Here is how to have separate passwords for boot and screen in Lollipop encrypted devices.
There are two apps available to change encryption password in Android with encrypted data partition. Unfortunately neither works in Lollipop. Cryptfs fails to obtain root permission, although granted and another one returns errors. That leaves only adb shell commands:
1. Encrypt your lollipop with a password or pin you can live with. The phone will restart and prompt for password/pin
2. Enable USB debugging in Developer Options.
3. Allow Root access to apps and ADB.
4. Connect your device to a PC (Linux)
5. Start terminal and enter: adb shell
6. Next, enter: su
7. Pick a long password for boot, then convert it into a hex by using many online converters. Lollipop won't accept straight password.
8. Enter the following on computer terminal: vdc cryptfs changepw password "here paste your hexed password without quotes." You need the word password in the command before the hexed password
9. In about 10 seconds you should have a response 200 0 0, which means success. Any 1s in the last two digits would mean error. Your phone won't reboot during this operation, you will still have your original screen lock pin/password/pattern, but when you reboot, you would enter the new actual password (not the hexed one)
That's it. Now you have a long password for your boot and shorter one for your screen lock.
Info
Can i use Windows 7?
This guide is more or less exactly the same what was already written down on the official page over here.
You should better note that this was only tested on CyanogenMod based OS, on STock or AOKP roms that may not works or can fail/damage the data. See this comment.
Can i use Windows 7?
Click to expand...
Click to collapse
Yes, see point 4.
"This guide is more or less exactly the same what was already written down on the official page over here.
You should better note that this was only tested on CyanogenMod based OS, on STock or AOKP roms that may not works or can fail/damage the data. See this comment."
"already written down here"
Except that his app can only change password, as opposed to do encryption from scratch; and it does not work on lollipop for 3 reasons: it does not see the phone as rooted; it requires straight password, as opposed to the hexed one; and his command, while valid for kitkat, won't work on lollipop where you need to put cryptfs enablecrypto inplace password <hexed password>..
"You should better note that this was only tested on CyanogenMod based OS, on STock or AOKP roms"
Everything posted on XDA may not work or inflict damage. And by the way, do you know of any roms other than those you listed? AOSP? This will also work on AOSP, because those commands are hardcoded in Lollipop source...
It works for me, but i think that in 10 seconds only password needed to boot can change, not disk level encryption.
ultrasound1991 said:
It works for me, but i think that in 10 seconds only password needed to boot can change, not disk level encryption.
Click to expand...
Click to collapse
That's how it works. You only change the password. If you want to use long password from scratch, there is a different procedure:
1. Install your favorite lp rom
2. Set a short screen password
3. Repeat steps 2-7 in the OP
4. Then type this on your computer terminal: vdc cryptfs enablecrypto inplace password <hexed password> and press Enter
Your phone will start encrypting and in a few reboots you will get a prompt to enter your actual password.
optimumpro said:
That's how it works. You only change the password. If you want to use long password from scratch, there is a different procedure:
1. Install your favorite lp rom
2. Set a short screen password
3. Repeat steps 2-7 in the OP
4. Then type this on your computer terminal: vdc cryptfs enablecrypto inplace password <hexed password> and press Enter
Your phone will start encrypting and in a few reboots you will get a prompt to enter your actual password.
Click to expand...
Click to collapse
I did this. Now i have unlock pattern to unlock screen, and long password at boot.
Bu are you sure that this metod change disk encryption?
ultrasound1991 said:
I did this. Now i have unlock pattern to unlock screen, and long password at boot.
Bu are you sure that this metod change disk encryption?
Click to expand...
Click to collapse
If you did that on already encrypted phone, that won't change the encryption. The procedure in post #6 was for unencrypted device.
So, if you want to do everything from scratch and you alaready have encryption, you should go into recovery (TWRP) and when you are prompted for password, press cancel, then wipe system only; then wipe data only, then wipe cache. Then restore your rom. At that point, your data will be unencrypted. Then follow #6...
optimumpro said:
If you did that on already encrypted phone, that won't change the encryption. The procedure in post #6 was for unencrypted device.
So, if you want to do everything from scratch and you alaready have encryption, you should go into recovery (TWRP) and when you are prompted for password, press cancel, then wipe system only; then wipe data only, then wipe cache. Then restore your rom. At that point, your data will be unencrypted. Then follow #6...
Click to expand...
Click to collapse
Also, keep in mind that if you ever change your screen pin/paswr/pattern, that will automatically change your boot password. So after changing screen things, don't reboot and do change password via adb (that won't change the encryption, but only the boot password).
Except that his app can only change password, as opposed to do encryption from scratch; and it does not work on lollipop for 3 reasons: it does not see the phone as rooted; it requires straight password, as opposed to the hexed one; and his command, while valid for kitkat, won't work on lollipop where you need to put cryptfs enablecrypto inplace password <hexed password>..
Click to expand...
Click to collapse
Seems you not looked at this given readme/project, it is also explained for lollipop only systems and mentioned how to deal with the supolicy problem, but okay. But nice try.
Everything posted on XDA may not work or inflict damage. And by the way, do you know of any roms other than those you listed? AOSP? This will also work on AOSP, because those commands are hardcoded in Lollipop source...
Click to expand...
Click to collapse
Wrong, AOSP != STOCK, or not always but okay if you want to hold on your wrong statements, okay. Show me proof that an old S2 use the same AOSP source, you can't because there are some changes made by OEM, and not only because of the driver. But okay.
CHEF-KOCH said:
Seems you not looked at this given readme/project, it is also explained for lollipop only systems and mentioned how to deal with the supolicy problem, but okay. But nice try.
Wrong, AOSP != STOCK, or not always but okay if you want to hold on your wrong statements, okay. Show me proof that an old S2 use the same AOSP source, you can't because there are some changes made by OEM, and not only because of the driver. But okay.
Click to expand...
Click to collapse
This is just another example of facts disconnected from arguments and arguments not related to the subject of the thread. What are you trying to argue here? That my guide is wrong? That it is not working, but it is and not only for me. Just look at other posts in this thread. Are you not happy that I didn't warn that people's devices can be bricked? But everyone knows that whatever is posted on XDA is risky and can break your device. What does old S2 have to do with the guide for encrypting data on Lollipop?
I will tell you what the purpose of your argument is: you just want to show again and again what a fine expert you are, that you are better than other fine experts (who say things now that you figured out many years ago) and how stupid and ignorant the rest of the crowd here is. LOL.
This is why I say our communication is not productive. I stop here...
Thanks @optimumpro.
I encrypted nine different devices with AOSP Based ROM and encryption works.
Devices cannot be bricked during encryption process.
A device is bricked when bootloader is damaged.
Encryption process doesn't encrypt bootloader.
This guide isn't dangerous.
Each person is responsible for his actions.
...
7. Enter the following on computer terminal: vdc cryptfs changepw password "here paste your hexed password without quotes." You need the word password in the command before the hexed password
8. In about 10 seconds you should have a response 200 0 0, which means success. Any 1s in the last two digits would mean error. Your phone won't reboot during this operation, you will still have your original screen lock pin/password/pattern, but when you reboot, you would enter the new actual password (not the hexed one)
...
Click to expand...
Click to collapse
I can confirm that this process works on the Moto E (2nd Gen) GSM Global (XT1505) running 5.0.2. I was able to successfully set a different encryption password than screen lock. Here are a couple notes about my experience:
1) When I executed the cryptfs command, I did not receive any response in the adb shell. I didn't get the 200 0 0 - I didn't get anything. However, the change was successfully made and the device booted fine using the new password.
2) I had trouble getting the device to do the initial encryption. As part of my setup process I had unlocked the bootloader, rooted, then added SU. My next step was to encrypt. However, when I used the Settings -> Security -> Encrypt Phone option, the device would briefly flash the "android gear" icon, then the screen would go blank and the phone would hang. A reboot would bring the device back to life, but it would not be encrypted. I tried doing it via command line, again without success.
After quite a bit of time spent troubleshooting, the solution was to unroot the phone. I used the unroot option in the SU app. Once unrooted, the standard encryption process worked. After encryption, I re-rooted and added SU, and everything worked fine. Though I don't know the cause, it seems that having root/SU interferes with the encryption process.
Many thanks to the OP. :good:
What are you trying to argue here? That my guide is wrong? That it is not working, but it is and not only for me. Just look at other posts in this thread. Are you not happy that I didn't warn that people's devices can be bricked? But everyone knows that whatever is posted on XDA is risky and can break your device. What does old S2 have to do with the guide for encrypting data on Lollipop?
Click to expand...
Click to collapse
You have better just posted the url from the original source. I did that for you now.
This is why I say our communication is not productive. I stop here...
Click to expand...
Click to collapse
Yep, but re-quoting the same stuff what was written now 1 year in an GitHub is more productive.
OnePlus One CM12S YNG1TAS17L?
I have a OnePlus one now running the YNG1TAS17L build of CyanogenMod 12S.
I attempted to change the (boot encryption) password via the vdc cryptfs changepw password... method, to no effect.
Then I tried the cryptfs app (which has been updated with experimental Lollipop support) and it broke the encryption. (Wipe, restore from Titaniumbackup, clean up the mess, pick up the pieces...)
Does anyone have experience specifically with OnePlus One YNG1TAS17L successfully changing the (boot encryption) password, please?
I'd really rather avoid another half-day long wipe, rebuild, restore, clean up cycle... :-}
thanks,
libove said:
I have a OnePlus one now running the YNG1TAS17L build of CyanogenMod 12S.
I attempted to change the (boot encryption) password via the vdc cryptfs changepw password... method, to no effect.
Then I tried the cryptfs app (which has been updated with experimental Lollipop support) and it broke the encryption. (Wipe, restore from Titaniumbackup, clean up the mess, pick up the pieces...)
Does anyone have experience specifically with OnePlus One YNG1TAS17L successfully changing the (boot encryption) password, please?
I'd really rather avoid another half-day long wipe, rebuild, restore, clean up cycle... :-}
thanks,
Click to expand...
Click to collapse
Try to do encryption from scratch via adb. Also, you might want to untick deny root during boot in Supersu just while you are encrypting.
optimumpro said:
Try to do encryption from scratch via adb. Also, you might want to untick deny root during boot in Supersu just while you are encrypting.
Click to expand...
Click to collapse
Double-negatives, ho! "Untick deny root" -> "Tick Enable su during boot", yes? What process exactly might be requesting root during boot, when SuperSU might not be able to interactively prompt the user and so even though root would not be summarily denied, it's quite likely that the user wouldn't respond in time to grant root? We'd need to run that process ahead of time so that the user could reliably grant that permission and SuperSU could remember it.
Aside, it's kind of hard to do encryption from scratch when it's already encrypted the conventional way, since Google in its infinite wisdom has never implemented a way to decrypt storage....
So I really do need a tried, proven, true way to change the encryption boot password please - channeling Yoda, I must do or do not, there is no try
thanks,
libove said:
Double-negatives, ho! "Untick deny root" -> "Tick Enable su during boot", yes? What process exactly might be requesting root during boot, when SuperSU might not be able to interactively prompt the user and so even though root would not be summarily denied, it's quite likely that the user wouldn't respond in time to grant root? We'd need to run that process ahead of time so that the user could reliably grant that permission and SuperSU could remember it.
Aside, it's kind of hard to do encryption from scratch when it's already encrypted the conventional way, since Google in its infinite wisdom has never implemented a way to decrypt storage....
So I really do need a tried, proven, true way to change the encryption boot password please - channeling Yoda, I must do or do not, there is no try
thanks,
Click to expand...
Click to collapse
Let's start from the end: this is a proven to work way to encrypt data or change password on lollipop. Just look up the thread for multiple confirmations of success. You just haven't succeeded for various reasons (could be tens of them). You could have missed/messed a step; your root app may have interfered. Did you read a post here where another user said he had to unroot the phone to encrypt it. There is no user interaction during boot, hence Supersu offers you an option to deny all root requests. That may prevent adb access or the normal operation of vold (utility that does encryption).
If you were talking about external sd card, Google has nothing to do (no support whatsoever) with encryption. If your external card is encrypted, this was implemented by the device manufacturer. If your Oneplus was encrypted during manufacturing, you are out of luck as to disabling encryption. Also, a word of caution on using hardware crypto modules: they are all closed source and done by known "cooperators/volunteers" with three letter agencies. On all my roms I disable hardware crypto modules and hardware based key generation in kernel. I also throw out Selinux: just don't trust the bank to bank robbers.
It is not hard at all to do encryption from scratch. In fact, it is a more preferable way for security reasons (encryption with a short screen pin is weak, even if you later change the boot password, since encryption won't change, just the password).
Cryptfs app has never worked for me and nothing has been updated on authors Github since December 2014. That version positively does NOT work on lollipop. In addition, the author, I think, has an inflated view of his expertise in Android.
To sum up, you have to try again. You also need to run logcat or better dmesg during encryption, as there is no other way to find out what goes wrong there.
vdc command not found
Hi there, I just tried to follow the steps in the first post (Nexus 4 running CM12) and I got this result:
# vdc cryptfs changepw password [redacted]
No command 'vdc' found, did you mean:
Command 'tdc' from package 'tdc' (universe)
Command 'gdc' from package 'gdc' (universe)
Command 'vdr' from package 'vdr' (universe)
Command 'vlc' from package 'vlc-nox' (universe)
Command 'sdc' from package 'hpsockd' (universe)
Command 'vdu' from package 'util-vserver' (universe)
Command 'dc' from package 'dc' (main)
vdc: command not found
Is there a package I'm missing? I'm running the latest version of Linux Mint but I'm very far from being an expert.
thanks!
yhvo2gt9 said:
Hi there, I just tried to follow the steps in the first post (Nexus 4 running CM12) and I got this result:
# vdc cryptfs changepw password [redacted]
No command 'vdc' found, did you mean:
Command 'tdc' from package 'tdc' (universe)
Command 'gdc' from package 'gdc' (universe)
Command 'vdr' from package 'vdr' (universe)
Command 'vlc' from package 'vlc-nox' (universe)
Command 'sdc' from package 'hpsockd' (universe)
Command 'vdu' from package 'util-vserver' (universe)
Command 'dc' from package 'dc' (main)
vdc: command not found
Is there a package I'm missing? I'm running the latest version of Linux Mint but I'm very far from being an expert.
thanks!
Click to expand...
Click to collapse
The above indicates that your computer has no connection to your phone and you are getting responses from your Linux Mint, which obviously has no idea what vdc is. Follow your terminal screen when you do adb shell and su. After adb, your prompt should change if it works. And after su, you should get su rights on the phone and not on the computer. If after su, you get a prompt to enter your administrative password, that's a sure indication you are communicating with Linux, as opposed to Android.
Go to package manager on your PC and search for adb, install it. Then on the phone, you must enable usb debugging and allow root access to adb.
Related
How to Achieve Permanent Root and S-Off:
To get permanent root, you need to S-Off. So lets start with that first. This process will NOT wipe your device. It also works for OS X users. This guide will work on software version 1.55.605.2 (which as of 04/19/2014 is the latest OTA) and below.
--- S-OFF Instructions ---First, you'll need to download adb, enable its use and setup debugging.
adb is part of the android SDK. You can download it here (OS X users must scroll down and download the OS X version). It does not need to be installed, just unzip it into its own folder. You can also download a zip that contain only adb and fastboot.
once you have adb, you'll need to download the drive for your M8, which can be had from HTC's driver page:
http://www.htc.com/us/software/htc-sync-manager/.
Then install it. It will install the driver necessary for adb to work. After the installation is finished, uninstall HTC Sync immediately (do this regardless of whether or not you need it; you can reinstall it later if you still want it). This will leave the driver package installed, but remove HTC sync.
Now, back to the phone. Disable all security you have on, including PINs, Pattern Locks, passwords, etc. If you have an exchange forced security policy, you will need to disable the account. You can readd it later.
Enable access to developer options. Jump into the Settings. Then you’re going to scroll down to the bottom and tap on ‘About’, next tap on ‘Software Information’. Now you’ll need to tap on ‘More’, which will give you a new menu. Now just tap on the build number 9 times and you’ll enable Developer options.
Go into developer options menu and enable USB Debugging.
Next, go to Security page and enable "Unknown sources".
Now install weaksauce from here:
http://forum.xda-developers.com/showthread.php?t=2699089
If you followed the directions correctly, you should have SuperSU installed and root access. (You can use superuser as well).
Plug in your phone into your computer. Its best to use the factory cable provided with the phone. Use a USB 2.0 type port if possible (USB3.0 ports typically have a blue tab; I have personally used a USB 3.0 Device on Windows 8.1u to perform this without any problems, but your mileage may vary).
Your phone will ask if you if you trust your computer (RSA). Choose "Always Allow".
Ensure adb is working by opening a command prompt (terminal on OS X), navigate to the adt-bundle-[XXXXX]/sdk/platform-tools and typing "adb devices" without quotes. Your phone should show up. Ensure the working directory is the directory that adb is in. Otherwise, transferring firewater may fail. On Windows, you can shift-right-click inside the folder adb is in and click open command prompt to open a cmd in that directory.
Now go download firewater from here:
http://firewater-soff.com/instructions/ Make sure to use the weaksauce method (second method). Do NOT use the temproot method.
The firewater file should be called "firewater" without any quotes or extensions (like .bin). Ensure your browser did not partially download or corrupt it.** Make sure its in the same folder as adb. Then follow directions on the firewater site. Be aware the yes/no prompt is case sensitive, so make sure to answer it with an uppercase Y as in "Yes" not "yes". During the process, you will need to enable adb shell to get root. Make sure your phone screen is on so you can see the root request. Grant it and the S-Off process will continue. Otherwise, it will hang there and eventually time out. Sometimes, the process will fail and the phone will reboot. This is okay. Just restart the process. It can sometimes take multiple tries.
When completely successfully, you now have S-OFF. Your phone's bootloader is also unlocked in the process; you do NOT need to perform any additional steps to unlock the bootloader. However, you do not have permanent root. The root that weaksuace provides goes away on reboot and must be reapplied again on startup.
**The filesize seems to vary depending on what OS/browser is used to download it. It should be around 4,519,496 (on disk) in size. If you can't execute firewater, try redownloading it.
Getting permanent root:
-Flash a custom recovery and flash a zip with su.
-[Optional] Return to stock recovery This option is for people who don't want a custom recovery.
Be aware, once rooted and S-Off'ed, you do NOT need the kernel module that enables system write access*. All system changes will survive hard reboots (adb reboot).
-- Recovery Rooting: --
Move the supersu zip onto your internal sdcard. It can be downloaded here:
http://forum.xda-developers.com/showthread.php?t=1538053
You can use Superuser as well. Its your preference, but this guide uses SuperSU.
Uninstall weaksauce. It's no longer needed.
Uninstall SuperSU. It will be reinstalled when you flash the supersu zip. If you have SuperSU Pro installed, you can leave that in place, as that app only holds a key.
From adb, type:
adb reboot bootloader
Flash a custom recovery. CWM and TWRP are available. Use the fastboot method. Follow the directions here:
TWRP - http://teamw.in/project/twrp2/226
CWM - http://forum.xda-developers.com/showthread.php?t=2708520
Reboot into Recovery
Flash the supersu zip you downloaded.
Reboot and you're done. You have s-off and permanent root.
You can delete the downloaded supersu zip off your internal sdcard; its not longer needed.
-- Manual Root --Perform all steps noted in section "Recovery Rooting" above.
-Download the stock recovery:
http://forum.xda-developers.com/showthread.php?t=2723112
-Ensure the stock recovery img file is in the same folder as fastboot.
-Run the following command from command line: "fastboot flash recovery stockrecovery.img" without the quotes.
-Wait for the process to finish
-Reboot the phone. You now have the stock recovery along with root. With the stock recovery installed, you can now accept OTAs provided you haven't modified/deleted any stock system files. Any new OTAs you take will remove any files/folders you added to the system partition and will remove your root. However, with S-off, this can be undone. If you lost loot after taking an OTA, simply start from the beginning of the section "Recovery Rooting".
-- Common Tweaks --
All of these are optional and are NOT required. However, you may find some benefit to them.-- Wifi Tether Enabled --This is unnecessary if you are on a More Everything plan or are paying for hotspot/tethering. You can force enable the native tethering application:
http://forum.xda-developers.com/showthread.php?t=2708548
-- Device Wipe after ten attempts --I really dislike this "feature". Here is how to disable it. This works regardless if you enabled the security or its mandated by an exchange policy.
I use Root Explorer to make this change, but you can use any text editor. Make sure to mount system as R/W. Root explorer can do this from within the app.
Edit this file:
/system/customize/ACC/default.xml
change this:
Code:
<item type="integer" name="devicepolicy_max_fail_passwords_for_wipe">10</item>
to this
Code:
<item type="integer" name="devicepolicy_max_fail_passwords_for_wipe">0</item>
Reboot and its disabled.
-- Power Saver Mode --Enable "Power Saver" mode using these directions. It's disabled and hidden by default.
http://forum.xda-developers.com/showthread.php?t=2701909
-- *Unsecured Kernel --By default, the stock kernel prevents write access to /system. S-off and root should allow you to makes changes to system. However, some people have reported difficulties using ROM toolbox and other mods (like changing boot animations). In some cases, these issues can be resolved by flashing an insecure kernel:
http://forum.xda-developers.com/showthread.php?t=2708686
-- HTC Sense Broswer --The stock ROM now includes Chrome as the default browser and omits the Sense Browser. Users who prefer the Sense Browser can download it here:
http://forum.xda-developers.com/showthread.php?t=2708597
-- HTC Flashlight --The stock HTC flashlight app.
http://forum.xda-developers.com/showthread.php?t=2697025
-- Disable HTC Sync Virtual CDROM --This disables the virtual CD-ROM from mounting.
http://forum.xda-developers.com/showthread.php?t=2709386
-- Donations --Don't forget to donate to the developers involved in getting you here. Donations for firecracker go to [email protected] (paypal). Donations for weaksuace go to [email protected] (paypal). If I missed anyone, let me know.
FAQBeen getting some interesting PMs. Here is some of the popular questions.
Do I need a Java card for this?
No. You just need a PC/Mac, a USB 2.0 cable and the M8. Since a public S-off method is now available, that method is obsolete and its not recommended anymore.
Do I have to change or reset my CID?
No, that is only necessary for people who s-off'ed via a Javacard.
Do I need to do any of this if I S-off'ed via Javacard?
No, this method ends with the same result.
Can I reverse this and return to completely stock?
Yes, absolutely none of the stuff done here is permanent. You can unroot, relock the bootloader, and S-On as many times as you want. You can flash an HTC RUU to return to completely stock in one go. Note: Be careful with S-On'ing a device. If you S-On a device via a newer RUU and that RUU has no known exploits, you may not be able to S-Off again until an exploit is found.
Do I need to unlock my bootloader after this?
No, the firewater exploit will S-Off and unlock your bootloader.
Will this work on a Mac?
Yes, please read the directions more carefully.
Will this work on USB 3.0 ports as that is all I have?
Usually. On OS X, I've had success using a USB 3.0 port (since recent MBPs only include USB 3). On Windows, the answer seems to be maybe, depending on your OS. Your best bet would be to try on a Windows 8,8.1,8.1u1 machine as that OS includes native support for USB 3.0; that way you aren't relying on vendor specific driver support like on Win7 or below. I have personally done this exploit on USB3 on a Surface Pro.
Will this brick my phone?
There is always a chance, but I have honestly never heard of such a thing happening. Worst case is usually a full reset of the phone.
Will this wipe/format the external SDcard?
No.
How do I flash this via ODIN?
This has absolutely nothing to do with ODIN. That is for Samsung devices. You should not even have ODIN running when do any part of this guide.
How to I convert to a Google Play edition ROM?
Wait for a developer to make one. I will post a link here if/when that happens.
See here:
http://forum.xda-developers.com/showthread.php?t=2716306
Does this affect Google Wallet or ISIS?
Yes and no. Google wallet works just fine. ISIS will detect its rooted and refuse to work. You'll need to shield root from ISIS to use it. Directions on how to do that can be found via google.
Will this work on non-Verizon HTC M8's?
Yes, though you will need to use a different recovery.
Will this unlock my device for other carriers?
No....because your device is already unlocked in its stock form. AWS band rules force Verizon to keep all their LTE devices unlocked.
Will this jailbreak my device?
No. Wrong type of phone.
I can get red triangle exclamation mark with a black screen. How do I fix this?
You are in the stock recovery. Hold power and volume up and you will get a menu. You can choose reboot system now to get out of there.
appreciate the write up. ill check back here when i find a reason to unlock it
Has anyone done it yet? It's just sitting at "adb wait-for-device push firewater /data/local/tmp" for at least 5 minutes now.
sfreemanoh said:
Has anyone done it yet? It's just sitting at "adb wait-for-device push firewater /data/local/tmp" for at least 5 minutes now.
Click to expand...
Click to collapse
I have done everything mentioned in this guide. And it works just fine.
Make sure you are connected via USB2. Also make sure your phone is on and unlocked (as in, no security PIN, pattern, password etc.). Is USB debugging on?
When you type "adb devices" from command prompt, is your device listed?
Yeah, nvm, it's fine now. When I first connected it via debugging, I didn't hit the "Always allow" option on my phone, so after the adb reboot it wasn't allowed to reconnect. Just had to disable debugging and re-enable it, it's all set now.
sfreemanoh said:
Yeah, nvm, it's fine now. When I first connected it via debugging, I didn't hit the "Always allow" option on my phone, so after the adb reboot it wasn't allowed to reconnect. Just had to disable debugging and re-enable it, it's all set now.
Click to expand...
Click to collapse
Cool. I'll add that to the guide.
I have not had time to thank and will.
At work and going to hook it up when I get home this morning so I hope no one screws with you guys and gets it pulled.
Very much appreciate all the work they put into it.
Thank you very much for the dummy proof write up
These guys around here are getting to good.
Thank you thank you thank you.
Worked Perfect! Thank you guys!
thank you so much! now i can sleep at night knowing that verizon doesn't have control of my device anymore haha!!
Im happy to see that s-off was achieved and Im going to unlock my phone right now
but quick question, I'm new to this s-off stuff so I don't know how it works entirely.
But once we unlock the bootloader
is there any way to lock it again in case we need to send the phone to HTC?
sorry for the noob question but just a question that popped into mind.
So I don't quite understand. I am S-off with the Unofficial CMWR from InvisibleK and I flashed SuperSU zip v1.94. Do I need the system write access kernel module to write to system or no?
Great guide by the way. Thanks
I have been trying for the past hour, but I cannot get adb to connect. Am I missing a step?
I downloaded the htc synch, installed the drivers, uninstalled synch. I already had weaksauce root. I downloaded sdk, extracted the bundle. I downloaded firewater, moved it to the same folder with adb.
Everytime I try to run adb it just scrolls and then closes almost immediately. I thought it was my java at first. I updated that. The computer says I'm connected through HTC drivers. I'm debugged/unknown sources...
Running windows 8.1 64bit. I don't know what else to do at this point.
blacknet101 said:
Im happy to see that s-off was achieved and Im going to unlock my phone right now
but quick question, I'm new to this s-off stuff so I don't know how it works entirely.
But once we unlock the bootloader
is there any way to lock it again in case we need to send the phone to HTC?
sorry for the noob question but just a question that popped into mind.
Click to expand...
Click to collapse
Absolutely. Everything in this guide can be reversed. You can return everything back to stock via an RUU.
nicholi2789 said:
So I don't quite understand. I am S-off with the Unofficial CMWR from InvisibleK and I flashed SuperSU zip v1.94. Do I need the system write access kernel module to write to system or no?
Great guide by the way. Thanks
Click to expand...
Click to collapse
You do not. I have modified and added a few system files and they have persisted through several hard reboots.
MultiDev said:
Absolutely. Everything in this guide can be reversed. You can return everything back to stock via an RUU.
Click to expand...
Click to collapse
Hmmm! Thanks for the reply buddy! may i ask? Where can we find these RUU files? In case we need to go back to Stock?
JelloB said:
I have been trying for the past hour, but I cannot get adb to connect. Am I missing a step?
I downloaded the htc synch, installed the drivers, uninstalled synch. I already had weaksauce root. I downloaded sdk, extracted the bundle. I downloaded firewater, moved it to the same folder with adb.
Everytime I try to run adb it just scrolls and then closes almost immediately. I thought it was my java at first. I updated that. The computer says I'm connected through HTC drivers.
Running windows 8.1 64bit. I don't know what else to do at this point.
Click to expand...
Click to collapse
Java has nothing to do with adb. You don't need it installed to any of this guide.
You need to use adb from a shell. On, windows, you need to open a command prompt. Type "cmd" with the start screen open and hit enter. Then at the prompt, use the "cd" command to navigate to the correct directory where adb is located.
When i run the "adb wait-for-device push firewater /data/local/tmp" command it come back with "failed to copy 'firewater' to '\data\local\tmp': Read-only file system". I'm lost. I have root access and everything.
MultiDev said:
Java has nothing to do with adb. You don't need it installed to any of this guide.
You need to use adb from a shell. On, windows, you need to open a command prompt. Type "cmd" with the start screen open and hit enter. Then at the prompt, use the "cd" command to navigate to the correct directory where adb is located.
Click to expand...
Click to collapse
I knew I was missing something simple. It's been a while since I've used adb. Will try now...thanks.
trying to modify the default.xml to get rid of the 10 try's and wipe pattern lock and it doesn't appear I have access to read write from it still... trying with the ES note editor when going to the file with ES File Explorer. I've ran the wp_mod.ko as directed and I haven't rebooted.
I'm wondering if I'm missing something, or maybe there's a better way to do it via command line?
blacknet101 said:
Hmmm! Thanks for the reply buddy! may i ask? Where can we find these RUU files? In case we need to go back to Stock?
Click to expand...
Click to collapse
They are available from HTC. I'll have to find the exact links. Also, many android sites will host them too.
Slimfast35 said:
When i run the "adb wait-for-device push firewater /data/local/tmp" command it come back with "failed to copy 'firewater' to '\data\local\tmp': Read-only file system". I'm lost. I have root access and everything.
Click to expand...
Click to collapse
You need root access to write there, shell does not normally have access. Beaware that weaksauce takes a minute or two before after a restart before enabling root again. So wait till you have access again before trying it.
meest said:
trying to modify the default.xml to get rid of the 10 try's and wipe pattern lock and it doesn't appear I have access to read write from it still... trying with the ES note editor when going to the file with ES File Explorer. I've ran the wp_mod.ko as directed and I haven't rebooted.
I'm wondering if I'm missing something, or maybe there's a better way to do it via command line?
Click to expand...
Click to collapse
You do not need the kernal module actually; I have removed that from the guide. I haven't used ES Note before, but no matter what, you must mount system as R/W before you can change anything. Its by default R/O or Read Only. Root explorer has a button that auto mounts it and then you can make your edit.
I have a P5113 that's been running the CM 11 nightlies just fine until a few days ago. For some unknown reason, the internal storage is stuck in read only mode which is causing applications to fail and the tablet to reboot every few minutes. I've tried using CWM recovery to do a factory reset as well as wipe cache and reformat all partitions with no effect. Have also tried to install the latest CM 11 but after reboot the older version of the image is still installed. I also cannot write or delete any files from the file system as they reappear after a reboot. I've tried to use Odin to install a factory ROM but it keeps failing and I've tried to write a PIT file to fix the partition which has also had no affect. I've tried using adb to set read/write permissions but after a reboot, the permission revert back to read only.
I would like to know if there is anything else that can be done to repartition the internal storage and reload a factory ROM so that I can start over.
Thanks
....Mike
michaelgwilson007 said:
For some unknown reason, the internal storage is stuck in read only mode
Click to expand...
Click to collapse
As you seem to know your way around: Could you try and fetch a logcat as well as the kernel dmesg output upon boot and post it for review (pastebin or similar)? If it even fails with re-flashing a Stock ROM maybe the logs give a hint about what's going on (maybe the NAND chip became corrupted leaving fsck without a possibility to fix the filesystem?).
BoneWithABeagle said:
As you seem to know your way around: Could you try and fetch a logcat as well as the kernel dmesg output upon boot and post it for review (pastebin or similar)? If it even fails with re-flashing a Stock ROM maybe the logs give a hint about what's going on (maybe the NAND chip became corrupted leaving fsck without a possibility to fix the filesystem?).
Click to expand...
Click to collapse
Thanks for the reply. I've been doing a lot of reading to work my way around. I have never reviewed the logs or know where they are but I'll see if I can figure it out. Any info on how to extract this info would be greatly appreciated.
....M
michaelgwilson007 said:
Thanks for the reply. I've been doing a lot of reading to work my way around. I have never reviewed the logs or know where they are but I'll see if I can figure it out. Any info on how to extract this info would be greatly appreciated.
....M
Click to expand...
Click to collapse
You already used "adb", so access to Settings -> Developer Options must already be enabled and "USB debugging" turned on.
Now, simply connect the tablet to the PC and open a Command Promt (or Terminal if you're on Linux). Issue a restart on the Tablet (if turned on). Once the "Galaxy Tab 2.0" kernel logo shows up issue "adb logcat >> Downloads\logcat.txt" (Windows) or "adb logcat >> Download/logcat.txt" (Linux - you may need to add a "sudo" before adb if your udev rules aren't properly set).
adb will now display "connecting" and once Android has start "adbd", should happen rather early in the boot process, it will start logging into the text file. Once the ROM has fully booted up wait for a minute, so the system settles with starting up everything, before you press CTRL+C to interrupt adb logging.
Next would be "adb shell dmesg >> Downloads\dmesg.txt" (Windows) or "adb shell dmesg >> Downloads/dmesg.txt" (Linux). That dumps the kernel output into a text file. IF you get a error here it may relate to...: 1. Your ROM is not rooted. / 2. "adb+apps" is not set in the Developer options / 3. You are running a Sammy Stock ROM where adbd has no root powers.
If you're on a Stock ROM ... Install Chainfire's adbd Insecure (you need root!), run the app, apply the patch and reboot. Now adbd behaves like in CM or OMNI (root priviledges).
You can review the text files for yourself. If you see any obvious errors that should give you a hint about what's going on. If not, then put them up for review. Though... be warned: The files contains some private data (like the MAC address of the tablet as well as some information from your WiFi). If you don't want it to be displayed to the greater public send me a PM.
BoneWithABeagle said:
You already used "adb", so access to Settings -> Developer Options must already be enabled and "USB debugging" turned on.
Now, simply connect the tablet to the PC and open a Command Promt (or Terminal if you're on Linux). Issue a restart on the Tablet (if turned on). Once the "Galaxy Tab 2.0" kernel logo shows up issue "adb logcat >> Downloads\logcat.txt" (Windows) or "adb logcat >> Download/logcat.txt" (Linux - you may need to add a "sudo" before adb if your udev rules aren't properly set).
adb will now display "connecting" and once Android has start "adbd", should happen rather early in the boot process, it will start logging into the text file. Once the ROM has fully booted up wait for a minute, so the system settles with starting up everything, before you press CTRL+C to interrupt adb logging.
Next would be "adb shell dmesg >> Downloads\dmesg.txt" (Windows) or "adb shell dmesg >> Downloads/dmesg.txt" (Linux). That dumps the kernel output into a text file. IF you get a error here it may relate to...: 1. Your ROM is not rooted. / 2. "adb+apps" is not set in the Developer options / 3. You are running a Sammy Stock ROM where adbd has no root powers.
If you're on a Stock ROM ... Install Chainfire's adbd Insecure (you need root!), run the app, apply the patch and reboot. Now adbd behaves like in CM or OMNI (root priviledges).
You can review the text files for yourself. If you see any obvious errors that should give you a hint about what's going on. If not, then put them up for review. Though... be warned: The files contains some private data (like the MAC address of the tablet as well as some information from your WiFi). If you don't want it to be displayed to the greater public send me a PM.
Click to expand...
Click to collapse
Thanks for the guidance. I'll work on getting the log files when I get home. I'm currently on CM11 with root so hopefully I'll be able to dump the kernel without too much trouble.
Once I get the files, I'll send you a PM.
.......M
Just to wrap the thread up so it won't hang around without some conclusion as we had a private exchange...
The logs showed that there's a major problem, along with some smaller ones, going on. The kernel is spamming a "command error" message, in a infinite loop at some high repetition rate, in relation to mmcblk0 to the kernel console, and logcat shows re-occurring problems with "MtpServer" which eventually crashes the "VM" (Dalvik).
Since michaelgwilson007 already attempted the "last resort" solution to flash back to Stock with a PIT for his type of SGT2 (as he said his "sdcard0" partition wasn't even there) to restore NAND partitioning and Stock firmware... the PIT goes through but he then gets a NAND write error while attempting to flash the stock firmware. Relating what the logs have to tell to what's going on the device we seem to agree that the likelyhood of the NAND chip being defective (dead flash memory cells) is very high.
Case isn't really solved, but at least we worked out a 99% probability of a hardware malfunction.
If some of the kernel dev, knowing a bit more about the low-level layer, happens to have an idea - feel free to maybe add some idea.
I sent @michaelgwilson007 a PM. You could try running an ADB command from recovery to reformat the internal storage partition. Just make sure to wait until it finishes. The instructions are in the PM.
Sent from my Nexus 4 using XDA Premium HD app
shakatu said:
I sent @michaelgwilson007 a PM. You could try running an ADB command from recovery to reformat the internal storage partition. Just make sure to wait until it finishes. The instructions are in the PM.
Sent from my Nexus 4 using XDA Premium HD app
Click to expand...
Click to collapse
Thanks for your assistance. It turns out that I had a corrupt NAND chip based on a few other tests. I replaced the motherboard and I'm good to go again.
I'm having the exact same problem, but it's not stuck, and I can certainly open apps, or run the system, can't seem to delete or rewrite or even write anything. From a brief search I came to this thread, any solution other than giving it to Samsung service for repair?
Following
I installed the OTA update last night and it's just looping through the "alcatel one touch" and "smart move" screens. It's been like that for hours.
I need assistance in getting into recovery mode, and hopefully getting my files off the device.
I have downloaded android-studio and am about to install it to get adb and fastboot, and have downloaded the drivers for the idol 3. At this point when it's plugged in, my computer doesn't recognize the device.
If you did not have usb debugging enabled BEFORE the boot loop installing adb and fastboot now won't do you any good. Are you still able to get into recovery and is it twrp or the factory recovery? Without a direct way to get the phone into bootloader regretfully the only solution is to send it in for warranty repair (or replacement via your credit card if you paid that way under purchase protection)
Are you trying to remove the data to prevent access by others or because you need the data? Did you make any backups to external sd or copied to the pc?
I as well am stuck in bootloop. Was able to get into factory recovery and reset phone several times. Still no luck. I have a TWRP backup, but how to I do a temporary boot into it? Only option available in factory recovery was to sideload via ADB, but no luck using fastboot commands there. Phoned Alcatel and they have referred me back to Amazon. Amazon only wants to refund me, won't exchange! Of course I bought at the pre-order price. Any help would be greatly appreciated.
wrench588 said:
I as well am stuck in bootloop. Was able to get into factory recovery and reset phone several times. Still no luck. I have a TWRP backup, but how to I do a temporary boot into it? Only option available in factory recovery was to sideload via ADB, but no luck using fastboot commands there. Phoned Alcatel and they have referred me back to Amazon. Amazon only wants to refund me, won't exchange! Of course I bought at the pre-order price. Any help would be greatly appreciated.
Click to expand...
Click to collapse
The factory reset killed you....if you had usb debugging enabled prior and had not done a factory reset (which kills /data) you could have possibly gotten to an adb shell long enough to do an adb reboot bootloader. The problem is there's no way now to get you into bootloader....you can't get to it from recovery (factory).
If you purchased it by credit card you might see if their purchase protection (typically 60-90 days) allows a claim submission for a replacement....in this case they would cut you a check for the cost of a replacement after mailing in your old one. That's the only solution I see to remain at the $199 price.
You could also see if amazon will issue a $50 credit to your account in addition to return to allow for repurchase. Unlikely but possible.
Ok thanks for the input and advice. As a last ditch effort, is there a way to create or modify the twrp file as a "signed" zip file so that I could boot into it via stock recovery. This was how I rooted my old Galaxy S2, although it was a CWM recovery.
wrench588 said:
Ok thanks for the input and advice. As a last ditch effort, is there a way to create or modify the twrp file as a "signed" zip file so that I could boot into it via stock recovery. This was how I rooted my old Galaxy S2, although it was a CWM recovery.
Click to expand...
Click to collapse
Nothing so far has worked in that regard...in fact I created a update.zip using "zipme" to replace the build.prop that another user says the factory recovery refused to process.
Without a full factory rom to pull needed info in or the source code to compile one we can't do some of the things which would "save" the device.
wrench588 said:
...Only option available in factory recovery was to sideload via ADB, but no luck using fastboot commands there.
Click to expand...
Click to collapse
Strange ... the stock recovery of 6039y has an option for reboot to the bootloader.
petrov.0 said:
Strange ... the stock recovery of 6039y has an option for reboot to the bootloader.
Click to expand...
Click to collapse
Can you post a screenshot where the option is? I'm not doubting your word but perhaps he's looking in the wrong place? I'm back on TWRP so can't look in the stock recovery myself.
famewolf said:
Can you post a screenshot where the option is? I'm not doubting your word but perhaps he's looking in the wrong place? I'm back on TWRP so can't look in the stock recovery myself.
Click to expand...
Click to collapse
There is no option for screenshot while the phone is in the stock recovery. I need a camera to take a picture of the menu. I can do this later. The menu however looks like this:
Code:
reboot system now
apply update from ADB
apply update from sdcard
apply update from phone storage
wipe data/factory reset
wipe cache partition
reboot to bootloader
power down
view recovery log
petrov.0 said:
There is no option for screenshot while the phone is in the stock recovery. I need a camera to take a picture of the menu. I can do this later. The menu however looks like this:
Code:
reboot system now
apply update from ADB
apply update from sdcard
apply update from phone storage
wipe data/factory reset
wipe cache partition
reboot to bootloader
power down
view recovery log
Click to expand...
Click to collapse
If it's right off the main page like that then I can confirm it's not on the 6045. It's been one of the main issues with folks bricking their devices...if their rom gets messed up and they have factory recovery they have no way to get into bootloader to do anything to repair the device. Seems alcatel needs to add the reboot to bootloader to our recovery. I wonder where we could report that.
Is there a way to "lock" recovery so the updates cannot replace twrp? TWRP allows adb access and reboot to bootloader.
famewolf said:
If it's right off the main page like that then I can confirm it's not on the 6045. It's been one of the main issues with folks bricking their devices...if their rom gets messed up and they have factory recovery they have no way to get into bootloader to do anything to repair the device. Seems alcatel needs to add the reboot to bootloader to our recovery. I wonder where we could report that.
Is there a way to "lock" recovery so the updates cannot replace twrp? TWRP allows adb access and reboot to bootloader.
Click to expand...
Click to collapse
This is a snapshot from the recovery menu of 6039y.
The short answer of your question regarding the "lock" is ... no. If a longer explanation is needed ... this is from the update file, a link to which was provided by you:
Code:
if ! applypatch -c EMMC:/dev/block/bootdevice/by-name/recovery:18393344:f9062580503eb61b315a5d12c5c6b3bb133aa4b2; then
....etc.
what it does is to check the sha1 sum of the recovery partition and if the sha1 sum doesn't match to f9062580503eb61b315a5d12c5c6b3bb133aa4b2 will continue with an overwriting of the recovery partition and then will apply a patch. It can't be changed because the whole update will fail.
yep no bootloader
I've got reboot to boatloader on main page from stock recovery on my 6045k
Sent from hell
famewolf said:
Is there a way to "lock" recovery so the updates cannot replace twrp? TWRP allows adb access and reboot to bootloader.
Click to expand...
Click to collapse
Back to the "lock" question. Probably it is possible the OTA update to be slightly modified and then to be flashed through the TWRP recovery (there is an option in TWRP to skip the signature verification ... the verification will fail if the zip file is modified). But I prefer to wait for the OTA update of the 6039y, as I want to perform some tests with the upgrade.
ractar28 said:
I installed the OTA update last night and it's just looping through the "alcatel one touch" and "smart move" screens. It's been like that for hours.
I need assistance in getting into recovery mode, and hopefully getting my files off the device.
I have downloaded android-studio and am about to install it to get adb and fastboot, and have downloaded the drivers for the idol 3. At this point when it's plugged in, my computer doesn't recognize the device.
Click to expand...
Click to collapse
I am in the same boat as OP re the state my Idol 3 (6045i) is currently in. I also unchecked superuser but did not unroot completely before installing the update. I have not yet done a data wipe through recovery though. Unfortunately, back when I rooted the phone I did NOT check the box telling the phone to remember the computer/RSA key for future use. As a result, now when the phone is stuck at the white/animated Alcatel boot logo I can see the phone under adb devices, but it shows as unauthorized.
One thing that did seem odd, was browsing through stock recovery when trying to browse to apply an update from either phone storage or the SD card, no files are showing up at all. All it is showing is the folder root ( /.. ) in both instances and nothing else. Even after I attempted loading several system update and twrp images (in .zip and .img formats) on the SD card from my computer, once loaded in the phone none of the files show up through stock recovery. Is this SD card not compatible/formatted wrong or is something else going on?
Is there any current method to gaining access to the phone via adb manupulating the adbkey files in the $User$/Home/.android folder? I do currently have the adbkey files on my Mac from connecting the phone previously. I'm assuming these files are uniquely generated hashes?
That is ridiculous if the 6045k has bootloader access from recovery and 6045i does not. What would be the reasoning for this?
Nikola Jovanovic said:
I've got reboot to boatloader on main page from stock recovery on my 6045k
Sent from hell
Click to expand...
Click to collapse
Does the sha1 sum of your recovery happen to match f9062580503eb61b315a5d12c5c6b3bb133aa4b2 ? If so it could solve some issues but why do I suddenly think all 3 models have their own recovery?
---------- Post added at 08:47 AM ---------- Previous post was at 08:43 AM ----------
n3tnut said:
I am in the same boat as OP re the state my Idol 3 (6045i) is currently in. I also unchecked superuser but did not unroot completely before installing the update. I have not yet done a data wipe through recovery though. Unfortunately, back when I rooted the phone I did NOT check the box telling the phone to remember the computer/RSA key for future use. As a result, now when the phone is stuck at the white/animated Alcatel boot logo I can see the phone under adb devices, but it shows as unauthorized.
One thing that did seem odd, was browsing through stock recovery when trying to browse to apply an update from either phone storage or the SD card, no files are showing up at all. All it is showing is the folder root ( /.. ) in both instances and nothing else. Even after I attempted loading several system update and twrp images (in .zip and .img formats) on the SD card from my computer, once loaded in the phone none of the files show up through stock recovery. Is this SD card not compatible/formatted wrong or is something else going on?
Is there any current method to gaining access to the phone via adb manupulating the adbkey files in the $User$/Home/.android folder? I do currently have the adbkey files on my Mac from connecting the phone previously. I'm assuming these files are uniquely generated hashes?
That is ridiculous if the 6045k has bootloader access from recovery and 6045i does not. What would be the reasoning for this?
Click to expand...
Click to collapse
adb reboot bootloader won't work even with it showing unauthorized? If you can get into bootloader you can fix /system without messing up your /data (don't wipe data or you lose adb entirely...you may figure out how to add the correct hash if we can find how it's generated)
Here's some info on the hashes you might find useful taken from: http://nelenkov.blogspot.com/2013/02/secure-usb-debugging-in-android-422.html
Secure ADB implementation
The ADB host authentication functionality is enabled by default when the ro.adb.secure system property is set to 1, and there is no way to disable it via the system settings interface (which is a good thing). The device is initially in the OFFLINE state and only goes into the ONLINE state once the host has authenticated. As you may already know, hosts use RSA keys in order to authenticate to the ADB daemon on the device. Authentication is typically a three step process:
After a host tries to connect, the device sends and AUTH message of type TOKEN that includes a 20 byte random value (read from /dev/urandom).
The host responds with a SIGNATURE packet that includes a SHA1withRSA signature of the random token with one of its private keys.
The device tries to verify the received signature, and if signature verification succeeds, it responds with a CONNECT message and goes into the ONLINE state. If verification fails, either because the signature value doesn't match or because there is no corresponding public key to verify with, the device sends another AUTH TOKEN with a new random value, so that the host can try authenticating again (slowing down if the number of failures goes over a certain threshold).
Signature verification typically fails the first time you connect the device to a new host because it doesn't yet have the host key. In that case the host sends its public key in an AUTH RSAPUBLICKEY message. The device takes the MD5 hash of that key and displays it in the 'Allow USB debugging' confirmation dialog. Since adbd is a native daemon, the key needs to be passed to the main Android OS. This is accomplished by simply writing the key to a local socket (aptly named, 'adbd'). When you enable ADB debugging from the developer settings screen, a thread that listens to the 'adbd' socket is started. When it receives a message starting with "PK" it treats it as a public key, parses it, calculates the MD5 hash and displays the confirmation dialog (an activity actually, part of the SystemUI package). If you tap 'OK', it sends a simple simple "OK" response and adbd uses the key to verify the authentication message (otherwise it just stays offline). In case you check the 'Always allow from this computer' checkbox, the public key is written to disk and automatically used for signature verification the next time you connect to the same host. The allow/deny debugging functionality, along with starting/stopping the adbd daemon, is exposed as public methods of the UsbDeviceManager system service.
We've described the ADB authentication protocol in some detail, but haven't said much about the actual keys used in the process. Those are 2048-bit RSA keys and are generated by the local ADB server. They are typically stored in $HOME/.android as adbkey and adbkey.pub. On Windows that usually translates to %USERPOFILE%\.android, but keys might end up in C:\Windows\System32\config\systemprofile\.android in some cases (see issue 49465). The default key directory can be overridden by setting the ANDROID_SDK_HOME environment variable. If the ADB_VENDOR_KEYS environment variable is set, the directory it points to is also searched for keys. If no keys are found in any of the above locations, a new key pair is generated and saved. On the device, keys are stored in the /data/misc/adb/adb_keys file, and new authorized keys are appended to the same file as you accept them. Read-only 'vendor keys' are stored in the /adb_keys file, but it doesn't seem to exist on current Nexus devices. The private key is in standard OpenSSL PEM format, while the public one consists of the Base 64 encoded key followed by a `[email protected]` user identifier, separated by space. The user identifier doesn't seem to be used at the moment and is only meaningful on Unix-based OS'es, on Windows it is always '[email protected]'.
While the USB debugging confirmation dialog helpfully displays a key fingerprint to let you verify you are connected to the expected host, the adb client doesn't have a handy command to print the fingerprint of the host key. You might think that there is little room for confusion: after all there is only one cable plugged to a single machine, but if you are running a couple of VMs, thing can get a little fuzzy. Here's one of way of displaying the host key's fingerprint in the same format the confirmation dialog uses (run in $HOME/.android or specify the full path to the public key file):
awk '{print $1}' < adbkey.pub|openssl base64 -A -d -a \
|openssl md5 -c|awk '{print $2}'|tr '[:lower:]' '[:upper:]'
We've reviewed how secure ADB debugging is implemented and have shown why it is needed, but just to show that all of this solves a real problem, we'll finish off with a screenshot of what a failed ADB attack against an 4.2.2 device from another Android device looks like:
famewolf said:
adb reboot bootloader won't work even with it showing unauthorized? If you can get into bootloader you can fix /system without messing up your /data (don't wipe data or you lose adb entirely...you may figure out how to add the correct hash if we can find how it's generated)
Click to expand...
Click to collapse
Just tested using adb reboot bootloader again and this is the result: error: device unauthorized. Please check the confirmation dialog on your device.
Something else I tried was running fastboot commands in the narrow window that the phone initially boots (black screen with Android logo) but that didn't seem to work either. I tried:
fastboot reboot-bootloader
fastboot -i 0x1bbb reboot-bootloader
fastboot -i 0x1bbb devices
I noticed if you plug the phone into the computer via USB while the phone is off, it will briefly power on to the Android logo/black screen before flashing the battery status once and turning off. Is this an opportunity to send fastboot or adb commands to the phone?
I'll try messing with the adbkey stuff later when I have time to dig into it.
There is a tool from Alcatel (TCL) which can perform upgrades of the device from a Windows PC. You can try it if nothing else helps. There are two COM ports available under Windows when the device is powered off and the USB cable is connected to the phone. This tool use them to perform some checks on the device and probably will continue with an upgrade (it says that all of your data will be wiped after the upgrade etc. so there is a possibility to overwrite everything with a stock image) ... there are instructions how to work with it. The link is from the French support section of Alcatel. Despite that the program has support for 6039 and 6045 is not clear for which of their versions.
petrov.0 said:
There is a tool from Alcatel (TCL) which can perform upgrades of the device from a Windows PC. You can try it if nothing else helps. There are two COM ports available under Windows when the device is powered off and the USB cable is connected to the phone. This tool use them to perform some checks on the device and probably will continue with an upgrade (it says that all of your data will be wiped after the upgrade etc. so there is a possibility to overwrite everything with a stock image) ... there are instructions how to work with it. The link is from the French support section of Alcatel. Despite that the program has support for 6039 and 6045 is not clear for which of their versions.
Click to expand...
Click to collapse
The problem is we currently have no stock images in the format it requires to flash to restore the device. I would think those have to be available first?
---------- Post added at 02:56 AM ---------- Previous post was at 02:55 AM ----------
n3tnut said:
Just tested using adb reboot bootloader again and this is the result: error: device unauthorized. Please check the confirmation dialog on your device.
Something else I tried was running fastboot commands in the narrow window that the phone initially boots (black screen with Android logo) but that didn't seem to work either. I tried:
fastboot reboot-bootloader
fastboot -i 0x1bbb reboot-bootloader
fastboot -i 0x1bbb devices
I noticed if you plug the phone into the computer via USB while the phone is off, it will briefly power on to the Android logo/black screen before flashing the battery status once and turning off. Is this an opportunity to send fastboot or adb commands to the phone?
I'll try messing with the adbkey stuff later when I have time to dig into it.
Click to expand...
Click to collapse
You can't do fastboot commands until the phone is IN bootloader....so you'd have to do adb reboot bootloader
adb devices
etc....
famewolf said:
The problem is we currently have no stock images in the format it requires to flash to restore the device. I would think those have to be available first?
Click to expand...
Click to collapse
It is possible the program to download these images from a server.
I found another interesting thing. The device has a download mode. It is activated when the phone is powered off and connected to a PC. You must wait the display to turn off after the charging battery symbol and then to press and hold both volume keys, after which to press and hold the power button (without releasing these for the volume). But still don't know what to do in this mode. No device is detected on my Linux box when the phone is in this state. Probably I should try in Windows.
Also when the Alcatel upgrade tool was trying to detect the phone I'm almost sure that one of the COM ports was
Qualcomm HS-USB Diagnostics 9006
there is a lot information for other devices how this can be used to unbrick your phone, so this is a some start. The images which the people flash through it are in raw format.
Hello,
I have Oneplus One 64 gb variant, yesterday my nephew somehow changed my phone's lock pattern and now my phone is locked. USB debugging was disabled at that time. I am not able to get into my phone through any means. I have lot of important data in my phone and don't want to hard reset my device. I found a solution online to get usb debugging on through adb , but I am a ultra noob and don't understand how that has to be done. please dumb it down so that I can save my precious data and unlock my phone when debugging gets enabled. Also I don't have any custom recovery installed on my phone.
This is what is mentioned in the solution.
"Instructions
1. You should try your pattern-cracking software (or whatsoever the genre it has) from inside the Stock Recovery to see whether it works with the former's environment (ADB shell available there or not).
2.Since I would never try step 1., I would do the following:
-For Jellybean 4.2.1:
1. Boot into Recovery and mount Data partition.
2. Open a shell on PC and type:
adb pull /data/property/persist.sys.usb.config ~/
Repace ~/ with home directory of your OS.
3. Open that file in a text editor and you would possibly see mtp written there. Change it to mtp,adb.
Note that sometimes Android doesn't understand the text file changes if the line terminator is "DOS Terminators" which Notepad would probably do on Windows (mine is Linux so no issue here).
In that case, I would suggest not using adb pull but doing:
adb shell
echo 'mtp,adb' > /data/property/persist.sys.usb.config
You may verify that the echo command overwrote the file by using:
adb pull /data/property/persist.sys.usb.config ~/
and seeing the file's content in some text editor.
4. Unmount Data and reboot into Android OS. USB Debugging would probably be enabled.
-For Lollipop 5.0:
JB 4.2.1 users can also follow this method if the previous one didn't work for them.
1. Boot into Recovery and mount Data partition.
2. Repeat step 2 and 3 used in JB 4.2.1 method.
3. We need to tweak some parameters in settings.db. Type:
adb pull /data/data/com.android.providers.settings/databases/settings.db ~/
4. Back it up at some other location too, and open the file in an SQLITE editor. I'm running Linux and DB Browser for SQLite works well. It's also available for Windows OS/OSX.
5. In the global table, change the value for:
adb_enabled to 1
development_settings_enabled to 1
6. Check that verifier_verify_adb_installs is set to 1 in the global table.
7. Check that as default, in the secure table:
adb_notify is 1
adb_port is -1
These checks in step 6 and 7 are not necessary but should be done so that troubleshooting becomes rather easy if the solution doesn't work for you.
8. Save the changes in settings.db and copy it back into Android by typing:
adb shell
rm /data/data/com.android.providers.settings/databases/settings.db
exit
adb push ~/settings.db /data/data/com.android.providers.settings/databases/
That delete (rm) command is not necessary since adb push should overwrite the file, but I executed it for my peace of mind.
8. Unmount Data and reboot into Android OS. ADB probably would be enabled.
source:- https://android.stackexchange.com/questions/112040/how-to-enable-usb-debugging-in-android-if-forgotten-pattern-for-screen-unlock"
Please help me understand this code and be a life saver.
Thanks in advance..
You are stuck, I'm afraid. You won't be able to run any script on stock recovery, but you can't flash a custom recovery without unlocking the bootloader which will wipe your data.
What's more, your phone should be encrypted (if it's running 6.0 or higher), which means you'll need to know the pattern to decrypt after a reboot.
If you can't figure out the pattern, there's nothing you can really do.
jisoo said:
You are stuck, I'm afraid. You won't be able to run any script on stock recovery, but you can't flash a custom recovery without unlocking the bootloader which will wipe your data.
What's more, your phone should be encrypted (if it's running 6.0 or higher), which means you'll need to know the pattern to decrypt after a reboot.
If you can't figure out the pattern, there's nothing you can really do.
Click to expand...
Click to collapse
Is there any way I can create backup of the data in these conditions?
Dush123 said:
Is there any way I can create backup of the data in these conditions?
Click to expand...
Click to collapse
Unfortunately for you in this case, there isn't.
From a general security perspective, if there was it would mean the pattern lock and encryption can be bypassed, which would be very bad.
jisoo said:
Unfortunately for you in this case, there isn't.
From a general security perspective, if there was it would mean the pattern lock and encryption can be bypassed, which would be very bad.
Click to expand...
Click to collapse
Ohk. Then it seems I don't have any option but to hard reset my device.
Thanks anyways
HI! Is there anything I can do for my pattern locked Moto E4 Plus? Details I've posted in this thread.
https://forum.xda-developers.com/showthread.php?t=2620456&page=13
How to install GSI ROM - Xiaoxin Pad Pro 2021 [TB-J716F]
I tried to install a GSI ROM on this tablet, because there is only a chinese version available.
The tablet supports treble and I managed to get different GSI ROMs booting on it, but with a few annoying bugs I couldn't solve.
I thought I will share my experience here and maybe someone with more expierence can help to solve these problems.
Your data will be deleted, try at your own risk.
Treble Device Information (Treble Info):
Required Image: system-arm64-ab.img.xz
Supports modern version of treble and uses VNDK30.0
Supports System-as-Root, uses A/B operating system
Supports seamless upgrades and uses dynamic partitions (super partition)Requirements:
Unlocked Bootloader
PC with ADB and Fastboot Tool + Universal ADB Driver
Download vbmeta.img (extracted from Stock ROM)
Download GSI ROM with naming like "arm64-b?Z-lite.img" (if you want GAPPs use image "arm64-bgZ-lite.img", sideloading doesn't work). In this guide I use the LiR-ROM
Installation:
Go to "Settings" ->"System" -> "About Phone", tab on it until developer settings are enabled.
Go to "Developer Settings" and enable "USB Debugging", allow USB-Debugging if tablets asks.
Reboot to bootloader: "adb reboot bootloader"
Flash vbmeta.img: "fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img", you only need to flash it once
Reboot to fastbootd: "fastboot reboot fastboot"
Flash GSI-ROM: "fastboot flash system lir-v313+211012-arm64-bgZ-lite.img" and wait
Using volume keys on tablet select "Enter recovery" and then select "Wipe data/factory reset", reboot device.
Now it tries booting the ROM, after the "bootloader unlocked" warning, the lenovo logo should show up. Here I often had the problem that it didn't boot at first try. If, after waiting for 20-30s the ROM doesn't boot, press the power button to reboot tablet. After trying it a few times it always worked. This problem only occurs at first boot up, after setting the ROM up, it boots normally.
Now after booting, when using the LiR-ROM, you have to set up the tablet. In the fourth setup window, the ROM is asking for a SIM-Card even though the tablet doesn't support GSM. You can skip this by entering to adb commands "adb shell settings put secure user_setup_complete 1" and "adb shell settings put global device_provisioned 1". After sending these two commands, then pressing return in the setup, it should complete.
After successfully booting, the "Home" and "Tasks" button is missing. After a reboot they should appear and work normally but I recommend to set a lock pin first.
Known Bugs/Problems:
AutoRotate
When activating autorotate, the display is always orientated in the wrong direction by 270°.I tried to solve it with two different commands added to build.prop:
"ro.sf.hwrotation=270" -> didn't do anything
"ro.surface_flinger.primary_display_orientation=ORIENTATION_270" -> the screen rotated in right direction, but the touchpanel did not.
Workaround: using an rotation controll app, but I'm not a fan of it.
Overlay - AutoBrighness, Magnetic Screen Lock, Battery Save Mode
I tried creating an overlay according to the instructions but sadly the "FrameworksResTarget.apk" from the vendor folder doesn't provide much configuration information including for the above mentioned issues. I tested values from similiar devices but didn't have any success. If someone is interested to try, here are the files I extracted from the tablet and the current overlay I created.
Hopefully, someone here knows how to solve these problems.
thabks for nice experience with gsi, if lenovo public their kernel source like mipad 5 pro i can developer custom rom for it, if not it hard to map correct hal driver to exactly application layer of gsi
Tropaion said:
How to install GSI ROM - Xiaoxin Pad Pro 2021 [TB-J716F]
I tried to install a GSI ROM on this tablet, because there is only a chinese version available.
The tablet supports treble and I managed to get different GSI ROMs booting on it, but with a few annoying bugs I couldn't solve.
I thought I will share my experience here and maybe someone with more expierence can help to solve these problems.
Your data will be deleted, try at your own risk.
Treble Device Information (Treble Info):
Required Image: system-arm64-ab.img.xz
Supports modern version of treble and uses VNDK30.0
Supports System-as-Root, uses A/B operating system
Supports seamless upgrades and uses dynamic partitions (super partition)Requirements:
Unlocked Bootloader
PC with ADB and Fastboot Tool + Universal ADB Driver
Download vbmeta.img (extracted from Stock ROM)
Download GSI ROM with naming like "arm64-b?Z-lite.img" (if you want GAPPs use image "arm64-bgZ-lite.img", sideloading doesn't work). In this guide I use the LiR-ROM
Installation:
Go to "Settings" ->"System" -> "About Phone", tab on it until developer settings are enabled.
Go to "Developer Settings" and enable "USB Debugging", allow USB-Debugging if tablets asks.
Reboot to bootloader: "adb reboot bootloader"
Flash vbmeta.img: "fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img", you only need to flash it once
Reboot to fastbootd: "fastboot reboot fastboot"
Flash GSI-ROM: "fastboot flash system lir-v313+211012-arm64-bgZ-lite.img" and wait
Using volume keys on tablet select "Enter recovery" and then select "Wipe data/factory reset", reboot device.
Now it tries booting the ROM, after the "bootloader unlocked" warning, the lenovo logo should show up. Here I often had the problem that it didn't but at first try. If, after waiting for 20-30s the ROM doesn't, press the power button to reboot tablet. After trying it a few times it always worked. This problem only occurs at first boot up, after setting the ROM up, it boots normally.
Now after booting, when using the LiR-ROM, you have to set up the tablet. In the fourth setup window, the ROM is asking for a SIM-Card even though the tablet doesn't support GSM. You can skip this by entering to adb commands "adb shell settings put secure user_setup_complete 1" and "adb shell settings put global device_provisioned 1". After sending these two commands the pressing return in the setup, it should complete.
After successfully booting, the "Home" and "Tasks" button is missing. After a reboot they should appear and work normally but I recommend to set a lock pin first.
Known Bugs/Problems:
AutoRotate
When activating autorotate, the display is always orientated in the wrong direction by 270°.I tried to solve it with two different commands added to build.prop:
"ro.sf.hwrotation=270" -> didn't do anything
"ro.surface_flinger.primary_display_orientation=ORIENTATION_270" -> the screen rotated in right direction, but the touchpanel did not.
Workaround: using an rotation controll app, but I'm not a fan of it.
Overlay - AutoBrighness, Magnetic Screen Lock, Battery Save Mode
I tried creating an overlay according to the instructions but sadly the "FrameworksResTarget.apk" from the vendor folder doesn't provide much configuration information including for the above mentioned issues. I tested values from similiar devices but didn't have any success. If someone is interested to try, here are the files I extracted from the tablet and the current overlay I created.
Hopefully, someone here knows how to solve these problems.
Click to expand...
Click to collapse
did you try lingeas os ? i think it's a good GSI
@luizkun I tried LIR which is based on LineageOS. I use Lineage for nearly all my devices, thats why I wanted to get it running. I think they will probably release kernel but don't know how long it will take.
But if you know how to programm ROMs you can also try to modify GSI so that the issues are gone.
According to phusson the accelerometer orientation is probably wrong: GitHub Issue.
But I think a custom ROM would be really nice and the best. I would probably try it myself but I never did programming work with android.
Hello i received one(tb-j716f) unlocked with a globaoe fw without ota's and i flashed the cn one and took the boot.ipg and patched it with pagisk for root and when flashing it via fastboot the device reboots to fastboot everytipe 1nd had to reflash the fw via edl , i did flashed vbmeta img with the known command o disable verification but no success same thing again. Can anyone plz tell me how to root that crap , it was intended to root use only and took over xiaomi pad pro just because the xiaomi needs 7 days of waiting before unlocking , plz help guys .thx so much i can buy a couple beers for the helper
@bouyhy01 I didn't try rooting until now, not that interested in it but you can look at this guide. You probably have to experiment a bit since MTL is not that good with chinese
Tropaion said:
@bouyhy01 I didn't try rooting until now, not that interested in it but you can look at this guide. You probably have to experiment a bit since MTL is not that good with chinese
Click to expand...
Click to collapse
Hi tropaion, could you try install Android 12L for this tablet ? Android 12L is optimize for large screen , so i thinbk it is useful for our tablet
luizkun said:
Hi tropaion, could you try install Android 12L for this tablet ? Android 12L is optimize for large screen , so i thinbk it is useful for our tablet
Click to expand...
Click to collapse
It's not out till next year
@russy23 Currently I don't have much time, maybe when it's better. But you can try it too.
Received a 'banggood' pad pro 2021 with the 'global' rom.
After installing stock rom and updating to the .238 version I tried to install the LiR GSI ROM as stated.
First reboot takes about 3 tries, but after the setup completion (with the ADB commends in step 9) a reboot is not bringing up the rom (even after multiple tries). Only effect is a sound indicated that the ROM is started and I can connect via adb. Got it working now
However HOW do yo enable SU? Can not find the info on teh dynamic superuzer function
Wanted to try if the fix mentioned here: https://groups.google.com/g/android-x86/c/RFXYW5MNCuk is working for the rotation problem:
Code:
setprop ro.iio.accel.x.opt_scale -1
setprop ro.iio.accel.y.opt_scale -1
setprop ro.iio.accel.z.opt_scale -1
stop; start
(as Lenovo normally makes laptops I though there would be a good change it would work )
@rosco_pc It's nice that someone else is trying it.
It also took me a while to find out how to change the build.prop file. I used the app BuildProp Editor but you cant' directly edit the file because the tablet has A/B Operating System which uses dynamic partitions. The partitions is always exactly the size the OS needs, so when you edit and file and the size changes, it doens't work.
First you need to manually increase the partition size, I don't know if its the best way but it worked for me:
Connect tablet to pc and enter adb shell with "adb shell"
Get admin rights with "su"
You need the current size of system_b partition which you get with "blockdev --getsize64 /dev/block/mapper/system_b". In my example I got this value: "3098140672" in bytes. If you change the second digit to 1: "3198140672" you get 100MB free space to use.
To increase space, first exit adb shell with "exit" and "exit"
Reboot to fastboot: "adb reboot fastboot"
Resize partition (change bytes to your needed size) with: "fastboot resize-logical-partition system_b 3198140672"
Now you can reboot and edit your build.prop
To use the build.prop app you need root permission which you can enable in "Settings" somewhere in the "phhusson" tab. I don't remember the exact location.
Tropaion said:
@rosco_pc It's nice that someone else is trying it.
It also took me a while to find out how to change the build.prop file. I used the app BuildProp Editor but you cant' directly edit the file because the tablet has A/B Operating System which uses dynamic partitions. The partitions is always exactly the size the OS needs, so when you edit and file and the size changes, it doens't work.
First you need to manually increase the partition size, I don't know if its the best way but it worked for me:
Connect tablet to pc and enter adb shell with "adb shell"
Get admin rights with "su"
You need the current size of system_b partition which you get with "blockdev --getsize64 /dev/block/mapper/system_b". In my example I got this value: "3098140672" in bytes. If you change the second digit to 1: "3198140672" you get 100MB free space to use.
To increase space, first exit adb shell with "exit" and "exit"
Reboot to fastboot: "adb reboot fastboot"
Resize partition (change bytes to your needed size) with: "fastboot resize-logical-partition system_b 3198140672"
Now you can reboot and edit your build.prop
To use the build.prop app you need root permission which you can enable in "Settings" somewhere in the "phhusson" tab. I don't remember the exact location.
Click to expand...
Click to collapse
Found the root setting:
Settings > Phh Treble Settings : Misc features > SuperSU
The setting I mentioned can actually be set from adb shell
Enable root (as above)
In your cmd window:
adb shell
su
getprop / setprop to read and write properties
stop; start (restart tablet services)
However none of this works. Another one I was hopeful for:
ro.iio.accel.order xyz (with x=0 Y=1 and z=2)
swapping x and y axis would result in command
# setprop ro.iio.accel.order 102
Even that did not work and I almost suspect this is specific for x86 based android (as all refers to those devices). Will keep playing around and report back here
PS rebooting does not always bring up the ROM, ie Lenovo Logo remains on screen. I can however connect through ADB when that happens.
@rosco_pc Are you sure the properties were applied when you use the setprop-command?
Have you checked with the "BuildProp Editor" App if it was written into the prop file?
After editing the file you have to reboot
Yes they should be applied, but will not survive a reboot. For that they need to be added to buildprop or set in another script during startup.
You can try with
# getprop
This will get you a list of all properties applied (including the ones you have in buildprop).
It is the
# stop; start
that should restart all services without rebooting the tablet and makes sure the new properties are being used until next reboot
rosco_pc said:
Yes they should be applied, but will not survive a reboot. For that they need to be added to buildprop or set in another script during startup.
You can try with
# getprop
This will get you a list of all properties applied (including the ones you have in buildprop).
It is the
# stop; start
that should restart all services without rebooting the tablet and makes sure the new properties are being used until next reboot
Click to expand...
Click to collapse
Ok, didn't know that this works too.
managed to setup everything, exact same rom as OP used.
Only problem is the screen is completely black, not a pixel in site. I know it worked because if I touch the power button etc it makes Android noises but the screen so totally pitch black. Anyone able to assit? I have tried this command via ADB but didn't seem to do anything
Code:
adb shell settings put system screen_brightness 255
Retry a few times. It will eventually come up (I try to reboot as little as possible)
Tropaion said:
Ok, didn't know that this works too.
Click to expand...
Click to collapse
I'm planning to retry with setting the properties in buildprop as well, just not sure when (my job is a bit demanding at the moment)
rosco_pc said:
Retry a few times. It will eventually come up (I try to reboot as little as possible)
Click to expand...
Click to collapse
Thank you. Finally in to LOS
For anyone else who has similar issues. After the first reboot after flashing the ROM, it will boot up with the lenovo logo, leave it there to do its thing for 5-10 minutes then it will be patch black screen but pressing the buttons still makes noise. - here I unplugged the cable and not sure if that matters but do that just hold the power button for 30-45 seconds so it reboots again and wait another 2 minutes or so then you should see the Lineage Logo booting up ( if thats the rom you tried out)
@sebseb83 I also mentioned it in my thread. But setting a Lock Pin helps a bit.
I tried various different ROMs and the only one which always boots is the original phussons ROM