How about starting a bounty for root on H918 10p/q? Maybe if we can draw enough interest in this more developers would be willing to contribute to finding a root method? Thoughts?
that would be great if someone had the talent, T-mobile has it pretty locked down from what I read.
would love that as well.. I got excited when I saw the H910 was rooted up to 10q..
What is the current bounty at ?
If you are going to start a bounty thread, it will need to be about a grand. I figure it will take about 3 bricks to get it right.
I can now open and write to a protected block device (sde) using the LAF protocol. The problem is that you have to send the WHOLE block device, and it is excruciatingly slow. If it fails, you have a 9008 brick:
Code:
aboot -> /dev/block/sde6
boot -> /dev/block/sde1
recovery -> /dev/block/sde2
So, you image /dev/block/sde of a rooted device, and then write it back to the device you want to root. sde isn't very big, so that helps, but even so, it is SLOW I am talking days to READ, and writing is about 4 times slower. If it fails, and your phone loses power (it doesn't charge in download mode), you have a brick that only LG can fix because you have lost aboot. To get into download mode, you need 3 things: xbl, aboot, and laf. xbl and laf are on other block devices, but that doesn't matter if you lose aboot.
Because it is so slow, I don't even know if it works. I aborted and luckily my phone was still recognized by LG UP, so I flashed before my phone lost power.
Bottom line, I don't take money for my TIME on a hobby, but I am not about to brick my phones -- and like I said, I *KNOW* several bricks would happen in order to get it right.
-- Brian
a bit sketchy to try to root h918 10p and q because of anti rollback, i'm still on 10k and i could root back on 10j but i perfer not to, because custom rom's disable the second screen plus i heard it's a bit buggy, stock firmware isn't all that bad but if you truly are looking to get root on it you will need about a grand yeah cuz you will need to brick around 3-2-4 phones.
i know for me, i just prefer root so I can use XPOSED and also some root style apps that allow me to delete or disable stock apps that i do not use..
Does being on 10q block only root? Is it still possible to flash TWRP and Lineage just with no root? Could you manually set something like V4A from TWRP with adb root shell so it doesn't need su in the user space?
retro486 said:
Does being on 10q block only root? Is it still possible to flash TWRP and Lineage just with no root? Could you manually set something like V4A from TWRP with adb root shell so it doesn't need su in the user space?
Click to expand...
Click to collapse
The dirty cow exploit no longer works after 10j firmware and since you can't roll back from 10q, no TWRP.
Huh, I wasn't aware TWRP required exploits... I thought it was just the recovery partition flash...
retro486 said:
Huh, I wasn't aware TWRP required exploits... I thought it was just the recovery partition flash...
Click to expand...
Click to collapse
The whole point of dirty cow was to get TWRP on the phone. After that it could be rooted. It took an exploit to get TWRP on the phone.
Sorry for the bad news, but that's how it worked.
retro486 said:
Huh, I wasn't aware TWRP required exploits... I thought it was just the recovery partition flash...
Click to expand...
Click to collapse
The fastboot commands are missing. That's why you can't just send TWRP. If the fastboot commands was there, then you can send TWRP and root later.
Sent from my LG V20 using XDA Labs
The fact they went out of their way to remove fastboot commands blows my mind.
Wait till they figure out that an end user doesn't need download mode for anything. All carriers doing encrypted OTA updates like AT&T does. Then remove adb access, and viola.....
The V20 will be my last LG phone.
Yeah I think I'm going to get a dedicated hifi player, I'm tired of all these steep compromises to try and get an all-in-one device. The older Note 4's were great, just a bit slow and I hate the rear-firing speaker but honestly I might just go back to that or bite the bullet and go OnePlus. Oh well!
bigcletus said:
How about starting a bounty for root on H918 10p/q? Maybe if we can draw enough interest in this more developers would be willing to contribute to finding a root method? Thoughts?
Click to expand...
Click to collapse
I'm thinking about selling the T-mobile H918 (at a loss) to buy the ATT H910 or H996 (I forget which) so I can unlock both the sim card and the bootloader and attain root on the T-mobile LG V20. That would add up to a significant "bounty" if an exploit is actually possible. Somebody smarter than me would have to tell us if that can be done?
I would DEFINITELY pay someone to root my H918 that's already on "q." The LG v20 is much better than the Nexus devices I'm used too. Removable battery already lasts 3 times as long as a normal battery even without buying oversize batteries!
@bjveee If you are going to get another V20, get the unlocked US996. The bootloader can officially be unlocked, and you have full fastboot.
Right now, (now being the key word), the H910 can be rooted, but only because AT&T hasn't incremented the ARB version *yet*. Since they just released v10r and ARB still wasn't incremented, I am guessing they won't bother until Oreo (if we even get it) is released. In order to increment ARB, they have to compile ALL of the firmware with the new ARB version, and then send that OTA. Since the only way to get their updates is to have someone factory reset their phone, and then dump the latest update, I think AT&T is under the delusion that their phone is more secure than they think.....
-- Brian
I don't know if this is any easier, and it doesn't solve the problem for people who already are on p/q, but for us folks on the older firmware, it would be great if there was a way to upgrade the bootloader and radio without triggering the increment. That way we could always roll back to the older official firmware.
The bootloader IS what increments ARB, and if you have even ONE piece of firmware get loaded with a greater ARB, then it gets incremented. So, you can run the H918 10q modem with 10j bootloader. And if you try, you will then be stuck running the entire 10q bootstack.
There is no way around ARB. I am not one that will usually say something is impossible, but this is impossible.
-- Brian
retro486 said:
Yeah I think I'm going to get a dedicated hifi player, I'm tired of all these steep compromises to try and get an all-in-one device. The older Note 4's were great, just a bit slow and I hate the rear-firing speaker but honestly I might just go back to that or bite the bullet and go OnePlus. Oh well!
Click to expand...
Click to collapse
The new Razar phone is pretty sick.
Sent from my LG V20 using XDA Labs
runningnak3d said:
The bootloader IS what increments ARB, and if you have even ONE piece of firmware get loaded with a greater ARB, then it gets incremented. So, you can run the H918 10q modem with 10j bootloader. And if you try, you will then be stuck running the entire 10q bootstack.
There is no way around ARB. I am not one that will usually say something is impossible, but this is impossible.
-- Brian
Click to expand...
Click to collapse
So you are telling me with every confidence there will not be any future exploit to get around ARB. The only reasonable course of action is to buy the US version of the unlocked H966 and do it quickly!
~Bruce
---------- Post added at 06:53 PM ---------- Previous post was at 06:51 PM ----------
bjveee said:
So you are telling me with every confidence there will not be any future exploit to get around ARB. The only reasonable course of action is to buy the US version of the unlocked H966 and do it quickly!
~Bruce
Click to expand...
Click to collapse
US996....
Related
Hi peps,
I just switched from my crappy HTC One X to my new Moto G3 and I'm in love!
I don't really want a custom ROM, but I'd like to undervolt this babe. But since a root requires unlocking the bootloader = voiding the manufacturers warranty, I don't really wanna do that..
I've bought it over Amazon and I live in the EU, so I technically still have the retailer's warranty and Amazon would replace it without a hassle, but yeah.. it's new and all.
But I know there are apps like towelroot, KingRoot and what not, do they work with the Moto G3? I'm on 5.1.1.
Jut install SuperSU ZIP using TWRP recovery
Osid said:
Jut install SuperSU ZIP using TWRP recovery
Click to expand...
Click to collapse
Could you read my post first?
squid2 said:
Your bootloader must be unlocked to use this recovery.
Click to expand...
Click to collapse
unlocking bootloader = voiding warranty.
shawly said:
Could you read my post first?
unlocking bootloader = voiding warranty.
Click to expand...
Click to collapse
If you're worried about voiding the warranty, you're on the wrong site.
Ragarianok said:
If you're worried about voiding the warranty, you're on the wrong site.
Click to expand...
Click to collapse
Thanks for this unnecessary input. :good:
On previous versions of Android there were exploits that allowed rooting the phone without unlocking the bootloader, which means you could keep your warranty and I just asked if it works on the current Moto G3 with Lollipop 5.1, why do you have to be such a smartass? It's a normal question, why can't I have a normal answer?
I used to root in one click in just one method on my previous phone xperia sp but i dont know this phone have any toll which will work or not?
shawly said:
Thanks for this unnecessary input. :good:
On previous versions of Android there were exploits that allowed rooting the phone without unlocking the bootloader, which means you could keep your warranty and I just asked if it works on the current Moto G3 with Lollipop 5.1, why do you have to be such a smartass? It's a normal question, why can't I have a normal answer?
Click to expand...
Click to collapse
Being a smartass is kind of my thing.
You're afraid to unlock your device's bootloader because you'll lose the warranty, but you're perfectly fine with risking the security of your device by rooting it, right? Seems odd to me, but whatever.
Generally speaking, both KingRoot and TowelRoot are used on devices where using those two methods are the only way to root those devices.
Unlocking the bootloader will have no ill effect on your device other than voiding the warranty, and, if you're worried about voiding your warranty, you shouldn't be trying to modify your device.
In the words of the always optimistic Ms. Frizzle: "Take chances, make mistakes, and get messy!"
---------- Post added at 10:39 AM ---------- Previous post was at 10:33 AM ----------
zephiK said:
Just unlock the bootloader and root. You're making it too difficult for yourself, the whole point of the bootloader being locked is to prevent changes being made to the system.
Its like saying, you're going to break your windows to get into your house when you can just unlock the door.
Just unlock the bootloader and flash supersu for root.
Click to expand...
Click to collapse
Also this.
Ragarianok said:
Being a smartass is kind of my thing.
You're afraid to unlock your device's bootloader because you'll lose the warranty, but you're perfectly fine with risking the security of your device by rooting it, right? Seems odd to me, but whatever.
Generally speaking, both KingRoot and TowelRoot are used on devices where using those two methods are the only way to root those devices.
Unlocking the bootloader will have no ill effect on your device other than voiding the warranty, and, if you're worried about voiding your warranty, you shouldn't be trying to modify your device.
In the words of the always optimistic Ms. Frizzle: "Take chances, make mistakes, and get messy!"
Click to expand...
Click to collapse
Who said I'm afraid of unlocking the bootloader? Who said I never unlocked the bootloader of other phones before?
I just don't wanna lose my warranty in the first two or three months, in case my phone breaks unexpectedly, I also don't plan on using custom roms, I just want the root features so I can undervolt like I said and IF I could root it permanently without unlocking the bootloader, why not?
I'm not worried, it would just be convenient to have root without losing the warranty, that's it.
As far as I know you may be able to do it search kingroot in Google then download the apk and install it then open in and follow the instructions
shawly said:
Who said I'm afraid of unlocking the bootloader? Who said I never unlocked the bootloader of other phones before?
I just don't wanna lose my warranty in the first two or three months, in case my phone breaks unexpectedly, ...
Click to expand...
Click to collapse
Then leave the device stock ...
If you want the best of both worlds (root & warranty), then go buy a Nexus. Motorola drew a line in the sand as to what they will support, while still empowering owners with the option to unlock the bootloader.
Sent from my MotoG3 using Tapatalk
Ragarianok said:
If you're worried about voiding the warranty, you're on the wrong site.
Click to expand...
Click to collapse
Not really. While I've unlocked my previous phones, my new g3 I'm leaving locked for the first year, while the warranty lasts. But this site still has a few helpful stuff.
Ragarianok said:
...You're afraid to unlock your device's bootloader because you'll lose the warranty, but you're perfectly fine with risking the security of your device by rooting it, right? Seems odd to me, but whatever...if you're worried about voiding your warranty, you shouldn't be trying to modify your device...
Click to expand...
Click to collapse
He just wants the warranty, but he doesn't care about rooting it because there's not really anything wrong with rooting if you know what you're doing and how to fix it.
Sent from my MotoG3 using XDA Free mobile app
---------- Post added at 01:03 PM ---------- Previous post was at 01:03 PM ----------
And to answer the question; you need to unlock the bootloader to root
Sent from my MotoG3 using XDA Free mobile app
Question, I attempted to use towelroot on my stock g3 and got a message saying my phone is not supported. Any help is greatly appreciated. Also, fairly newbish, so be gentle!!
Jdwright0819 said:
Question, I attempted to use towelroot on my stock g3 and got a message saying my phone is not supported. Any help is greatly appreciated. Also, fairly newbish, so be gentle!!
Click to expand...
Click to collapse
Towelroot is exploiting a bug in the Linux Kernel in order to root a device. This bug was already fixed in June 2014.
On all Kernels with a later build date Towelroot will most likely not work.
For sure it will not work on the Moto G3 with a kernel build date more than one year after this bug was fixed.
Thanks!
shawly said:
Hi peps,
I just switched from my crappy HTC One X to my new Moto G3 and I'm in love!
I don't really want a custom ROM, but I'd like to undervolt this babe. But since a root requires unlocking the bootloader = voiding the manufacturers warranty, I don't really wanna do that..
I've bought it over Amazon and I live in the EU, so I technically still have the retailer's warranty and Amazon would replace it without a hassle, but yeah.. it's new and all.
But I know there are apps like towelroot, KingRoot and what not, do they work with the Moto G3? I'm on 5.1.1.
Click to expand...
Click to collapse
It's probably been answered already but those exploits are security flaws with the SE Linux system and so with each release of android these have been patched, by 5.1 these security holes have been fixed and now by locking the bootloader
It's like just locking down and modifications to the system partition so unfortunately you can't root without unlocking, unless you have android versions lower down
shawly said:
Thanks for this unnecessary input. :good:
On previous versions of Android there were exploits that allowed rooting the phone without unlocking the bootloader, which means you could keep your warranty and I just asked if it works on the current Moto G3 with Lollipop 5.1, why do you have to be such a smartass? It's a normal question, why can't I have a normal answer?
Click to expand...
Click to collapse
I have unlocked bootloader and i m on stock recovery amd on stock rom without rooted. Can i install twrp without pc
Are you root yet
I have moto g 3, its bootloader is unlpcked but when I tried to root it using SuperSU and twrp recovery then I ended up corrupting it software. Can anybody tell me how to safely root it...?
Ankur1 said:
I have moto g 3, its bootloader is unlpcked but when I tried to root it using SuperSU and twrp recovery then I ended up corrupting it software. Can anybody tell me how to safely root it...?
Click to expand...
Click to collapse
What version of TWRP did you use coz I know there were some bugs on the moto range with TWRP 2.X.
I would completely wipe device using stock recovery, including dalvic/cache/data everything just to be on the safe side, then download the TWRP zip to your computer and flash it on using ADB.
Boot up normally and move the superSU zip from the link to your phones internal storage. Then reboot to TWRP, select install and pick the zip file.
superSU.zip:
http://dl-1.va.us.xda-developers.com/3/6/5/5/4/0/1/BETA-SuperSU-v2.62-3-20151211162651.zip?key=u0OeGV4-4s02KJXqrXJ-gg&ts=1466705675
If you get stuck this might help:
https://motog3.com/unlock-bootloader-install-twrp-root-moto-g3/
No longer works
Osid said:
Jut install SuperSU ZIP using TWRP recovery
Click to expand...
Click to collapse
Perhaps you can offer wisdom on this? I rooted my Moto G 3rd Gen once, wrecked something and had to go back to factory, then try to reroot again. Problem. No matter what I do in setting the device back to factory, the bootloader stays unlocked and reads the system software as "modified" which then seems to bork installing SuperSU. I install SuperSU via twrp and it goes fine, no errors, but when I reboot the system is lost in a loop of the "bootloader unlocked" screen.
So I cannot RE-lock the bootloader (ala setting the phone back to true factory) and after I flash SuperSU the phone refuses to successfully bootup.
Any aid? Ideas?
I had failed to backup my phone the first time with twrp and so to set to factory I downloaded the stock retail xml.zip for my phone and reflashed the entire thing via fastboot. Reinstall twrp, and try to root and the endless boot loop begins.
So I came to this thread to look into the possibility rooting my phone via another means that MIGHT work.
Hey guys, I just received a complimentary LG G5 (VS987) last week from Verizon as a means of making up for the Marshmallow update continually destroying my LG G3 and its replacements Anyway, it's a great phone, but I've been disappointed so far to find that there's no root method at the moment. At least not one I can find easily. Do you guys know if there's a method hidden away out there or if a particular developer is working on it right now?
I really hope one comes out soon and this doesn't become another crap phone but so far no. I just upgraded to this phone assuming a root would come soon but marshmallow phones on Verizon are death! Can't wait for CyanogenModbut right now you'll have to wait.
I just got the LG G5 Verizon variant as well on Friday. Was a little reluctant because of possibly not being able to root and unlock boot loader. Subscribing to this thread because I hope there will be support for this soon. Kinda hoping there would be a solution like Safestrap was for the galaxy s5, and then installing an LG version of the Samsung_bootloader_unlocker.
Abramelin said:
I just got the LG G5 Verizon variant as well on Friday. Was a little reluctant because of possibly not being able to root and unlock boot loader. Subscribing to this thread because I hope there will be support for this soon. Kinda hoping there would be a solution like Safestrap was for the galaxy s5, and then installing an LG version of the Samsung_bootloader_unlocker.
Click to expand...
Click to collapse
There is hope! With the quadrooter exploits being discovered we may have root soon :3
Nathamio said:
There is hope! With the quadrooter exploits being discovered we may have root soon :3
Click to expand...
Click to collapse
I don't see that at all, since the issue of a locked bootloader remains an obstacle on the G5.
Temp rooting is the solution for that, once we can get temp rooted we can find workarounds to enable unlocking.
Temp rooting has been possible for a many a moon on the G5, but that hasn't enabled anyone to unlock the bootloader
Maybe not yet. But it is plausible that a temp root would grant access to boot loader. If the G5 becomes popular enough LG might do it for us. I heard they've done it for Europe variants but said they don't plan for any other. It might be 3-5 years from now but who knows really. I'm sure someone clever enough will figure out a work around eventually. I work with Arch Linux so I'm not used to being controlled like this. If it weren't for me getting this phone for free, I would definitely have gotten one I *could* root and all.
jpradley said:
Temp rooting has been possible for a many a moon on the G5, but that hasn't enabled anyone to unlock the bootloader
Click to expand...
Click to collapse
Can you post that link?
What about this option?
I'm a new user, so I can't post the link, but did a Google search for VS987 custom rom and came up with this: search4roots.com/how-to-easily-root-lg-g5-vs987-marshmallow-6-0-1/
Barook said:
I'm a new user, so I can't post the link, but did a Google search for VS987 custom rom and came up with this: search4roots.com/how-to-easily-root-lg-g5-vs987-marshmallow-6-0-1/
Click to expand...
Click to collapse
Spam site
andyroidking said:
Spam site
Click to expand...
Click to collapse
This is how you get the viruses.
Hi. My Nexus dumped, I got a G5. Where's the temp root? I will see what I can do for your boot loader. Few questions about the G series I need answered:
Flashing tools used on other variants
Leaked signing tools?
LG G series boot loader format
Encryption on this boot loader
Get me temp root and answer these questions and ill push the locked image here to work on.
LupineDream said:
Hi. My Nexus dumped, I got a G5. Where's the temp root? I will see what I can do for your boot loader. Few questions about the G series I need answered:
Flashing tools used on other variants
Leaked signing tools?
LG G series boot loader format
Encryption on this boot loader
Get me temp root and answer these questions and ill push the locked image here to work on.
Click to expand...
Click to collapse
You ever get the info you needed? I've heard of people gaining temp root with the 987 but I've never seen the published method or any real evidence of it.
So I'm assuming this is not legit?
http://www.androidinfotech.com/2016/06/root-lg-g5-verizon-vs987-601-marshmallow.html?m=1
LupineDream said:
Hi. My Nexus dumped, I got a G5. Where's the temp root? I will see what I can do for your boot loader. Few questions about the G series I need answered:
Flashing tools used on other variants
Leaked signing tools?
LG G series boot loader format
Encryption on this boot loader
Get me temp root and answer these questions and ill push the locked image here to work on.
Click to expand...
Click to collapse
Artimis said:
So I'm assuming this is not legit?
http://www.androidinfotech.com/2016/06/root-lg-g5-verizon-vs987-601-marshmallow.html?m=1
Click to expand...
Click to collapse
Have you tried it? I assume if there is root, it'd be placed on XDA dev for sure.
donjo19 said:
Have you tried it? I assume if there is root, it'd be placed on XDA dev for sure.
Click to expand...
Click to collapse
No, I don't have a G5 yet. I plan on ordering one in 8 days when my contract is eligible for renewal but I've never owned a phone I couldn't root and don't know how I feel about it. Unfortunately, that seems to be the case with pretty much all VZW phones now.
The ones that can be rooted, I'll need to make other sacrifices on like non-removable storage, non-replaceable battery, no IR blaster, etc. Makes me really appreciate my G3
Artimis said:
No, I don't have a G5 yet. I plan on ordering one in 8 days when my contract is eligible for renewal but I've never owned a phone I couldn't root and don't know how I feel about it. Unfortunately, that seems to be the case with pretty much all VZW phones now.
The ones that can be rooted, I'll need to make other sacrifices on like non-removable storage, non-replaceable battery, no IR blaster, etc. Makes me really appreciate my G3
Click to expand...
Click to collapse
The G3 is still by far my favorite Android phone. If I could go back to it, I would in a heartbeat. I eventually had mine brick. But this phone has been nothing but a disappointment...mainly for lack of root.
None of the files from that site seem to be infested with a virus, however their instructions are not very clear on how to use it all. Unless I am just not reading it correctly.
Wow, this is sad news indeed. I too have loved my G3, but this is due in large part to me having root. I was considering upgrading to the G5 simply because I expect to see deep discounts on Black Friday, but no root means no thank you. I will have to find another "root" to the future.
Good afternoon people of XDA,
Today is the dawn of a new day. A day where we begin the road to unlocking the bootloader to something that many believe is unlockable. Me and a few other users are starting a bounty to bring the incentive to life for all active developers. You can find my previous thread here. Now, when I say progress has been made, I mean that we have gotten into fastboot, we have donation incentives and we already have root so our tools are there we just have to find the exploit. Every day people are finding new exploits furthering our cause into reaching our goal. Now to the developers who want to pursue this, I've very much so tried to get active commands in fastboot but basically its just a dead fastboot for right now. The board on this phone and technologies behind it are so similar to its predecessors that somethings got to give. If you are interested in this cause, i.e. donating or deving on it, please contact me here, or email me at [email protected]
This is in our grasps friends. Spread the word, grab your fellow developers and lets get this thing to be a free wad of cash for whoever can bust it. Lets do this.
Attached is the spreadsheet for the current donations.
this kind of things never work...i mean, you make a donation and the people or the persons behind the scenes when getting high values like 400-500$ then buy a new phone and move on letting the desired phone to get development in the trash!!
Noooo, people should see, if a year old phone never came to life in development in the first 6-8 months then the development for it is dead and if you like to custumize the phone and flash things you need to move to a more flashable-friend device!
I have to agree with this. The Tmobile version has unlocked bootloader yet barely no development. What would make me that unlocking VS990 bootloader would all of a sudden spur development.
beavis5706 said:
I have to agree with this. The Tmobile version has unlocked bootloader yet barely no development. What would make me that unlocking VS990 bootloader would all of a sudden spur development.
Click to expand...
Click to collapse
I personally (and I think many other users) don't really need cooked roms. With gravity box, xposed and some other apps, I can "cook" my own rom (and believe me, it won't be that hard). All we need is a method for rooting. Using an android without rooting is even worse than an iphone without jailbreaking since iphones are undoubtedly smoother
presariohg said:
I personally (and I think many other users) don't really need cooked roms. With gravity box, xposed and some other apps, I can "cook" my own rom (and believe me, it won't be that hard). All we need is a method for rooting. Using an android without rooting is even worse than an iphone without jailbreaking since iphones are undoubtedly smoother
Click to expand...
Click to collapse
Indeed, a rooting method for version above MM is the most importing thing for us rather than flashing custom rom. However, system-less root is need to root MM or above and this is required modifying boot.img, therefore, bootloader unlocking is need. Unless, we have found a way to sign the modified boot.img to deceive the offical bootloader.
ivangundampc said:
Indeed, a rooting method for version above MM is the most importing thing for us rather than flashing custom rom. However, system-less root is need to root MM or above and this is required modifying boot.img, therefore, bootloader unlocking is need. Unless, we have found a way to sign the modified boot.img to deceive the offical bootloader.
Click to expand...
Click to collapse
What did you mean by "unless"? Have you found an evidence that MM bootloader is unlockable or not?..
presariohg said:
What did you mean by "unless"? Have you found an evidence that MM bootloader is unlockable or not?..
Click to expand...
Click to collapse
I mean even if the bootloader is not unlockable, somethings can be done to let us perform the same things just like bootloader is unlocked.
For example, some dev in G2 and G3 have released a tool called "Bump!" before that can sign any third party image and let it able to be run on offical locked LG bootloader.
source: http://forum.xda-developers.com/lg-g3/orig-development/bump-sign-unlock-boot-images-lg-phones-t2935275
But of course, since LG have fixed the bug, we can no longer do the same tricks now.
In China, there is name ???he has lg tool, this tool can unpack repack kdz tot, add root in tot.
This is weibo id http://m.weibo.cn/u/1684239753
Need help
andy_zhang said:
In China, there is name ???he has lg tool, this tool can unpack repack kdz tot, add root in tot.
This is weibo id
Click to expand...
Click to collapse
Hey, So I've been working to be able to get root, so far I have added root to the system.img and that's all done, I need this tool to be able to repack. Can anyone, or you, contact him and get this tool? This would be so helpful for me to get root and release it!!!!
abine45 said:
Hey, So I've been working to be able to get root, so far I have added root to the system.img and that's all done, I need this tool to be able to repack. Can anyone, or you, contact him and get this tool? This would be so helpful for me to get root and release it!!!!
Click to expand...
Click to collapse
What version of Android you are going to add root? I wonder that you cannot simply add root in /system after Android 6.0.
ivangundampc said:
What version of Android you are going to add root? I wonder that you cannot simply add root in /system after Android 6.0.
Click to expand...
Click to collapse
I'm trying different things but still i need to figure out how to repack a tot to find out what's going to work!! Does anybody know how to get that application?
abine45 said:
I'm trying different things but still i need to figure out how to repack a tot to find out what's going to work!! Does anybody know how to get that application?
Click to expand...
Click to collapse
For MM, unless you've found a way to get the SELinux context needed, repacking the system image will not work.
anyone having any luck with rooting MM?
I think at this point what we really need is a small set of testers who have a good insurance policy on their phones and are willing to risk bricking their phones. We've got the outline of a method which looks viable, but the details haven't been worked out and is hence likely to produce a few bricks before we get it working.
Sorry for dropping of the face of the planet for the past two months. In testing with my device it ended up being FUBAR after wiping my aboot completely and with that the phone would not boot to anything but a black screen. I sent it into LG and after some time they finally just replaced my motherboard. But the absolute sad part is that they have me upgraded to 6.0 which absolutely is crushing my world. SO until further notice I will not be testing the unlocking of the bootloader anymore but I will make efforts here in a few weeks to start work on rooting the device. @alvislee[email protected]
Introduction
This is the bootloader unlock from ZTE. It was provided to me in private email by a ZTE engineer.
Warning
This package is for the USA version of the Axon 7 Mini (tulip) running 7.1.1 b14 firmware. If you are running any other device or firmware version, it may not work.
Note
After some testing, it appears that the Axon 7 Mini is not locked in any way. In other words, apparently neither this package nor tuliptool's unlock are required to flash custom ROMs. The only apparent advantage to flashing this is to get access to fastboot, which provides a way to flash a custom boot and recovery (among other things).
Flashing Instructions
Place axon_mini_unlock.zip on the root of your sdcard.
Reboot into recovery.
Select "Apply update from SD card".
Select axon_mini_unlock.zip.
Usage Instructions
After the package is flashed, you may boot into the bootloader:
adb reboot bootloader
Once in the bootloader, you will see an on-screen menu. Additionally, you may access the typical fastboot commands:
fastboot oem device-info
fastboot oem unlock
fastboot flash ...
... etc ...
Download
axon_mini_unlock.zip
md5: ea8f1a21c8a46b3045d00f17a37fe359
So, after this is done, I can flash TWRP through fastboot and tuliptool is no longer necessary, correct?
Yes, that is correct.
JoeGatto said:
So, after this is done, I can flash TWRP through fastboot and tuliptool is no longer necessary, correct?
Click to expand...
Click to collapse
This package is for the USA version of the Axon 7 Mini (tulip) running 7.1.1 b14 firmware. If you are running any other device or firmware version, it may not work.
Click to expand...
Click to collapse
Is this something your contact mentioned or something that you believe based on your experience?
Any harm in trying it on verdandi/other versions without any risk of bricking?
After some testing, it appears that the Axon 7 Mini is not locked in any way. In other words, apparently neither this package nor tuliptool are required to flash custom ROMs. The only apparent advantage to flashing this is to get access to fastboot.
Click to expand...
Click to collapse
Any way to confirm this is also the case with other versions as well?
Thanks TDM.... you're going to have a lot of Canadians asking about verdandi as it is quite cheap here at the moment. Better get those questions out of the way early. The source is released, same kernel version as the U.S. one with some small differences with drivers (from what I can see) and I am sure that if people know that custom roms are possible on that version (not bootloader locked forever) it would be appreciated.
trpn111 said:
Is this something your contact mentioned or something that you believe based on your experience?
Any harm in trying it on verdandi/other versions without any risk of bricking?
Any way to confirm this is also the case with other versions as well?
Thanks TDM.... you're going to have a lot of Canadians asking about verdandi as it is quite cheap here at the moment. Better get those questions out of the way early. The source is released, same kernel version as the U.S. one with some small differences with drivers (from what I can see) and I am sure that if people know that custom roms are possible on that version (not bootloader locked forever) it would be appreciated.
Click to expand...
Click to collapse
Yeah...verdandi is stuck on Marshmellow. But since it has different hardware it could brick if this is tried.
The ZTE engineer is USA based, he is not on the China development team (read: probably a support engineer). He said: "I attached the unlock update zip package, please try it. It is based on B14 build."
Sorry, that's all I have to go by for "official" information.
I do not want to be responsible for anyone bricking their device, so I cannot claim that this bootloader will work with anything other than a tulip device running 7.1.1 b14.
If you want to try and report back, I'm sure others will appreciate it. But I can't be responsible for the results.
trpn111 said:
Is this something your contact mentioned or something that you believe based on your experience?
Any harm in trying it on verdandi/other versions without any risk of bricking?
Any way to confirm this is also the case with other versions as well?
Thanks TDM.... you're going to have a lot of Canadians asking about verdandi as it is quite cheap here at the moment. Better get those questions out of the way early. The source is released, same kernel version as the U.S. one with some small differences with drivers (from what I can see) and I am sure that if people know that custom roms are possible on that version (not bootloader locked forever) it would be appreciated.
Click to expand...
Click to collapse
Oh, and here is some more information to help you decide...
The volume key combo to enter EDL is handled by aboot (bootloader, eg. the thing we are flashing). This means even if you aren't currently able to use the key combo, you should be able to use it with the new aboot here. And if you can get to EDL, you can never really brick the device.
The volume key combo is detected very early in the aboot code. Like, first thing after basic platform init. So even if this isn't compatible with your device, it's likely we could restore the old aboot (assuming you back it up first, of course).
I'm convinced that the tulip is not locked based on my investigation today. So I have no idea if this aboot is properly signed. If your device is locked and this aboot is not signed properly, the lower boot loader won't load it. I'm not quite sure if that kicks you into EDL or not.
Not sure if that makes the decision easier or harder...
How did you come to the conclusion that tulip is not locked to begin with? If we don't need tuliptool or this aboot, how can I check verdandi if the device is the same 'locked but not really locked' state?
I will have a read about backing up aboot and see what I come up with concerning getting into edl.
So here's the deal...
I initially assumed the bootloader was locked because... well... it's supposed to be. So I found the place in aboot code where it checks the lock flag in the devinfo partition. I used the firehose to write unlocked to that flag. Then I built TWRP, flashed it and it booted. So I assumed everything was working just as I expected.
Today, I flashed the aboot with fastboot support and ran "fastboot oem device-info". It said that my device was locked. So I went to look and, sure enough, my devinfo partition flag was still set. Hmm, that's odd.
So I wrote locked back to the flag. TWRP still booted. Now things are looking pretty suspicious.
But maybe the new aboot doesn't even support locking? So I flashed the original b14 version of aboot and TWRP still booted.
That's pretty hard evidence that aboot is ignoring the lock flag. I don't know what they did -- whether they just removed the code that reads the lock flag or introduced a bug or what.
This does not necessarily mean that the lower layers are unlocked. That is, the lower boot loader may still required a properly signed aboot. I don't know, and I'm not ready to brick my device trying to find out.
trpn111 said:
How did you come to the conclusion that tulip is not locked to begin with? If we don't need tuliptool or this aboot, how can I check verdandi if the device is the same 'locked but not really locked' state?
I will have a read about backing up aboot and see what I come up with concerning getting into edl.
Click to expand...
Click to collapse
Hmm... Looks like this package incompatible with ZTE/P852A11/tulip.
Got error while trying to flash it by stock recovery. Error message says that it is for A12 version of tulip.
Ah, yes, you have the euro model. See the "calling all mini owners" thread, posts #76 and #77.
maestromony said:
Hmm... Looks like this package incompatible with ZTE/P852A11/tulip.
Got error while trying to flash it by stock recovery. Error message says that it is for A12 version of tulip.
Click to expand...
Click to collapse
i get a message saying "cant update from sd card?"
yeshivabachur said:
i get a message saying "cant update from sd card?"
Click to expand...
Click to collapse
Make sure battery level is at least 30% before applying any update. It's a standard protection feature.
JoeGatto said:
Make sure battery level is at least 30% before applying any update. It's a standard protection feature.
Click to expand...
Click to collapse
My battery was 80%+ mine still said can't update from sdcard
Aries2010 said:
My battery was 80%+ mine still said can't update from sdcard
Click to expand...
Click to collapse
Try turning on the OEM unlock setting in developer settings.
JoeGatto said:
Try turning on the OEM unlock setting in developer settings.
Click to expand...
Click to collapse
Thank you so much that worked I appreciate the it . Now I have one more question I have been searching for a way to root stock rom but I can't find any instructions on it. Could you walk me through it or post a link for me if possible? I have the USA mini 7 with B14 firmware
Aries2010 said:
Thank you so much that worked I appreciate the it . Now I have one more question I have been searching for a way to root stock rom but I can't find any instructions on it. Could you walk me through it or post a link for me if possible? I have the USA mini 7 with B14 firmware
Click to expand...
Click to collapse
Rooting the stock ROM will require that you remove verity, so that the OS won't refuse to boot once you've made any changes to the system partition. You'll need to use tuliptool to flash a new boot image, which you can find in this section of the forum. Then, you could either install TWRP through fastboot or using tuliptool.
JoeGatto said:
Rooting the stock ROM will require that you remove verity, so that the OS won't refuse to boot once you've made any changes to the system partition. You'll need to use tuliptool to flash a new boot image, which you can find in this section of the forum. Then, you could either install TWRP through fastboot or using tuliptool.
Click to expand...
Click to collapse
Thank you sir I appreciate it I shall try it tomorrow.
here's a stupid question.... I have only dealt with Samsung devices so, I have trouble understanding any other kind of process that is not Samsung. If a new update comes out while my device is bootloader unlocked can i update it? or will it brick my device?
The "standard" (not Samsung) method of updating via OTA is to ship:
1. Full images of any firmware partitions (rpm, tz, aboot, etc.)
2. Full image of boot.
3. A delta (patch) to system.
Also note that custom recoveries generally do not work with vendor OTA's.
This means that if you wish to apply an OTA, you must first have stock recovery and a completely pristine, unmodified system partition. The rest doesn't matter.
yeshivabachur said:
here's a stupid question.... I have only dealt with Samsung devices so, I have trouble understanding any other kind of process that is not Samsung. If a new update comes out while my device is bootloader unlocked can i update it? or will it brick my device?
Click to expand...
Click to collapse
I had an HTC 10 w/Sprint and it's getting old and full, but I liked how easy it was to unlock the bootloader. I enjoy having a rooted phone and I'm seeing that the S8+ (US Version) can be rooted, but I'm assuming there's prerequisites that used phones might/might not have to do so. So I'm just wondering if there's any questions I should ask the sellers of an S8+ on Swappa or eBay to make sure that root is possible when I decide to buy one? I don't wanna wind up w/a LS997 situation, where I got the phone but it was too upgraded that the methods to root were patched up. Thanks for any help.
Brian23MAC said:
I had an HTC 10 w/Sprint and it's getting old and full, but I liked how easy it was to unlock the bootloader. I enjoy having a rooted phone and I'm seeing that the S8+ (US Version) can be rooted, but I'm assuming there's prerequisites that used phones might/might not have to do so. So I'm just wondering if there's any questions I should ask the sellers of an S8+ on Swappa or eBay to make sure that root is possible when I decide to buy one? I don't wanna wind up w/a LS997 situation, where I got the phone but it was too upgraded that the methods to root were patched up. Thanks for any help.
Click to expand...
Click to collapse
No boot loader unlock. There is a method for root. It's system only root and only on nougat.
Coming from LG you've seen anti roll back we have the same. But they're is a method to downgrade the system only even on the latest boot loader to have rooted nougat https://forum.xda-developers.com/galaxy-s8+/development/root-t3909782/post79500078#post79500078
Safestrap is like fish on the lg g4. once safe strap is in place you can then flash a older system image from older boot loader revisions.
Even on the latest boot loader we're have Samsung's test firmware called combination files. Which include a nougat bootloader that is a permissive kernel and allows for root.
I ran lg all the way back from g2 to g5. So I've been in your shoes too. that's pretty much how I ended up here. From a sprint g2 g4 and g5
So even if the phone is upgraded, there's a method to roll back to an environment to root an S8+? So I can basically just cop an S8 w/no worries then and not ask any prerequisite questions?. That's good to see. I appreciate the assist.
Brian23MAC said:
So even if the phone is upgraded, there's a method to roll back to an environment to root an S8+? So I can basically just cop an S8 w/no worries then and not ask any prerequisite questions?. That's good to see. I appreciate the assist.
Click to expand...
Click to collapse
yea pretty much the bootloader must remain the same increment but the system does not
obviously newer pie and even oreo where all bit 5 BLs but the firmware needed for root is also bit 5 but a nougat bootloader
https://forum.xda-developers.com/galaxy-s8/development/root-t3904613
is the perquisite to rooting
this allows a type of twrp for locked bl
we can flash pretty much all but boot img and non stock based custom roms
Bl6 hasnt been released yet so as long as you get it soon your good as
since this is edl I doubt it can be patched but always a possibility