Hi guys sorry if this is a dumb question but I've been out of the loop on this.
Has there been a root exploit found for the D6603 Z3's?
I'm using a Xperia Z3 on the Canadian Bell network which is showing the bootloader is locked through the Sony app. I'd like to keep it but if there's nothing yet I might just sell it and get something else.
Thanks in advance.
tinodevoe said:
Hi guys sorry if this is a dumb question but I've been out of the loop on this.
Has there been a root exploit found for the D6603 Z3's?
I'm using a Xperia Z3 on the Canadian Bell network which is showing the bootloader is locked through the Sony app. I'd like to keep it but if there's nothing yet I might just sell it and get something else.
Thanks in advance.
Click to expand...
Click to collapse
Google 'giefroot'
You will need to downgrade to a firmware where the exploit works, but it is easy enough to do and easy enough to run the tool
AFAIK, there is a compatible FTF for your network, find one in the mega collection thread or download one from Xperiafirm
gregbradley said:
Google 'giefroot'
You will need to downgrade to a firmware where the exploit works, but it is easy enough to do and easy enough to run the tool
AFAIK, there is a compatible FTF for your network, find one in the mega collection thread or download one from Xperiafirm
Click to expand...
Click to collapse
Thanks for the info. Does the method still cripple the camera or is there a way to work around this?
tinodevoe said:
Thanks for the info. Does the method still cripple the camera or is there a way to work around this?
Click to expand...
Click to collapse
No, because the method does not involve unlocking the bootloader.
Also, the camera issue when unlocking the bootloader was sorted about a year ago
gregbradley said:
No, because the method does not involve unlocking the bootloader.
Also, the camera issue when unlocking the bootloader was sorted about a year ago
Click to expand...
Click to collapse
Just searching around and it looks like I need to be on 23.0.A.2.93 firmware for the exploit to work.
on my phone the current firmware is 23.0.1.A.5.77 (according to xperiafirm Bell's latest FW is 23.0.1.A.5.77 / R7B)
Is there one of these that I can use to downgrade my phone?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
tinodevoe said:
Just searching around and it looks like I need to be on 23.0.A.2.93 firmware for the exploit to work.
on my phone the current firmware is 23.0.1.A.5.77 (according to xperiafirm Bell's latest FW is 23.0.1.A.5.77 / R7B)
Is there one of these that I can use to downgrade my phone?
Click to expand...
Click to collapse
The carrier or region should not matter.
As long as you have a 6603 any 6603 FTF will do the job. Make sure you have a 6603 though and not a 6616. I am not to clear on the device models from across the pond and flashing a 6603 rom on 6616 (AT&T device US) will result in bootloop.
Not a problem to fix, but may not enable you to root.
gregbradley said:
The carrier or region should not matter.
As long as you have a 6603 any 6603 FTF will do the job. Make sure you have a 6603 though and not a 6616. I am not to clear on the device models from across the pond and flashing a 6603 rom on 6616 (AT&T device US) will result in bootloop.
Not a problem to fix, but may not enable you to root.
Click to expand...
Click to collapse
Thanks again.
What does the R7B at the end stand for and does that matter when choosing the rom to flash?
sorry to ask one more thing, can you point me in the direction on what to use to flash the rom to an earlier version?
tinodevoe said:
Thanks again.
What does the R7B at the end stand for and does that matter when choosing the rom to flash?
sorry to ask one more thing, can you point me in the direction on what to use to flash the rom to an earlier version?
Click to expand...
Click to collapse
Its just regional and carrier branding, nothing to worry about.
Use flashtool to flash FlashTool Files
gregbradley said:
Its just regional and carrier branding, nothing to worry about.
Use flashtool to flash FlashTool Files
Click to expand...
Click to collapse
bloody shame, I got this far and now I can't seem to be able to get it to root.
I did the firmware downgrade, went smooth.
Now following the steps here: http://www.gizmobolt.com/2015/01/24...-giefroot-rooting-tool-cve-2014-4322-exploit/
I get this message after the giefroot does its thing. It reboots the phone but I end up with the same message on each pass.
Disable antivirus anf firewall.
Alright I've made some progress!
I managed to get my phone rooted. Checked with root checker and its legit! SuperSU is installed.
Now I'm trying to figure out how to install a recovery but no dice.
I downloaded the Z3-lockeddualrecovery2.8.14-RELEASE.installer from here: http://nut.xperia-files.com/
and when running, after selecting the first option for rooted phones with SuperSU, it there are a million error messages adb server is out of date. killing...
at the end it says it worked but I still can't boot into recovery. The phone even shows up within the command prompt when I type adb devices. But adb reboot and key presses don't boot into recovery, it only reboots back into the OS.
Is there another way to flash a custom rom or at least a rooted rom with 5.0/5.1? Ideally I'd like to run Cyanogen on my phone but not sure if its possible without unlocking the bootloader.
Thanks in advance for any advice and help!
You will have to unlock to install CM.
Try rebooting to recovery via NDRUtils app
Yes you are rooted, but I bet you don' t have busybox installed.
TheTeslaCoil said:
Yes you are rooted, but I bet you don' t have busybox installed.
Click to expand...
Click to collapse
Both the giefroot and Dual Recovery installations install Busybox into the correct folder.
Issues normally arise when people try to manually install busybox
gregbradley said:
Both the giefroot and Dual Recovery installations install Busybox into the correct folder.
Issues normally arise when people try to manually install busybox
Click to expand...
Click to collapse
Not true.
Busybox can be installed via a flashable zip without any problems.
And there were people who didn' t had busybox installed after root, RootCheker said busybox is not.installed. Then they flashed the zip and voila. Perfection at it' s best.
TheTeslaCoil said:
Not true.
Busybox can be installed via a flashable zip without any problems.
And there were people who didn' t had busybox installed after root, RootCheker said busybox is not.installed. Then they flashed the zip and voila. Perfection at it' s best.
Click to expand...
Click to collapse
If you follow the NDR thread int he cross device development forum you will see that [NUT] advises not to install busybox manually but to use the NDR installer or NDR flashable zip (Maybe this is what you are referring to)
As this user is having an issue installing dual recovery I would follow the advice the dev of that tool.
gregbradley said:
If you follow the NDR thread int he cross device development forum you will see that [NUT] advises not to install busybox manually but to use the NDR installer or NDR flashable zip (Maybe this is what you are referring to)
As this user is having an issue installing dual recovery I would follow the advice the dev of that tool.
Click to expand...
Click to collapse
Right, he must follow the OP' advice.
In this particular case, that' s the way to go.
Guys, finally after hours of trying everything yesterday figured out my problem. A bloody POS Monoprice usb cable!!
I tried with another usb cable and sure enough it patched everything ok....
So now I have installed a prerooted/recovery version of sony's 5.0 which seems to work fine.
If CM needs to be unlocked, are there any other versions out there that will work with the locked bootloader besides the official sony roms?
tinodevoe said:
Guys, finally after hours of trying everything yesterday figured out my problem. A bloody POS Monoprice usb cable!!
I tried with another usb cable and sure enough it patched everything ok....
So now I have installed a prerooted/recovery version of sony's 5.0 which seems to work fine.
If CM needs to be unlocked, are there any other versions out there that will work with the locked bootloader besides the official sony roms?
Click to expand...
Click to collapse
No
Related
I've patched LGFlashTool.exe to bypass the login screen.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
This is for flashing back to stock. It does not flash TWRP or root your device.
Also, if anyone has any other information that needs to be added to this let me know so I can include it.
Original LG Flash Tool (thanks @Killua96): https://mega.nz/#!qdATRIRC!g926R6P4WCyVetDknwRgxR4wMyfBl4PDZoxjjZIvDok
@autoprime's LG Flash 2.0.1.6 Installer Repack
Thanks for patching this! It'll be valuable for the life of our devices so we are all grateful that you were able to figure it out.
I've used the FlashTool in the past to restore my LG G3. Are we able to flash individual parts of a TOT or KDZ such as a custom recovery without affecting the other parts like /system?
Didn't @tungkick use a custom TOT to root the V10?
@ieatacid
Just re-upped https://mega.nz/#!qdATRIRC!g926R6P4WCyVetDknwRgxR4wMyfBl4PDZoxjjZIvDok
arjuna) said:
Thanks for patching this! It'll be valuable for the life of our devices so we are all grateful that you were able to figure it out.
I've used the FlashTool in the past to restore my LG G3. Are we able to flash individual parts of a TOT or KDZ such as a custom recovery without affecting the other parts like /system?
Didn't @tungkick use a custom TOT to root the V10?
Click to expand...
Click to collapse
For root permission on marshmallow you need a modified kernel which can boot only if the bootloader is unlocked.
In fact the modified tot on the V10 and the modified system.img on the G4 worked only on Lollipop.
Killua96 said:
@ieatacid
Just re-upped https://mega.nz/#!qdATRIRC!g926R6P4WCyVetDknwRgxR4wMyfBl4PDZoxjjZIvDok
For root permission on marshmallow you need a modified kernel which can boot only if the bootloader is unlocked.
In fact the modified tot on the V10 and the modified system.img on the G4 worked only on Lollipop.
Click to expand...
Click to collapse
On the T-Mobile G5 (H830) we have an unlockable bootloader, however we are unable to flash fastboot commands. Otherwise we would have been the first ones with root in the entire world (we got our phones delivered before almost everyone else).
Can we use this tool to flash a modified kernel?
Edit: for clarification wasn't trying to be annoying or snipe at you; just informing in case you didn't know about our unique situation.
arjuna) said:
On the T-Mobile G5 (H830) we have an unlockable bootloader, however we are unable to flash fastboot commands. Otherwise we would have been the first ones with root in the entire world (we got our phones delivered before almost everyone else).
Can we use this tool to flash a modified kernel?
Edit: for clarification wasn't trying to be annoying or snipe at you; just informing in case you didn't know about our unique situation.
Click to expand...
Click to collapse
The point is, the H830's "unlockable" bootloader is really "unlockable"? If commands don't work maybe the bootloader is still locked, even if it reports "unlocked"
Killua96 said:
The point is, the H830's "unlockable" bootloader is really "unlockable"? If commands don't work maybe the bootloader is still locked, even if it reports "unlocked"
Click to expand...
Click to collapse
You might very well be correct in that we have a "fake" unlockable bootloader. However, when Team Codefire released their video showing Root/TWRP they did so with a T-Mobile G5 leading me to think that they were using an unlocked device. I could be totally wrong but seems like not a stretch that they used that device for that reason.
Is it conceptually possible to use the tool to achieve root. I do not have the expertise or knowledge to know if that's even a possibility.
ieatacid said:
I've patched LGFlashTool.exe to bypass the login screen.
This is for flashing back to stock. It does not flash TWRP or root your device.
Also, if anyone has any other information that needs to be added to this let me know so I can include it.
Original LG Flash Tool (thanks @Killua96): https://mega.nz/#!qdATRIRC!g926R6P4WCyVetDknwRgxR4wMyfBl4PDZoxjjZIvDok
Click to expand...
Click to collapse
Great Job !!!!!
The MAY MAN
arjuna) said:
You might very well be correct in that we have a "fake" unlockable bootloader. However, when Team Codefire released their video showing Root/TWRP they did so with a T-Mobile G5 leading me to think that they were using an unlocked device. I could be totally wrong but seems like not a stretch that they used that device for that reason.
Is it conceptually possible to use the tool to achieve root. I do not have the expertise or knowledge to know if that's even a possibility.
Click to expand...
Click to collapse
I think that team codefire's method don't use the "fake" unlockable bootloader, but maybe some types of exploit like on G2 and G3
add donation button,- your paypal address,
Dear all, do not just say thanks, make a donation for ieatacid,
asialove2013 said:
add donation button,- your paypal address,
Dear all, do not just say thanks, make a donation for ieatacid,
Click to expand...
Click to collapse
It's true man I agree allow us to reward the effort
Sent from my LG-H830 using XDA-Developers mobile app
thanks again, donation send
ieatacid said:
I've patched LGFlashTool.exe to bypass the login screen.
This is for flashing back to stock. It does not flash TWRP or root your device.
Click to expand...
Click to collapse
Dear sir,
Thanks! please accept my knees and a cup of coffee.
asialove2013 said:
Dear sir,
Thanks! please accept my knees and a cup of coffee.
Click to expand...
Click to collapse
You sir are a kind man. People like you make the effort of others go noticed I'll make sure to follow sute
LG h830
Will this work for the LS992 (sprint) ?
Or will we need a special dll like we needed for the G3 think it was like two files Mega lOck and the device spesific dll?
thanks
uacolon said:
Will this work for the LS992 (sprint) ?
Or will we need a special dll like we needed for the G3 think it was like two files Mega lOck and the device spesific dll?
thanks
Click to expand...
Click to collapse
It should work either way No?
LG h830
Couldn't the recovery part of the (tot) file be replaced with twrp instead and flash via this tool? I'm no dev.. Just an idea
sent from my unrooted g5 cause T-Mobile and lg are jerks
Josh McGrath said:
Couldn't the recovery part of the (tot) file be replaced with twrp instead and flash via this tool? I'm no dev.. Just an idea
sent from my unrooted g5 cause T-Mobile and lg are jerks
Click to expand...
Click to collapse
The problem is there still isn't any tot or kdz files out
LG h830
LG Flash 2.0.1.6 Installer Repack
Repacked LG's original installer with @ieatacid's patched EXE.
Should make installing it all even easier... no more EXE switch.. just install and use (hopefully).
I made sure to add ieatacid's name, paypal and this thread in the Setup EXE.. this way ieatacid's name will always be attached to the LG Flash install rather than the loose LGFlash.exe getting passed around like the old megalock.dll.
Added LGUP and LG Flash directions and downloads to my All-in-One G5 Thread here.
MD5 (Setup_LGFlashTool_2.0.1.6-ieatacid.zip) = 7e2a5a6c74ac3d54a707c7fcde831655
MD5 (Setup_LGFlashTool_2.0.1.6.exe) = 6d0f8a4ad4bc01157a9c7c16f3a7c574
Download Setup_LGFlashTool_2.0.1.6-ieatacid.zip
So how does it recover the devices without the kdz or tot files?
HUGE thanks to @autoprime and @ieatacide we wouldn't be this far without y'all [emoji106] [emoji122]
autoprime said:
Repacked LG's original installer with @ieatacid's patched EXE.
Should make installing it all even easier... no more EXE switch.. just install and use (hopefully).
I made sure to add ieatacid's name, paypal and this thread in the Setup EXE.. this way ieatacid's name will always be attached to the LG Flash install rather than the loose LGFlash.exe getting passed around like the old megalock.dll.
Click to expand...
Click to collapse
Nice work, and thanks!
Jarritos said:
The problem is there still isn't any tot or kdz files out
LG h830
Click to expand...
Click to collapse
I got a .tot file from somewhere -- can't remember if it was linked somewhere here on xda or I saw it on the web somewhere. File name is 'LGH830AT-00-10a-TMO-US-FEB-26-2016+0-user.tot'
Stock Android 7.0 T-Mobile Firmware for the s7 edge
G935TUVU4BQB1
And
G935TUVS4BQC1
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Download Here: https://drive.google.com/file/d/0B9QvmNs9dpD-LTdwQUgzejk5ZGM/view?usp=sharing
Mirror: https://mega.nz/#!H5cW1CIK!Z277bHwJlYrWEhmgMw9oaI_FKcZiZm2B1NUTZK1o6p8
Download latest Odin: https://forum.xda-developers.com/showthread.php?t=2711451
G935TUVS4BQC1 = New Firmware!
Download: https://drive.google.com/file/d/0B9QvmNs9dpD-N3lvMGJRemtpYW8/view?usp=sharing
can we flash it to g935v ?
Nice
justda said:
Since OP is taking forever here are 2 links to the odin files to flash nougat
https://www.sammobile.com/firmwares/download/123438/G935TUVU4BQB1_G935TTMB4BQB1_TMB/
http://www.mediafire.com/file/cnrtkb...61s9vc_fac.zip
Click to expand...
Click to collapse
Link is Live:https://drive.google.com/file/d/0B9QvmNs9dpD-LTdwQUgzejk5ZGM/view?usp=sharing
spiderkr said:
can we flash it to g935v ?
Click to expand...
Click to collapse
My s7 edge is from verizon and I did flash this t-mobile firmware with no issues through Odin (my s7 edge is unlocked btw)
Tetraguy said:
My s7 edge is from verizon and I did flash this t-mobile firmware with no issues through Odin (my s7 edge is unlocked btw)
Click to expand...
Click to collapse
Did you flashed directly on the g935v/g935u firmware ? or you flashed tmobile mm first ?
spiderkr said:
Did you flashed directly on the g935v/g935u firmware ? or you flashed tmobile mm first ?
Click to expand...
Click to collapse
Yes I had the Verizon Nougat bata installed. then I simply used odin 12.3 and flashed this firmware like any other stock rom.
When you flash it, your phone user data will be wiped. So I recommend you to make a backup of your files, apps and stuff first
Now we need root for 7.0. I'm gonna stick to 6.0.1 U firmware until then, but I'll be checking daily.
Tetraguy said:
Stock Android 7.0 T-Mobile Firmware for the s7 edge
G935TUVU4BQB1
Download Here: https://drive.google.com/file/d/0B9QvmNs9dpD-LTdwQUgzejk5ZGM/view?usp=sharing
Odin: https://forum.xda-developers.com/showthread.php?t=2711451
Click to expand...
Click to collapse
This wipe everything?
Bassion said:
This wipe everything?
Click to expand...
Click to collapse
Yes it did for me since I had Verizon's CSC installed. but since is a new rom I recommed you to make backups just in case.
Bassion said:
This wipe everything?
Click to expand...
Click to collapse
If you use the HOME.CSC it does not wipe the phone.
Tetraguy said:
Yes it did for me since I had Verizon's CSC installed. but since is a new rom I recommed you to make backups just in case.
Click to expand...
Click to collapse
@Tetraguy - THANKS!! I downloaded that 2.3GB file in 4 minutes via Google Drive share as opposed to Sam Mobile people keep referencing. We should get this on Android Files site too!
http://thunderztech.com/download-g935tuvu4bqb1-stable-nougat-update-for-t-mobile-s7-edge-g935t/
TOP 5 Solid Reasons Nougat is improved over Marsh:
1) Direct Boot
2) File-based Encryption
3) Number blocking/call screening
4) Faster, Refined, Optimized over Marsh
5) Notifications: redesigned, bundled and Quick Reply-able
#3: Number Blocking/Call Screening! DEATH to RoboCalls!
Android 7.0 features an advanced number blocking and call screening platform that provides users with complete control over unwanted callers and unknown numbers. Carrier integration also means numbers you’ve blocked through the dialer can be blocked via all mediums, including VOIP and call forwarding. Number blocking can also block texts and allow multiple apps to use the blocked numbers list for more system-wide blocking support.
I apologize for the noobish question, but I have the latest unlocked firmware ending with APL4(smg935u). To get this, do I just download the file and flash everything through odin? Do I have to flash just parts of the file( like just the ap/cp) or do I flash everything( BL/AP/CP/CSC) The last time I tried to flash tmobile firmware onto my unlocked, I kept getting issues. Been trying to figure this out all morning, but still a little confused. Any help will be greatly appreciated
kng3025 said:
I apologize for the noobish question, but I have the latest unlocked firmware ending with APL4(smg935u). To get this, do I just download the file and flash everything through odin? Do I have to flash just parts of the file( like just the ap/cp) or do I flash everything( BL/AP/CP/CSC) The last time I tried to flash tmobile firmware onto my unlocked, I kept getting issues. Been trying to figure this out all morning, but still a little confused. Any help will be greatly appreciated
Click to expand...
Click to collapse
I believe you can just flash without any prep work (aside from backing up your data, of course). To my knowledge, most of the G935 firmwares are interchangeable in that even if you get stuck you can always flash your stock ROM again. I'm on AT&T running Tmo MM just fine. All I had to do was update APN afterward so it could talk with the AT&T network. As I understand it, per the above post you can flash the "HOME CSC" to avoid data deletion. I would still backup whatever you can via adb or whatever program you favor.
disturbd1 said:
I believe you can just flash without any prep work (aside from backing up your data, of course). To my knowledge, most of the G935 firmwares are interchangeable in that even if you get stuck you can always flash your stock ROM again. I'm on AT&T running Tmo MM just fine. All I had to do was update APN afterward so it could talk with the AT&T network. As I understand it, per the above post you can flash the "HOME CSC" to avoid data deletion. I would still backup whatever you can via adb or whatever program you favor.
Click to expand...
Click to collapse
Thanks for this. I have all the files loaded up in Odin but haven't hit the button yet. I have a G935U. Do you know if there is anything that prevents downgrading back to 6.0.1, since that's where my stock firmware currently is? And also, it's safe to flash the bottloader and all the rest, to my G935U? Thx!
kng3025 said:
I apologize for the noobish question, but I have the latest unlocked firmware ending with APL4(smg935u). To get this, do I just download the file and flash everything through odin? Do I have to flash just parts of the file( like just the ap/cp) or do I flash everything( BL/AP/CP/CSC) The last time I tried to flash tmobile firmware onto my unlocked, I kept getting issues. Been trying to figure this out all morning, but still a little confused. Any help will be greatly appreciated
Click to expand...
Click to collapse
Did that in mine and worked. I'm brazilian and both U and T versions of Marsh didn't have pt-BR language.
Nougat has \o/ \o/
Now i'm waiting U nougat version to keep away from T-Mobile trash.
Cabeção-Flu said:
Did that in mine and worked. I'm brazilian and both U and T versions of Marsh didn't have pt-BR language.
Nougat has \o/ \o/
Now i'm waiting U nougat version to keep away from T-Mobile trash.
Click to expand...
Click to collapse
Did you flash all 4 files of the firmware? BL, AP, CP, and CSC?
YrrchSebor said:
Did you flash all 4 files of the firmware? BL, AP, CP, and CSC?
Click to expand...
Click to collapse
Yes, sir. Fully wiped.
Everything seems working and very smooth. :good:
Cabeção-Flu said:
Yes, sir. Fully wiped.
Everything seems working and very smooth. :good:
Click to expand...
Click to collapse
Crazy that TMO got it before 935U!
YrrchSebor said:
Thanks for this. I have all the files loaded up in Odin but haven't hit the button yet. I have a G935U. Do you know if there is anything that prevents downgrading back to 6.0.1, since that's where my stock firmware currently is? And also, it's safe to flash the bottloader and all the rest, to my G935U? Thx!
Click to expand...
Click to collapse
That, I don't know; going back. I'll leave it up to a more seasoned veteran to answer the question about the bootloader version. My understanding is that the G935U is identical in terms of the hardware it has and the software it runs (sans bloatware from carriers), so in my mind it doesn't seem like you'd have to worry about it failing.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
This thread is for the MediaPad M3 Lite 10 LTE - Tablet from Huawei.
In my case, I´m looking for a C-ROM and C-Recov (e.a. RR, Mokee, TWRP) for the
Huawei MediaPad M3 Lite 10 LTE (BAH-L09) with Android 7.0 and EMUI 5.1
Since it´s quite new on the market it´s atm hard to find anything bout a C-ROM or even a C-recovery.
discoveries
advises
questions
tipps / tricks
productive discussions
solutions
are much appreciated.
Detailed device Informations:
Nobody knows any thread about this tablet??
Still searching for a root-solution.
So it's possible to read out the firmware with Infinity Box CM2 but haven't found a working "Non-dongle"-version (Loader).
Some days, there will be a root solution.
It just takes time and will be posted in here.
essayn said:
Still searching for a root-solution.
So it's possible to read out the firmware with Infinity Box CM2 but haven't found a working "Non-dongle"-version (Loader).
Some days, there will be a root solution.
It just takes time and will be posted in here.
Click to expand...
Click to collapse
If you need some help and i can do something, tell me
skymota said:
If you need some help and i can do something, tell me
Click to expand...
Click to collapse
I much appreciate the offer but what could u do if u haven´t the device or do u own it ?
Since my CM2-Infinity-box doesn´t work (usually I work with Miracle Box but it´s not compatible ...well the Tablet has to be rooted to read the firmware..), and literally tried all rooting-apps and progs, this device is really stubborn!
I own this device, thats what i told you
skymota said:
I own this device, thats what i told you
Click to expand...
Click to collapse
Very well. ?
Actually, just the stock-recovery is needed to finally start to compile it. Have u been able to extract the recovery or maybe the whole ROM ? ?
essayn said:
Very well.
Actually, just the stock-recovery is needed to finally start to compile it. Have u been able to extract the recovery or maybe the whole ROM ? ?
Click to expand...
Click to collapse
search and read a lot about this but i cant...
skymota said:
search and read a lot about this but i cant...
Click to expand...
Click to collapse
Well, to bad but I guessed so, since this device is atm not rootable. :/
I tried every single Flash-Box like MB, Infinity, Aladdin, Falcon etc pp.. any Rooting-App (APK & PC- based), almost a dozen flash-tools like ADT, AOS-flasher, Ultimate Backup-tool etc...and several command prompts via ADB&Fastboot.
Really Nothing helped to get a nandroid- or even a dumb ROM. From which I could extract the stock recovery.
Nevermind, I will try alil more with Holo- & Heliumbackup, which surely wont work but who knows, rite ??
I'm patient and as soon as I've found a solution I'll share it here immediately.
As any other user is welcome to do so, too.
I´ve managed to extract the stock-recovery via an OTA-update which came from Firmware Finder from Team MT.
U ´ll find the recovery on G-Drive. The "oldRECOVERY.img" is the extracted stock-recovery from the original BAH-L09C100B018 firmware!
So, since I´ve updated the Tablet, the only "RECOVERY.img"-named file is from the newest firmware which is L09C100B021!
If u wanna update to ...021, via the Firmware Finder-App, u need
The App
Time
Be aside your tablet
and watch this video before u start
May read this thread aswell
I bought the BAH-W09 model last week, anyone here unlocked bootloader on the lite 10 yet?
jenkins-1984 said:
I bought the BAH-W09 model last week, anyone here unlocked bootloader on the lite 10 yet?
Click to expand...
Click to collapse
Yup, unlocked the BL from day 1. It´s the same procedure for all HUAWEI devices.
Just go here, login or register, confirm the unlocking agreement and put all device infos into the blank fields.
U´ll immediatley get an unlock code, which u have to enter via fastboot command prompts (recommended):
fastboot devices
fastboot oem unlock-go 1234567890123456 <- (this number is an example, u´ll have to put ur code there instead)
fastboot reboot
From now on an unlocked bootloader message will appear every time u start ur device. Just press power shortly to boot then. (It´s also written in the text aswell)
P.S.
Before u try to unlock: Don´t forget to enable USB-debugging in the Engineertool (tap 7 times on "build" in the settings-menue) and "allow OEM unlocking".
essayn said:
Yup, unlocked the BL from day 1. It´s the same procedure for all HUAWEI devices.
Just go here, login or register, confirm the unlocking agreement and put all device infos into the blank fields.
U´ll immediatley get an unlock code, which u have to enter via fastboot command prompts (recommended):
fastboot devices
fastboot oem unlock-go 1234567890123456<- (this number is an example, u´ll have to put ur code there instead)
fastboot reboot
From now on an unlocked bootloader message will appear every time u start ur device. Just press power shortly to boot then. (It´s also written in the text aswell)
P.S.
Before u try to unlock: Don´t forget to enable USB-debugging in the Engineertool (tap 7 times on "build" in the settings-menue) and "allow OEM unlocking".
Click to expand...
Click to collapse
Ok cheers, I looked on the emui site and was nothing under their tablet menu only phones on the unlock bootloader page, on Nexus you just enable usb-debugging and click the OEM unlock in settings and fastboot flashing unlock in terminal. Sony uses a custom tool and HTC via their website I had a few phones in the past and built roms etc this my first Huawei device apart from my Nexus 6p Huawei help build with Google. I take it this device no official forum atm only the Kirin version.
Ya, HUAWEI has a quite faire unlock policy.
Important: There's an unlock bug sometimes. Be sure to have the Original firmware on ur device. (No updated ROM)
Have fun.
essayn said:
Ya, HUAWEI has a quite faire unlock policy.
Important: There's an unlock bug sometimes. Be sure to have the Original firmware on ur device. (No updated ROM)
Have fun.
Click to expand...
Click to collapse
It's on latest official that came with device, I take it there is no twrp or anything out for this device ATM?
Just check a view posts above. I've described how to get the newest FW.
So if the factory ROM-version is installed, unlock the BL and after then update ur ROM. Jfi.
BTW_
Atm there's no custom recovery available for the M3 Lite Versions. U have to compile it by urself or make a request on Hovatek.com
essayn said:
Just check a view posts above. I've described how to get the newest FW.
So if the factory ROM-version is installed, unlock the BL and after then update ur ROM. Jfi.
BTW_
Atm there's no custom recovery available for the M3 Lite Versions. U have to compile it by urself or make a request on Hovatek.com
Click to expand...
Click to collapse
I'm not bothered about updating the firmware ATM more so custom recovery but will look into it after my holiday.
I have requested official forum for this device and looks to be accepted so hopefully get some development going for this device soon...
There seems to be no way to retrieve the unlock code for Wifi-only tablets from the official Huawei site, as it demands the IMEI which is obviously missing.
I have contacted Huawei support with the product ID and serial number of my M3 Lite 10. One day later I have received the unlock code. I think that having been polite has helped
.
Storage question
Hello,
First of all: sorry, if the question is 'noobish', but as a matter of fact I am noob as far as android is concerned
I just bought this tablet for my son (LTE version), and I was quite surprised to find out that I can't move the installed applications to SD card.
Are there any hints and tips on how to take advantage of the big SD card, so my son's game data would not have to be stored in the internal memory?
The only default option is to change the memory from internal to SD, after the tablet restarts. But I assume it uses then only the SD card, and I am looking for a solution I remember from Samsung phone, where I could choose certain apps to move from internal memory to SD.
Another question, just by the way, is following: when I install an apk file from the SD card, during the installation process every few seconds I get a pop-up saying the application is not responding (although the installation is in progress). Any way to disable those annoying pop-ups?
I'd appreciate any feedback
First, let me apologize for the rough guide I'm going to deliver I'll clean this up in due time.
1.) Let's get some files downloaded. So here is a guide by @deadman96385 that details Qfil and the actual process of flashing.
2.) Let's incorporate that into my guide
* You'll choose the programmer from my TWRP folder
* You'll choose the rawprogram0.xml from my TWRP folder
3.) Time to flash....just press Download there's nothing else to do.
4.) Boot into recovery...do I need to explain how?
* Warning* Do not flash Magisk requires a separate boot.img I haven't made it just yet.
So with all this, what is the next step in the process for custom rom installs? Waiting on mine in the mail so I can begin looking into everything as well, sadly I picked the att variant so it looks like things will be more difficult for me.
good work @Unjustified Dev And @deadman96385
ff7cloudsnobody said:
So with all this, what is the next step in the process for custom rom installs? Waiting on mine in the mail so I can begin looking into everything as well, sadly I picked the att variant so it looks like things will be more difficult for me.
Click to expand...
Click to collapse
Roms won't be ready any time soon this was just a preliminary step. And what do you mean by more difficult? I have the att version.
Unjustified Dev said:
Roms won't be ready any time soon this was just a preliminary step. And what do you mean by more difficult? I have the att version.
Click to expand...
Click to collapse
From what I've been reading up on, it had looked like the AT&T variant was more difficult to get through than the others. I could be wrong though. But thanks for this breakthrough!
ff7cloudsnobody said:
From what I've been reading up on, it had looked like the AT&T variant was more difficult to get through than the others. I could be wrong though. But thanks for this breakthrough!
Click to expand...
Click to collapse
I don't know about the other variants. Each firmware is signed so I can't test their Roms, but I used their updated 8.1 proprietary files to build Lineage.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my G8142 using Tapatalk
Unjustified Dev said:
I don't know about the other variants. Each firmware is signed so I can't test their Roms, but I used their updated 8.1 proprietary files to build Lineage.
Click to expand...
Click to collapse
Does going the old "data wipe then flash boot img without encryption" not work anymore? If so then my bad, been a while since I've worked with a phone that is locked down with signed firmware. Was looking into doing that right now.
Edit: And I don't mean via flashboot because first boot should cause it to resign
AT&T
Unjustified Dev said:
Roms won't be ready any time soon this was just a preliminary step. And what do you mean by more difficult? I have the att version.
Click to expand...
Click to collapse
Hello!
Thank you for the first ray of light Please, can you answer some questions?
1) As far as I know, AT&T version of Z999 has locked bootloader. Have you tried this TWRP with AT&T Z999 (not T-mob, China or Russian)?
2) As far as I know, AT&T version of Z999 has non-standard EDL mode and until now there was only one tool capable of flashing it, "Uni-Android Tool" for $49. The usual QFIL doesn't see 9008 COM-port on this phone. So, how does your TWRP gets flashed? Or is the included "firehose" an already patched one for AT&T Z999?
3) If all of these works, can root be (some day) obtained with locked bootloader?
I live in a country with GSM 900\1800, UMTS 2100 & LTE B3 & B20, so right now my Z999 is useless as a mobile device & works only as a small tablet. The root is totally necessary for me to unlock additional bands & I have faith in You
Thanks once again,
WBR - Draco.
Drakosha said:
Hello!
Thank you for the first ray of light Please, can you answer some questions?
1) As far as I know, AT&T version of Z999 has locked bootloader. Have you tried this TWRP with AT&T Z999 (not T-mob, China or Russian)?
2) As far as I know, AT&T version of Z999 has non-standard EDL mode and until now there was only one tool capable of flashing it, "Uni-Android Tool" for $49. The usual QFIL doesn't see 9008 COM-port on this phone. So, how does your TWRP gets flashed? Or is the included "firehose" an already patched one for AT&T Z999?
3) If all of these works, can root be (some day) obtained with locked bootloader?
I live in a country with GSM 900\1800, UMTS 2100 & LTE B3 & B20, so right now my Z999 is useless as a mobile device & works only as a small tablet. The root is totally necessary for me to unlock additional bands & I have faith in You
Thanks once again,
WBR - Draco.
Click to expand...
Click to collapse
1.) I have the att variant
2.) The all have edl mode I sniffed the firehose from uniandroid and had a friend reconstruct it to get it working. And the usual qfil does see the phone. You're more than likely in dfu mode and not edl. Uniandroid can send the phone from dfu to edl. You can adb reboot to edl to get in 9008. The issue was the programmer was incorrect.
3.) Root can probably be obtained I just had no interest. I'll look into it later if I have time. Also I'm not sure if you can unlock more bands never looked into that before.
Sent from my G8142 using Tapatalk
Great!
Unjustified Dev said:
1.) I have the att variant
2.) The all have edl mode I sniffed the firehose from uniandroid and had a friend reconstruct it to get it working. And the usual qfil does see the phone. You're more than likely in dfu mode and not edl. Uniandroid can send the phone from dfu to edl. You can adb reboot to edl to get in 9008. The issue was the programmer was incorrect.
3.) Root can probably be obtained I just had no interest. I'll look into it later if I have time. Also I'm not sure if you can unlock more bands never looked into that before.
Sent from my G8142 using Tapatalk
Click to expand...
Click to collapse
Thanks for the answers! Wonderful news, the ability to flash AT&T phone with QFill changes everything. As for the bands, I've seen a lot of articles on how to unlock Qualcomm phones with NV editor, and had success with several Nexus-es & LG's. Let's hope that after (if...) root is obtained, one of the methods works. It will literally breath the new life into this phone & will make it useful everywhere in the world.
WBR, Draco.
Just an FYI, only running this didn't work for me, I changed the img to recovery.img and used the firehose with the stock files, I edited the boot though to remove secure boot.
Root
Unjustified Dev said:
* Warning* Do not flash Magisk requires a separate boot.img I haven't made it just yet.
Click to expand...
Click to collapse
Hello!
Any news on root or, perhaps, some ROM like Lineage?
WBR, Draco.
Any News?
So I tried flashing my bricked Axon M with the provided firehose file, and using provided B37 firmware, but I keep getting an error associated with "userdata.img is 0 bytes!" and if I delete the file, I then get an error stating "userdata.img could not be found!" any ideas?
ehsan96696 said:
So I tried flashing my bricked Axon M with the provided firehose file, and using provided B37 firmware, but I keep getting an error associated with "userdata.img is 0 bytes!" and if I delete the file, I then get an error stating "userdata.img could not be found!" any ideas?
Click to expand...
Click to collapse
Edit rawprogram0.xml where it says userdata.img edit it to be "" basically telling qfil don't flash it. Alternatively use miflash
Sent from my G8142 using Tapatalk
Unjustified Dev said:
Edit rawprogram0.xml where it says userdata.img edit it to be "" basically telling qfil don't flash it. Alternatively use miflash
Sent from my G8142 using Tapatalk
Click to expand...
Click to collapse
Thanks, I did get past that error, but now it is stuck at https://imgur.com/YzyzPNP
ehsan96696 said:
Thanks, I did get past that error, but now it is stuck at
Click to expand...
Click to collapse
Use miflash
Sent from my G8142 using Tapatalk
Unjustified Dev said:
Use miflash
Sent from my G8142 using Tapatalk
Click to expand...
Click to collapse
How? Whenever I pick the folder with the firmware it just sais "couldn't find flash script"
rawprogram0.xml
ehsan96696 said:
How? Whenever I pick the folder with the firmware it just sais "couldn't find flash script"
Click to expand...
Click to collapse
Here, just use the attached rawprogram0.xml (AT&T B37) with QFil
Drakosha said:
Here, just use the attached rawprogram0.xml (AT&T B37) with QFil
Click to expand...
Click to collapse
Tried as specified and it gets stuck here: https://imgur.com/xMynQ3h
ehsan96696 said:
Tried as specified and it gets stuck here: https://imgur.com/xMynQ3h
Click to expand...
Click to collapse
Do you have spaces in your username? Put firehose programmer file inside the firmware folder, and put the whole folder in C:\Z999 (without any spaces or long filenames). Run Qfil as admin. And never flash phones from DESKTOP...
i want to install a custom gsi, but it keeps bootlooping. wanted to install buf9 firmware but i cant bc its on sw_rev3 so it doesnt work. any suggestions?
tekkitheidiot said:
i want to install a custom gsi, but it keeps bootlooping. wanted to install buf9 firmware but i cant bc its on sw_rev3 so it doesnt work. any suggestions?
Click to expand...
Click to collapse
You can't downgrade once you've upgraded
wouldnt there be a way through twrp or brom mode?
tekkitheidiot said:
wouldnt there be a way through twrp or brom mode?
Click to expand...
Click to collapse
Nope you can try brom mode but i dont trust if works
If you buy a samsung device depending of the device (like this A12 and the MTK imei bug) is not a good idea to upgrade
tekkitheidiot said:
wouldnt there be a way through twrp or brom mode?
Click to expand...
Click to collapse
That's samsung for you, once you've upgraded Binary version there's no going back.
As for the brom mode, samsung has locked their phones out of that mode. I don't know if accessing it through access points works but you could try to see if it can help
I tryed to downgrade via TWRP flashing baseband and BL
Now my A12 is DEAD and i dont had a box to repair it (after flash i see the security error screen and flashed again the Binary 3 BL once odin tell me passed the phone doesn't booted again)
I just wanted to get the imei working because the firmware on the binary 3 (11 and 12) android system uses all my ram memory trying to get the signal working
F*** *** Samsung and mediatek next time i bought an exynos or qualcomm variant
tekkitheidiot said:
i want to install a custom gsi, but it keeps bootlooping. wanted to install buf9 firmware but i cant bc its on sw_rev3 so it doesnt work. any suggestions?
Click to expand...
Click to collapse
The last rom that i used on my A12 was pixel experience and worked perfectly on binary 3 android 11 based firmare (A125MUBUS3BVF1) just installed TWRP with nulled vbmeta flashed the image as system (not as super) and wiped the data (not advanced wipe) rebooted and the gsi was booted (only bugs mentionated on the thread and the touch bug)
Allehandro said:
That's samsung for you, once you've upgraded Binary version there's no going back.
As for the brom mode, samsung has locked their phones out of that mode. I don't know if accessing it through access points works but you could try to see if it can help
Click to expand...
Click to collapse
i can access brom mode if that helps
tekkitheidiot said:
i can access brom mode if that helps
Click to expand...
Click to collapse
How'd you do it?
Technically since I've always known that I can't access brom on my samsung I've never tried to understand what you can do with it.
Allehandro said:
How'd you do it?
Technically since I've always known that I can't access brom on my samsung I've never tried to understand what you can do with it.
Click to expand...
Click to collapse
i downgraded to the earliest binary 3, then used test points. worked perfectly
tekkitheidiot said:
i downgraded to the earliest binary 3, then used test points. worked perfectly
Click to expand...
Click to collapse
I was only planning yo use the brom mode to use the MTK META Utility which is developed by Mediatek themselves for fixing imei to see if I can fix the imei issue with it but I couldn't enter brom mode and I'm afraid of opening the back cover
Allehandro said:
I was only planning yo use the brom mode to use the MTK META Utility which is developed by Mediatek themselves for fixing imei to see if I can fix the imei issue with it but I couldn't enter brom mode and I'm afraid of opening the back cover
Click to expand...
Click to collapse
its relatively easy tbh. just be careful around the volume buttons, but everything else is okay. there arent too many cables to rip
Allehandro said:
I was only planning yo use the brom mode to use the MTK META Utility which is developed by Mediatek themselves for fixing imei to see if I can fix the imei issue with it but I couldn't enter brom mode and I'm afraid of opening the back cover
Click to expand...
Click to collapse
Its easy to open but be careful with the power/fingerprint sensor flex i think the testpoint is near of the charger flex in the mainboard (i see youtube tutorials to access to Brom mode and preloader)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Hello,
If you're going to be performing a downgrade, you'll have to have the SCATTAR firmware with all of the old loaded certificates and tokens. Flash is going to be performed via BROOM (fused ROM code) useing SP_FLASH_TOOL.
Regarding the IMEI issue, that I'm not able to help with. And it is pain to work with, maybe you the MODEM file could help bout dbout it. You might have to go diging through firmware sites.
Thats it.
Stay safe,
Krypton.
LAST_krypton said:
Hello,
If you're going to be performing a downgrade, you'll have to have the SCATTAR firmware with all of the old loaded certificates and tokens. Flash is going to be performed via BROOM (fused ROM code) useing SP_FLASH_TOOL.
Regarding the IMEI issue, that I'm not able to help with. And it is pain to work with, maybe you the MODEM file could help bout dbout it. You might have to go diging through firmware sites.
Thats it.
Stay safe,
Krypton.
Click to expand...
Click to collapse
where would i find this scattar firmware?
tekkitheidiot said:
where would i find this scattar firmware?
Click to expand...
Click to collapse
SM-A125U Multitool Kit (Root/TWRP/Unlock/Unbrick)
Here is a toolkit of several tools ive collected and put together for the A12 in a single pack to help see through all the clutter and chaos of this forum, i have an A125U (converterd to a-125w) so thats all i can confirm working 100% but im 99%...
forum.xda-developers.com
Maybe this can help you only you need to download a firmware (don't try to flash a binary 2 or binary 1 firmware if you do that you phone will get a hardbrick and the sp flashtool will give the 0xC0020029 or the anti roolback error)
Pd: dont forget to change the date to 25/05/2022 to get the mtkmetatool working
MauriJ2001 said:
SM-A125U Multitool Kit (Root/TWRP/Unlock/Unbrick)
Here is a toolkit of several tools ive collected and put together for the A12 in a single pack to help see through all the clutter and chaos of this forum, i have an A125U (converterd to a-125w) so thats all i can confirm working 100% but im 99%...
forum.xda-developers.com
Maybe this can help you only you need to download a firmware (don't try to flash a binary 2 or binary 1 firmware if you do that you phone will get a hardbrick and the sp flashtool will give the 0xC0020029 or the anti roolback error)
Pd: dont forget to change the date to 25/05/2022 to get the mtkmetatool working
Click to expand...
Click to collapse
ill look through it. thanks
tekkitheidiot said:
where would i find this scattar firmware?
Click to expand...
Click to collapse
You generate it your self
To unlock bootloader on these the easiest way is to convert it to an a125w xac by flashing the a125w bl files. Unlock bootloader with seccfg. Then flash ap, cp, and csc from a125w with odin and when it boots up it should show as a125w. Also in download mode it shows the same. My imei says unknown but i believe thats caused by unlocking bootloader so if you relock it after converting it should go back to normal. Playing with mtk modem tool to rewrite imei. Tried using xposed imei changer but didnt seem effective.