Related
Has anyone been able to root thier Erie yet? If so how did you do it? Or can anyone point me in the right direction to get started. Thanks for the help.
I think it'll be at least a few weeks. Someone needs to get the recovery image and mod it as they did with the Hero. I think.
so is anyone working on this? if you give me instuctions i will dump my phone and post it, if that will help? i would really just like to be able to tether over wifi when needed without having to pay out the ear for it.
Is it that different from the Sprint's Hero? Try the current method...
herzzreh said:
Is it that different from the Sprint's Hero? Try the current method...
Click to expand...
Click to collapse
I'm concerned that the image from the Hero will cause problems since it's different carrier etc
The method used to root isn't carrier dependent. You probably won't want to load MoDaCo's current ROM as it is Sprint specific, but assuming the kernel build is the same you may be able to gain root with the asroot2 script.
To clarify, 'rooting' is not the same as loading a custom ROM. One begets the other, but loading a custom ROM isn't a requirement, just a door that gets opened when you gain root access to your phone.
Assuming everything else is the same on the phone, the Amon_Ra recovery bootloader should work as well.
If asroot2 works then we can flash a new recovery image, you can dump your ROM, and I can do a MCR version.
P
would i still use the recovery image that is posted for the hero? or would i stop at that step when rooting?
binny1007 said:
would i still use the recovery image that is posted for the hero? or would i stop at that step when rooting?
Click to expand...
Click to collapse
If you use the recovery image for the hero and it doesn't work, it's not usually a big deal.
Just pull out the battery to restart your phone normally. Since the recovery image is separate from the rom, replacing the first does not affect the latter.
binny1007 said:
would i still use the recovery image that is posted for the hero? or would i stop at that step when rooting?
Click to expand...
Click to collapse
Follow the rooting instructions to the letter, all the way through. Just don't flash a new rom if successful.
You can use the recovery image posted for the Hero.
ok i am following the instructions and this is what i am getting? what is going wrong?
C:\AndroidSDK\tools>adb shell
$ chmod 0755 /data/local/asroot2
chmod 0755 /data/local/asroot2
$ /data/local/asroot2 /system/bin/sh
/data/local/asroot2 /system/bin/sh
[1] Killed /data/local/asro
$ mount -o remount,rw -t yaffs2 /dev/block/mtd
mount -o remount,rw -t yaffs2 /dev/block/mtdbl
mount: Operation not permitted
$ cd /system/bin
cd /system/bin
$ cat sh > su
cat sh > su
cannot create su: read-only file system
$ chmod 4755 su
chmod 4755 su
Unable to chmod su: No such file or directory
The eris and droid can't use that exploit unfortunately, you'll have to wait until there's another way in
binny1007 said:
ok i am following the instructions and this is what i am getting? what is going wrong?
C:\AndroidSDK\tools>adb shell
$ chmod 0755 /data/local/asroot2
chmod 0755 /data/local/asroot2
$ /data/local/asroot2 /system/bin/sh
/data/local/asroot2 /system/bin/sh
[1] Killed /data/local/asro
$ mount -o remount,rw -t yaffs2 /dev/block/mtd
mount -o remount,rw -t yaffs2 /dev/block/mtdbl
mount: Operation not permitted
$ cd /system/bin
cd /system/bin
$ cat sh > su
cat sh > su
cannot create su: read-only file system
$ chmod 4755 su
chmod 4755 su
Unable to chmod su: No such file or directory
Click to expand...
Click to collapse
You guys and Bell South...sounds like Sprint had the only vulnerable CDMA version.
You guys will have to wait for a new "asroot" type file...a new exploit to get you guys access.
well that sucks, so there is no other way around this right now? Or if anyone needs a ginnie pig i am more than happy to help.
thecodemonk said:
You guys and Bell South...sounds like Sprint had the only vulnerable CDMA version.
You guys will have to wait for a new "asroot" type file...a new exploit to get you guys access.
Click to expand...
Click to collapse
That's what I thought. Hopefully since the hardware is so similar it wont take long.
Unfortunately hardware is barely a glimmer in this equation - the expliots used to gain root are software, usually kernel bugs.
Something will turn up soon.hopefully.
binny1007 said:
well that sucks, so there is no other way around this right now? Or if anyone needs a ginnie pig i am more than happy to help.
Click to expand...
Click to collapse
Just remember, while it's unlikely, any of these actions could theoretically brick your phone...be aware of the risks!
Have you attempted the flashrec method?
Drop the Recovery Image from here onto your sd card
http://forum.xda-developers.com/showthread.php?t=581521
Download the apk from here and install it on your phone:
http://zenthought.org/content/project/flashrec (download it from your phone's webbrowser and open the file...if that doesn't work, download astro file explorer from the market and try again).
Once you open flashrec, click on the "backup" link and then type in the path to your recovery image (most likely: /sdcard/recovery-RA-heroc-v1.2.3.img)
Then flash and try to reboot into recovery mode (power off, then either home+power, volume down+power, or camera+power...depends on who you ask, one of those should get you into the recovery image where you'll see an option for nandroid, that's how you'll know it was a success).
If you reboot and it doesn't work or it freezes, pop out the battery and boot normally...shouldn't hurt anything (though if you want to be more safe, I'd wait until we got the RUU for whatever carrier you're on (Verizon/Telus/etc)). Currently the Sprint RUU is the "get out of jail" card that's saved a bunch of people.
Just remember, while it's unlikely, any of these actions could theoretically brick your phone...be aware of the risks!
thecodemonk said:
You guys and Bell South...sounds like Sprint had the only vulnerable CDMA version.
Click to expand...
Click to collapse
Cellular South
thecodemonk said:
Have you attempted the flashrec method?
Click to expand...
Click to collapse
It doesn't use the same exploit as asroot2?
markachee said:
Cellular South
It doesn't use the same exploit as asroot2?
Click to expand...
Click to collapse
Sorry, Cell South, Bell south...(can you tell I'm not from around there? )
I have no idea if it does...but I figured it can't hurt to try eh? Because if it works, wouldn't that be awesome?
step-by-step guide how to unlock your Motorola Charm free of charge.
Finally, Mr.. yakk did it! Mr.. uu1dx helped him a little bit and check all blocked Charm.
It works on 2.60 firmware only. Not tested on 3.90.
1: flash phone using RSD and this firmware: http://motofan.ru/firmware/?action=view&id=1377
2) root it using SuperOneClickRoot: Link
3) download file and unzip it to SD card:Link
4) go to shell (ADB shell or even use terminal emulator on the phone) and do next steps:
Code:
su
mount -o remount,rw -t yaffs2 /dev/mtdblock7 /system
cp /sdcard/telnetd /system/bin/
chmod 777 /system/bin/telnetd
reboot phone with any SIM and enloy your unlocked toy smile.gif
Note: after reflashing your phone will be locked again.
Reposts or even usage of file which does unlock in any posts without links to this topic are strictly prohibited.
Donations to mr. yakk are highly appreciated, just pay him to [email protected] using PayPal.
The original topic http://forum.motofan.ru/index.php?showtopic=1730439
bootloader or simcard or both?
i was surprised about the unlock, whether this unlcok to unlock simcard protection (which usually is a package of purchase) or open the bootloader to be installed froyo?
this is for simlocked phones to use any SIM.
hi.
trying doing this method.
getting some error
C:\a-sdk\platform-tools>adb devices
List of devices attached
xxxxxxxxxxxxxx device
C:\a-sdk\platform-tools>adb shell
$ su
su
# mount -o remount,rw -t yaffs2 /dev/mtdblock7 /system
mount -o remount,rw -t yaffs2 /dev/mtdblock7 /system
# cp /sdcard/telnetd /system/bin/
cp /sdcard/telnetd /system/bin/
cp: /system/bin/telnetd: Text file busy
# chmod 777 /system/bin/telnetd
chmod 777 /system/bin/telnetd
#
Click to expand...
Click to collapse
rebooting phone.
asks for unlock code again.
how to get rid of this??
zukko said:
hi.
trying doing this method.
getting some error
rebooting phone.
asks for unlock code again.
how to get rid of this??
Click to expand...
Click to collapse
cp: /system/bin/telnetd: Text file busy
ps | grep telnet
you can see something like
1099 telnetd
kill -9 1099
than rm /system/bin/telnetd
uu1dx said:
this is for simlocked phones to use any SIM.
Click to expand...
Click to collapse
oh
nice info, i've get motoCharm FU edition
eclair forever
can we use this unlock method or similiar for flipout?
i have done this method on a US tmobile charm, and it worked. my issue is that on other forums, it says 850 and 1900 band wouldnt work. i am in jamaica, and on LIME network and i think they use the 850 band. i have internet on the the phone, provided by the network; but the highest speeds i am able to get is up to EDGE. their customer service reps told me that i should be able to get 3g speeds in the area i live. so i want to know if their is something in the hack that does not allow me to get 3g speeds?
Only 1700/2100 3g.. not 850
frazbox said:
i have done this method on a US tmobile charm, and it worked. my issue is that on other forums, it says 850 and 1900 band wouldnt work. i am in jamaica, and on LIME network and i think they use the 850 band. i have internet on the the phone, provided by the network; but the highest speeds i am able to get is up to EDGE. their customer service reps told me that i should be able to get 3g speeds in the area i live. so i want to know if their is something in the hack that does not allow me to get 3g speeds?
Click to expand...
Click to collapse
unfortunately this rom work with the bands 1700/2100 in 3G, and you need to work on 3G bands 850/1900/2100.
This ROM does not work. Only "T-Mobile U.S."
the truth is that it is a shame because the "exploit" this only works with t-mobile rom 2.60.
for those who want to use this rom with countries from other operators in 850, will not be able to enjoy 3G.
I am trying to find out what is the logic behind this soft unlock.
If anybody can tell me some clues please do it. I am trying to understand this methods of unlocking.
How can copying a telnetd file (is it really a linux telnet daemon file?) to the system partition make a difference and the mobile phone to become unlocked?
I am using latest firmware version 3.90 and tried this hack but it doesn't work.
So what is the difference from the previous v2.60 ROM and this that does it?
Thanks
xclabrx said:
I am trying to find out what is the logic behind this soft unlock.
If anybody can tell me some clues please do it. I am trying to understand this methods of unlocking.
How can copying a telnetd file (is it really a linux telnet daemon file?) to the system partition make a difference and the mobile phone to become unlocked?
I am using latest firmware version 3.90 and tried this hack but it doesn't work.
So what is the difference from the previous v2.60 ROM and this that does it?
Thanks
Click to expand...
Click to collapse
ive tried it also with the 3.90 and it will not work... but use the 2.60 with the method and it will unlock when your finished and restart the device
frazbox said:
ive tried it also with the 3.90 and it will not work... but use the 2.60 with the method and it will unlock when your finished and restart the device
Click to expand...
Click to collapse
It's a T-Mobile 3.90 ROM, OTA update.
Can't go back to 2.60 as far as I read (although I would like to be able to have from anyone a full OverTheAir SBF update 2.60version update file, that has the bootloader CG file in it, and then I could downgrade).
Well...from what I could find, I figured out the telnetd is in fact a modified version of telnet daemon that has memory patching features, and that were used to patch in memory or nonvolatile memory the bytes that the Android OS takes into account when making network code comparing operations.
It is called a soft unlock, and it is made by YAKK (russian guy) with the help of others (uu1dx, etc). He has made other soft unlocks for Motorola Cliq for example.
Somebody more experienced correct me if I am wrong.
xclabrx said:
Well...from what I could find, I figured out the telnetd is in fact a modified version of telnet daemon that has memory patching features, and that were used to patch in memory or nonvolatile memory the bytes that the Android OS takes into account when making network code comparing operations.
It is called a soft unlock, and it is made by YAKK (russian guy) with the help of others (uu1dx, etc). He has made other soft unlocks for Motorola Cliq for example.
Somebody more experienced correct me if I am wrong.
Click to expand...
Click to collapse
as far as I know, it patches the modem routines on the fly every time it loads...
The firmware download link is not working for me. It keeps bouncing me around a few pages written in Russian, so I can't get it downloaded
I had to google translate the page to see where the download link was but it all downloaded and flashed/installed fine. I do not have access to another carrier's sim ATM to test if the unlock works though.
motostigr said:
step-by-step guide how to unlock your Motorola Charm free of charge.
Finally, Mr.. yakk did it! Mr.. uu1dx helped him a little bit and check all blocked Charm.
It works on 2.60 firmware only. Not tested on 3.90.
1: flash phone using RSD and this firmware: http://motofan.ru/firmware/?action=view&id=1377
2) root it using SuperOneClickRoot: Link
3) download file and unzip it to SD card:Link
4) go to shell (ADB shell or even use terminal emulator on the phone) and do next steps:
Code:
su
mount -o remount,rw -t yaffs2 /dev/mtdblock7 /system
cp /sdcard/telnetd /system/bin/
chmod 777 /system/bin/telnetd
reboot phone with any SIM and enloy your unlocked toy smile.gif
Note: after reflashing your phone will be locked again.
Reposts or even usage of file which does unlock in any posts without links to this topic are strictly prohibited.
Donations to mr. yakk are highly appreciated, just pay him to [email protected] using PayPal.
The original topic http://forum.motofan.ru/index.php?showtopic=1730439
Click to expand...
Click to collapse
tested ok on 3.90. thank you very much
I have flash T-Mobile_MB502_02.60.5_1FF_01.sbf and T-Mobile_MB502_03.90.7_1FF_01.sbf but all are err:A5,64,D5,00,25
Installation instructions, with ro.boot.write_protect=0:
Code:
adb push entitlementservice.apk /sdcard/entitlementservice.apk
adb shell
su
mount -o remount,rw /system
mv /system/priv-app/entitlementservice.apk /system/priv-app/entitlementservice.apk.bak
mv /system/priv-app/entitlementservice.odex /system/priv-app/entitlementservice.odex.bak
cp /sdcard/entitlementservice.apk /system/app/entitlementservice.apk
chmod 644 /system/app/entitlementservice.apk
Now tap "Portable Wi-Fi hotspot". You will experience a force close, this is expected.
Code:
mv /system/app/entitlementservice.apk /system/priv-app/entitlementservice.apk
mount -o remount,ro /system
exit
exit
Now you will be able to tether.
For the geeks:
Code:
.method public static doEntitleCheck(Landroid/content/Context;ZLcom/motorola/service/entitlement/EntitlementConnectivity;)Ljava/lang/String;
.locals 1
.prologue
const-string v0, "success"
return-object v0
.end method
Stupid question, but I assume this needs root?
bugsy said:
Stupid question, but I assume this needs root?
Click to expand...
Click to collapse
ofcourse
I'll 'give it a whirl.'
Thanks cj64!
[edit] Seems to work fine. Thanks again. [/edit]
redacted.. found my answer.
Nm!
Sent from my XT1058 using Tapatalk
Will this work for t-mobile?
easy peasey
not for me
i have a question, i use this rom (Att oficial 4.4 ) and i can tether without a problem... only add apn dun alternative... and nothing more
(do not consider the question if "att" denny this option to share internet, because i'm in Chile, south america)
so, i don't need this... rigth?
Pd: sorry about my english
Before I blow up my phone, should this work on Sprint 4.4?
abiezer said:
Before I blow up my phone, should this work on Sprint 4.4?
Click to expand...
Click to collapse
No. Please PM me the /system/priv-app/SprintEntitlement.apk file.
T-Mobile Moto X?
Will this work on the T-Mobile Moto X as well? Thanks!
I'll PM you when I get home.
Sent from my XT1056 using Tapatalk
kuz142 said:
Will this work on the T-Mobile Moto X as well? Thanks!
Click to expand...
Click to collapse
No. Please PM me the T-Mobile entitlement apk from /system/priv-app/.
This works Great!
cj64 said:
Installation instructions, with ro.boot.write_protect=0:
Code:
adb push entitlementservice.apk /sdcard/entitlementservice.apk
adb shell
su
mount -o remount,rw /system
mv /system/priv-app/entitlementservice.apk /system/priv-app/entitlementservice.apk.bak
mv /system/priv-app/entitlementservice.odex /system/priv-app/entitlementservice.odex.bak
cp /sdcard/entitlementservice.apk /system/app/entitlementservice.apk
chmod 644 /system/app/entitlementservice.apk
Now tap "Portable Wi-Fi hotspot". You will experience a force close, this is expected.
Code:
mv /system/app/entitlementservice.apk /system/priv-app/entitlementservice.apk
mount -o remount,ro /system
exit
exit
Now you will be able to tether.
Click to expand...
Click to collapse
Thanks I got this to work with my AT&T Moto X 4.4 rooted with SlapMyMoto!
I lied
sherardp said:
Thanks I got this to work with my AT&T Moto X 4.4 rooted with SlapMyMoto!
Click to expand...
Click to collapse
I lied... Looks like after a reboot it stops working. Files are set back to default. Wonder how that happens. Especially if the originals were backed up with a different name. Must be loading them from somewhere else.
Works as long as you don't reboot I think. Not sure how to fix that. Any Ideas? Thanks.
Any progress on the sprint version?
Sent from my XT1056 using Tapatalk
stock entitlement apk?
Trying to update to 4.4.2 and think it might be failing due to this mod. Does anyone have a non modified entitlement apk for this?
Thanks.
I went to use my Nexus 5 (D821) earlier today but it wouldn't turn on. Holding power didn't seem to work, so I assumed the battery was flat and left it charging for a couple of hours. Now it gets stuck at the first black and white "google" logo forever. The device is unlocked and rooted, but was working fine, and nothing was changed leading up to the issue.
I'm able to access the bootloader and fastboot still, but nothing seems to work.
Attempting to flash a partition (fastboot flash recovery twrp.img):
FAILED (remote: flash write failure)
Attempting to erase a partition (fastboot erase userdata):
FAILED (remote: failed to erase partition)
I can boot TWRP by running fastboot boot twrp.img, but attempting to mount any partitions results in errors such as:
E: Unable to find partition size for /system
E: Unable to mount /system
Also, attempting to install a zip shows that internal storage is 0MB in size.
At this stage, I suspect the flash memory has died a horrible death, and I'm trying to work out how to set the tampered and unlocked flags back to false to I can return it under warranty, however this is proving difficult too. If I run 'fastboot oem lock', it appears to succeed (the bootloader even changes to 'LOCK STATE - locked'), but as soon as I reboot the device, it reverts back to unlocked, and the padlock shows up again.
I've even tried manually via:
echo -ne "\x00" | dd obs=1 count=1 seek=16400 of=/dev/block/platform/msm_sdcc.1/by-name/misc
echo -ne "\x00" | dd obs=1 count=1 seek=16404 of=/dev/block/platform/msm_sdcc.1/by-name/misc
but these don't seem to have any effect on the flags.
So now I'm out of ideas, and just hoping I can set these flags back before sending the device for warranty. Any ideas?
There's nothing you can do about it now. Just send it back. I doubt they'll blame flash memory failure on unlocking the bootloader
Sent from my Nexus 5 using Tapatalk
I was helping a guy yestreday, he had a some problem like you. When you turn on the phone, the flashchip shuts off for some reasone. I was looking for the mmc or mmcblk device in the /dev then /dev/block after I booted a twrp like you, but I could not find any device called mmcblk or mmc, even the partitions was missing like mmcblk0p1 etc...
cat /proc/partitions just give me an empty screen, that it didnt find any storage device.
rootSU said:
There's nothing you can do about it now. Just send it back. I doubt they'll blame flash memory failure on unlocking the bootloader
Click to expand...
Click to collapse
I'm just a little worried they'll refuse to honour the warranty without even bothering to check the hardware. Aren't they within their right to do this given the warranty terms? Sounds like I don't have any choice!
bitdomo said:
I was helping a guy yestreday, he had a some problem like you. When you turn on the phone, the flashchip shuts off for some reasone. I was looking for the mmc or mmcblk device in the /dev then /dev/block after I booted a twrp like you, but I could not find any device called mmcblk or mmc, even the partitions was missing like mmcblk0p1 etc...
cat /proc/partitions just give me an empty screen, that it didnt find any storage device.
Click to expand...
Click to collapse
I'm seeing a bunch of partitions listed when I run 'cat /proc/partitions', so I guess my issue might be a little different.
What I'm confused about though, is if the NAND flash is truely dead, how does the bootloader run? Isn't this stored on the same NAND flash chip? Also, aren't the lock state and tamper flags on the same chip? If so, how are these still accessible, but not writeable? I'm guessing it's not a complete failure, but only a partial one... Thoughts?
It surely isn't fully dead. It could be a corrupt partition or bunch of partitions being the issue. But the bootloader also isn't fully functional as you cannot relock it.
You definitely need to reset tamper flag for RMA, but for warranty, don't they have to prove that the hardware fault was caused by the unlocked bootloader? I know Samsung refuse warranty on modification but I don't think Google do. It is a developer phone after all.
That said, you've no choice as I can see. I'm not aware of anyone having warranty rejected or approved with an unlocked bootloader yet
sir_earl said:
I'm seeing a bunch of partitions listed when I run 'cat /proc/partitions', so I guess my issue might be a little different.
What I'm confused about though, is if the NAND flash is truely dead, how does the bootloader run? Isn't this stored on the same NAND flash chip? Also, aren't the lock state and tamper flags on the same chip? If so, how are these still accessible, but not writeable? I'm guessing it's not a complete failure, but only a partial one... Thoughts?
Click to expand...
Click to collapse
Can you post the outpot for the cat /proc/partitions command?
rootSU said:
I know Samsung refuse warranty on modification but I don't think Google do. It is a developer phone after all.
Click to expand...
Click to collapse
I'm not sure if the process is different here in New Zealand. I was under the impression LG deals with warranty issues here, and Google isn't involved?
bitdomo said:
Can you post the outpot for the cat /proc/partitions command?
Click to expand...
Click to collapse
I'll have to take a photo, as I can't find any way to run adb or save the log off. Give me a minute!
sir_earl said:
I'll have to take a photo, as I can't find any way to run adb or save the log off. Give me a minute!
Click to expand...
Click to collapse
you can do the whole thing with adb from your pc.
you need the naked usb drivers for that, and if you running windows 8 or 8.1 you have to turn off driver signiture enforcement inorder to isntall the drivers.
and then with adb shell command you can use your cmd window on the pc as a terminal window on your phone
bitdomo said:
you can do the whole thing with adb from your pc.
you need the naked usb drivers for that, and if you running windows 8 or 8.1 you have to turn off driver signiture enforcement inorder to isntall the drivers.
and then with adb shell command you can use your cmd window on the pc as a terminal window on your phone
Click to expand...
Click to collapse
adb was working with the Nexus when the rom was booted, but can't seem to find the device when running TWRP or fastboot (not sure if the server can run there?) Will the naked usb drivers resolve this issue?
Regardless, I've attached the photo with the partitions.
sir_earl said:
I'm not sure if the process is different here in New Zealand. I was under the impression LG deals with warranty issues here, and Google isn't involved?
Click to expand...
Click to collapse
google are only involved in that all this is done on behalf of them. They commission the phone. But the mandate is that it's a developer phone
rootSU said:
google are only involved in that all this is done on behalf of them. They commission the phone. But the mandate is that it's a developer phone
Click to expand...
Click to collapse
That's somewhat comforting. We shall see how it goes! Not looking forward to being without a decent phone for however long the warranty process takes though!
sir_earl said:
That's somewhat comforting. We shall see how it goes! Not looking forward to being without a decent phone for however long the warranty process takes though!
Click to expand...
Click to collapse
Please do let us know how you get on. It will be interesting to confirm how the unlocked bootloader goes down.
sir_earl said:
adb was working with the Nexus when the rom was booted, but can't seem to find the device when running TWRP or fastboot (not sure if the server can run there?) Will the naked usb drivers resolve this issue?
Regardless, I've attached the photo with the partitions.
Click to expand...
Click to collapse
Yes naked drivers will help you, but keep in mind that fi you are running windows 8 or 8.1 you have to turn of driver signiture enforcement.
Could you mount the system partition?
$ mount -o rw /dev/block/mmcblk0p25 /system
$ cd /system
and try to make folder like
$ mkdir asd
and then remove it
$ rm -rf asd
if that works we can write the flash chip, so it must be some kind of partition corruption.
bitdomo said:
Yes naked drivers will help you, but keep in mind that fi you are running windows 8 or 8.1 you have to turn of driver signiture enforcement.
Could you mount the system partition?
$ mount -o rw /dev/block/mmcblk0p25 /system
$ cd /system
and try to make folder like
$ mkdir asd
and then remove it
$ rm -rf asd
if that works we can write the flash chip, so it must be some kind of partition corruption.
Click to expand...
Click to collapse
I'm able to use adb now, so that's a start.
Trying to mount with the command you gave gives:
mount -o rw /dev/block/mmcblk0p25 /system
mount: mounting /dev/block/mmcblk0p25 on /system failed: Invalid argument
sir_earl said:
I'm able to use adb now, so that's a start.
Trying to mount with the command you gave gives:
mount -o rw /dev/block/mmcblk0p25 /system
mount: mounting /dev/block/mmcblk0p25 on /system failed: Invalid argument
Click to expand...
Click to collapse
for me this command works.
I use twrp 2.6.3.4
bitdomo said:
for me this command works.
I use twrp 2.6.3.4
Click to expand...
Click to collapse
Running same twrp here, so I guess it's failing because it can't mount the partition due to some kind of corruption.
rootSU said:
Please do let us know how you get on. It will be interesting to confirm how the unlocked bootloader goes down.
Click to expand...
Click to collapse
Will do. I'm curious though, if random corruptions like this can occur, isn't it possible that the bootloader could appear unlocked if it's reading a corrupt piece of memory? If that's the case, they can't just assume the user has unlocked the bootloader in cases where the flash chip fails, correct? Granted, this isn't the case here, but it must have some impact!
sir_earl said:
Running same twrp here, so I guess it's failing because it can't mount the partition due to some kind of corruption.
Click to expand...
Click to collapse
I don't know what else you could do. You can try to lock and reset tamper flag by mmcblk0p15 and not with ...../by-name/misc, if it works probably you could not unlock your bl again.
Try to lock bl and reset tamperflag (adb shell):
echo -ne "\x00" | dd obs=1 count=1 seek=16400 of=/dev/block/mmcblk0p15
echo -ne "\x00" | dd obs=1 count=1 seek=16404 of=/dev/block/mmcblk0p15
---------- Post added at 12:45 PM ---------- Previous post was at 12:43 PM ----------
sir_earl said:
Will do. I'm curious though, if random corruptions like this can occur, isn't it possible that the bootloader could appear unlocked if it's reading a corrupt piece of memory? If that's the case, they can't just assume the user has unlocked the bootloader in cases where the flash chip fails, correct? Granted, this isn't the case here, but it must have some impact!
Click to expand...
Click to collapse
bl lock state and tamper flag stored at the misc partition, so bl can read it but ti seems it fails to write it, i don't know the reasone why, but it seems tha path to the partitions by-name is missing
My native language is not English.
I am sorry, but I do not understand native English.
This operation is very dangerous.
Enables writing to "/".
All at your own risk.
Devices preinstalled with android 10 or later are
Even if you root the device, it will still be r/o and you will not be able to edit it at all.
By running this script, you can r/w the system itself.
We will use makeSystemRW and makesysrw_repair created by lebigmac.
You will need a linux system to run makesysrw_repair.
[SCRIPT][Android 10+] Universal Mount System read write R/W
I would like to thank lebigmac for creating this script.
1. After unlocking the boot loader and becoming root, disable all vbmeta.
Code:
fastboot -–disable-verity -–disable-verification flash vbmeta vbmeta.img
fastboot -–disable-verity -–disable-verification flash vbmeta_system vbmeta_system.img
2. Copy makeSystemRW to /data/local/tmp of edge s.
3. Run makeSystemRW.
Code:
adb shell
su
chmod +x /data/local/tmp/makesysrw_1.31/makesysrw.sh
setenforce 0
./data/local/tmp/makesysrw_1.31/makesysrw.sh size=20
An error will occur here and it will fail.
You need to use makesysrw_repair.
4. Run makesysrw_repair.
Copy makesysrw_repair, open a terminal at the location where you copied it, and run the code.
Code:
sudo bash makesysrw_repair.sh
We have confirmed that this command is executable on Ubuntu.
5. Finish.
You are now done.
You can mount it with r/w using the root explorer.
Make sure that you can create new files and folders.
Would like to do this but why hasn't anyone else posted on this thread regarding success or fails?
nexus7lte said:
Would like to do this but why hasn't anyone else posted on this thread regarding success or fails?
Click to expand...
Click to collapse
I guess no one tried it, or they did and never commented
Thank you for your interest in my SystemRW/SuperRW feat. MakeRW project.
Yes I got the project thread closed while I was enjoying the summer holidays. Everyone needs a well deserved break every once in a while. I'll have it reopened as soon as I'm ready to publish the new version of my script. Hopefully soon
It's looking like a fall release rather than a summer release though... Time flies...
The old version 1.32 works in A10, A11 and some folks even got it to work in A12 simply by disabling the sdkCheck() function
The new version should have A13 support straight out of the box if everything goes according to plan. Wish me luck! Thanks!
Cheers
i would like to try this just to get rid of the annoying Android 12 update message.
Evan after disabling google play services notifications and freezing the OTAs, I still cant stop
com.motorola.ccc.ota and I assume thats because its on a read only portion, right? ADB commands didnt work.
My error in adb or terminal is_
u
:/ # pm disable com.motorola.ccc.ota
Exception occurred while executing 'disable':
java.lang.SecurityException: Cannot disable a protected package: com.motorola.ccc.ota
Hi @nexus7lte
Did you get my SystemRW/SuperRW feat. MakeRW script to work on your Android 12 device?
Is it the Motorola Moto G100 ? How do you like it?
Yeah disabling those protected system packages can be tricky sometimes. I'm sure it's possible somehow.
On Xiaomi devices we also got this Xiaomi security app and I can't disable it even as root with full rw access but I'm sure a true expert could do it
lebigmac said:
Hi @nexus7lte
Did you get my SystemRW/SuperRW feat. MakeRW script to work on your Android 12 device?
Is it the Motorola Moto G100 ? How do you like it?
Yeah disabling those protected system packages can be tricky sometimes. I'm sure it's possible somehow.
On Xiaomi devices we also got this Xiaomi security app and I can't disable it even as root with full rw access but I'm sure a true expert could do it
Click to expand...
Click to collapse
Well... I tried your script on my new Realme GT Neo 3T android 12. It booted but seems like nothing changed. Mounting system still says "mount: '/system' not in /proc/mounts"
Vipxpert said:
Mounting system still says "mount: '/system' not in /proc/mounts"
Click to expand...
Click to collapse
Hi. That's a nice device you've got!
Are you sure you're calling the command as root?
Usually you get this error message if you try to remount something as shell user...
Or you're trying to remount the wrong path. Try mount -o remount,rw /
Without seeing any screenshots or at least your log it's very difficult to tell what's wrong on your device from here. Did you check if my script successfully removed the infamous shared_blocks read-only feature from your phone?
Bash:
adb shell
su
for a in /dev/block/dm-*; do tune2fs -l $a | grep -e "feat" -e "vol"; done
lebigmac said:
Hi. That's a nice device you've got!
Are you sure you're calling the command as root?
Usually you get this error message if you try to remount something as shell user...
Or you're trying to remount the wrong path. Try mount -o remount,rw /
Without seeing any screenshots or at least your log it's very difficult to tell what's wrong on your device from here. Did you check if my script successfully removed the infamous shared_blocks read-only feature from your phone?
Bash:
adb shell
su
for a in /dev/block/dm-*; do tune2fs -l $a | grep -e "feat" -e "vol"; done
Click to expand...
Click to collapse
Here I have flashed it through EX kernel manager since there's no TWRP for Neo 3T or even a forum yet. Do u need a full log somewhere though?
lebigmac said:
Hi. That's a nice device you've got!
Are you sure you're calling the command as root?
Usually you get this error message if you try to remount something as shell user...
Or you're trying to remount the wrong path. Try mount -o remount,rw /
Without seeing any screenshots or at least your log it's very difficult to tell what's wrong on your device from here. Did you check if my script successfully removed the infamous shared_blocks read-only feature from your phone?
Bash:
adb shell
su
for a in /dev/block/dm-*; do tune2fs -l $a | grep -e "feat" -e "vol"; done
Click to expand...
Click to collapse
Ah here I found
Also I tried copy-paste your code. It gives a bunch of nonsenses hmm...
Same this result for me even with your command
adb shell
su
for a in /dev/block/dm-*; do tune2fs -l $ etc
Or if i flashed rw fixed_super.bin
Device not able to boot anymore
Hi @Vipxpert thanks for your log and for the screenshots!
I don't understand why the script didn't detect your shared_blocks read-only feature...
Are you saying the script didn't do anything and you flashed the resulting super_fixed.bin to your super partition and phone still boots in read-only mode?
Oh yeah right I forgot that OnePlus devices usually have dozens of useless pseudo (cow) partitions in its partition table...
To find out if your device has got the infamous shared_blocks read-only feature please try this updated code. Good luck!
Bash:
adb shell
su
for a in /dev/block/dm-*; do tune2fs -l $a | grep -e "feat" -e "vol" -e "mounted on"; done
Or like this:
Bash:
adb shell
su
for a in `seq 0 5`; do tune2fs -l /dev/block/dm-$a | grep -e "feat" -e "vol" -e "mounted on"; done
@Mr Hassan bootloops are always very sad . Do you have any idea why it happened?
Try to boot into TWRP and pull any log files to find out reason for error and then reflash original stock super.img and phone should boot again Good luck!
lebigmac said:
Hi @Vipxpert thanks for your log and for the screenshots!
I don't understand why the script didn't detect your shared_blocks read-only feature...
Are you saying the script didn't do anything and you flashed the resulting super_fixed.bin to your super partition and phone still boots in read-only mode?
Oh yeah right I forgot that OnePlus devices usually have dozens of useless pseudo (cow) partitions in its partition table...
To find out if your device has got the infamous shared_blocks read-only feature please try this updated code. Good luck!
Bash:
adb shell
su
for a in /dev/block/dm-*; do tune2fs -l $a | grep -e "feat" -e "vol" -e "mounted on"; done
Or like this:
Bash:
adb shell
su
for a in `seq 0 5`; do tune2fs -l /dev/block/dm-$a | grep -e "feat" -e "vol" -e "mounted on"; done
@Mr Hassan bootloops are always very sad . Do you have any idea why it happened?
Try to boot into TWRP and pull any log files to find out reason for error and then reflash original stock super.img and phone should boot again Good luck!
Click to expand...
Click to collapse
I even try stock super but device wont boot until flash back stock
And hes oneplus have somekinda cow partitions etc
I see when i try flash its asked to delete all cow parts
Don't know what's this
Yeh I did flash it with "fastboot flash super super-fixed.bin" and that took no effect ://
Anyways here're the results of your 2 commands. They seem not to end up well
@lebigmac mention mention
Well it looks like your /product partition does indeed have the infamous shared_blocks read-only feature.
I know that's a stupid feature but this is actually good news. This means new upcoming version of my script should be able to do the job
lebigmac said:
Well it looks like your /product partition does indeed have the infamous shared_blocks read-only feature.
I know that's a stupid feature but this is actually good news. This means new upcoming version of my script should be able to do the job
Click to expand...
Click to collapse
Yess!! U're the hero thanks so much now I can debloat, fake Google daydream service, add AR supports, edit mixer_path.xml for volume and tons of stuffs. Oh I miss those time a lot ^^^
lebigmac said:
Well it looks like your /product partition does indeed have the infamous shared_blocks read-only feature.
I know that's a stupid feature but this is actually good news. This means new upcoming version of my script should be able to do the job
Click to expand...
Click to collapse
any any estimate of days or release date