we talk about bricked phones .
there will be a no. of people who brick their phones today.
this mainly happens due to wrong bootloader or preloader in mtk.
my question is-
* Why can't we write boatloader after bricking by any method - if i am right manufacturers of phone parts(board or processors) don't write bootloader files, mobile phones companies do it after assembling phones . so there may be a way of writing it again as if they can do it ,why can't we?
they cannot be better than a senior developer(ofcourse i am not talking about me).
gursewak.10 said:
we talk about bricked phones .
there will be a no. of people who brick their phones today.
this mainly happens due to wrong bootloader or preloader in mtk.
my question is-
* Why can't we write boatloader after bricking by any method - if i am right manufacturers of phone parts(board or processors) don't write bootloader files, mobile phones companies do it after assembling phones . so there may be a way of writing it again as if they can do it ,why can't we?
they cannot be better than a senior developer(ofcourse i am not talking about me).
Click to expand...
Click to collapse
Its possible to repair bricked phones. All you need is a e.g. a RIFFBOX for JTAG repair
for nearly every device there are diy to unbrick the phone
It depends on the design. When bootloader allows you to flash important parts of system (e.g., kernel image and /system partition), you can't completely brick you phone by flashing anything but the bootloader. That is, when you "brick" you the phone by flashing something (except the bootloader), you can easily unbrick it by flashing the correct firmware.
(A notable exception is flashing a software that actually destroys the hardware. But this is rare, I think.)
I am not sure if there is a bootloader that does not allow flashing the important parts of the system. I am sure my phone allows it (I flashed bad boot.img many times and recovered then ) and my tablet probably also allows it.
When you, however, do some mistake when flashing a bootloader (either you flash a bad binary or the flashing process is interrupted by a bad cable or power outage in a critical moment), it is hard to recover from it. (As noted, you can use JTAG or something similar, but you can't usually boot the bootloader.) There might be some "dual-bootloader" phones, like there are some dual-BIOS computers, but I am not aware of them. Such phone would have two distinct areas for bootloader. One of them is used, the other is for flashing a new bootloader. When you successfully flash the new bootloader, these areas are effectively swapped. While this would prevent you from some type of issues (e.g. power outage), it does not necessarily prevent you from some others (e.g. accidental flashing a bad file).
gursewak.10 said:
we talk about bricked phones .
there will be a no. of people who brick their phones today.
this mainly happens due to wrong bootloader or preloader in mtk.
my question is-
* Why can't we write boatloader after bricking by any method - if i am right manufacturers of phone parts(board or processors) don't write bootloader files, mobile phones companies do it after assembling phones . so there may be a way of writing it again as if they can do it ,why can't we?
they cannot be better than a senior developer(ofcourse i am not talking about me).
Click to expand...
Click to collapse
Bootloaders are flashed through an IC writer like JTAGGING (RIFFBOX maybe?) (I have seen IC's being written fiest time, like BIOS etc.) ... Thy are not easily erasable (I tried it! Full format through sp flash tool 3 times didn't erase my preloader/bootloader), which if corrupted has to be rewritten by JTAG tool because it is inaccessible .. A senior member or any member can write a bootloader but it needs correct tools. Which vendor has. I have seen this writing process very closely. I have seen hard bricked phones bring repaired (my dad is an electronic engg and has tools at home. I have written my bootloader (OF LGE975) myself after a hard brick it is so easy if you have tools
Instead of thanking me by posting, HIT Thanks if you like my post or if I helped you in any way!
-------------------------------------------
My work:
[TOOL]Kernel/Boot.img (un)packer
Related
So, I recently bought my 15 y/o son a device to play around with as a Wi-Fi only device. He wants to learn how to create ROMs and use ADB and so on. I'd like an idea of what he maybe ought not to do while flashing stuff. I am in the understanding (from playing around with my Moto G) that as long as you can get into fastboot, you should be able to flash the stock ROM back to the device, or push a custom ROM out to the device, and flash a recovery, thus not perm bricking the device. Is that correct? So, What can perm brick the device? What types of things should I coach him on not doing. The Moto G is my first device that I can get into fastboot with (my older devices were low end LG phones with locked boot loaders so there wasn't much we could do to the devices).
Thanks in advance.
Never use the fastboot command: fastboot erase all - this will wipe essential partitions on the phone that cannot be recovered.
Messing around with different bootloaders can also cause serious issues. There is no obligation to upgrade bootloader.
Unlock bootloader, flash custom recovery. After that there is no need to use fastboot again, unless for a major OS upgrade, such as Lollipop which also includes a new bootloader. I would not recommend moving to a recently released OS (bootloader) as that can affect compatibility with existing custom ROMs.
Learn what partitions are safe to play with and which are not. This can differ depending on the device.
lost101 said:
Never use the fastboot command: fastboot erase all - this will wipe essential partitions on the phone that cannot be recovered.
Messing around with different bootloaders can also cause serious issues. There is no obligation to upgrade bootloader.
Unlock bootloader, flash custom recovery. After that there is no need to use fastboot again, unless for a major OS upgrade, such as Lollipop which also includes a new bootloader. I would not recommend moving to a recently released OS (bootloader) as that can affect compatibility with existing custom ROMs.
Learn what partitions are safe to play with and which are not. This can differ depending on the device.
Click to expand...
Click to collapse
Some users say that they've bricked their phones just trying to downgrade the system.
Like lost101 said, if you do anything that messes with the partition table, you can get an irreversible soft brick.
If you try something that meses with the performance, like overclocking the processor or the GPU, you can get an hardbrick, truning your phone into a useless piece of plastic and metal, since you can damage your hardware (heat, excessive demand of the components).
So, I have a Moto G9 Power, and I unlocked the bootloader to fool around with root access. Then I realised, that root access wasn't all that powerful as it was on older Android versions.
You simply do not have access to the root partition on Android 10, it is mounted read-only, and it ignores all commands to remount it as read-write.
Also, the location of the Boot animation zip of this phone is wierd, it is in /product/media, not /system/media, which effectively renders all Boot animation Magisk modules or apps useless.
Plus, the battery drain once unlocked and rooted was so much more than when on stock. And other stupid idiosyncrasies made being root not all that powerful.
So I decided to un-root and relock the bootloader.
The thing is, when it was stock, in fastboot mode, it showed
Code:
oem_locked
Now after relocking it by
Code:
fastboot oem lock
it shows
Code:
flashing_locked
I'm pretty sure the difference between the two is enough for the service center to deny my warranty (which I voided by unlocking it in the first place, I know, I know. But reverting back to stock should make the service guys not notice) if something happened to the phone.
Is there any way I can get the original message back? Am I permanently screwed? Please respond, anyone.
mistersmee said:
So, I have a Moto G9 Power, and I unlocked the bootloader to fool around with root access. Then I realised, that root access wasn't all that powerful as it was on older Android versions.
You simply do not have access to the root partition on Android 10, it is mounted read-only, and it ignores all commands to remount it as read-write.
Also, the location of the Boot animation zip of this phone is wierd, it is in /product/media, not /system/media, which effectively renders all Boot animation Magisk modules or apps useless.
Plus, the battery drain once unlocked and rooted was so much more than when on stock. And other stupid idiosyncrasies made being root not all that powerful.
So I decided to un-root and relock the bootloader.
The thing is, when it was stock, in fastboot mode, it showed
Code:
oem_locked
Now after relocking it by
Code:
fastboot oem lock
it shows
Code:
flashing_locked
I'm pretty sure the difference between the two is enough for the service center to deny my warranty (which I voided by unlocking it in the first place, I know, I know. But reverting back to stock should make the service guys not notice) if something happened to the phone.
Is there any way I can get the original message back? Am I permanently screwed? Please respond, anyone.
Click to expand...
Click to collapse
As far as I know anything with custom unlocks voids warranties the thing is that message likely changes to keep people from changing it back, I'm not sure what type of checks they do or how much your providers know about the device you have but considering they don't care as long as its relocked when you turn it in you may be alright. Its not like it couldn't be unlocked by them for various other reasons like flashing stock fw if it need to be fixed in that form unless they have someway of restoring that message themselves someone on our end would have to replicate it and that would take some dedicated development to do so.
Mr.Conkel said:
As far as I know anything with custom unlocks voids warranties the thing is that message likely changes to keep people from changing it back, I'm not sure what type of checks they do or how much your providers know about the device you have but considering they don't care as long as its relocked when you turn it in you may be alright. Its not like it couldn't be unlocked by them for various other reasons like flashing stock fw if it need to be fixed in that form unless they have someway of restoring that message themselves someone on our end would have to replicate it and that would take some dedicated development to do so.
Click to expand...
Click to collapse
Oh. Ok, cool. Cheers, mate, thanks!
mistersmee said:
Oh. Ok, cool. Cheers, mate, thanks!
Click to expand...
Click to collapse
I mean Motorola G Power devices are fairly popular here, wait around and keep an eye on your devices thread considering it can be unlocked with enough time you should be given a custom rom like LOS or Crdroid. The G7 power has tons of custom access as well as other G series device from Motorola so it is very likely to get something, which would very likely enable the custom access your looking for with modifications as it will be built normally.
Cheers!
Many Android devices set a "tampered" flag - which is responsible for voiding warranty of the devices - within the bootloader what can get queried by service centers.
jwoegerbauer said:
Many Android devices set a "tampered" flag - which is responsible for voiding warranty of the devices - within the bootloader what can get queried by service centers.
Click to expand...
Click to collapse
That makes sense, hence why the message changed. Is there a way to remove that tampered flag? I know that older Samsung devices had a flash counter, which could be reset back to zero. Maybe something similar?
Mr.Conkel said:
I mean Motorola G Power devices are fairly popular here, wait around and keep an eye on your devices thread considering it can be unlocked with enough time you should be given a custom rom like LOS or Crdroid. The G7 power has tons of custom access as well as other G series device from Motorola so it is very likely to get something, which would very likely enable the custom access your looking for with modifications as it will be built normally.
Cheers!
Click to expand...
Click to collapse
Will do.
mistersmee said:
That makes sense, hence why the message changed. Is there a way to remove that tampered flag? I know that older Samsung devices had a flash counter, which could be reset back to zero. Maybe something similar?
Click to expand...
Click to collapse
IDK.
jwoegerbauer said:
IDK.
Click to expand...
Click to collapse
Ok, cool. I'll search around.
mistersmee said:
That makes sense, hence why the message changed. Is there a way to remove that tampered flag? I know that older Samsung devices had a flash counter, which could be reset back to zero. Maybe something similar?
Click to expand...
Click to collapse
No nothing like that for Moto devices.
Generally, Motorola doesn't enforce the voided warranty issue.
If the device has a factory flaw and still would be under warranty, they will cover it.
At least this is based on posts on the forum.
sd_shadow said:
No nothing like that for Moto devices.
Generally, Motorola doesn't enforce the voided warranty issue.
If the device has a factory flaw and still would be under warranty, they will cover it.
At least this is based on posts on the forum.
Click to expand...
Click to collapse
Oh. Ok, that's a relief.
I've bought one of those locked Pixel 4As running on ArcaneOS and it's got a locked bootloader but the issue is that like everybody else, I can't do much with the phone. So I'm wondering if there's a way to get a phone into the EDL and then flash the stock firmware through QPST?
Todos123 said:
I've bought one of those locked Pixel 4As running on ArcaneOS and it's got a locked bootloader but the issue is that like everybody else, I can't do much with the phone. So I'm wondering if there's a way to get a phone into the EDL and then flash the stock firmware through QPST?
Click to expand...
Click to collapse
Don't think it's possible as Google doesn't release the firehose (needed by qfil) for pixel phones.
Numerous other device mfg do release the firehose file. Some of them use the same chip as what's in the 4a, but from what I read (I've never tried this), the other mfg file, even though it's for the same chip, won't work.
So ArcaneOS is locking the bootloader and u are now unable to unlock it?
AsItLies said:
Don't think it's possible as Google doesn't release the firehose (needed by qfil) for pixel phones.
Numerous other device mfg do release the firehose file. Some of them use the same chip as what's in the 4a, but from what I read (I've never tried this), the other mfg file, even though it's for the same chip, won't work.
So ArcaneOS is locking the bootloader and u are now unable to unlock it?
Click to expand...
Click to collapse
I've found an mbn file for the pixel 4a and it may be possible to do something with it in qfil (?) but I am unsure. Haven't managed to boot my phone in EDL.
As for the ArcaneOS, I am unsure if it locks the bootloader itself or you need to lock it manually after flashing it. Mine has ArcaneOS installed with no build number which means no access to developer options. There are some articles on pixel phones with this ROM on them and they were apparently used by the FBI undercover agents to sell them to the criminals and catch them.
As of writing this reply, the options for making the device usable are either changing the UFS chip or getting your hands on a broken pixel 4a with a working motherboard. Those usually go from 70 - 100€ from what I've seen. I haven't been able to find one in my country yet.
The issue with changing the UFS chip is that it's hard to find one. I've only found a couple on Ali Express for about 25€. Another issue is that apparently where I live they charge anywhere between 100 - 400€ for a memory chip replacement. What a joke
Todos123 said:
I've found an mbn file for the pixel 4a and it may be possible to do something with it in qfil (?) but I am unsure. Haven't managed to boot my phone in EDL.
As for the ArcaneOS, I am unsure if it locks the bootloader itself or you need to lock it manually after flashing it. Mine has ArcaneOS installed with no build number which means no access to developer options. There are some articles on pixel phones with this ROM on them and they were apparently used by the FBI undercover agents to sell them to the criminals and catch them.
As of writing this reply, the options for making the device usable are either changing the UFS chip or getting your hands on a broken pixel 4a with a working motherboard. Those usually go from 70 - 100€ from what I've seen. I haven't been able to find one in my country yet.
The issue with changing the UFS chip is that it's hard to find one. I've only found a couple on Ali Express for about 25€. Another issue is that apparently where I live they charge anywhere between 100 - 400€ for a memory chip replacement. What a joke
Click to expand...
Click to collapse
edit to add: didn't realize but yes it does look like the proper mbn file *might* allow u to flash stock firmware? Not sure, haven't done it, from what I read the appropriate xml would be needed also... not sure.
... end edit
Just got finished reading the entire Arcane OS thread in same forum. Getting the device into EDL mode shouldn't be a problem, and qualcomm device is capable of that and afaik, it's impossible to defeat that.
but, it's no help if u don't have the programmer firehose file, as u simply can't access the device without it. I've used edl / firehose files for LG devices, but they somehow (the firehose files) become 'leaked' (probably by LG).
But google, nope, I've looked due to the pix 3 (and some others) inadvertently bricking themselves (no one sure why), where u just pick up the device and u have a blank screen. But if u plug it into pc it will connect as QLoader etc (it's basically stuck in edl mode).
But those devices can't be fixed either, same issue in that there's no firehose programmer file for it. So u simply can't access the device.
AsItLies said:
edit to add: didn't realize but yes it does look like the proper mbn file *might* allow u to flash stock firmware? Not sure, haven't done it, from what I read the appropriate xml would be needed also... not sure.
... end edit
Just got finished reading the entire Arcane OS thread in same forum. Getting the device into EDL mode shouldn't be a problem, and qualcomm device is capable of that and afaik, it's impossible to defeat that.
but, it's no help if u don't have the programmer firehose file, as u simply can't access the device without it. I've used edl / firehose files for LG devices, but they somehow (the firehose files) become 'leaked' (probably by LG).
But google, nope, I've looked due to the pix 3 (and some others) inadvertently bricking themselves (no one sure why), where u just pick up the device and u have a blank screen. But if u plug it into pc it will connect as QLoader etc (it's basically stuck in edl mode).
But those devices can't be fixed either, same issue in that there's no firehose programmer file for it. So u simply can't access the device.
Click to expand...
Click to collapse
Ah that's very unfortunate. Well, might as well wait some time. Someone may figure out how to forcefully unlock the bootloader or the firehose file might gets leaked. Who knows... If no, then hopefully I can get a broken pix 4a and just swap the motherboard to my locked one.
Thanks anyways!
Todos123 said:
Ah that's very unfortunate. Well, might as well wait some time. Someone may figure out how to forcefully unlock the bootloader or the firehose file might gets leaked. Who knows... If no, then hopefully I can get a broken pix 4a and just swap the motherboard to my locked one.
Thanks anyways!
Click to expand...
Click to collapse
IMO, the device was flashed with a custom public key to the avb_custom_key partition.
I have an old Asus Zenfone 4 that randomly got stuck in a boot loop while it was recharging, and now I don't know how to fix it, or even if it is possible to fix. The only thing that still works is fastboot mode (recovery mode doesn't work either, so SD cards are out of question).
I have tried a number of things to factory reset the phone and see if it changes anything, but it seems impossible to unlock its partitions for flashing: commands such as fastboot flashing unlock, fastboot oem asus-go or anything similar just throw errors saying that the command doesn't exist, or if it does, that I don't have permission to run them. For this same reason, I couldn't use things such as TWRP as I can't flash any of the partitions on my phone. Additionally, I have tried to enable adb through fastboot oem, but even though the command is successful, whenever I get the system info, it says that adb debugging is still off.
Does anyone know a way to either unlock this device or factory reset it without unlocking?
Another old-ish device killed by the silent OTA update of the OEM!
The deadly mistake of connecting an old-ish device to OEM servers for fresh install.
Check with unauthorized service centers who have <Miracle Box> if they can flash with fastboot. Or authorized service centers might charge but they could revive the device.
OldNoobOne said:
Check with unauthorized service centers who have <Miracle Box> if they can flash with fastboot. Or authorized service centers might charge but they could revive the device.
Click to expand...
Click to collapse
By what you are saying... Is it actually impossible for me to unlock the bootloader? I have no problem with service centers, but it would be much better and quicker if there was was a way for me to unlock it.
rafk12 said:
By what you are saying... Is it actually impossible for me to unlock the bootloader? I have no problem with service centers, but it would be much better and quicker if there was was a way for me to unlock it.
Click to expand...
Click to collapse
I threw away two old chaina phones just because I made the mistake of reflashing the original OS and tried to update from OEM servers..BOOM! Dead Phone!
The moment OEM servers detect an old device connected to their servers for an update, they kill the device so that new devices can be sold in the market, why would this happen to a device which was working perfectly under a Custom ROM before? I dont update the device from OEM channelsbecause OEM might try to kill the device after warranty period, instead I update through the Custom ROM channel.
Maybe some chip got fried while charging the device, among the asian brands shamshung & WonPlus have durable components but other asian brands maximum 4 years before the components like display etc. or even the chipset components begin to fail. Or it could be the OEM update thing too
Has anyone been able to successfully root or flash TWRP using QPST/QFIL without unlocking the bootloader on lmi?
jason88fr said:
Has anyone been able to successfully root or flash TWRP using QPST/QFIL without unlocking the bootloader on lmi?
Click to expand...
Click to collapse
I'd be surprised.
What is the problem?
hey @NOSS8
I'd be surprised too lol.
No problem really, I came across some info and went down a little rabbit hole and arrived at the conclusion that it seems to be possible to have root on an locked bootloader but the key is apparently some "firehose" programmer files that I can't seem to find anywhere, which when used in conjuction with QPST and a device in EDL mode would in effect allow modification of the boot.img for the sake of rooting the device.
I'm still trying to find out more because I read some time ago on how android verified boot works, so I am sceptical especially when the people that seem to be doing it on youtube are those that unlock devices for a living or are just enthusiasts, both parties seem to glean toward it being possible without any specialised equipment /box/dongle with a success rate depending on flashing order.
So I started searching for the possibility of it being done on lmi.
jason88fr said:
hey @NOSS8
I'd be surprised too lol.
No problem really, I came across some info and went down a little rabbit hole and arrived at the conclusion that it seems to be possible to have root on an unlocked bootloader but the key is apparently some "firehose" programmer files that I can't seem to find anywhere, which when used in conjuction with QPST and a device in EDL mode would in effect allow modification of the boot.img for the sake of rooting the device.
I'm still trying to find out more because I read some time ago on how android verified boot works, so I am sceptical especially when the people that seem to be doing it on youtube are those that unlock devices for a living or are just enthusiasts, both parties seem to glean toward it being possible without any specialised equipment /box/dongle with a success rate depending on flashing order.
So I started searching for the possibility of it being done on lmi.
Click to expand...
Click to collapse
You say "with a locked bootloader" and then the opposite, typos?
Possible with a MediaTek soc device, not Qualcomm.
Finally to flash in EDL mode you must have a special authorization that only repair centers have.
A few years ago it was easy to access and modify the system, then there were the dynamic partitions, then the A/B partitions and the limitations imposed by GOOGLE with A12 A13.
On You Tube you can find everything and anything unlike XDA.
An example here, of useless persistence.
https://forum.xda-developers.com/t/flashing-edl-problem.4534297/
NOSS8 said:
You say "with a locked bootloader" and then the opposite, typos?
Possible with a MediaTek soc device, not Qualcomm.
Finally to flash in EDL mode you must have a special authorization that only repair centers have.
A few years ago it was easy to access and modify the system, then there were the dynamic partitions, then the A/B partitions and the limitations imposed by GOOGLE with A12 A13.
On You Tube you can find everything and anything unlike XDA.
An example here, of useless persistence.
https://forum.xda-developers.com/t/flashing-edl-problem.4534297/
Click to expand...
Click to collapse
yep it was indeed a typo.
I did see a lot of MTK stuff.
Fair enough.
Also, "useless persistence" I believe is the main cause of so many bricks in forums I've seen in the last couple days chasing the same dream.