Related
hello there,
this tool is windows based. You need the .net 4.5 framework. There is no installer. Simply extract the executable onto your computer.
@xQrzy shared some insight about the flashfile.xml. So i made this tool for reading an image archive and creating proper flash statements. Its very rudimentary but its working.
So, whats to do? Use an image file (zip) or unzip it first. Then execute the program and select the image or the folder. And thats it. There is one tab with some information and on the second tab there is a list of flash operations this image provides. Under options you'll find one checkbox. Uncheck it will generate the full file paths for your image files. The third tab is for the output executing a real flash would return on the command line.
Choose your operations wisely, because eg. erase user data will make a factory reset.
version info
Code:
current version: 0.9.3
- (untested) added experimental flashing. There will be a warning before the actual flashing.
- little rework of the gui.
features:
Code:
- checking MD5 hashes of all files
- (untested) selectable flash commands and running them (thats why i called it installer)
for interested devs:
- its a sharpdevelop project (built with sharpdevelop 5.1 rc1). This project was hacked whithin 5 hours so its not that filled with comments and stuff. Its not on git because of this. You can of course download my sourcecode and compile your own binary if you don't trust me. Which would be clever and cautious.
I'm really happy to be the spark of this idea. ^^
And hope you will make the tool better and better.
aVe2000 said:
hello there,
this tool is windows based. You need the .net 4.5 framework. There is no installer. Simply extract the executable onto your computer.
@xQrzy shared some insight about the flashfile.xml. So i made this tool for reading an image archive and creating proper flash statements. Its very rudimentary but its working. I made this tool capable of executing the generated flash statements but i deactivated this because of the potential problems beeing caused by using this feature. Maybe i will continue on this in future.
So, whats to do? Use an image file (zip) or unzip first. Then execute the program and select the image or the folder. And thats it. There is one tab with some information and on the second tab there is a list of flash operations this image provides. Under options you'll find one checkbox. Uncheck it will generate the full file paths for your image files. The third tab is for the output a real flash would provide in the command line.
Choose wisely your operations, because eg. erase user data will make a factory reset.
Additional features:
- checking MD5 hashes of all files
current version: 0.9.2
Click to expand...
Click to collapse
so it will generate a txt file with the statements to type, it doesn't flash anything by itself, right?
bilbo75 said:
so it will generate a txt file with the statements to type, it doesn't flash anything by itself, right?
Click to expand...
Click to collapse
with version 0.9.3 it tries to flash.
Version 0.9.3 added.
Introduction
You probably know already that starting from Android 5.x (Lollipop) compiled roms (aosp,cm,stock) are not compressed anymore the way they used to be on previous android versions. On previous versions all content inside /system folder that has to be extracted within our device was either uncompressed (simple /system folder inside our flashable zip) or compressed in a system.img file, which it is a ext4 compressed file; both of these, anyway, were readable and we could see all system files (app,framework, etc).
The problem comes in >=5.0 versions, this method is not used anymore. Why? Because roms started to be always larger, so it is necessary to compress them even more.
Note : Introduction was taken from here : https://forum.xda-developers.com/an.../how-to-conver-lollipop-dat-files-to-t2978952 by @xpirt so thanks to him
So in order to save myself and others who most port Custom & Stock Roms, i decided to use some part of my time to write this script for easy work done.
What this script does :
It basically Unpack and Repack system.new.dat alongside with file_context.bin convertion which is seen in android 7.0/7.1
ITS USAGE:
NOTE
First Clone the repo.
Make sure that Android_System_Extraction_and_Repack_Tool is located at Desktop
Run "Xtrakt" from it's location in terminal
Copy "file_contexts.bin" from your Rom to "file_context_zone" folder
Use "f" from menu to convert "file_contexts.bin" to text readable "file_contexts"
Copy : system.new.dat, system.transfer.list & file_contexts to "convert-dat" folder.
Use "i" from menu to unpack, which the output will be name as "rom_system" for modifications of apks & files.
Use "y" from menu to repack, which the complete new "system.new.dat", "system.patch.dat" & "system.transfer.list" will be located at "Finish-new.dat" folder
Done !
EXAMPLE:
Again , Make sure that Android_System_Extraction_and_Repack_Tool is located at Desktop
In your terminal, type the following to start the script:
Code:
git clone https://github.com/iykequame/Android_System_Extraction_and_Repack_Tool.git
mv android_system_extraction_and_repack_tool ~/Desktop/
cd ~/Desktop/android_system_extraction_and_repack_tool/
./Xtrakt
OR
Code:
Double-click the Xtrakt file and choose "Run in Terminal" if your OS supports it.
##ALERT!!!##
sudo is requested in the script.
How To Get It {Tool]
Clone from one of the below ;
From GITHUB :
Code:
git clone https://github.com/iykequame/Android_System_Extractrion_and_Repack_Tool.git
From BITBUCKET :
Code:
git clone https://[email protected]/zac6ix/android_system_extraction_and_repack_tool.git
Or
Download zip
AFH
GIT-RELEASE
Sources :
Android_System_Extraction_and_Repack_Tool
GITHUB
BITBUCKET
Threads :
sdat2img 1.0 - img2sdat 1.2
For file_context.bin conversion by: Pom Kritsada @ MTK THAI Developers.
Credit to :
@xpirt
@SuperR.
-all xda threads which helped
-Android Matrix Development - here
-Nana Yaa for her time.
hi, your tool sounds good but it seems it doesnt work.
i press f and nothing happen ..
Use "f" from menu to convert **"file_contexts.bin"** to text readable **"file_contexts"**
Blackball said:
hi, your tool sounds good but it seems it doesnt work.
i press f and nothing happen ..
Use "f" from menu to convert **"file_contexts.bin"** to text readable **"file_contexts"**
Click to expand...
Click to collapse
Sorry for the Late reply !
Directories linking has been fix .
You can go ahead and try again
Thanks for sharing!
Don't work
When i press i ..Don't work.say file missing.but i already put all file..Please help meView attachment 4249470
Doesn't do anything with file_context.bin, doesn't even check if file is there.
oreo supported???
I am getting this error on repacking:-
Code:
WARNING! WARNING!! WARNING!!!
Please Check & Trace Where Errors.
There Is NO rom_system found
file_contexts -->> Missing !
Android SDK -->> not detected !
Please help.
Black_J said:
I am getting this error on repacking:-
Code:
WARNING! WARNING!! WARNING!!!
Please Check & Trace Where Errors.
There Is NO rom_system found
file_contexts -->> Missing !
Android SDK -->> not detected !
Please help.
Click to expand...
Click to collapse
I see that this thread is not supported.
Anyways, I observed that the tool works for file_contexts.bin but not for other options.
So , I followed the other link in the thread for individual commands and was successful.
Works perfectly on Android Pie! Have to do some tweaks, PM me if anyone wants to make this work for Android Pie.
Poison Kitchen IDE
Development preview
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
​
Description
A powerful IDE for android ROM development
Runs native on WINDOWS, MacOS themed.
Its powered by my XanderUI class library for the .net framework
Currently Development preview builds are only available, meaning things may be broken, behave incorrectly or other
Click to expand...
Click to collapse
Features
-Full GUI coded in C# for fast runtime
-XanderUI based controls(My C# class library)
-Based on .net 4.5
-Support for every single android version
-Unpack rom from (.zip, .tar, .md5, .img, aml_upgrade_package)
-Pull all required files from device(root needed to copy kernel block)
-Adb, fastboot and drivers installater
-ROM information
-Explorer
-Deodexing(4.4.4 and lower ATM)
-Unpacking the kernel
-Converting file_contexts.bin to standard text
-Kernel explorer
-Repacking kernel
-Logging
-Auto-generating updater-script
-Use generic symlinks if files detected
-Use generic file contets if the kernel does not contain file_contexts
-/data/app auto transition to new rom(somewhat working)
-Wipe data excluding /data/media(/sdcard path)
-Auto kernel block detection
-Auto mounting /system and /data
-Packing rom
-Signing rom
-Updater-script editor
-Extansion support
-Emulated exension scripts(applied via C#)
-Degapps extension
-Deknox extension
-Custom emoji extension
-Enable sony apps extension
Click to expand...
Click to collapse
Features not yet implemented
-root via magisk(systemless) and superSU(standard)
-init.d
-deodexing 5.0 and up
-adbd insecure
-init.d tweaks
-build.prop tweaks
-change display I.D
-add sysrw/ro binary
-logging needs tweaking
-loading rom information updated in the background
-Unpacking RUU as project(HTC)
-Unpacking TFT as project(SONY)
-Unpacking system.dat(sparse)
-Setting your actual device as the project and apply changes in realtime
-/data/app auto transition to new rom
-Kernel may not unpack
-Convert line endings in explorer context menu
-Inbuilt file editor(with EOL auto-detection)
-Boot animation player/changer
-Auto flash rom with ORS(TWRP)
-Bluestacks as rom
Click to expand...
Click to collapse
Settings
Load settings()
-Set default startup project or startup menu
-Enable/disable logging
-Stop logger from detecting files or folders added, deleted, changed or moved
Installation settings()
-Change romname
-Change installation type(autodetect on unpack, User generated, Tool generated)
-Change file contexts method(Auto, extracted from kernel, assumed)
-Enable/disable safewipe
-Enable/disable data/app auto transition
-Enable/disable autodetect ernel blockpath(add path below)
Pack settings()
-Change compression level
-Add signing method(pack into presigned, sign on zip, none)
-Change java heapsize
-Exclude files and folders from being packed/detected by IDE
Default program settings()
Change default program to open image files
Change default program to open video files
Change default program to open audio files
Change default program to open prop files
Change default program to open archive files
Change default program to open jar/apk files
Change default program to open other type files
Current version and updates()
Cleanup settings()
Click to expand...
Click to collapse
License
GNU GPL V3
Downloads
Downloads page
XDA:DevDB Information
Poison Kitchen IDE, Tool/Utility for the Android General
Contributors
Ricky Divjakovski
Version Information
Status: Testing
Created 2018-04-19
Last Updated 2018-04-19
Creating extensions and documentation
Code:
Description -
As extensions are a great adittion to the IDE, whats the use if you cant make your own for automated building?
Information you need to know -
The tool looks for the file "extension.info".
In the extension.info file you will specify the extension name, description and the poison shell script file(.psh).
Package the folder containing the extension as a zip archive
------------------------------------------------------------------
Entension index
------------------------------------------------------------------
Sample extension -
https://github.com/Ricky310711/Poison-Kitchen-Extension-Example
extension.info -
Lines will only be read if starting with "Name", "Description" or "Run"
-------------------- code exmpla
# this sets the extension name
Name:Fake optimizer
# this sets the extension description
Description:Do not apply this to rom, its a fake extension to show an example
# this is the poison script to run(must be in same directory)
Run:FakeOpt.psh
------------------------------------------------------------------
Scripting language(.psh file)
------------------------------------------------------------------
Information
-Must be linux EOL(\n)
-Anything but recognised 1st args are ignored
-Any errors will be ignore by the shell
-Use full paths asif you are in the root(/)
Extracting content to rom
---------- code example
EXTRACT|myFolder
1st arg states we are extracting(copying) a folder to the rom
2nd arg is the folder to extract(must be in same directory as extansion)
NOTE: This will extract the folder to the root of the rom
Changing a line in a file
---------- code example
CHANGE|START|/system/build.prop|ro.product.device=|THIS IS STARTS TEST
1st arg specifies we are changing a file
2nd arg specifies where on a line to search for the string(arg4)
3rd arg specifies the file to change
4th arg specifies the string to look for
5th arg is what you would like to replace the line with
The second arg can be START, CONTAINS or END
Appending a file
---------- code example
APPEND|TOP|/system/build.prop|# A TEST FOR APPENDING TOP
1st arg specifies we are appending a file
2nd arg specifies if we are appending at the TOP or BOTTOM
3rd are is the file to append
4th arg is the content to append
Remove a line from a file
---------- code example
REMOVE|/system/build.prop|# end fota properties
1st arg states we are removing a line from a file
2nd arg specifies the file
3rd arg is the string to look for in the line
Delete a file or folder
---------- code example
DELETE|/system/preinstall
Pretty straight forward, will delete a file or folder called "preinstall" from /system/
Create a file or folder
---------- code example
CREATE|DIRECTORY|/preinstall
arg 1 states we are creating something
arg 2 specifies if a FILE or FOLDER
arg 3 is the file or folder to create
Rename a file or folder
---------- code example
RENAME|/system/bin/am|amRenamed
1st arg specifies we are renaming a file or folder
2nd arg is the file or folder
3rd arg is the new name
Changelog
Development preview 2
-Added pull rom from device in setup
-Smoother nvigation
-XanderUI 1.6.0 integration
-Message boxes are now themed like the app
-Extensions now show progress upon running
-Deodexing up to Android 4.4.4 implemented
Development preview 1
-initial release
reserved3
supports all versions of android and all devices, no manual input needed.
dev preview 3 possibly tommorow
Yay now I can at least try to build my own g6 ROMs. Nice work.
development on hold until the 30th as im on holiday, i have been dedicating little time to this as internet here is extremely slow
Magisk and SU support added aswell as deodexing 5.x > 6.0
Also working on disabling signature verification, adding sysrw(as binary)
hi, im trying out the program, it never completes the extraction, and the progress icon starts at 53% do i need to do anything when trying to start the program.
i haVE TRIed running as administartor and without running as admin.
thanks
Twisted714 said:
hi, im trying out the program, it never completes the extraction, and the progress icon starts at 53% do i need to do anything when trying to start the program.
i haVE TRIed running as administartor and without running as admin.
thanks
Click to expand...
Click to collapse
A dialog will more then likely poppup requesting permission to run imgextractor.exe, be sure to accept that to complete the process
Ricky Divjakovski said:
A dialog will more then likely poppup requesting permission to run imgextractor.exe, be sure to accept that to complete the process
Click to expand...
Click to collapse
i am attaching some pics to what happens.
please advise. thanks
there are a couple more that are insignificant
Twisted714 said:
i am attaching some pics to what happens.
please advise. thanks
there are a couple more that are insignificant
Click to expand...
Click to collapse
Could you please PM me with pics of the firmware your selecting or even a link?
I've gone ahead and tried this. I pointed the app to my system.img (not the fastboot zip) and ended up with "error extracting". Tool looks promising. ROM is available for download here:
http://en.miui.com/download-333.html
I extracted it and used the images/system.img
oreo27 said:
I've gone ahead and tried this. I pointed the app to my system.img (not the fastboot zip) and ended up with "error extracting". Tool looks promising. ROM is available for download here:
http://en.miui.com/download-333.html
I extracted it and used the images/system.img
Click to expand...
Click to collapse
Im going to test now, if the firmware has system.transfer.list, and system.dat, it will not be able to be unpacked until i make a native library or extension to perform the operation as i think it would be extremely stupid for the need to have python installed to run.
The only reason i havent rebuilt smali/baksmali etc is 1. Would take me months, 2. we are modifying a system that relies on java to operate.
in future, hefty operations like unpacking etc, will be coded in ASM/C code for faster operation, Im planning on making the whole project open source to allow changes and fixes submitted by other developers, So if anyones interested let me know and ill upload the source code(Written in C# for the .net 4.5 framework)
Ricky Divjakovski said:
Im going to test now, if the firmware has system.transfer.list, and system.dat, it will not be able to be unpacked until i make a native library or extension to perform the operation as i think it would be extremely stupid for the need to have python installed to run.
The only reason i havent rebuilt smali/baksmali etc is 1. Would take me months, 2. we are modifying a system that relies on java to operate.
in future, hefty operations like unpacking etc, will be coded in ASM/C code for faster operation, Im planning on making the whole project open source to allow changes and fixes submitted by other developers, So if anyones interested let me know and ill upload the source code(Written in C# for the .net 4.5 framework)
Click to expand...
Click to collapse
Not sure if this helps but I've run Imgextractor directly on my system.img with this result:
Code:
Mi-A1-Repository>Imgextractor Mi-A1-Repository\Roms\Fastboot\tissot_images_V.9.5.10.0.ODHMIFA_8.0\images\system.img
ImgExtractor version 1.3.6 <Created by And_PDA (Based on sources ext4_unpacker)>
Extractor for images in EXT2\EXT3\EXT4\YAFFS2\CRAMFS filesystem formats
support SPARSE\SIN\MOTO structure formats
Open image file Mi-A1-Repository\Roms\Fastboot\tissot_images_V.9.5.10.0.ODHMIFA_8.0\images\system.img (size 3221225472 bytes) successfull...
Analize format of file. Please wait...
Found SPARSE FORMAT
Found EXT4 FORMAT
free space in image 188895232 bytes
Extract started. Please wait...
Extract 750 folders and 6306 files successfull
Found 386 symlink files
File stats (uid, gid, permission) save to Mi-A1-Repository\Roms\Fastboot\tissot_images_V.9.5.10.0.ODHMIFA_8.0\images\system__statfile.txt
Extract finish success
Press Enter to continue...
oreo27 said:
Not sure if this helps but I've run Imgextractor directly on my system.img with this result:
Code:
Mi-A1-Repository>Imgextractor Mi-A1-Repository\Roms\Fastboot\tissot_images_V.9.5.10.0.ODHMIFA_8.0\images\system.img
ImgExtractor version 1.3.6 <Created by And_PDA (Based on sources ext4_unpacker)>
Extractor for images in EXT2\EXT3\EXT4\YAFFS2\CRAMFS filesystem formats
support SPARSE\SIN\MOTO structure formats
Open image file Mi-A1-Repository\Roms\Fastboot\tissot_images_V.9.5.10.0.ODHMIFA_8.0\images\system.img (size 3221225472 bytes) successfull...
Analize format of file. Please wait...
Found SPARSE FORMAT
Found EXT4 FORMAT
free space in image 188895232 bytes
Extract started. Please wait...
Extract 750 folders and 6306 files successfull
Found 386 symlink files
File stats (uid, gid, permission) save to Mi-A1-Repository\Roms\Fastboot\tissot_images_V.9.5.10.0.ODHMIFA_8.0\images\system__statfile.txt
Extract finish success
Press Enter to continue...
Click to expand...
Click to collapse
Found the error, the img file is of a wierd format, as its named system.img, it actually contains files from the root, so within the system.img the the root of the image is actually the root of the device rather then the root of the system partition, its extremely odd but none the less extremely simple to fix
Issue is already fixed and will be included in dev preview 3, that is expected for public release in a day or so with much more additions
Ricky Divjakovski said:
Found the error, the img file is of a wierd format, as its named system.img, it actually contains files from the root, so within the system.img the the root of the image is actually the root of the device rather then the root of the system partition, its extremely odd but none the less extremely simple to fix
Issue is already fixed and will be included in dev preview 3, that is expected for public release in a day or so with much more additions
Click to expand...
Click to collapse
Yeah. I found it odd that the system.img had a /system directory in it. Awesome! Can't wait
Ricky Divjakovski said:
Could you please PM me with pics of the firmware your selecting or even a link?
Click to expand...
Click to collapse
its on mega.
https://mega.nz/#!dCA2mAYS!-GrKWuuTNODaYEbt3LWiw4LJzxkrz5wI3T94mQ4PU90
it is a android 6 to android 7 full update. its installed, but i am trying to learn cobble together a rom. this img is for a zoomtak upro, i have found today an image for the uplus/vplus. it has much more stuff in it.
thanks
Twisted714 said:
its on mega.
https://mega.nz/#!dCA2mAYS!-GrKWuuTNODaYEbt3LWiw4LJzxkrz5wI3T94mQ4PU90
it is a android 6 to android 7 full update. its installed, but i am trying to learn cobble together a rom. this img is for a zoomtak upro, i have found today an image for the uplus/vplus. it has much more stuff in it.
thanks
Click to expand...
Click to collapse
I will check it when i get home, if its an upgrade package, i cannot ad support for it..
Hello, recently I looked into LG backup and restore application using static analysis.
Note: this is based on version lg bnr 8.0.26 from 2020-02-13, tested with 7.0.20 from 2008-12-31
Here is the extract tool:
https://github.com/Mysak0CZ/LBFtool
And here is the technical part (you don't need to read this, if you just want to extract your data):
The file contains 2 headers (one of them is referred to as "new")
These are XML documents encrypted using AES/ECB/PKCS5Padding + SHA256 and null IV with static password
Code:
cd562f61-5399-3978-ac76-7c54b0508010
And they look like this:
Code:
<?xml version="1.0" encoding="UTF-8"?>
<BackUp>
<Common>
<Name>LGBackup_200217_1</Name> <!-- Name of the backup file -->
<Id>Randomly generated UUID</Id> <!-- Id of the backup file -->
<IsNew>True</IsNew> <!-- IsNew is same in new and old header -->
<Version>1.00</Version>
<Attr Name="product_model">LM-X525</Attr>
<Attr Name="os_version">9</Attr>
<!-- And other attributes including google email -->
</Common>
<BackupItem Category="settings_DB" StartOffset="59392" DataSize="136626" />
<BackupItem Category="MEDIA_DB" StartOffset="901169" DataSize="78393344" FileName="external.db" />
<!-- Other backuped items -->
</BackUp>
The "new" header has more information than original header, but same structure.
The attribute "IsNew" signals the presence of the new header. (and is True in both files)
All numbers inside file are in Big-endian.
And this is the structure of the file (decimal position):
Code:
0: Unknown - 0x00 for me
1: Int32 - size of the new header
5: Int64 - offset to the new header (usually 13)
13 ... EOF-33: data
EOF-33: 20 bytes - SHA1 hash of the password (if present, otherwise still data)
EOF-13: Int64 - offset to the (old) header
EOF-5: Int32 - size of the (old) header
EOF-1: Bool - Lock byte - the file is (0x01) or isn't (0x00) protected by password
The password is only checked during import, not used to encrypt data (so to remove password, just set the last byte to 0)
Every "BackupItem" entry has a "Category".
Special case is Category="APPLICATION" with this structure:
Code:
<BackupItem Category="APPLICATION">
<APPLICATION Name="com.lge.ime" StartOffset="19221586" DataSize="2385983" Package="com.lge.ime">
<Attr Name="com.lge.ime">com.lge.ime</Attr>
</APPLICATION>
<APPLICATION Name="org.exmple.app" StartOffset="1429652009" DataSize="3420160" FileName="org.exmple.app.tar" Package="org.exmple.app">
<Attr Name="org.exmple.app">org.exmple.app</Attr>
</APPLICATION>
<!-- ... -->
</BackupItem>
All applications are tar files that contain 2 folders:
app - contains the apk file
data - application's internal data
All other items have:
StartOffset - Offset inside file
DataSize - Self explanatory
FileName - Not all have this, but most do; it is the original name of the backuped file.
The files are not compressed nor encrypted.
Footnote: This is my first post on XDA, so sorry for any mistakes I made (including my english) and feel free to correct me/give me advice.
Mysak0CZ said:
Hello, recently I looked into LG backup and restore application using static analysis.
Note: this is based on version lg bnr 8.0.26 from 2020-02-13, tested with 7.0.20 from 2008-12-31
Here is the extract tool:
And here is the technical part (you don't need to read this, if you just want to extract your data):
The file contains 2 headers (one of them is referred to as "new")
These are XML documents encrypted using AES/ECB/PKCS5Padding + SHA256 and null IV with static password
And they look like this:
The "new" header has more information than original header, but same structure.
The attribute "IsNew" signals the presence of the new header. (and is True in both files)
All numbers inside file are in Big-endian.
And this is the structure of the file (decimal position):
The password is only checked during import, not used to encrypt data (so to remove password, just set the last byte to 0)
Every "BackupItem" entry has a "Category".
Special case is Category="APPLICATION" with this structure:
All applications are tar files that contain 2 folders:
app - contains the apk file
data - application's internal data
All other items have:
StartOffset - Offset inside file
DataSize - Self explanatory
FileName - Not all have this, but most do; it is the original name of the backuped file.
The files are not compressed nor encrypted.
Footnote: This is my first post on XDA, so sorry for any mistakes I made (including my english) and feel free to correct me/give me advice.
Click to expand...
Click to collapse
Nice job dude! just a the quick recommendation: I would suggest that you put your code on gitlab or GitHub so it will become easier for others to contribute
Sent from my OnePlus 6T using XDA Labs
Hi. I'm trying to use this tool but I don't know how to use it. I followed the instructions and downloaded Python. but none of the other steps are working for me. I have my backup on my PC and am trying to extract my files into normal formats as I wish to move away from the LG platform. Thank you.
---------- Post added at 07:20 AM ---------- Previous post was at 06:57 AM ----------
Nevermind, I found a work around.
For anyone else in the future wondering: If you select backup with the app on the phone and backup to the internal memory, it will create .pdf files of all text/images in internal storage>>Quickmemo+. This doesn't help to retrieve the audio or video recordings, but at least that way you can retrieve your text files/images.
Tried script on old backup, failed with error.
Mysak0CZ said:
Hello, recently I looked into LG backup and restore application using static analysis.
Note: this is based on version lg bnr 8.0.26 from 2020-02-13, tested with 7.0.20 from 2008-12-31
Here is the extract tool:
And here is the technical part (you don't need to read this, if you just want to extract your data):
The file contains 2 headers (one of them is referred to as "new")
These are XML documents encrypted using AES/ECB/PKCS5Padding + SHA256 and null IV with static password
Code:
cd562f61-5399-3978-ac76-7c54b0508010
...
[/CODE]
All applications are tar files that contain 2 folders:
app - contains the apk file
data - application's internal data
All other items have:
StartOffset - Offset inside file
DataSize - Self explanatory
FileName - Not all have this, but most do; it is the original name of the backuped file.
The files are not compressed nor encrypted.
Footnote: This is my first post on XDA, so sorry for any mistakes I made (including my english) and feel free to correct me/give me advice.
Click to expand...
Click to collapse
My first post as well. Thanks for the script. I ran it on an old backup I was hoping to extract contacts from. See excerpt with error below.
C:\Temp\LG G4\Backup>python extract.py LGBackup_190218.lbf
[+] Backup size: 597864605
Parsing...
Reading header
[*] Header start offset: 597792768
[*] Header length: 71824
[+] Header read OK
Reading header (new)
[*] Header start offset: 7021235167904623918
Traceback (most recent call last):
File "extract.py", line 125, in <module>
root = readHeader(True)
File "extract.py", line 99, in readHeader
size = getBackupInfoSize(isNew)
File "extract.py", line 88, in getBackupInfoSize
raise Exception("Invalid header length.")
Exception: Invalid header length.
C:\Temp\LG G4\Backup>
Click to expand...
Click to collapse
I'm a complete newbie with Python, haven't done any coding in over a decade. Where do I go from here?
Ninja_Toad said:
My first post as well. Thanks for the script. I ran it on an old backup I was hoping to extract contacts from. See excerpt with error below.
I'm a complete newbie with Python, haven't done any coding in over a decade. Where do I go from here?
Click to expand...
Click to collapse
Hi! Your backup seem to be at least partially corrupted. (The new header position seems to start at 7021235167904623918, however the file is only 597864605 bytes long). Fortunatly there are two headers in the backup and the old one seems to be ok (You got "[+] Header read OK" for the old header). So you can try ignoring the "new" header.
To ignore the faulty header just set the relevant "FORCE_*_HEADER" to True in the script header. In your case just set "FORCE_OLD_HEADER = True".
Also note, that extracting contacts in readable format is beyond this script's current scope. This can however be done manually. After you get your data successfully extracted, look for export/data/contacts_DB file. This is a TAR file in which you need to find file "data/data/user/0/com.android.providers.contacts/databases/contacts2.db". This is the contact database as your phone stores it. To actually extract the contacts, you will need to find a way to convert the database to some other format (I have't looked into how the contacts are stored, you will need to do your own googling)
Files extracted but...
hello guys,
I also managed to extract my files using the hack mentioned above (force old headers to TRUE) since by using the default script i was also getting a similar error as above.
However now all of my files (pictures in particular) are corrupted and i cannot seem to be able to open them using several editors.
Anyone else had the same issue?
Thanks in advance!
serlal said:
hello guys,
I also managed to extract my files using the hack mentioned above (force old headers to TRUE) since by using the default script i was also getting a similar error as above.
However now all of my files (pictures in particular) are corrupted and i cannot seem to be able to open them using several editors.
Anyone else had the same issue?
Thanks in advance!
Click to expand...
Click to collapse
Yes I have exactly same issue as you have. All exported files cannot be read.
Hello @tking2000 and @serlal, this script was written based on versions that are available to me. There are two possibilities of what is happening:
1) The file was badly corruped, however the old header stayed itact. (This is the likely case, if you are trying this tool because your phone refused to restore the backup)
2) The file was made by version that does something differently and the script doesn't account for it.
In the first case there is nothing anyone can do (short of trying some corrupted file recovery software hoping the corruption is only minor)
In the second case, you can try sending me a PM with following information, so I can have a look and confirm whether this is truly the case (and improve the script)
1) The script's output
2a) The <Version> and <Attr Name="settingVersionName"> from the <Common> part of the header
2b) If you aren't concerned about privacy or it is just easier for you: just send the whole header file
3) The version of the com.lge.bnr app (LG Mobile Switch); this is not necessary, but may help me
Feel free to censor anything you are sending with [CENSORED] (like your email or filenames)
I have no experience with python, but I have one of these lbf files and I'm trying to figure out how to make it work and all I get is couldn't get library pycryptodome. How do I get Python 3.8.3 to get this library?
Multipart backups
Hello everyone,
I just finished an update, that should enable the tool to extract backups that have multiple files.
If you received "Exception: Invalid header length." in the past and your backup has multiple files, try the script now; your backups are likely to extract correctly now.
This is the likely case for: @Ninja_Toad @serlal and @tking2000
This was made possible thanks to @cheesyzombie who sent me the data I asked for.
@kamikazkid, You don't need to know Python to use this tool, the easiest way is to enter the commands in quotes on the github page into the console (To open the console Shift+Right click in the folder with backups and choose "Open command window here").
Just:
Download the zip on the github page (Under "Code" button)
Make sure the extract.py and your backup are in the same folder
Follow the usage, skip the 4th step and replace xxxxxx to match your backup name.
I figured it out, it was something with windows 10 and the version of python installation I used. Microsoft garbaging things up as usual, thanks for the help though. Thanks, I recovered my files from my old phone successfully.
I have no experience withc++, but I have one of these lbf files and I'm trying to figure out how to make it work, it is a great this forum
Is there a way to import the _DB files (contacts, messages, call logs etc.) back to a phone?
I asked before:
https://forum.xda-developers.com/lg-g3/general/restore-backup-lbf-lineage-17-t4172483#post83644281
Thank you so much for this! I was able to extract the Messaging data from an LG G8 ThinQ. Does anybody know the easiest way to view that data on my PC?
Hi, you can follow these steps to extract data fron _db files:
1) Send the _db files like contacts_db, messages_db to any android phone
2) Double tap on the file and open it using File Manager (which is by default on Mi phones)
3) The file will now open as a folder. Continue opening the folders until you reach to the last file.
4) The last file is the database file. It won't open directly. Select the file and extract the file.
5) Now transfer the file to computer and you can now view it using SQLite DB Browser if its a contacts file or you can use any VMG reader if its a messages file.
Hope this helps you.
Hi @Mysak0CZ, just follow your instructions on GitHub but when I run the command on Command Prompt, nothing happens. Just like this:
F:\>python -m pip install pycryptodome
F:\>python extract.py LGBackup-201031.lbf
When I enter nothing happened. Kindly help to advise for this.
Thank you
Problem in powershell
Mysak0CZ said:
Hi! Your backup seem to be at least partially corrupted. (The new header position seems to start at 7021235167904623918, however the file is only 597864605 bytes long). Fortunatly there are two headers in the backup and the old one seems to be ok (You got "[+] Header read OK" for the old header). So you can try ignoring the "new" header.
To ignore the faulty header just set the relevant "FORCE_*_HEADER" to True in the script header. In your case just set "FORCE_OLD_HEADER = True".
Also note, that extracting contacts in readable format is beyond this script's current scope. This can however be done manually. After you get your data successfully extracted, look for export/data/contacts_DB file. This is a TAR file in which you need to find file "data/data/user/0/com.android.providers.contacts/databases/contacts2.db". This is the contact database as your phone stores it. To actually extract the contacts, you will need to find a way to convert the database to some other format (I have't looked into how the contacts are stored, you will need to do your own googling)
Click to expand...
Click to collapse
Hi, I am trying to extract via your method but in the power shell in sending the command "python extract.py LGBackup_1x0x07.lbf" it does not execute and brings me back the initial path line. Do you have solutions in this regard? Thanks in advance
Ps. I use Win10
Worked so well. I only needed to recover images and audio recordings after realizing that LG backup tool won't restore on other brand phones.
Thank you!!
Mysak0CZ said:
Hello, recently I looked into LG backup and restore application using static analysis.
Note: this is based on version lg bnr 8.0.26 from 2020-02-13, tested with 7.0.20 from 2008-12-31
Here is the extract tool:
https://github.com/Mysak0CZ/LBFtool
And here is the technical part (you don't need to read this, if you just want to extract your data):
The file contains 2 headers (one of them is referred to as "new")
These are XML documents encrypted using AES/ECB/PKCS5Padding + SHA256 and null IV with static password
Code:
cd562f61-5399-3978-ac76-7c54b0508010
And they look like this:
Code:
<?xml version="1.0" encoding="UTF-8"?>
<BackUp>
<Common>
<Name>LGBackup_200217_1</Name> <!-- Name of the backup file -->
<Id>Randomly generated UUID</Id> <!-- Id of the backup file -->
<IsNew>True</IsNew> <!-- IsNew is same in new and old header -->
<Version>1.00</Version>
<Attr Name="product_model">LM-X525</Attr>
<Attr Name="os_version">9</Attr>
<!-- And other attributes including google email -->
</Common>
<BackupItem Category="settings_DB" StartOffset="59392" DataSize="136626" />
<BackupItem Category="MEDIA_DB" StartOffset="901169" DataSize="78393344" FileName="external.db" />
<!-- Other backuped items -->
</BackUp>
The "new" header has more information than original header, but same structure.
The attribute "IsNew" signals the presence of the new header. (and is True in both files)
All numbers inside file are in Big-endian.
And this is the structure of the file (decimal position):
Code:
0: Unknown - 0x00 for me
1: Int32 - size of the new header
5: Int64 - offset to the new header (usually 13)
13 ... EOF-33: data
EOF-33: 20 bytes - SHA1 hash of the password (if present, otherwise still data)
EOF-13: Int64 - offset to the (old) header
EOF-5: Int32 - size of the (old) header
EOF-1: Bool - Lock byte - the file is (0x01) or isn't (0x00) protected by password
The password is only checked during import, not used to encrypt data (so to remove password, just set the last byte to 0)
Every "BackupItem" entry has a "Category".
Special case is Category="APPLICATION" with this structure:
Code:
<BackupItem Category="APPLICATION">
<APPLICATION Name="com.lge.ime" StartOffset="19221586" DataSize="2385983" Package="com.lge.ime">
<Attr Name="com.lge.ime">com.lge.ime</Attr>
</APPLICATION>
<APPLICATION Name="org.exmple.app" StartOffset="1429652009" DataSize="3420160" FileName="org.exmple.app.tar" Package="org.exmple.app">
<Attr Name="org.exmple.app">org.exmple.app</Attr>
</APPLICATION>
<!-- ... -->
</BackupItem>
All applications are tar files that contain 2 folders:
app - contains the apk file
data - application's internal data
All other items have:
StartOffset - Offset inside file
DataSize - Self explanatory
FileName - Not all have this, but most do; it is the original name of the backuped file.
The files are not compressed nor encrypted.
Footnote: This is my first post on XDA, so sorry for any mistakes I made (including my english) and feel free to correct me/give me advice.
Click to expand...
Click to collapse
ok I am so lost. And here is the technical part (you don't need to read this, if you just want to extract your data):
that statement would make it appear easy. well the link only takes you to the code, there is no tool and nothing with "new" as header. so ive tried deciphering what to do for hours now and i cant figure npthing out. rooted and flashed my lgv20 and did a backup with lg bridge beforehand. trying to restore and phone connects to computer fine but doesnt regster in lg bridge so that is why i need to extract .lbf file. can someone make this easier?
hello..it ended up successful.but there is no jpeg or mp4 file on DCIM folder..how can i restore them?should i do somthing with the script? i don't know pyton
I want to avoid configuring the system from scratch and thus need to recover the official boot image for PPIS29.65-51-5 for the European version (reteu), which has been available since few days ago.
Does anyone know where to find it?
Stockrom[1] only has the Brazilian version (retbr) and lolinet[2] only has versions up to PPIS29.65-51-3. The Telegram Moto Updates Tracker[3] shows the update, but the download does not work and the older MotoOTA script[4] does not work neither (or I am entering incorrect information) and the newer MotoOTA script[5] needs the build guid, which I do not seem to be able to get from fastboot or TWRP.
If you have a matching model and version, could you please get the boot image[6] and put it somewhere?
[1]: stockrom.net/2020/06/xt2019-2-retbr-9pie-ppis29-65-51-5.html
[2]: mirrors.lolinet.com/firmware/moto/doha/official/RETEU/
[3]: t.me/s/motoupdatestracker?q=%23doha+Retail+Euro+PPIS29.65-51-5
[4]: motoota.lolinet.com
[5]: motoota.lolinet.com/guid.php
[6]: android.stackexchange.com/a/190102
Update
I learned that the former most recent version [7] can be used to find out the guid inside of oem.img inside of that zip file:
ro.mot.build.guid=7d7b4268f01b080
Using that information [5] can be used to download Motorola's OTA zip file. However, that zip file seems to be some kind of patch format (only 72 MB instead of the typical 1.9 GB) not including a (complete) boot.img. As I do not know the file format, I can't patch the new boot.img myself.
[7]: mirrors.lolinet.com/firmware/moto/doha/official/RETEU/XT2019-1_DOHA_RETEU_9.0_PPIS29.65-51-3_subsidy-DEFAULT_regulatory-DEFAULT_CFC.xml.zip