Hello everyone,
I have succesfully rooted my Sprint Hero, I am even using a cache app that you have to be rooted to use so I KNOW I am rooted. The only problem is NO MATTER WHAT I try I can not successfully flash the recovery img. It shows as flashing ok but when I go to boot in recovery it either flashes the HTC sign real quick then dies or stays on the HTC screen and doesnt do anything. Ive literally been trying this for 2 days now! Ive rerooted 10 times, Ive tried as many different recovery imgs for CDMA that I could find and I STILL get the same result. I even switched sd cards!! Could there be a problem with my phone thats not allowing it to work? Someone please help this is driving me nuts! Im ready to return the phone and get a new one just to try it,LOL!!PPlease help??
What images have you tried?
Just ones Ive found around the internet. Most of them were recovery-RA-heroc-v1.2.3.img
How are you trying to install it?
Flashrec?
flash_image?
Anyone??? Please?????Im about to return it and try again Id hate to find out it was something simple cuz this Hero has been perfect except for this problem, which is pretty useless to have it rooted if I cant flash, And I wont be able to update if sprint has an update also correct??
packetlss said:
How are you trying to install it?
Flashrec?
flash_image?
Click to expand...
Click to collapse
I follow f directions online that I go into cmd and get to the root and type" flash_image recovery /sdcard/recovery-RA-heroc-v1.2.3.img, when I hit enter all that happens is it shows exactly what I typed AGAIN then just #
So it will look like this:
#flash_image recovery /sdcard/recovery-RA-heroc-v1.2.3.img
flash_image recovery /sdcard/recovery-RA-heroc-v1.2.3.img
#
Then when I type reboot recovery it just reboots and shuts off, so Ill pull the battery and try the hardware method power volume down and it does THE SAME thing or it will just stay stuck on the HTC screen.
Do it like that.
then then use the:
"reboot recovery" command on the # prompt. See if that helps.
packetlss said:
Do it like that.
then then use the:
"reboot recovery" command on the # prompt. See if that helps.
Click to expand...
Click to collapse
Ya I did that, same thing happened. ):
One last try.
Redownload the the image from this post: http://forum.xda-developers.com/showthread.php?t=581521
Download md5sum.exe from this site: http://www.etree.org/md5com.html
Save it in them in same folder as you have the adb command in.
Then from the command line run:
md5sum recovery-RA-heroc-v1.2.3.img
It should output something like this:
0bdcea0f2c734035ba960d76aba0fa6a *recovery-RA-heroc-v1.2.3.img (Don't forget to copy it to the sdcard again )
Bolded text is the checksum of the file, it should match perfectly or your image is damaged.
If the checksum is the same, try flashing it again.
ahh i see clearer now.....
yes as suggested in the last thread you posted in... do a sprint RUU and try agian... this will put you at a known good baseline.... follow steps exactly...
as a added measure to cancel the option of bad sd card, get an external micro sd card reader and format it in windows as fat32
johnsongrantr said:
ahh i see clearer now.....
yes as suggested in the last thread you posted in... do a sprint RUU and try agian... this will put you at a known good baseline.... follow steps exactly...
as a added measure to cancel the option of bad sd card, get an external micro sd card reader and format it in windows as fat32
Click to expand...
Click to collapse
I actually already formatted to fat32,lol. How do I flash RUU??? To start over?
packetlss said:
One last try.
Redownload the the image from this post: http://forum.xda-developers.com/showthread.php?t=581521
Download md5sum.exe from this site: http://www.etree.org/md5com.html
Save it in them in same folder as you have the adb command in.
Then from the command line run:
md5sum recovery-RA-heroc-v1.2.3.img
It should output something like this:
0bdcea0f2c734035ba960d76aba0fa6a *recovery-RA-heroc-v1.2.3.img (Don't forget to copy it to the sdcard again )
Bolded text is the checksum of the file, it should match perfectly or your image is damaged.
If the checksum is the same, try flashing it again.
Click to expand...
Click to collapse
Where do I input that? Once I get in root?
I did adb shell
$su
#md5sum recovery-RA-heroc-v1.2.3.img
it says md5sum not found
No, md5sum in run before you do the adb shell command (it's a normal PC program).
aaron130 said:
Where do I input that? Once I get in root?
I did adb shell
$su
#md5sum recovery-RA-heroc-v1.2.3.img
it says md5sum not found
Click to expand...
Click to collapse
windows command line not adb shell.... make sure you are in the directory in which you downloaded md5sum
obdcea0f2c734035ba960d76aba0fa6a *recovery-RA-heroc-v1.2.3.img
thats what happened Good??
That is the correct checksum.
Try and flash that one.
Nope Same DAM thing it gets stuck at htc or htc then quits and shuts off
I'm out of ideas then. Could be that it's broken, unless someone else has the same problem. (Haven't seen any of that though).
packetlss said:
I'm out of ideas then. Could be that it's broken, unless someone else has the same problem. (Haven't seen any of that though).
Click to expand...
Click to collapse
Thx Im flashing the RUU now. Thx for your help though I appreciate it alot!!
I bought my first smart phone Samsung Gio S5660M and tried to unlock it. I tried different ways but weird things happened and I don’t know what causes the problem. I was wondering whether the unlock code would change if I did something to the phone. Now the phone is still locked and I really need and appreciate your help.
First I used the method in the link: http://forum.xda-developers.com/showthread.php?t=1204705 to root and unlock the phone but was not able to finish it. The steps that I have completed are as follows:
To root the phone:
1. Download this file http://www.mediafire.com/download.php?jzvnlbhidsd5f6l
2. Copy root_gb_gio.zip to the root of the SD card and put the card in the phone
3. Shutdown the phone.
4. Put the phone in recovery Mode (press: Home button + Power button toghether)
5. In recovery mode, choose Install Update from SD-card using Vol. up / down key and press Home key to confirm
6. Search for the root_gb_gio.zip file on the SD-card and Press home key again to run the update
7. Reboot
8. Verify in the app folder if SuperUser app is installed properly
9. Reboot
Network Unlock (using ADB Shell from PC).
1. Download and install Samsung Kies to the PC from here: http://www.samsungapps.com/about/onPc.as, also install Samsung USB Driver
2. Download and install ADB which comes with Android SDK from: http://developer.android.com/sdk/index.html
-Go to the "Available Packages" Option on the left Menu
-Click on the "Refresh" Button on the bottom Right and wait until it finish
-From Items select the "Andoid SDK platform-tools, revision 6" Item
-Click the "Install Selected" button on the botton right and wait until it finish then close the Android SDK
3. Add the correct path
-Right-click on Computer Icon (on your Desktop) and select "Properties" from the menu,
-On My PC Properties select the "Advanced Options" Tab
-Click "Advanced System Settings"
-Click "Environment Variables"
-Highlight the "Path" Variable and click the "Edit"
-At the end of the line (and path) add the path: ;C:\Program Files\Android\android-sdk\platform-tools
4. Connect the phone to the computer via the USB cable
-Click on the start button and open the "Run" option, on Run type cmd.exe and press enter. A command prompt window popped out.
-Type the next text to access the ADB Shell: cd C:\Program Files\Android\android-sdk\platform-tools
-Type: adb shell
-Now in adb shell (and executing commands on the phone itself)
-Type the next command: su
-The superuser application popped up on the PHONE SCREEN (yes take a look at the phone screen) asking to allow root privileges to the adb shell. Choose Allow root access for the ADB shell on the phone.
-Type: cd /
-Type : mount -o remount rw /
-Type: mkdir /efs
-Type: mount -o nosuid,ro,nodev -t vfat /dev/block/stl5 /efs
-Type: cat /efs/mits/perso.txt
got a bunch of characters on the screen and a 8 digit number, the unlock code, which is 28572603
-Type: unmount /efs (It should umount /efs, but I typed it wrong)
5. Disconnect the USB cable from the phone
6.Turn the phone off and insert the SIM card
7. Turn on the phone
In the last step it should ask for the unlock code to unlock the phone, however, it didn’t ask for the unlock code. Instead there was a message: “Phone is SIM Corporate Locked” and there is nowhere to input any code.
When I typed “*#7465625#, the result is as follows: Network Lock [OFF], Network Subset Lock [OFF], SP Lock [OFF], CP Lock [ON]. Note that the corporate lock is on. But I could access menu with the foreign SIM card in the phone. When I tried to dial “*#7465625*638*28572603” or “#0111*28572603” with or without foreign SIM card, the message is always something like network not available (cannot recall the exact words). When I went to a FIDO kiosk for help (SIM card is from FIDO), they told me to unroot the phone so that the phone could ask for the unlock code.
I googled corporate lock/SPCK code on the Internet and there is such message: “In 1% of cases to unlock samsung SPCK code is need”, I called Samsung for help with SPCK code. The technical support in Samsung asked me to factory reset the phone by typing “*2767*3855#”. After the reset, the status of the locks were still the same as before, so is the message “Phone is SIM Corporate Locked”. Then Samsung told me that they don’t have SPCK code. I noticed that SuperUser icon was still on the menu after the factory reset.
A further search showed the unlock method of mapping image partition from: http://forum.xda-developers.com/showthread.php?t=1244695 and http://forum.xda-developers.com/showpost.php?p=17148825&postcount=334 (same method). When I went to Shell and typed “su”, not sure whether because of the factory reset or not, superuser or admin denied, so I redid the rooting by following the previous steps, but it only took a few seconds to finish it. Then the steps I followed were:
1, first, go to the command line of pc.(win xp "start->run->cmd" )
and type "cd\", now in the root of the hard drive (also tried cd \Program Files\Android\android-sdk\platform-tools)
2, second, type "adb shell".
3, after that, type "su".
4, then, type "cat /dev/bml5>/sdcard/bml5.img"
5, type twice "exit" to disconnect with gio.
6, type "adb pull /sdcard/bml5.img"
But there is an error message “remote object /sdcar/bml5.img does not exist". I just repeated the steps a few minutes ago to get a few screenshots:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
(using cd \Program Files\Android\android-sdk\platform-tools)
(using cd \)
(a different error: so I used mount command)
I think at this point (cannot recall after the following tries or at this time) that I inserted a foreign SIM card, the phone began to show message “Network Locked”, took out the foreign SIM card, typed “*#7465625#", weird enough, the result changed to: Network Lock [ON], Network Subset Lock [OFF], SP Lock [OFF], CP Lock [OFF]. Corporate lock is gone but the network lock came back. I don’t know the reason – is that because I did factory reset?
I put the foreign SIM card back to the phone, input the unlock code generated earlier “28572603”, but it was not successful. I decided to go back to the first method (ADB shell from PC) to generate the unlock code again to see whether the result code is the same. However, weird gain, this time no code at all. I reproduced the screenshot a moment ago for the result (I had to cut the screen into two half):
The third method I tried is to unlock the phone by using Android Terminal Emulator, the steps were:
- In Android Market, download and install Android Terminal Emulator
- Boot up the Android Terminal Emulator application
-Using the on-screen keyboard, type su, allowed the permission from the prompt
-Type: cd /
-Type : mount -o remount rw /
-Type: mkdir /efs
-Type: mount -o nosuid,ro,nodev -t vfat /dev/block/stl5 /efs
-Type: cat /efs/mits/perso.txt
The desire result should be a bunch of characters on the screen and a 8 digit number. However, I didn’t get the desire result – it seems that the result is the same as using the first method after factory reset, here is the screenshot (it seems that the shot is incomplete, but I had a hard time to get even such an incomplete shot – the shell would exit when I tried to screenshot):
My questions are: why the same method cannot generate the same code? Is it because I did something to the phone, like factory reset? The unlock code will change because of the situation or it will always keep the same? Why I cannot see the bml5.img? Is it possible I damaged it by chance? I am also worried that now even if I buy uncode code from GSMLiberty, it would not work any more because of what I did to the phone. Is it possible so? What is my option now? (I tried the code once, so I still have another two chances to input unlock code). Is what has happened weird or there is a reason for that?
Thank you very much.
I also pulled the perso.txt file onto my PC and reviewed it in XVI32. It does not look like any of the files others mentioned (a lot of 00 or FF followed by a number). Attached here is perso.txt. Is my perso.txt corrupted? If yes, how can I recover it? Thanks.
As far as I know, you're the first person that's reported seeing a CP lock on this phone... One possibility is that this happened instead of plain old bricking when you mistyped the umount command the first time around.
Is your IMEI still intact?
Did you reboot the phone since your third attempt?
Did you by any chance keep the first perso.txt you cat'ed on your first attempt?
The suggestion below is at best a shot in the dark and could very well worsen the situation. With that out of the way...
If your IMEI is still intact, you could try booting in CWM, mounting /efs as rewritable, and upload the attached perso.txt, unmount efs and reboot. The file is simply my own perso.txt, from an unlocked 5660M, with your unlock code put in place of mine in a Unix line-ending aware editor. (Another, albeit riskier possibility would be to mount rewritable in the main OS and cat the file into place, then unmount and reboot.)
Good luck,
Darkshado
Thank you, Darkshado, for answering my questions.
Yes the IMEI is still intact. What is weird is that now CP is off and network lock is on after I don't know which operation - I thought it should be due to the factory reset, but after factory reset, the status was still CP [ON] and network lock [OFF]. The I did reroot. The phone was rebooted many times after each attempt, and I only input unlock code once so I still have another two chances.
No I didn't make a copy of the original perso.txt as I almost knew nothing when I first tried.
About unmount mistake, is it so severe if there is a typo? My thought was that mounting and unmounting just control access to the file. When we mount a file, we get access to the file. If we forget to unmount it, it leave a hole for others to access. Is my understanding right? If yes, the typo in unmount command for the first method should not be a big deal as I rebooted the phone after an probably unsuccessful unmount.
As to the perso.txt, what I guess is that the file perso.txt contains all the unlock codes and when we input unlock code from the screen, the system will compare the input code with the code in perso.txt. If they are the same, unlock succeeds, which is similar to using password when we login anywhere. Am I right?
I actually think that uploading your perso.txt mught be a solution. But before doing that, I think it is better to compare your perso.txt with another perso.txt from another phone to see whether the difference is only the unlock code. If yes, the solution will succeed. However, if the perso.txt files from different phones are quite different -like the location of the unlock code and other data that is not 00 or FF, there is a good chance that it's very risky. Do you have another perso.txt available? Or anybody in the forum has a perso.txt available to compare?
My other question is how useful is this perso.txt. If I delete it totally by chance and ask people to unlock the phone from hardware, will the system still operate normally?
I'm going to try to factory reset the phone and reroot again - My PC is in repair and I'll try after I get my PC back - to see whether perso.txt could be restored. Do you have bml5.img in your phone? I don't know why I don't have it on my phone. But from the forum, it looks like that the bml5.img is very similar to perso.txt, only 00 becomes FF or vice verse.
Thanks again for your help.
SPnewb said:
Thank you, Darkshado, for answering my questions.
Yes the IMEI is still intact. What is weird is that now CP is off and network lock is on after I don't know which operation - I thought it should be due to the factory reset, but after factory reset, the status was still CP [ON] and network lock [OFF]. The I did reroot. The phone was rebooted many times after each attempt, and I only input unlock code once so I still have another two chances.
Click to expand...
Click to collapse
That is very strange. What, if any, SIMs did you have in the phone when attempting the unlock at the different stages? Was the Fido SIM in at any time before trying to get an unlock code prompt?
As far as I know, the factory reset operation, at least when triggered from recovery, only wipes the /data and /cache partitions. Is anything done to NV items? I don't have any data to tell.
About unmount mistake, is it so severe if there is a typo? My thought was that mounting and unmounting just control access to the file. When we mount a file, we get access to the file. If we forget to unmount it, it leave a hole for others to access. Is my understanding right? If yes, the typo in unmount command for the first method should not be a big deal as I rebooted the phone after an probably unsuccessful unmount.
As to the perso.txt, what I guess is that the file perso.txt contains all the unlock codes and when we input unlock code from the screen, the system will compare the input code with the code in perso.txt. If they are the same, unlock succeeds, which is similar to using password when we login anywhere. Am I right?
Click to expand...
Click to collapse
Your understanding about mounting and unmounting is correct, but I am not certain that perso.txt is actually used by the phone to check the unlock code. It may also be written there for some other reasons...
The problem with our phones is that corruption has occurred by merely reading the stl5 partition the wrong way.
I actually think that uploading your perso.txt mught be a solution. But before doing that, I think it is better to compare your perso.txt with another perso.txt from another phone to see whether the difference is only the unlock code. If yes, the solution will succeed. However, if the perso.txt files from different phones are quite different -like the location of the unlock code and other data that is not 00 or FF, there is a good chance that it's very risky. Do you have another perso.txt available? Or anybody in the forum has a perso.txt available to compare?
My other question is how useful is this perso.txt. If I delete it totally by chance and ask people to unlock the phone from hardware, will the system still operate normally?
Click to expand...
Click to collapse
The idea of comparing some perso.txt files is good, but so far all the perso.txt files I've seen uploaded came from the Euro/Asia 5660 Gio, so we'd need files from a 5660M. They did look almost identical to mine though, with essentially a Bell network identifier at the beginning that wasn't present at all in theirs. One person with a 5660 also posted a before/after set, and the file does change a little after the unlock.
I've been reluctant to try too many things on my EFS partition, like deleting perso.txt to see how the phone reacts, for fear of bricking it.
I'm going to try to factory reset the phone and reroot again - My PC is in repair and I'll try after I get my PC back - to see whether perso.txt could be restored. Do you have bml5.img in your phone? I don't know why I don't have it on my phone. But from the forum, it looks like that the bml5.img is very similar to perso.txt, only 00 becomes FF or vice verse.
Thanks again for your help.
Click to expand...
Click to collapse
There are two "levels" you can access the partitions on the phone. stl is a higher level access, with which you can get correct RFS partitions for instance, while bml is a lower, block-level access. perso.txt is simply a file contained in stl5, also known as the /efs partition. You can read its contents in a round-about way via bml, but you wouldn't want to flash an /efs, /system/ or /data partition through bml.
Unlike reading stl5, reading bml5 has not caused anyone bricking so far. bml5 is sufficient to get the unlock code as well.
Good luck,
Darkshado
Hi Darkshado,
Thank you very much for your help.
Darkshado said:
That is very strange. What, if any, SIMs did you have in the phone when attempting the unlock at the different stages? Was the Fido SIM in at any time before trying to get an unlock code prompt?
Click to expand...
Click to collapse
The phone was locked to Bell, and my SIM card is from FIDO. I also got a Rogers SIM card for testing. When I rooted and generated teh code, I didn't have any SIM card in the phone. When I inserted Fido card after teh first attempt, I got the message " Phone is SIM Coperated locked" [i.e. when CP lock is On and other locks OFF], but I could still use the other functions of the phone. When the CP lock is OFF and Network lock is ON, I could not use the phoen at all because teh screen asked to input unlock code. If no input orcode is wrong, I cannot use the phone at all. Without SIM card, I could still use other functions of the phone.
As far as I know, the factory reset operation, at least when triggered from recovery, only wipes the /data and /cache partitions. Is anything done to NV items? I don't have any data to tell.
Click to expand...
Click to collapse
What is NV items? Can you tell me how I can tell where to see NV items?
Your understanding about mounting and unmounting is correct, but I am not certain that perso.txt is actually used by the phone to check the unlock code. It may also be written there for some other reasons...
Click to expand...
Click to collapse
I was wondering whether the perso.txt is like config file?
The problem with our phones is that corruption has occurred by merely reading the stl5 partition the wrong way.
Click to expand...
Click to collapse
perso.txt is simply a file contained in stl5, also known as the /efs partition. You can read its contents in a round-about way via bml, but you wouldn't want to flash an /efs, /system/ or /data partition through bml.
Click to expand...
Click to collapse
I cannot think of where I read the partition wriong other than I might hav etyped the wrong unmount for the first time followed by a reboot. I actually thinking of falshing the phone, but for the moment I have not read anything about flash yet and have no idea where to find the proper version of files to falsh.
When I pull the perso.txt to PC, I seemed to use the following method (my PC is still in repair so I cannot verify ):
-Type: adb shell
-Now in adb shell
-Type: su
- allow root privileges to the adb shell.
-Type : mount -o remount rw /
-Type: mkdir /efs
-Type: mount -o nosuid,ro,nodev -t vfat /dev/block/stl5 /efs
-Type: exit twice to exit shell
-Type: adb pull /efs/mits/perso.txt
-Type: adb shell (to go back to shell)
-Type: umount
Is there any risk with this method?
About perso.txt,
One person with a 5660 also posted a before/after set, and the file does change a little after the unlock.
Click to expand...
Click to collapse
I will try to see whether I could get some perso.txt files from anotehr forum (redflagdeals). Can you tell me where I can find the before/after set?
Thank you again very much.
Cathy
Hello Cathy,
One big piece of advice I can give you is to try and have a basic understanding of whatever command it is you're typing in an ADB shell.
The "cat" command can take one or many standard inputs (we'll stick to files for now) and output them to a standard output; in our case, the screen or another file.
Its one way of copying a file, or simply seeing its contents depending on where you send it.
With multiple files in the input, you're concatenating them before they get output.
I would not try the method in your last post AT ALL. You already have your code, and I see no reason why your current perso.txt would be of any use. It is a configuration file, it has to do with the various locks, but I wouldn't be able to tell you more. The way yours has been "corrupted" (I'm employing the term loosely here) may be the reason you've seen that CP lock appear. It may also have altered your Network unlock code in unforeseen ways.
I don't remember anyone trying to directly adb pull perso.txt from the /efs partition off a live phone. Do this at your own risk.
The problems we've seen occur are in all likelyhood due to interference between the modem firmware and the higher-level Android OS. That's why even normally "harmless" read commands have caused problems.
The dd command, as well as leaving /efs mounted on normal mode phone shutdown are constants in multiple bricking cases on the Gio and other similar Samsung phones like the Galaxy Ace and Mini.
The lower-level bml5 partition has been deemed safe to read with the dd command so far, even from a live phone.
Completely disable the modem firmware, like in recovery mode, and you can access, and even edit, the /efs partition in a relatively safe manner.
Something interesting happened as I began writing this: I don't know how or when this happened, but I somehow had relocked my phone to Bell!
I decided to try the lock status code you posted above and saw "Network Lock: ON" Slipping another SIM (an unactivated Koodo one) in my Gio prompted for the unlock code, which I typed and got a network unlocked message.
I took another look at the perso.txt file I had modified for you and recognized a number near the beginning: 302610 that's the Bell MNC! I rebooted in recovery, mounted /efs and adb pulled perso.txt again (safe because I was in recovery mode). The file has the exact same length, and a few differences visible in Winmerge or a hex editor of your choosing.
I turns out I can relock and unlock my phone as I see fit! I haven't tried, but I wouldn't be surprised if I could even lock my phone to a network other than Bell.
You also asked about NV items: they're phone settings common to all Qualcomm cellular modem based cellphones. GSM and WCDMA antenna power and gain settings, factory test mode, IMEI, there are thousands.
In the case of the Gio, some are accessible off the EFS (stl5) partition in the /nvm/num/ directory. Others, like the IMEI unfortunately, are stored elsewhere in the phone, I don't know where. We can read all the settings by using two leaked Samsung programs, named QPST and QXDM respectively. We can edit some of them, but unless you know exactly what you're doing, this is an easy way to completely mess up a phone.
One last silly question: did you have a MicroSD memory card in the phone when you tried cat'ing bml5 to /sdcard on your second attempt?
Okay. I think there is a way to solve your unusual lock problems, try the following steps:
Get Odin here
Get the latest Odin-flashable Gio ClockworkMod-based recovery available on XDA.
Download the perso_Cathy.txt attached below.
Flash the CWM-based recovery to your phone.
Reboot in recovery mode and connect the phone to your computer.
In Windows Explorer, go to the directory you've saved perso_Cathy.txt, and shift+right-click on the directory. Open command line from here. (Otherwise, open a command line window and cd to that directory.)
adb shell (notice your shell is already # aka root)
mount -o nosuid,rw,nodev -t vfat /dev/block/stl5 /efs (notice we're mounting rewritable this time)
exit (this will take you back to the regular command line)
adb push perso_Cathy.txt /efs/mits/perso.txt (so we're pushing and renaming at the same time)
adb shell umount /efs (I doubt this is *really* necessary, but better safe than sorry. You can send single commands to the shell this way)
adb reboot
The phone should already be unlocked on reboot.
Good luck,
Darkshado
Hi Darkshado,
Thank you for your quick response.
Darkshado said:
One big piece of advice I can give you is to try and have a basic understanding of whatever command it is you're typing in an ADB shell.
Click to expand...
Click to collapse
That's good advice If I read the whole thread of unlocking first before I began unlocking, there might not have been problems. I began to unlock after reading a few postings. I used Linux long time ago, but obviously I could not recall anything now.
I would not try the method in your last post AT ALL. You already have your code, and I see no reason why your current perso.txt would be of any use. It is a configuration file, it has to do with the various locks, but I wouldn't be able to tell you more. The way yours has been "corrupted" (I'm employing the term loosely here) may be the reason you've seen that CP lock appear. It may also have altered your Network unlock code in unforeseen ways.
Click to expand...
Click to collapse
The code I had was got before the corrupted perso.txt. I had a strong feeling that the input unlock code will be compared with the code in perso.txt for unlocking, Otherwise if perso.txt is not useful any more, why when I input the initially generated unlock code, the unlocking is not successful. The CP lock is now OFF after the perso.txt is corrupted, though it is hard to judge whether CP is ON or not before perso.txt is corrupted because I got the unlock first then I saw CP was ON.
I don't remember anyone trying to directly adb pull perso.txt from the /efs partition off a live phone. Do this at your own risk.
Click to expand...
Click to collapse
Can you tell me what command you use to get perso.txt? From the info below it seems that you use the same or similar commands, but in the recovery mode instead of the normal mode, is it right?
I turns out I can relock and unlock my phone as I see fit! I haven't tried, but I wouldn't be surprised if I could even lock my phone to a network other than Bell.
Click to expand...
Click to collapse
By editing perso.txt only?
One last silly question: did you have a MicroSD memory card in the phone when you tried cat'ing bml5 to /sdcard on your second attempt?
Click to expand...
Click to collapse
Yes, since I inserted the MicroSD card into the phone for rooting, I never took it out. But I can hardly imagine this will cause any problem.
I think there is a way to solve your unusual lock problems, try the following steps:
Get Odin here
Get Ingmar Steen's latest Gio ClockworkMod-based recovery here
Download the perso_Cathy.txt attached below.
Flash the CWM-based recovery to your phone.
Reboot in recovery mode and connect the phone to your computer.
In Windows Explorer, go to the directory you've saved perso_Cathy.txt, and shift+right-click on the directory. Open command line from here. (Otherwise, open a command line window and cd to that directory.)
adb shell (notice your shell is already # aka root)
mount -o nosuid,rw,nodev -t vfat /dev/block/stl5 /efs (notice we're mounting rewritable this time)
exit (this will take you back to the regular command line)
adb push perso_Cathy.txt /efs/mits/perso.txt (so we're pushing and renaming at the same time)
adb shell umount /efs (I doubt this is *really* necessary, but better safe than sorry. You can send single commands to the shell this way)
adb reboot
Click to expand...
Click to collapse
After a second thought, I decided not to flash the memory since I have little knowledge about it and the tools you mentioned here. As you suggest, I should know enough before doing it. So now, I was wondering whether it will solve the problem by just push the file perso_Cathy.txt in your above message to /efs/mits/perso.txt in recovery mode. What do you think? Another quesion is that I wish to back up all the files in the operating system before any more action. Can you tell me how to back up?
My PC is back but now I cannot even install androit SDK on the computer, so I have to bring it back for repair. So the next few days I probably would not be able to try anything, but once I try, I'll let you know the rsult.
Thank you very much.
Cathy
SPnewb said:
I had a strong feeling that the input unlock code will be compared with the code in perso.txt for unlocking
Click to expand...
Click to collapse
It most definitely is compared. From what I can tell, perso.txt contains all the SIM-lock information, status and codes.
Can you tell me what command you use to get perso.txt? From the info below it seems that you use the same or similar commands, but in the recovery mode instead of the normal mode, is it right?
Click to expand...
Click to collapse
Exactly. Recovery mode is what makes the whole thing safe. You need a rooted recovery to do it though.
There are two ways to get the actual perso.txt file off the phone: adb pull (directly or by cat'ing the file to the sd card beforehand) or dd'ing the stl5 partition and extracting perso.txt from it.
By editing perso.txt only?
Click to expand...
Click to collapse
Yes.
After a second thought, I decided not to flash the memory since I have little knowledge about it and the tools you mentioned here. As you suggest, I should know enough before doing it. So now, I was wondering whether it will solve the problem by just push the file perso_Cathy.txt in your above message to /efs/mits/perso.txt in recovery mode. What do you think?
Click to expand...
Click to collapse
I'm pretty confident it will solve the problem, otherwise I would not have gone to the trouble of writing these instructions and uploading the file for you.
Another quesion is that I wish to back up all the files in the operating system before any more action. Can you tell me how to back up?
Click to expand...
Click to collapse
Look here.
My PC is back but now I cannot even install androit SDK on the computer, so I have to bring it back for repair. So the next few days I probably would not be able to try anything, but once I try, I'll let you know the rsult.
Click to expand...
Click to collapse
What does the ADK installer say? If its complaining about not finding the JDK when you've already installed it, just it Back, and then Next. It will detect at that time and proceed with the installation. It's a known bug. Also, stick to JDK version 6 for the time being. Version 7 is so recent there might be some incompatibilities...
Thank you very much.
Click to expand...
Click to collapse
You're welcome.
Goodbye,
Darkshado
The phone is bricked now. What I did is: hole the HOme key while pressing the power key, the phone asked me whether to "reboot the system now" or "update from /sdcard" or "wipe /data XXX factory reset" (sth like factory reset) or "wipe /cach", I chose "reboot the system now". after that , connect the phone to the system. What I did in PC is catured in teh following image:
After that, when rebooting the phone, the phone began to falsh "samsung" and it cannot be shut down any more.
It seems that using other people's perso.txt does not work. One reason may be that, as you said, "perso.txt contains all the SIM-lock information, status and codes", other than unlock code, it might also read each individual phone's information, since that hte perso.txt is not mine, the phone cannot find the proper information, which causes phone to do indefinite loop. If that is the case, instead of uploading a new perso.txt, editing my own (even the corrupted) perso.txt and changing the corresponding location into the unlock code might work, as the phoen could start up before. Another reason may be that by editing the perso.txt, the system might detect the action for example like using CRC, and if only perso.txt is edited, system detected inconsistency and will go into indefinite loop. If I were the developer and I am aware that perople crack the phone, I might using another file or check code to protect. In this case, "I turns out I can relock and unlock my phone as I see fit! I haven't tried, but I wouldn't be surprised if I could even lock my phone to a network other than Bell." might not work.
I guess that now even hardware unlock will not work, becaue when the phone start, it will read "perso.txt" and cannot find the right information. The only solution is push my original corrupted perso.txt back to the phone, but the question is how? Can you advise me what I should do now? SInce the phone does not start up at all, can I still flash the memory using Odin?
Thank you very much.
Cathy
Crap. I'm afraid that if your phone is now bootlooping with no access to recovery mode there is little to be done but to get it serviced or replaced.
No one has been able to flash EFS with Odin yet on our phones.
Also, your image attachment explaining what you attempted exactly is missing...
Look at the perso.txt files in a hex editor, there's no CRC or MD5 like thing anywhere in there. Of course it could be placed elsewhere, but it would be a first to have a booby-trapped phone OS...
I'll try locking my phone to another network within the next week for the heck of it.
Goodbye,
Darkshado
It's the format of the image. I changed to a different image format. You should be able to view the image in the first page now. Anyway, I posted it here again:
I'll try locking my phone to another network within the next week for the heck of it.
Click to expand...
Click to collapse
Let me know the result.
Thanks.
Cathy
SPnewb said:
Anyway, I posted it here again:
Click to expand...
Click to collapse
Please tell me: in what mode were you booted when you did the above?
Recovery?
Was the text blue or orange?
It's not normal that you had to use su. Otherwise your commands were correct starting with mount -o remount rw /
Darkshado said:
Please tell me: in what mode were you booted when you did the above?
Recovery?
Was the text blue or orange?
It's not normal that you had to use su. Otherwise your commands were correct starting with mount -o remount rw /
Click to expand...
Click to collapse
I thought that I booted in recovery mode since when I turned on the phone, I held Home key then press the power key, but when the phone start up there were only 4 or 5 choices in the recovery menu and except the one "reboot the system now", there were no other choices about reboot. I suspected that to choose "reboot the system now" will cause startup in normal mode. How do you start up the phone in recover mode?
I cannot recall teh color of the text, but I never see any orange text since I had the phone.
Thank you very much for your help. I'm going to get another Gio to unlock.
Hello gays. Recently got in Honk Kong HTC ONE S S3 and collided with problem about changing
cid from htc_622 to 11111111 or htc_001.
1.Unocked from hbdev.com it takes 1 minutes.
2.Secondary install twrp 2.2.1. takes 1 minutes.
3.Install r3-ville-superboot.
From this moment looks like i have root and everething, then under "adb shell" and "su" i try to
write modified file to # dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4 and got response that
everething went good, file was written with speed and etc. But in bootloader mod when i try to read it with
"fastboot oem readcid" i got anyway HTC_622. OK. i tried other method "fastboot oem write cid 11111111"
but got "message c:\a>fastboot oem writecid 11111111
... INFO villec2_init_sd, SD card already power on
INFO[SD_HW_ERR] SD: No device attached
INFO902910 902E20
FAILED (status read failed (No such file or directory)"
4. So after that i tried 1 week everething: write modified hex files to mmcblk0p5,6 flash different images to boot, recovery: original or modified, took recovery and boot images from different ruu, try to find in hex redactor in system file from ruu allowed cid and change them-NO SUCSESS.
GAYS who know how to change this f....g cid to supercid.
kiroyan said:
Hello gays. Recently got in Honk Kong HTC ONE S S3 and collided with problem about changing
cid from htc_622 to 11111111 or htc_001.
1.Unocked from hbdev.com it takes 1 minutes.
2.Secondary install twrp 2.2.1. takes 1 minutes.
3.Install r3-ville-superboot.
From this moment looks like i have root and everething, then under "adb shell" and "su" i try to
write modified file to # dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4 and got response that
everething went good, file was written with speed and etc. But in bootloader mod when i try to read it with
"fastboot oem readcid" i got anyway HTC_622. OK. i tried other method "fastboot oem write cid 11111111"
but got "message c:\a>fastboot oem writecid 11111111
... INFO villec2_init_sd, SD card already power on
INFO[SD_HW_ERR] SD: No device attached
INFO902910 902E20
FAILED (status read failed (No such file or directory)"
4. So after that i tried 1 week everething: write modified hex files to mmcblk0p5,6 flash different images to boot, recovery: original or modified, took recovery and boot images from different ruu, try to find in hex redactor in system file from ruu allowed cid and change them-NO SUCSESS.
GAYS who know how to change this f....g cid to supercid.
Click to expand...
Click to collapse
I've exactly the same request than you. I did also what you have done with the same results.
I don't understand why it doesn't work.
Deleted.
kiroyan said:
Hello gays. Recently got in Honk Kong HTC ONE S S3 and collided with problem about changing
cid from htc_622 to 11111111 or htc_001.
1.Unocked from hbdev.com it takes 1 minutes.
2.Secondary install twrp 2.2.1. takes 1 minutes.
3.Install r3-ville-superboot.
From this moment looks like i have root and everething, then under "adb shell" and "su" i try to
write modified file to # dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4 and got response that
everething went good, file was written with speed and etc. But in bootloader mod when i try to read it with
"fastboot oem readcid" i got anyway HTC_622. OK. i tried other method "fastboot oem write cid 11111111"
but got "message c:\a>fastboot oem writecid 11111111
... INFO villec2_init_sd, SD card already power on
INFO[SD_HW_ERR] SD: No device attached
INFO902910 902E20
FAILED (status read failed (No such file or directory)"
4. So after that i tried 1 week everething: write modified hex files to mmcblk0p5,6 flash different images to boot, recovery: original or modified, took recovery and boot images from different ruu, try to find in hex redactor in system file from ruu allowed cid and change them-NO SUCSESS.
GAYS who know how to change this f....g cid to supercid.
Click to expand...
Click to collapse
This method not support C2 (S3)
teerapong.g said:
This method not support C2 (S3)
Click to expand...
Click to collapse
But which method instead, for unbrand my s3-device???
So there is no way to do that?
Gesendet von meinem HTC One S mit Tapatalk 2
Any news about supercid on S3 device?
CID
Hi!
Any News, how to changeCID on VilleC2 (S3) devices? With or without S-off...
Thanks
This should fix the problem
kiroyan said:
Hello gays. Recently got in Honk Kong HTC ONE S S3 and collided with problem about changing
cid from htc_622 to 11111111 or htc_001.
1.Unocked from hbdev.com it takes 1 minutes.
2.Secondary install twrp 2.2.1. takes 1 minutes.
3.Install r3-ville-superboot.
From this moment looks like i have root and everething, then under "adb shell" and "su" i try to
write modified file to # dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4 and got response that
everething went good, file was written with speed and etc. But in bootloader mod when i try to read it with
"fastboot oem readcid" i got anyway HTC_622. OK. i tried other method "fastboot oem write cid 11111111"
but got "message c:\a>fastboot oem writecid 11111111
... INFO villec2_init_sd, SD card already power on
INFO[SD_HW_ERR] SD: No device attached
INFO902910 902E20
FAILED (status read failed (No such file or directory)"
4. So after that i tried 1 week everething: write modified hex files to mmcblk0p5,6 flash different images to boot, recovery: original or modified, took recovery and boot images from different ruu, try to find in hex redactor in system file from ruu allowed cid and change them-NO SUCSESS.
GAYS who know how to change this f....g cid to supercid.
Click to expand...
Click to collapse
I have the S4 Version but this should work:
1. Download root explorer on your device
2. Open it up and at the top select Mount R/W
3. Select the folder "dev"
4. Next, select the folder "block"
5. In that folder find the file that says "mmcblk0p4"
6. Copy the file and paste it to the root of your SD Card
NOTE: Do not cut the file &and paste it.
7. Download Hex Editor from the market and open it up
8. Locate the file that was copied to your SD Card & select it
9. Scroll down till you see htc_622 on the right side
10. Now, while looking at the same line htc_622 is on follow it toward the left till you see the first two digit number right after the last 00's
11. Finally change each number ( Not the 00's ) to 31 till you see 11111111 on the right side instead of htc_622.
12. There are a total of eight 1's. when your finished hit save at the bottom of the app and exit.
13. Now go ahead and boot into the bootloader of the device and hit fastboot.
14. Plug your phone in while in the bootloader and adb is open and type:
fastboot oem readcid
And hit enter. It should read "11111111".
Now you have SuperCID!!!!!!!!!!!
kiliona.k.mathew said:
I have the S4 Version but this should work:
1. Download root explorer on your device
2. Open it up and at the top select Mount R/W
3. Select the folder "dev"
4. Next, select the folder "block"
5. In that folder find the file that says "mmcblk0p4"
6. Copy the file and paste it to the root of your SD Card
NOTE: Do not cut the file &and paste it.
7. Download Hex Editor from the market and open it up
8. Locate the file that was copied to your SD Card & select it
9. Scroll down till you see htc_622 on the right side
10. Now, while looking at the same line htc_622 is on follow it toward the left till you see the first two digit number right after the last 00's
11. Finally change each number ( Not the 00's ) to 31 till you see 11111111 on the right side instead of htc_622.
12. There are a total of eight 1's. when your finished hit save at the bottom of the app and exit.
13. Now go ahead and boot into the bootloader of the device and hit fastboot.
14. Plug your phone in while in the bootloader and adb is open and type:
fastboot oem readcid
And hit enter. It should read "11111111".
Now you have SuperCID!!!!!!!!!!!
Click to expand...
Click to collapse
It works? Anyone try it for S3?
mmcblk0p4
I tried the procedure on my S3 but my mmcblk0p4 file is 0 kb. In fact everything in the /Block/ folder is 0 bytes.
When I open it with hex editor nothing there.
Also tried copying it to my download folder and using my pc to edit it but it is also blank.
Any ideas?
mm
Quills88 said:
I tried the procedure on my S3 but my mmcblk0p4 file is 0 kb. In fact everything in the /Block/ folder is 0 bytes.
When I open it with hex editor nothing there.
Also tried copying it to my download folder and using my pc to edit it but it is also blank.
Any ideas?
Click to expand...
Click to collapse
hello friend to me and it weighs 1 kb could edit .. and if I will have hex and all, i quo problem is how to modify the qm someone will help .. thanks
s3
O.k. There is no chance to change our cid(mean ville c2 or s3). I tried everething with h-boot 2.01( i found all with mentioned cid htc_622 (means in hex redactor looked ) changed but no sucsses. I ever tried changed h-boot but f-ing signature spoiled all things. My opinion should some really smart gay change h-boot-------------------------but this nobody would do in a good mind.
This subject closed.
Going buy chinise stuff with mtk 6899 processor. With 2sims and less gemmoroy things.
Every ones thanks for any attention.
Buy.
INTRODUCTION
As the Revskills site has been taken down (aparently for good) and thanks to Gene Poole (for provinding the .exe file that does all the magic), I have wrote a simple script that creates the goldcard.img file.
INSTRUCTIONS
As usual, you need:
Drivers installed in the PC.
adb, fastboot, and such commands running in the PC (if you don't have then download this folder (https://dl.dropboxusercontent.com/u/30674730/adb.rar) and extract its contents in the golcard tool folder)
Follow on screen instructions.
Make sure that you check on what MMC is your sdcard ID located. So far, Desire HD/Inspire 4G is on MMC2 but do not have information on other devices.
If you follow the instructions after running the tools, the goldcard.img file will be created in the tools folder. Then, patch the sdcard using the Simple Goldcard Tool included in the tools folder.
ACKNOWLEDGEMENTS
Many thanks to Gene Poole from creating the .exe file that creates the img file.
nelify - For posting the Simple Goldcard Tool that I am inlcuding in here to patch the sdcard
As usual the guys from the Hack Kit support IRC channel for teaching me about scripting and android and being so patient with me.
DOWNLOADS
http://d-h.st/VMw
Thx for your work, but it doesnt seem to work. After creating the image the tool says "It doesnt seem to be a valid Goldcardimage:
Get CID works, but the used and reversed CID seems to be another.
Furthermore I dont understand, how the GC.cmd can create a Goldcardimage without knowing the correct CID. It dont asks for that!?
tito_puente said:
Thx for your work, but it doesnt seem to work. After creating the image the tool says "It doesnt seem to be a valid Goldcardimage:
Get CID works, but the used and reversed CID seems to be another.
Furthermore I dont understand, how the GC.cmd can create a Goldcardimage without knowing the correct CID. It dont asks for that!?
Click to expand...
Click to collapse
The script finds the cid in the code. Of course it depends on the phone you have. The DHD or Inspire 4g have cid located in mmc2. If you choose the wrong mmc July get the wrong cid number.
Sent from my ASUS Transformer Pad TF700T using xda app-developers app
it doesn't create the .img
plz help
Microsoft Windows [Έκδοση 6.1.7601]
Πνευματικά δικαιώματα (c) 2009 Microsoft Corporation. Με επιφύλαξη κάθε νόμιμου
δικαιώματος.
C:\Users\PriestJohn>cd c:\android
c:\Android>C:\Android\GC.cmd
***WELCOME TO THE GOLDCARD IMAGE CREATOR***
This tool is possible thanks to Gene Poole, so thank him for letting you impro
ve your device
Checking connected devices
adb server is out of date. killing...
* daemon started successfully *
List of devices attached
HT0B4RX03962 device
starting menu
******************************************************
Choose the correct MMC for your device:
1. MMC0
2. MMC1
3. MMC2 (Desire HD/Inspire 4G)
4. Quit
*******************************************************
[Make your choice]3
Creating goldcard
Usage: tools\gcard.exe -c <sdcardid> [-r] -o <outputfile>
Options:
-h This help menu.
-c <sdcardid> Specify the SD Card Serial ID (required).
-r Specifies that <sdcardid> is already reversed.
-o <outputfile> Specify the output file (required).
Goldcard has been created in the tool folder. Now patch the sdcard using this Si
mple Goldcard Tool included in the tools folder
Πιέστε ένα πλήκτρο για συνέχεια. . .
Click to expand...
Click to collapse
Thanks but no thanks. I just bricked my Wildfire S by attempting to create a gold card using your tools.
Edit: I got it working! And successfully created a gold card! My issue was that ADB was not recognizing my device. My solution was to flash an old nandroid that had presumably had USB Debugging Enabled. I then proceeded to run the cmd file but without any luck, I was unable to properly get a gold image.
My check to see if ADB was talking to my device was:
Code:
adb devices
Once I confirmed that my device was being read on my PC, I ran SimpleGoldCard.exe and successfully got the CID for the SD Card. I then manually ran gcard.exe in terminal, and used the command:
Code:
gcard -c *CID* -r -o "C:/Gold Card/gold.img"
Success! I pulled out the SD card from the device, attached it to my computer via a card reader, and then ran SimpleGoldCard.exe again, completing the process.
I required the Gold Card due to calibration to attach an aftermarket digitizer to an HTC Wildfire S. I was unable to get past #7: https://sites.google.com/site/repairlinks/htc/htc-wildfire-s-calibration without a gold card.
Thanks for sharing this, it worked for me, and I got the digitizer fully calibrated on my Wildfire S!
BuffMcBigHuge said:
Thanks but no thanks. I just bricked my Wildfire S by attempting to create a gold card using your tools.
Click to expand...
Click to collapse
There's no way to brick a device getting the cid of the sdcard. This tool does not flash anything at all. So, unless you have proof what you are saying makes no sense
Sent from my GT-N7100 using xda app-developers app
glevitan said:
There's no way to brick a device getting the cid of the sdcard. This tool does not flash anything at all. So, unless you have proof what you are saying makes no sense
Sent from my GT-N7100 using xda app-developers app
Click to expand...
Click to collapse
Yes my mistake! I figured something went wrong, as the device was not responding after running the script. I was getting a flashing red notification light, and I wasn't able to load the bootloader. I found out it was due to a low battery. I suppose the battery does not charge while in the bootloader or fastboot menu? I almost tossed the phone in the garbage, but I still had hope!
Sent from my HTC One using Tapatalk 4 Beta
model id incorrect
glevitan said:
INTRODUCTION
As the Revskills site has been taken down (aparently for good) and thanks to Gene Poole (for provinding the .exe file that does all the magic), I have wrote a simple script that creates the goldcard.img file.
INSTRUCTIONS
As usual, you need:
Drivers installed in the PC.
adb, fastboot, and such commands running in the PC (if you don't have then download this folder (https://dl.dropboxusercontent.com/u/30674730/adb.rar) and extract its contents in the golcard tool folder)
Follow on screen instructions.
Make sure that you check on what MMC is your sdcard ID located. So far, Desire HD/Inspire 4G is on MMC2 but do not have information on other devices.
If you follow the instructions after running the tools, the goldcard.img file will be created in the tools folder. Then, patch the sdcard using the Simple Goldcard Tool included in the tools folder.
ACKNOWLEDGEMENTS
Many thanks to Gene Poole from creating the .exe file that creates the img file.
nelify - For posting the Simple Goldcard Tool that I am inlcuding in here to patch the sdcard
As usual the guys from the Hack Kit support IRC channel for teaching me about scripting and android and being so patient with me.
DOWNLOADS
http://d-h.st/VMw
Click to expand...
Click to collapse
i have inspire 4g which model id i found from "fastboot getvar all" is 4 x
but i think it should be PD981....LIKE THAT
WHAT IS WRONG IN MY PHONE
now, how to create a goldcard since the website is down?
its always great when people provide things working...
http://psas.revskills.de/?q=goldcard - it doesn't work