modified device to its stock factory state.
PREREQUISITES​
A PC or laptop running Windows 7/8.1/10/11​
A reliable internet connection to download the provided files​
The factory supplied, or a quality equivalent, USB-A to USB-C data syncing/charging cable​
The MediaTek vCOM drivers will need to be installed on your PC or laptop (link to installation guide is provided in downloads section)​
DISCLAIMER
While any procedure involving the flashing of a mobile device's partitions is inherently risky, these risks are somewhat diminished by the fact that many of the members using this guide already have an inoperable or malfunctioning device. Nevertheless, by proceeding further, you are assuming sole responsibility for the operability and integrity of your smartphone, thus absolving me of any liability in the event things go bad. Follow the instructions carefully, employ some patience, and things should go smoothly. I would strongly encourage inexperienced members to read this guide in its entirety, prior to beginning the instructions.
BOOTLOADER STATE
It should be noted that this guide will suffice to restore your device regardless of whether your bootloader is in a locked or unlocked state.
If your bootloader is in an unlocked state at the time you commence with this guide, the flashing method outlined in the instructions will not relock your bootloader.
Lastly, OTA updates do not check the state of the bootloader prior to installation. Hence, even in an unlocked state, OTA updates will install normally.​
​FIRMWARE INFO
OS/Version: Android 12 (Go Edition)
Firmware Build: HPP-L60A-3.0.18
Build ID: 12/SP1A.210812.016
Kernel Version: Linux v4.19.191
Radio: MOLY.LR12A.R3.MP.V208.3.P5
Bootloader: x047_k61v1_32_bsp_1g
Security Patch Level: September 5, 2022
API Level: 31
Partition Scheme: Dynamic (Non A/B)
Project Treble: Supported
​INSTRUCTIONS
Due to the secure boot feature of the Chilaca, the SP Flash Tool will not flash factory firmware unless the user provides a secure authentication (SecAuth) file in conjunction with the firmware package. Thanks to a brilliant group of developers, however, there is an exploit to disable the secure boot feature on your Chilaca, thus fully bypassing the DA/SLA security check performed by SP Flash Tool. This will enable the factory firmware to be flashed without an authorization file loaded into SP Flash Tool.
Before we begin, if you have not yet installed the MediaTek vCOM drivers on your Windows computer, visit the link provided in the downloads section below and complete that task.​
Download the SecAuth bypass utility from the below link and extract the archived file to an empty folder on your computer's desktop​
Right click mtksecbypass.exe and run it as an administrator​
Click the Disable Secure Boot tab in the tool's interface. Next, connect the USB-A end of your data syncing cable to your PC or laptop​
Ensuring that your Chilaca is in a powered off state, press and hold the Volume +, Volume -, and Power keys simultaneously while then connecting the USB-C end of the cable to your smartphone. Do not release the three hardware keys until you are notified that secure boot has been successfully disabled. Disconnect the USB-C end of the cable from your phone and ensure it remains powered off. Leave the cable connected to your computer​
Next, download SP Flash Tool from the below link and extract the contents of the archived file to an empty folder on your desktop.​
Download the HPP-L60A firmware package from the below link and extract the contents of the file to an empty folder on your desktop​
In the SP Flash Tool folder, right click flash_tool.exe and run it as an administrator.​
Click the tab corresponding with the Scatter Loading File box in the SP Flash Tool interface. Windows File Explorer will be launched. Now navigate to the folder wherein you extracted the firmware file. Select MT6761_Android_scatter.txt then click Open​
A violet progress bar at the bottom of SP Flash Tool will indicate the loading of the firmware package. Once loaded, click the Download tab. Next, without pressing any hardware buttons, connect the USB-C end of the cable to your Chilaca.​
If the MediaTek vCOM drivers are properly configured on your computer, your smartphone will be recognized by SP Flash Tool and the firmware restoration process will begin. A progress bar at the bottom of the flash tool interface will reflect the status of the installation​
Once flashing is complete, SP Flash Tool will indicate that the installation was successful. Now simply power on your smartphone and allow the device to boot.​
Your Chilaca should now be restored to its stock factory state and running on firmware build HPP-L60A-3.0.18. Because this build is not the most recent, upon reboot and completion of initial setup, you will be prompted to install one or more OTA updates.​DOWNLOADS
• SecAuth Bypass Tool v1.0.0R001
• Firmware Build HPP-L60A-3.0.18
• MediaTek vCOM Drivers Installation Guide
• SP Flash Tool v5.1924
THANKS & CREDITS
Full credit for the SecAuth bypass tool goes to Chaosmaster, xyzz, & Bjoern Kerler. Credit for the MediaTek vCom installation guide for Windows goes to XDA Senior Member @skeleton1911. Thanks to Support Tech Jorge Chavez over at Hot Pepper™ Mobile for providing the factory firmware for the Chilaca. Thanks to Hot Pepper™ CEO Shawn Sun for giving me a Chilaca handset and allowing me to evaluate and test the device. ​

Very extensive and detailed. Props to you @Viva La Android and @skeleton1911 for the all the help.

ffreylu00x7 said:
Very extensive and detailed. Props to you @Viva La Android and @skeleton1911 for the all the help.
Click to expand...
Click to collapse
Thanks for the kind words, friend.

Didn’t work for me.
keep getting this error:
ERROR STATUS_EXT_RAM_EXCEPTION (0xC0050005)​i doubled checked everything.
when i finally flashed it with RDPOWERplus it flashed 100% but now bricked
bricked a assurance wireless phone trying this.

Darxtek said:
Didn’t work for me.
keep getting this error:
ERROR STATUS_EXT_RAM_EXCEPTION (0xC0050005)​i doubled checked everything.
when i finally flashed it with RDPOWERplus it flashed 100% but now bricked
bricked a assurance wireless phone trying this.
Click to expand...
Click to collapse
Luckily you can't really hard brick a MediaTek device. The BROM protocol will almost always provide a backdoor for restoring the firmware. And I'm not saying that to downplay your bricked device by any means. It certainly sucks to be bricked -- regardless of the hierarchial state. Although, I'm not familiar with the SP Flash Tool (0xC0050005) error you referenced. But I will research your issue and see if I can help you get restored.