Database Info

How to extract a CGxx.smg file?

Hello,
I have extracted the CGxx.smg file out of an sbf-file (android 2.3.6).
Now I am trying to get the content of the CG39.smg with the command "unsquashfs" but the result is only the error: Can't find a squashfs superblock on ...
So how can I extract an smg-file?
EDIT: http://sourceforge.net/projects/ext2read/ works fine with Windows and the CG39.smg

cordezz said:
Hello,
I have extracted the CGxx.smg file out of an sbf-file (android 2.3.6).
Now I am trying to get the content of the CG39.smg with the command "unsquashfs" but the result is only the error: Can't find a squashfs superblock on ...
So how can I extract an smg-file?
EDIT: http://sourceforge.net/projects/ext2read/ works fine with Windows and the CG39.smg
Click to expand...
Click to collapse
Use the attached unyaffs for system/CG39.

Please note that you have to set permissions inside the updater-script if you want to make an update.zip.
As far as I know Linux can store permissions inside an zip-file but I'm not sure.

[Q] Unable to convert .dex to .jar in mac osx

Hi All,
I'm using Mac OSX(10.7) and trying to extract java file from a android apk. So i downloaded apk and then copied dex2jar zip file
After extracting dex file from apk(classes.dex), i had unzipped dex2jar and opened termial changed directory path to dex2jar and executed as below
my-MacBook-Pro:dex2jar-0.0.9.11 my$ **dex2jar.sh classes.dex**
but it says
*-bash: dex2jar.sh: command not found*
Click to expand...
Click to collapse
I checked in directory and dex2jar.sh is present. What is the mistake i'm doing

Most likely your directory where dex2jar.sh resides isn't listed in your PATH, so just type
Code:
./dex2jar.sh classes.dex
(dot and slash are important)

need help in extracting database if android device

trying to repair android database...
trying to decrypt android database...
Traceback (most recent call last):
File "C:\whatsapp\whatsapp_xtract.py", line 2062, in <module>
main(sys.argv[1:])
File "C:\whatsapp\whatsapp_xtract.py", line 995, in main
decoded = cipher.decrypt(open(options.infile,"rb").read())
File "C:\Users\Hafiz Haider\AppData\Roaming\Python\Python27\site-packages\Cryp
to\Cipher\blockalgo.py", line 295, in decrypt
return self._cipher.decrypt(ciphertext)
ValueError: Input strings must be a multiple of 16 in length
Press any key to continue . . .
dear sir how to remove this error ???ans me

hafizimran4 said:
trying to repair android database...
trying to decrypt android database...
Traceback (most recent call last):
File "C:\whatsapp\whatsapp_xtract.py", line 2062, in <module>
main(sys.argv[1:])
File "C:\whatsapp\whatsapp_xtract.py", line 995, in main
decoded = cipher.decrypt(open(options.infile,"rb").read())
File "C:\Users\Hafiz Haider\AppData\Roaming\Python\Python27\site-packages\Cryp
to\Cipher\blockalgo.py", line 295, in decrypt
return self._cipher.decrypt(ciphertext)
ValueError: Input strings must be a multiple of 16 in length
Press any key to continue . . .
dear sir how to remove this error ???ans me
Click to expand...
Click to collapse
What android databases? From what app/file? What are you using to decrypt it?
The error is from a Python script/program. The problem is that you entered some kind of wrong number and that number MUST be a multiple of 16. Please post more info and try using a diffrent tool for this because this one seems not to work.
EDIT:
I see. You are trying to decrypt a WhatsApp database. Try using this website: http://whatcrypt.com

[TOOL] Huawei Update Extractor Linux/Perl

Hi there, I recently started again playing with custom roms and I needed to extract official UPDATE.APP files in Linux. Here there is a perl script to extract and verify imgs from update packages.
How To Use
Code:
# copy splitupdate, crc and UPDATE.APP files
chmod +x splitupdate
chmod +x crc
./splitupdate UPDATE.APP
Sources/Download
The tool has been forked from JoeyJiao and available at https://github.com/marcominetti/split_updata.pl.
Windows GUI
If you prefer to use a GUI, you can use the excellent Huawei Update Extractor from @worstenbrood (http://forum.xda-developers.com/showthread.php?t=2433454).
As usual, you use it at your own risk.

Reserved.

AFAIK there is official Huawei Extract Tool available...

trurl3 said:
AFAIK there is official Huawei Extract Tool available...
Click to expand...
Click to collapse
Can you provide a link for reference? Thanks!

marco.minetti said:
Can you provide a link for reference? Thanks!
Click to expand...
Click to collapse
I am sorry - I was mistaken.

hi i would like to know how to open .img after that i mean for system etc... thank you!

desalesouche said:
hi i would like to know how to open .img after that i mean for system etc... thank you!
Click to expand...
Click to collapse
You have to mount and extract the system.img in linux with sim2img. It's complicated.

ajsmsg78 said:
You have to mount and extract the system.img in linux with sim2img. It's complicated.
Click to expand...
Click to collapse
i already found how to do it properly,notcomplicated at all, i will provide how-to asap provided by @Blefish( i am actually in two weeks holidays...so some patience is needed).

desalesouche said:
i already found how to do it properly,notcomplicated at all, i will provide how-to asap provided by @Blefish( i am actually in two weeks holidays...so some patience is needed).
Click to expand...
Click to collapse
Well, I meant complicated for the average user but I guess you're not the average user then

desalesouche said:
i already found how to do it properly,notcomplicated at all, i will provide how-to asap provided by @Blefish( i am actually in two weeks holidays...so some patience is needed).
Click to expand...
Click to collapse
here is how-to:
I was able to use simg2img like this:
simg2img SYSTEM.img SYSTEM.img_raw
Then you can do
sudo mkdir /media/<username>/temp
and afterwards
sudo mount SYSTEM.img_raw /media/<username>/temp
open it via terminal such as
nautilus /media/<username>/temp
You should be able to copy out of the mounted directory.
You cannot make dirs and files in the mounted dir
But if there is a problem you can do
chown <username>:<username> /media/<username>/temp

I get the error message
Code:
extracting SHA256RSA (256.00B)...Unable to create SHA256RSA.img: No such file or directory

You're awesome. and... Perl?

Code:
./splitupdate UPDATE.APP
000000FE SHA256RSA 256.00B 2017.03.02 20.46.16
000000FE CRC 191.20KB 2017.03.02 20.46.16
F0FFFFFF CURVER 15.00B 2017.03.02 20.46.16
F1FFFFFF VERLIST 2.43KB 2017.03.02 20.46.16
00000000 EFI 17.00KB 2017.03.02 20.46.16
16000000 MODEMNVM_UPDATE 20.13MB 2017.03.02 20.46.16
19000000 SENSORHUB 416.44KB 2017.03.02 20.46.17
14000000 FW_HIFI 2.51MB 2017.03.02 20.46.17
0F000000 CUST 415.91MB 2017.03.02 20.46.17
extracting SYSTEM (2.36GB)...[B][COLOR="Red"]Negative length at ./splitupdate line 118.[/COLOR][/B]
What does it mean?
How to solve it?
Help me please

marco.minetti said:
Hi there, I recently started again playing with custom roms and I needed to extract official UPDATE.APP files in Linux. Here there is a perl script to extract and verify imgs from update packages.
How To Use
Code:
# copy splitupdate, crc and UPDATE.APP files
chmod +x splitupdate
chmod +x crc
./splitupdate UPDATE.APP
Sources/Download
The tool has been forked from JoeyJiao and available at https://github.com/marcominetti/split_updata.pl.
Windows GUI
If you prefer to use a GUI, you can use the excellent Huawei Update Extractor from @worstenbrood (http://forum.xda-developers.com/showthread.php?t=2433454).
As usual, you use it at your own risk.
Click to expand...
Click to collapse
Sorry for reviving this thread, but this tool has helped me a ton.
I was wondering, do you have a source for the crc binary, or happen to know where it came from?
I'm porting this to Android, well I have already, but that executable doesn't run on Android. It works great without it but would be nice if it actually checked checksum xD

This is awesome. Really grateful to what you've done. I always used to switch to Windows just for extracting the update app. Can't thank you enough.

I was trying to extract some UPDATE.APP files for the Huawei Ascend Y300, but all the files seem to be named "INPUT" leading to each file in ./output overwriting its predecessor. So I changed line 119 to
Code:
open(OUTFILE, ">$BASEPATH$fileType$fileLoc.img") or die "Unable to create $fileType.img: $!\n";
to have unique filenames. I'm sure there is a more elegant way to do that, maybe by checking whether the file already exists, but this was the quickest fix I could think of.
Now I only need a way to find out what these files are. Any hints how to do that? I found an old thread with a similar script that had another script that "guessed" the files, but everything is dead google docs links (those seem to be a pattern on dated android-related projects...).

Hey guys,
The script works and thank you for your job. However, I don't like Perl and I decided to re-write this tool from scratch using Rust (as an exercise).
The script that I made is multi-threaded, i.e. faster in the extraction, and specially it doesn't require so much memory. In fact, I have a computer with a small amount of memory and I couldn't use your script, because it uses too much RAM (e.g. when it extracts SYSTEM.img that is big).
The negative aspect of my script is that actually the error handling is weak, so for example I don't even check the crc of the extracted files. Btw, it should work, also if I'm not gonna take any responsability.
The script is open-source, thus you can change it as you wish, submitting pull requests or forking it.
Click here to be redirected on the github page, there is also a pre-compiled version for Linux 64 bit.

Helped me a lot actually, thank you!

Great work.
I tried: Huawei_MediaPad T1 8.0_Firmware_Android 4.3_EMUI 1.6.
OS: Sabayon Linux.
(Ottimo lavoro. Grazie!)

For me, it just gives a single file (input.img), because it tries to extract all files with the same name (each overwriting the last one). Tested with Huawei Y210D update.app
btw Rust version by Nrin does the same.

[UNBRICK]Fire HD8 2016 (giza)

This guide is only for the Fire HD8 2016 (codenamed giza.)
This will not unlock your tablet, it will clear RPMB and flash original LK,TZ & preloader for restore it from ANTI-ROLLBACK.
I am not responsable of any physical damage in your tablet, YOU choose to make this modifications.
WARNING: Short the resistor with a lot of caution! A lot of people broke it and the only way to recovery it is doing a bridge!
NOTE: You will need to open the tablet so be prepared.
MATERIAL NEEDED:
Linux based system
USB Cable
Something conductive (paperclip, tweezers etc)
Something to open the tablet.
Install python3, PySerial, adb, fastboot:
Code:
sudo apt update
sudo add-apt-repository universe
sudo apt install python3 python3-serial adb fastboot
Disable/Uninstall modemmanager:
Code:
sudo systemctl stop ModemManager
sudo systemctl disable ModemManager
UNBRICK PROCEDURE:
1. Open the case of the tablet.
2. Now flip off the tablet, we need to access on the other pad.
3. You have two options; Desolder the shield, or do a hole were the point is located (see attatchments).
4. Now go to the Computer and download amonet-giza-v.X.zip and extract it.
5. Open the unpacked folder of amonet-giza-1, open a terminal inside it and type:
Code:
sudo ./bootrom-step.sh
6. When you see:
Code:
[2019-02-07 14:35:59.478924] Waiting for bootrom
Short the point with the ground (Metal shield for example) and wait until the script starts.
7. The script will say to remove the short. When this happens, stop shorting the BootROM point and then press enter.
8. Wait until the script finishes, you will see something like:
Code:
Reboot.
9. Now your tablet should start booting back to FireOS.
Next time, be carefully with downgrade.
THANKS:
- @chamuc0 for finding the B-ROM point, providing the screenies and test the method.
- @t0x1cSH for the help with boot0-short.bin.
- @xyz` for his original exploit for the HD8 2018.
- @k4y0z
DOWNLOAD:
amonet-giza-v1.3.zip

Reserved

Thanks for working on a 2016 Fire 8, i understand this is rescue procedure but how can we get in this problem, only downgrading?

Oco said:
Thanks for working on a 2016 Fire 8, i understand this is rescue procedure but how can we get in this problem, only downgrading?
Click to expand...
Click to collapse
Yeah or flashing partitions were they not should be with mtk-su.
Regards!

thanks flashed it

Got Error
Hello.
Tired it and this is the output I got. Is mine a gonner or is there something I am doing wrong?
[2019-09-27 13:23:28.046514] Init crypto engine
[2019-09-27 13:23:28.062501] Disable caches
[2019-09-27 13:23:28.062883] Disable bootrom range checks
[2019-09-27 13:23:28.075597] Load payload from ../brom-payload/build/payload.bin = 0x4690 bytes
[2019-09-27 13:23:28.079826] Send payload
[2019-09-27 13:23:28.661813] Let's rock
[2019-09-27 13:23:28.662601] Wait for the payload to come online...
Traceback (most recent call last):
File "main.py", line 121, in <module>
main()
File "main.py", line 57, in main
load_payload(dev, "../brom-payload/build/payload.bin")
File "/home/twocrows/Downloads/unbrick giza/modules/load_payload.py", line 115, in load_payload
dev.wait_payload()
File "/home/twocrows/Downloads/unbrick giza/modules/common.py", line 168, in wait_payload
raise RuntimeError("received {} instead of expected pattern".format(data))
RuntimeError: received b'' instead of expected pattern
Thanks for any help!

twocrows said:
Hello.
Tired it and this is the output I got. Is mine a gonner or is there something I am doing wrong?
[2019-09-27 13:23:28.046514] Init crypto engine
[2019-09-27 13:23:28.062501] Disable caches
[2019-09-27 13:23:28.062883] Disable bootrom range checks
[2019-09-27 13:23:28.075597] Load payload from ../brom-payload/build/payload.bin = 0x4690 bytes
[2019-09-27 13:23:28.079826] Send payload
[2019-09-27 13:23:28.661813] Let's rock
[2019-09-27 13:23:28.662601] Wait for the payload to come online...
Traceback (most recent call last):
File "main.py", line 121, in <module>
main()
File "main.py", line 57, in main
load_payload(dev, "../brom-payload/build/payload.bin")
File "/home/twocrows/Downloads/unbrick giza/modules/load_payload.py", line 115, in load_payload
dev.wait_payload()
File "/home/twocrows/Downloads/unbrick giza/modules/common.py", line 168, in wait_payload
raise RuntimeError("received {} instead of expected pattern".format(data))
RuntimeError: received b'' instead of expected pattern
Thanks for any help!
Click to expand...
Click to collapse
Yeah normal problem. I need to set timeout to 10. I will upload new version later.
Regards.
EDIT: Try v1.2. Is in first post.

New Error?
Rortiz2 said:
Yeah normal problem. I need to set timeout to 10. I will upload new version later.
Regards.
EDIT: Try v1.2. Is in first post.
Click to expand...
Click to collapse
Here's the output from using v1.2:
"[2019-09-28 14:19:47.198801] Init crypto engine
[2019-09-28 14:19:47.218089] Disable caches
[2019-09-28 14:19:47.218521] Disable bootrom range checks
[2019-09-28 14:19:47.232121] Load payload from ../brom-payload/build/payload.bin = 0x4690 bytes
[2019-09-28 14:19:47.235220] Send payload
[2019-09-28 14:19:47.862758] Let's rock
[2019-09-28 14:19:47.863516] Wait for the payload to come online...
Traceback (most recent call last):
File "main.py", line 121, in <module>
main()
File "main.py", line 57, in main
load_payload(dev, "../brom-payload/build/payload.bin")
File "/home/twocrows/Downloads/unbrick giza/modules/load_payload.py", line 115, in load_payload
dev.wait_payload()
File "/home/twocrows/Downloads/unbrick giza/modules/common.py", line 168, in wait_payload
raise RuntimeError("received {} instead of expected pattern".format(data))
RuntimeError: received b'' instead of expected pattern"
Any thoughts?

twocrows said:
Here's the output from using v1.2:
Code:
"[2019-09-28 14:19:47.198801] Init crypto engine
[2019-09-28 14:19:47.218089] Disable caches
[2019-09-28 14:19:47.218521] Disable bootrom range checks
[2019-09-28 14:19:47.232121] Load payload from ../brom-payload/build/payload.bin = 0x4690 bytes
[2019-09-28 14:19:47.235220] Send payload
[2019-09-28 14:19:47.862758] Let's rock
[2019-09-28 14:19:47.863516] Wait for the payload to come online...
Traceback (most recent call last):
File "main.py", line 121, in <module>
main()
File "main.py", line 57, in main
load_payload(dev, "../brom-payload/build/payload.bin")
File "/home/twocrows/Downloads/unbrick giza/modules/load_payload.py", line 115, in load_payload
dev.wait_payload()
File "/home/twocrows/Downloads/unbrick giza/modules/common.py", line 168, in wait_payload
raise RuntimeError("received {} instead of expected pattern".format(data))
RuntimeError: received b'' instead of expected pattern"
Any thoughts?
Click to expand...
Click to collapse
Something is wrong with payload.
It seems to load it but somehow it can't detect it.
How did you bricked your tablet? Downgrading?
EDIT: I checked the adresses of the scripts and are OK. I think you are doing something wrong.

Rortiz2 said:
Something is wrong with payload.
It seems to load it but somehow it can't detect it.
How did you bricked your tablet? Downgrading?
EDIT: I checked the adresses of the scripts and are OK. I think you are doing something wrong.
Click to expand...
Click to collapse
I was afraid of that.
Will do some more checking on my end, but am afraid I nicked the board when I cut off top plate
Will post pic if it will help to see what *NOT* to do

twocrows said:
I was afraid of that.
Will do some more checking on my end, but am afraid I nicked the board when I cut off top plate
Will post pic if it will help to see what *NOT* to do
Click to expand...
Click to collapse
Check and post results. But if you tablet is detected as preloader without shorting the point, then it's not hardware problem. Try doing the process without battery connected.
Regards.

Here is a pic of my board, which I think is damaged.

twocrows said:
Here is a pic of my board, which I think is damaged.
Click to expand...
Click to collapse
Yes, definelety, seems that you damaged it. I'm sorry.
Regards.

twocrows said:
Here is a pic of my board, which I think is damaged.
Click to expand...
Click to collapse
Can you desolder it to remove the soldered shield using hot air gun.

just to confirm, it works!!! now I can use my tablet again! just wondering is anyone working on getting the bootloader unlock for 2016? i will be a volunteer to test it, since i bricked my tablet once already.

bluedisc said:
just to confirm, it works!!! now I can use my tablet again! just wondering is anyone working on getting the bootloader unlock for 2016? i will be a volunteer to test it, since i bricked my tablet once already.
Click to expand...
Click to collapse
Hey man,
Glad that you unbricked your tablet.
Regarding to bootloader unlock it can be ported from douglas I think.
I'm sorry but I'm not enought smart to port lk payload, etc.
The only person that can do that is k4y0z.
Cheers.

Rortiz2 said:
Hey man,
Glad that you unbricked your tablet.
Regarding to bootloader unlock it can be ported from douglas I think.
I'm sorry but I'm not enought smart to port lk payload, etc.
The only person that can do that is k4y0z.
Cheers.
Click to expand...
Click to collapse
It's okay, you did a great job at figuring out how to unbrick the tablet, and I appreciate your hard work. :good: Thank you.

bluedisc said:
just to confirm, it works!!! now I can use my tablet again! just wondering is anyone working on getting the bootloader unlock for 2016? i will be a volunteer to test it, since i bricked my tablet once already.
Click to expand...
Click to collapse
@k4y0z is the author of several unlock threads but he wrote in another thread that he hasn't a 2016 HD8 tablet and that he thinks that we are not so many ones.

Oco said:
@k4y0z is the author of several unlock threads but he wrote in another thread that he hasn't a 2016 HD8 tablet and that he thinks that we are not so many ones.
Click to expand...
Click to collapse
So donate to him
Maybe he can get a second hand Fire HD8 2016 like with HD10
Cheers.

I tried amazon and ebay without success, where can we get one? How much could it cost? Thanks for the idea