Bootloader Unlocking through Downgrade possible? - Huawei P20 Questions & Answers

Hello Guys,
i had bought an Huawei P20 about an year ago. Now you know with all of this "USA-Huawei" Trouble going on, the thought came to my mind that i better start unlocking bootloader and be prepared to flash custom rom if worst come to worst. so far, so good.
now i started looking around if there is an easy method of getting the bootloader unlocked. but oh my, the huawei company is very friendly to us users and say "no, you wont get any unlock code from us anymore". so screw that.
now i want to try some experimental stuff. it looks like this:
my Smartphone has currently the version EML-L29 8.1.0.168(C432). I bought some Credits (i think it is that thing for $4) from DC-Unlocker. Yeah yeah i know, there they say "no support for Huawei P20!!!". But i still want to try. Well i tried, but it doesnt work - what you should expect.
now i read from some other website that there is another way of unlocking it. i only read it diagonal but the one thing i read was the information "unlocking bootloader is only possible till firmware version june 2018". so i jumped to an maaybe interesting conclusion about unlocking the phone with DC-Unlocker or HCU (whatever, i guess maybe both use the same method anyway).
if i do an rollback to the old firmware version *before* June 2018 on the device, wouldnt it be possible to do the unlock? Because the security patches that preventing it unlocked arent on the device then.
So what i have done so far is loading the old firmware version 8.1.0.128(C432). But the source is saying that it is coming from "Asia" but in the next line it reads "Asia, Europe" etc. - do they mean that this version is universal or do i run in trouble if i install one that is having the wrong area?
the next thing that kinda baffles me... all guides are sayin "copy the extracted dload folder to your sd-card". even the p20 guides do that. but.. well you know, the p20 device doesnt even have sd-card support. so how are you intended to use it then? i wonder about that a bit.
i dont think that without unlocked bootloader, flashing an original OTA full update would be impossible. but im not really sure how. there is this shady menu you can reach if you call this strange numbercode. but im very unsure if that will really work out. the phone (it is still a phone without SD-Card-Support) even has the option "apply update from sd-card". so im wondering how this feature they implemented in the original software is intended to use at all. maybe i should push the dload folder on the internal storage? i dunno.
i read about another possibilty of flashing stock roms. they say you can do it per adb command. so no problems would be here, i have adb and the hisuite and all already set. but i have absolutely no idea if that is possible without unlocked bootloader. so the questions arose from my mind are those:
- does an stock rom image from possibly/maybe asia would do any harm to my device like it is getting unbootable or anything like that?
- is it possible to flash an image older android stock rom with methods like this special menu on the device or the adb load?
- do you all think that my plan of downgrading the phone in order to get the bootloader code would work?
i'm looking very forward to your answers )

no_monday said:
Bootloader Unlocking through Downgrade possible?
Click to expand...
Click to collapse
No. Sorry. There's no solution. Reason: It would appear in this forum within minutes and thousands of people would be happy to unlock their bootloaders. Many Huawei-Owners here on XDA invested a lot of brain power to find a way. Noone succeeded. No bootloader code, no unlock.
If you still want to play around with firmwares, please inform us about any progress.

Jan Philipp said:
No. Sorry. There's no solution. Reason: It would appear in this forum within minutes and thousands of people would be happy to unlock their bootloaders. Many Huawei-Owners here on XDA invested a lot of brain power to find a way. Noone succeeded. No bootloader code, no unlock.
If you still want to play around with firmwares, please inform us about any progress.
Click to expand...
Click to collapse
okay so there are basically no real information. look, i dont expect anyone to say like "oh there is an easy method xy" because i know it doesnt exist on this moment in time.
however i made an percent of an progress, it is more a thing for other interested custom rom modders out there.
i downloaded this update.zip and there are all kinds of howtos on the internet about it. the one thing i did is basically create the dload folder. then i put the extracted update.app in there. i rebooted the phone with power, vol down + vol up. i released the power button after the vibrating. the flashing screen indeed appeared! but something very strange has happened and i have no explanation what have happend.
so the emui updater appeared. there was this emui logo in the middle, the circle building up around it. but then it stopped at 5%. i really got panicked that im about to brick my device. so in an mad attempt i wanted to stop the update and power off the phone. glad i didnt do it. the phone always said if i tried to press the power button long enough "the system will crash if it is powered down". i stopped - but i tried it serveral times to stop.
now the strange thing is.. it stuck relatively long on this screen. but after a while (i guess it was 5-6 minutes) it suddenly got dark. and the battery was at 100%, so it wasnt a faulty battery. i just wondered. the phone - other than i would expect - rebooted. after a short while of the logo flashing (for about an half minute) it finally started. first i didnt have any connect to GSM Network. but after a short while that was okay too. all apps are still there. i looked at "about" and the version is still the same as before.
do someone have any imagination what has happened there? so apparently the phone *does* try to install something on this method, but the method seemed to fail. or is there any knowledge out yet for update logs that are getting generated by this process? i try to find any hint in order to tackle this problem atm.
and one thing is still on my mind.. could it be that the update is already through and i just didnt realized it yet because these other custom files werent changed? i mean that could be an possibility to say the least. anyway, i will try to use hcu now if maybe sth has changed. and i give kingoroot as well a shot if this buddy finds everything about rooting the device. maybe with root rights through exploit i can get further.

no_monday said:
okay so there are basically no real information. look, i dont expect anyone to say like "oh there is an easy method xy" because i know it doesnt exist on this moment in time.
however i made an percent of an progress, it is more a thing for other interested custom rom modders out there.
i downloaded this update.zip and there are all kinds of howtos on the internet about it. the one thing i did is basically create the dload folder. then i put the extracted update.app in there. i rebooted the phone with power, vol down + vol up. i released the power button after the vibrating. the flashing screen indeed appeared! but something very strange has happened and i have no explanation what have happend.
so the emui updater appeared. there was this emui logo in the middle, the circle building up around it. but then it stopped at 5%. i really got panicked that im about to brick my device. so in an mad attempt i wanted to stop the update and power off the phone. glad i didnt do it. the phone always said if i tried to press the power button long enough "the system will crash if it is powered down". i stopped - but i tried it serveral times to stop.
now the strange thing is.. it stuck relatively long on this screen. but after a while (i guess it was 5-6 minutes) it suddenly got dark. and the battery was at 100%, so it wasnt a faulty battery. i just wondered. the phone - other than i would expect - rebooted. after a short while of the logo flashing (for about an half minute) it finally started. first i didnt have any connect to GSM Network. but after a short while that was okay too. all apps are still there. i looked at "about" and the version is still the same as before.
do someone have any imagination what has happened there? so apparently the phone *does* try to install something on this method, but the method seemed to fail. or is there any knowledge out yet for update logs that are getting generated by this process? i try to find any hint in order to tackle this problem atm.
and one thing is still on my mind.. could it be that the update is already through and i just didnt realized it yet because these other custom files werent changed? i mean that could be an possibility to say the least. anyway, i will try to use hcu now if maybe sth has changed. and i give kingoroot as well a shot if this buddy finds everything about rooting the device. maybe with root rights through exploit i can get further.
Click to expand...
Click to collapse
It seems you have a couple of questions, pal, I answered to the first one (Bootloader Unlocking through Downgrade possible?). All I said is that it's impossible to unlock the bootloader through a downgrade. If you read all the how-to's you should have noticed that FirmwareFinder doesn'st work anymore since EMUI 9.0. This Information simply means Huawei doesn't allow us to flash updates on our own anymore like we did before. For sure there are some guides how to rollback to Android 8 but even this changes nothing to the bootloader.
Sadly I have no answer to the other questions about the strange behavior, it sounds pretty odd. Never heared something like this. But good luck fixing your phone anyway.

well i found out a couple of things now.
first thing: you know the service menu when you try to apply a zip archive from sd card? well you wont be able to use it UNTIL you use an usb-otg cable and an exFat formatted USB-Stick. Next thing to know is, you have to use the right images. there seem to be an kind of rule how this images are supposed to be and the image i found was from an russian firmware download site it was linked here in the forum in a thread. so i did choose "apply zip from sdcard" and .. IT DOES! the device rebooted, the stick flashed and the flashing process occured! and guys, im back to Version EML-L29 8.1.0.128(C432)! it is clearly stated in the build version view in settings. so.. i guess you *can* roll back even without firmware updater.
so far so good. but lets get back to the problem with the Bootloader. sadly Jan Philipp was totally right.. the bootloader cant be unlocked even in this version with the security patch of 5. may 2018. that is kinda sad. even kingoroot is still no different from before. i guess i have to search now for an way to get the system rooted. however, it must be easier on an earlier security update stage like now instead of the future versions of emui 8.1.
edit: another strange thing i discovered so far is that after this restore.. the play store wasnt able to connect to the google server until i gave permission to a few google processes to calendar and file access (i wonder what that is all about). maybe it has something to do with incompatibilities in the rom versions but now it works just fine as it should).

"unlocking bootloader with exploit is only possible till firmware version june/july 2018" does not apply to 2018's devices with kirin970, kirin980 & kirin710.
You are with kirin970.
So to unlock your kirin970, the only way for now is to wait for 3rd party seller to hypotheticaly start back their dervice:
- In the last 6 months there was only 2 'windows' which lasted 3 or 4 days where you could order your bootloader's unlock code by imei (from 5 to 124 us$).

GuestD0711 said:
another strange thing i discovered so far is that after this restore.. the play store wasnt able to connect to the google server until i gave permission to a few google processes to calendar and file access (i wonder what that is all about). maybe it has something to do with incompatibilities in the rom versions but now it works just fine as it should).
Click to expand...
Click to collapse
Google Play services require all permissions, otherwise won't work.
I also been searching on how to unlock the bootloader and found no solution or hope. I guess we are stuck with EMUI forever.

Reply from Huawei:
You can roll back to earlier versions of EMUI software, but you have to roll back one version at a time. However, our earlier phones operate exclusively on Google Mobile Services so removing it would limit the functionality extremely, however, we do have a range of new devices that no longer rely on Google Mobile Services and use Huawei Mobile Services instead - such as our P40 series.
Here are the instructions for rolling back software:
[Rollback Guideline] EMUI 9.1 (Android 9) Rollback to EMUI 9.0 (Android 9) Operation Instruction
EMUI 9.1 (Android 9) can now be rolled back to the official version of EMUI 9.0 (Android 9) using HiSuite, without downloading any intermediate packages. To ensure that the rollback succeeds, read the instructions carefully and perform the steps as instructed.
1. The following are precautions for roll-back.
a. Rolling back to an earlier version will erase all data on your device. Use an SD card, computer, or Cloud storage to back up all important data before rolling back your phone, and make sure all backed up content is complete and effective.
b. Use a computer running a Windows operating system to visit http://consumer.huawei.com/minisite/HiSuite_en/index.html and download the latest version of HiSuite. If HiSuite is installed on your computer, click the version number in the lower left corner of the page to check if it is the latest version. Make sure HiSuite version is 9.1.0.303 _OVE or above.
c. Before rolling back the phone, make sure your phone has not been upgraded using non-official updates. Otherwise, the roll-back may fail and unknown issues may be introduced. If you have used non-official packages to upgrade your phone, it is recommended that you go to an after-sales service center to roll back your phone.
d. Before rolling back your phone, make sure that your phone system has not been unlocked or rooted. If the system has been unlocked or rooted, it is recommended that you go to an after-sales service center to roll back your phone.
e. Before the roll-back, restore the phone to factory settings to make sure there is enough storage space.
f. Make sure the battery level is more than 50%.

Hi All,
I need assistance to update my EML L29 Huawei P20 phone.
The phone is Locked and FRP Lock
Issue the phone is always booting into recovery mode and not into the main screen.
I tired flashing via CMD using twrp.img file but its not writing.
Need help

Related

unlocking Mi4c

hi all.
like so many others, Xiaomi forced update 6.1.14 on to my phone which locked the bootloader. i even thought i had stopped the phone from auto updating, but it seems i was wrong. since then, i have been put on to the latest 2 updates. i want to get off of the rom i am on but cant do anything now with the phone in the installing rom dept because regardless of whether i try to use the 'Updater' to put a Chinese dev rom on the phone or any other rom, or if i rename a rom and put it on the root of the phone, i cannot update. i always get a message saying Unable to verify rom and the phone simply stops. when trying to go into recovery mode, as i am unable to get to TWRP, i have even been locked out of that. i applied for an unlock code, but haven't received anything and with Chinese New Year fast approaching, bringing a holiday, i can see Xiaomu ignoring those who asked for a code even longer than they have. i haven't read of a single person being sent the code at all, which is very bad on Xiaomi's part.
i was really pleased with this phone. it worked well for me and did all i wanted but now i have a door stop, to all intents and purpose. such a shame as the way things have gone, i wont be buying from them again.
does anyone have any solution to this problem?
many TIA,
Prettygrim
Download stable ROM - http://bigota.d.miui.com/V7.0.16.0.LXKCNCI/miui_MI4c_V7.0.16.0.LXKCNCI_cba5b6c4a8_5.1.zip
Update your phone to that ROM
You will lost all data and setting (/sdcard is safe)
Bootloader unlocked
Flash CM13
cowithgun said:
Download stable ROM - http://bigota.d.miui.com/V7.0.16.0.LXKCNCI/miui_MI4c_V7.0.16.0.LXKCNCI_cba5b6c4a8_5.1.zip
Update your phone to that ROM
You will lost all data and setting (/sdcard is safe)
Bootloader unlocked
Flash CM13
Click to expand...
Click to collapse
And stay away from dev ROMs unless you have an unlock code.
hi and tnx for the replies.
to cowithgun:
unfortunately, i cannot update to that or any other rom, as i stated above. trying to do so via the 'Updater' and all i get is 'Unable to verify rom', that is after being told i must connect to the WLAN. the speed of that is almost non-existent.
if i try to do so by putting the rom in the root of the drive, renaming it 'update.zip' i again get told 'unable to verify rom'. because of the failure to be able to do anything 'conventional' was the reason i asked for help. i have even tried Kingroot and Kingoroot but both have failed.
to qtotter:
one of the methods i was asked to try was to try to use a Chinese dev rom, but i cant even get one of those on the phone (my wife is Chinese, so no language issues).
with the upcoming Chinese New Year, i can see Xiaomi using that as an excuse to delay giving out unlock codes, if it intends doing so at all. i am extremely p****d off at what they have done and in my case, they have turned a phone that i really liked into half a phone. such i stupid stunt to pull when the 'unlocked' was a feature used to actually make the phone a more attractive sale. really disappointed
should have asked guys, what method would you suggest i try to get this rom, (if the blasted phone doesn't give me the same message as before about cant verify it) installed on the phone? bear in mind i have no official recovery and obviously no TWRP.
TIA
Prettygrim said:
hi and tnx for the replies.
to cowithgun:
unfortunately, i cannot update to that or any other rom, as i stated above. trying to do so via the 'Updater' and all i get is 'Unable to verify rom', that is after being told i must connect to the WLAN. the speed of that is almost non-existent.
if i try to do so by putting the rom in the root of the drive, renaming it 'update.zip' i again get told 'unable to verify rom'. because of the failure to be able to do anything 'conventional' was the reason i asked for help. i have even tried Kingroot and Kingoroot but both have failed.
to qtotter:
one of the methods i was asked to try was to try to use a Chinese dev rom, but i cant even get one of those on the phone (my wife is Chinese, so no language issues).
with the upcoming Chinese New Year, i can see Xiaomi using that as an excuse to delay giving out unlock codes, if it intends doing so at all. i am extremely p****d off at what they have done and in my case, they have turned a phone that i really liked into half a phone. such i stupid stunt to pull when the 'unlocked' was a feature used to actually make the phone a more attractive sale. really disappointed
should have asked guys, what method would you suggest i try to get this rom, (if the blasted phone doesn't give me the same message as before about cant verify it) installed on the phone? bear in mind i have no official recovery and obviously no TWRP.
TIA
Click to expand...
Click to collapse
I tested it myself, it should work. More precisely, I did this:
1. Download this into your computer: http://bigota.d.miui.com/V7.0.16.0.LXKCNCI/miui_MI4c_V7.0.16.0.LXKCNCI_cba5b6c4a8_5.1.zip
2. Connect phone to computer via USB, copy the zip into your phone, say /sdcard/downloaded_rom/miui_MI4c_V7.0.16.0.LXKCNCI_cba5b6c4a8_5.1.zip
3. Start Updater, press the "..." on upper right and select "Choose update package", select the ROM.
4. Installing older developer ROM will causes the error you mentioned, but if you have 6.1.14, installing stable 7.0.16 is OK and tested working. Not sure what is changed but if it still wont work, try the latest 7.1.6 stable instead.
5. It will warn you of losing setting. Please YES.
6. When it's done, you will have a MIUI ROM but bootloader no longer lock.
7. Install CM13 as soon as you can!
Sounds like the problem is your recovery. You said you have no official recovery.
Sent from my Mi-4c using Tapatalk
just tried it and no luck, i'm afraid. still getting the message 'Cant verify update'. also tried moving the file to root of phone, renaming it to 'update.zip' and still no luck, still getting the same message. it seems that the phone is well and truly locked down so it wont even take one of Xiaomi's own official updates, unless it is a progression from the present rom. that in my view is well over the top!!
tnx for trying and if you or anyone has another idea, please let me know. it appears that the thing to turn off is the verification of the rom. is that possible, and if so, how?
one thing i have noticed in the settings -->developer options is 'verify apps over USB. could this be anything to do with the rom verification failure? the txt for that is greyed out with the button on (redish) but i cant see how to change the setting. worth a try maybe? anyone know how to change it?
Ulver said:
Sounds like the problem is your recovery. You said you have no official recovery.
Sent from my Mi-4c using Tapatalk
Click to expand...
Click to collapse
you may well be right, but if that's the case, it was done by Xiaomi. is there a way of getting it to work? how do i actually check it isn't working? as stated before, when 'booting into recovery', i get an image of the phone on screen with the USB cable either connected or disconnected, depending on the actual state and nothing else happens. i have to do a reboot holding the start button to achieve this
Prettygrim said:
bear in mind i have no official recovery and obviously no TWRP.
Click to expand...
Click to collapse
I'm still waiting for my mi4c to come from China, and this is the reason why I'm gonna flash the latest (unlocked) official "stable" ROM first only to update the recovery and radio partitions right after I receive the phone. Resellers in China sometimes put their custom ROMs, recovery images or malware in the phones.
I don't think I'd flash twrp right away. I'd install cm12.1 or cm13 by "fastboot boot recovery.img" leaving the official recovery left in the phone so that I could go back to the official ROMs in the official way, and confirm if everything works as expected before flashing twrp.
What I don't understand is why people flash the dev (locked) ROMs as they are downloaded. What they need is just boot.img and /system, isn't it?? I'd replace "firmware-update" folder, where bootloader, radio and recovery images are located, in the dev ROM with the one from the stable ROM if I wanna try dev ROMs. Or I'd replace boot.img and system.* in the stable ROM with the ones in the dev ROM. Those modded ROMs should be able to be flashed with twrp...
the main reason for using the Chinese dev roms is because they are supposed to bee already rooted. once any of these roms is on the phone, according to what else i read, any rom going over the top would keep root. personally, i didn't find any rom that had root already and had to root my phone, following instructions i found on the MIUI and other sites. the built in recovery on my phone does nothing.
i had issues with TWRP when first using it, but put that down to being a novice. i found the files needed and the procedure to get out of the constant TWRP loop, which meant the phone was basically soft bricked and all was good. however, even that method fails now with the message something like 'phone is locked, cannot continue.
i have put an official complaint into Xiaomi about the bootloader locking and also about the time being taken to issue unlock codes, which is much longer than 3-21 days in some cases.
if i get anywhere, i'll post what i'm told
Since the latest miui ROMs are all based on Android 5.1.1, it's really easy to root mi4c yourself even on official standard ROMs. You don't have to flash dev ROMs or flash custom recovery like twrp. You can just run twrp on the fly like "fastboot boot twrp.img" to flash SuperSU.zip as long as bootloader is unlocked.
I'd say it's more dangerous to flash dev ROMs only for rooting especially if it's for your wife, not for yourself... Dev ROMs are for people who want to try new functions and designs still under development.
Anyway, I hope you will get an unlock SMS from xiaomi soon!
Had same Problem
search for miui_MI4c_V7.1.6.0.LXKCNCK_1debc127a9_5.1.zip
Hope it helps
So if the bootloader is locked, you can unlock it by flashing an older dev rom?
ermacwins said:
So if the bootloader is locked, you can unlock it by flashing an older dev rom?
Click to expand...
Click to collapse
No. Older Developer ROM will not work. Updater will refuse to update it. I tested a few of them back then, only by flashing the latest stable ROM back then (7.0.16) work.
cowithgun said:
No. Older Developer ROM will not work. Updater will refuse to update it. I tested a few of them back then, only by flashing the latest stable ROM back then (7.0.16) work.
Click to expand...
Click to collapse
And now flash the lastest developer and try roll back one o two a time (this work for my with the original recovery) and later use one rom from xiaomi.eu that one has not locked bootloader .
Sorry for my bad english.
i'm probably being real thick here guys. please bear with me. i am, as i said before, new to all this stuff with phones.
remember too that i have an unlocked bootloader now, courtesy of Xiaomi.
so, just to be clear, i am using miui_MI4c_5.12.31_5d6537a0b8_5.1.zip. to remove the possibility of Xiaomi doing something else to the phone that i dont want, i would like to get on to the xiaomi.eu_multi_libra roms. how do i go about doing this in idiot-proof steps, please? also, if i manage to achieve what i want, how do i stop the phone taking official updates? there must be a setting in the phone somewhere that can be disabled and prevent it updating to what i dont want. i found the one in the 'updater settings' but am of the opinion there is another somewhere that i cant find.
hope someone will be gentle with me
TIA
If you're already on Xiaomi.EU ROMs, you won't get OTA updates directly from Xiaomi that will lock your bootloader.
Sent from my Mi-4c using Tapatalk
i am on
miui_MI4c_5.12.31_5d6537a0b8_5.1.zip
which is an official rom, i believe. hence the questions in my former posts. i want to get on to the libre eu roms but am unsure how to go about it. i have read about using various roms first but i believe doing so is under certain circumstances, ie, bootloader locked, phone not rooted. my phone has the bootloader unlocked now by Xiaomi and i have rooted the phone. this is where my confusion comes in that i was hoping someone could clarify
You have unlock permission from xiaomi now, which means you don't need to worry about updates. You can unlock your phone again anytime you want. It's not one time only thing.
well that's a relief! tnx, qtotter! i didn't want to have to go through all this again, just because the maker decided i hadn't actually bought the phone, i had just bought permission to use it, as long as it was how he wanted me to use it!
bloody USA judge who decided that must have been paid a small fortune to rule in favour of this! just what the entertainment industries and others wanted!! didn't care what the implications were or ow the industries would take the p**s out of customers!!

Smartisan U1 YQ601 (tut)

So, my wife decided to buy this phone, and I am to stay away from her phones. She smashed the screen one day, and that was a door open for me. I hastily get some version of TWRP to boot on it and grab a backup, and also do an adb backup (which was crap). Then, I did a full wipe before taking it in to get repaired.
SO, what I want to walk through here boys and girls, is never, never, never, never, put Smartisan OS 2.5.3 on this phone. When my wife got her phone back I harmlessly believed that updating would not disallow me from TWRP again to recover. What this version does to the device is completely disable recovery altogether. You are always pushed to fastboot, and fastboot cannot flash anything After this realization, I borked the phone, I dd'ed out the aboot and the sbl. She had insurance, we live in China it is cheap, and after the difficulties I realized this was happening to lots of people. I figured the local service center could re-write the partitions I had pooped on and they would re-write it with an earlier firmware. My gamble paid off.
Got the phone back with 2.5.0. I immediately followed the guide here http://tinyurl.com/z7ekyxp , Russian site, to revert back. I then, deviating from the guide to be careful, fastboot boot "twrp.img". I used commands the whole way, no flashify or anything (I love flashify on my nexus 5 but I had already borked this phone once. It booted TWRP, I copied all the old SD files over to the phone. Then, the moment of truth, would a restore from my previous backup work. Yes, it did. I even followed the guide through and flashed the 2.3.5 modified update. It worked, the SuperSU and open gapps flashed without issue also.
Not a horrible phone for being extremely cheap, but they messed up an update. For those fooling around with the device, remember the partition table has a bak for all boot related things. I also see on Chinese forums that they use the headphone jack for diagnostics (My Chinese isn't great, but I looked around when I bricked my wife's phone).
One thing of note with this device is there are three versions that appear in build.prop 32, 32_younger, 306_younger, I think, but Smartisan has confirmed they are all the same, just different production batches. If you get errors in the update process, modify this to match.
Don't drink and post children, I was editing to say I ran with what smartlinux on that site said, nothing here is my idea except for running the commands yourself.
Another good dev on the device but Chinese http://blog.cofface.com/archives/1139.html. He has an app that will boot into either (stock or custom) recovery, but like I said, do not take that 2.3.5 thing. I see they have 2.5, so let's see what happens.
wangdaning said:
Another good dev on the device but Chinese http://blog.cofface.com/archives/1139.html. He has an app that will boot into either (stock or custom) recovery, but like I said, do not take that 2.3.5 thing. I see they have 2.5, so let's see what happens.
Click to expand...
Click to collapse
Hey bro, you're a native American working in Chengdu?
xcjchandler said:
Hey bro, you're a native American working in Chengdu?
Click to expand...
Click to collapse
Yep.

Kyocera Brigadier screen black with back light.

I bought a new Brigadier off ebay. Phone is new and never used. The build date was July 2014 and KK 4.4.2. I should have paid more attention to the numbers. After the KK update my phone boots up but does not show anything after the Kyocera screen. It is black with the back light.
This is what I did. I put my SIM card in the phone to check that I can activate it. Then while I was testing out the phone. It downloaded the first update. I do not remember what the number is. The phone had never been used. It was new. I might be able to look it up for update history on big reds site. I did not do the do the update. After seeing it was done. I turned it off and put the SIM card backing the Turbo. After doing some research on rooting. I found that Kingroot (5.0.4) is best, then found this app I can use to remove Kingroot. Last night I was playing more with the phone and then rooted it too. I rebooted it, hotspot my turbo, downloaded root checker, confirmed root, then undated. Phone is at 80% life. Phone shut off and then I let it do its thing. When I came back, the screen is black with the back light on only. I can touch the screen and feel/hear the vibration. I can soft boot, hard boot, and reboot into stock recovery. I did a factory wipe after I read in how to boot stock recovery. Yes, did nothing. I do know that KK updates can kill your phone. My Droid HD maxx is dead. On that phone, the led light lights green up and the computer does make a sound when connected but does not show it. I have no idea if this has a rsd lite and file to flash. I did not change anything in the system at all. I did not think that Kingroot would mess with my phone if I did the ota. I would then buy this app and remove it. I was waiting for internet to be installed today to further mess with my phone before using it. I do not know how to pull info off my phone.
I know more about Motorola Droid phones. This is phone is new to me. I did do a lot of research out there and mainly on XDA. I have the option to return the phone for a full refund. I would like to see if I can fix the phone before hand. I have till this weekend to send it back.
Claps1775 said:
I bought a new Brigadier off ebay. Phone is new and never used. The build date was July 2014 and KK 4.4.2. I should have paid more attention to the numbers. After the KK update my phone boots up but does not show anything after the Kyocera screen. It is black with the back light.
This is what I did. I put my SIM card in the phone to check that I can activate it. Then while I was testing out the phone. It downloaded the first update. I do not remember what the number is. The phone had never been used. It was new. I might be able to look it up for update history on big reds site. I did not do the do the update. After seeing it was done. I turned it off and put the SIM card backing the Turbo. After doing some research on rooting. I found that Kingroot (5.0.4) is best, then found this app I can use to remove Kingroot. Last night I was playing more with the phone and then rooted it too. I rebooted it, hotspot my turbo, downloaded root checker, confirmed root, then undated. Phone is at 80% life. Phone shut off and then I let it do its thing. When I came back, the screen is black with the back light on only. I can touch the screen and feel/hear the vibration. I can soft boot, hard boot, and reboot into stock recovery. I did a factory wipe after I read in how to boot stock recovery. Yes, did nothing. I do know that KK updates can kill your phone. My Droid HD maxx is dead. On that phone, the led light lights green up and the computer does make a sound when connected but does not show it. I have no idea if this has a rsd lite and file to flash. I did not change anything in the system at all. I did not think that Kingroot would mess with my phone if I did the ota. I would then buy this app and remove it. I was waiting for internet to be installed today to further mess with my phone before using it. I do not know how to pull info off my phone.
Click to expand...
Click to collapse
The update you did was a stock update, correct?
You said the device was rooted and then you did the update, correct?
That's where you screwed up, you can't do stock updates on a rooted device, you have to remove root, have stock recovery and have an unmodified system partition before doing the update.
You should have done the update and THEN rooted the device.
Now just do a Google search for:
"How to unbrick (your model number)"
Sent from my SM-S903VL using Tapatalk
Droidriven said:
The update you did was a stock update, correct?
You said the device was rooted and then you did the update, correct?
That's where you screwed up, you can't do stock updates on a rooted device, you have to remove root, have stock recovery and have an unmodified system partition before doing the update.
You should have done the update and THEN rooted the device.
Now just do a Google search for:
"How to unbrick (your model number)"
Sent from my SM-S903VL using Tapatalk
Click to expand...
Click to collapse
Yes and yes. Okay. I know with droids when I was bootloader locked and rooted. I was fine updating. There was a change on loosing root. It's all about learning. I will try to find out how to unblock my phone. Thank you for the response.
Have you came across the ota .IMG file?
I was able to power my phone off. I connected the phone to my computer, installed the software, and tried the repair part. Failed on downloading. Version on my phone is 1.102VZ.
I found more info on xda refuring to the http://4pda.ru/forum/index.php?showtopic=597313&st=3680 site. I am not able to do anything with my phone now. Cannot get it to boot in recovery or even have my pc see it. The verizon apk sees it where I can still try to repair or update. That is it. I am going to send it back for a full refund and be done with this phone. Cannot spend weeks trying to fix this right now. Thanks all for the help.
Update. I got my phone into Fastboot. I was able to get phone into twrp recovery. How ever, I am not able to find a img I can flash to my phone then I will be able to use my phone. Ones I have found are twrp back ups that I have no clue how to flash. I downloaded Rom_5.1.1_3153LR_Modem_3153LR_E6782 and I hope to see if I can flash it or not in twrp. I still do not understand Android_SDK and how to use it. I am not sure if I can use twrp recovery from the Kyocera Brigadier E6782 Toolkit v1.2 I downloaded from the http://4pda.ru/forum/index.php?showtopic=597313&st=620#entry35662165 or not. All I am doing now is trying and seeing what happens. If anyone knows more please share.
I was able to flash the Rom_5.1.1_3153LR_Modem_3153LR_E6782 and my phone booted up and went into the optimizing but it is in Russian. I am further than I was. Need to find out if this is changeable to English and it all works. Yes, I do know that I will not flash anything than 5.0 now since the bootloader is locked or it can be unlocked with a code. Phone is up and running. I need a 5.1.1 US now.
It is not in Russian. It is in vietnamese. But I still need a clean 5.0 full rom.
Claps1775 said:
Update. I got my phone into Fastboot. I was able to get phone into twrp recovery. How ever, I am not able to find a img I can flash to my phone then I will be able to use my phone. Ones I have found are twrp back ups that I have no clue how to flash. I downloaded Rom_5.1.1_3153LR_Modem_3153LR_E6782 and I hope to see if I can flash it or not in twrp. I still do not understand Android_SDK and how to use it. I am not sure if I can use twrp recovery from the Kyocera Brigadier E6782 Toolkit v1.2 I downloaded from the http://4pda.ru/forum/index.php?showtopic=597313&st=620#entry35662165 or not. All I am doing now is trying and seeing what happens. If anyone knows more please share.
Click to expand...
Click to collapse
You can use the TWRP backups by choosing the restore option in TWRP then selecting the backup file and it will restore the data in the file to your device.
Sent from my SM-S903VL using Tapatalk
Droidriven said:
You can use the TWRP backups by choosing the restore option in TWRP then selecting the backup file and it will restore the data in the file to your device.
Sent from my SM-S903VL using Tapatalk
Click to expand...
Click to collapse
I will try that. I have to get it into fastboot and that can take a few tries. The firmware I have on it has no verizon apps. It is a mod by someone. I am going to try original firmware 5.1.1 firmware. Downloading right now. it is a .rar file. Making head way witch is good. I am learning for sure.
I got into fastboot mode. I tried to go into twrp using the Kyocera Brigadier E6782 Toolkit v1.2 as I did before. Now, I am stuck at the Android screen and it will not go into twrp. Ahh.
Claps1775 said:
I got into fastboot mode. I tried to go into twrp using the Kyocera Brigadier E6782 Toolkit v1.2 as I did before. Now, I am stuck at the Android screen and it will not go into twrp. Ahh.
Click to expand...
Click to collapse
That's because of your now locked bootloader, can't use TWRP with locked bootloader.
It's a little late now, you need to slow down, if you had done some searching to see how to use TWRP backups(the information is literally everywhere in every device forum here, it works the same for all devices), you would have been able to restore one of those backups, you'd have the device fixed and you wouldn't have a locked bootloader, that bootloader limits your options now, it leaves you only the option of finding the correct stock firmware.
Sent from my SM-S903VL using Tapatalk
Droidriven said:
That's because of your now locked bootloader, can't use TWRP with locked bootloader.
It's a little late now, you need to slow down, if you had done some searching to see how to use TWRP backups(the information is literally everywhere in every device forum here, it works the same for all devices), you would have been able to restore one of those backups, you'd have the device fixed and you wouldn't have a locked bootloader, that bootloader limits your options now, it leaves you only the option of finding the correct stock firmware.
Sent from my SM-S903VL using Tapatalk
Click to expand...
Click to collapse
I never knew it was unlock. On the Android screen it had a 1 at the top left corner and it is still there. I am trying to find the correct firmware and flash it. I am able to see my phone in the adb file I used to flash twrp on my Droids. I have done a lot of research and and the 4pda.ru site. I am sent a lot of pms out to XDA memebers and got nothing back. I have posted a lot and hope someone would replay. I am trying trust me. I flash the wrong one. If I brink the phone, O well. All I can say is I am not trying to give up. Not sure if I can flash a rom or a twrp back up in adb or not. I would like to sit and read up on all of this. Then I could have a better understanding and then may play more.
How can flashing the Rom_5.1.1_3153LR_Modem_3153LR_E6782 even lock the bootloader? Eventhing I read talked about it being locked. It says in the box, Failed (remote: bootimage: incomplete or not signed) when I try to boot it into twrp.
Claps1775 said:
I never knew it was unlock. On the Android screen it had a 1 at the top left corner and it is still there. I am trying to find the correct firmware and flash it. I am able to see my phone in the adb file I used to flash twrp on my Droids. I have done a lot of research and and the 4pda.ru site. I am sent a lot of pms out to XDA memebers and got nothing back. I have posted a lot and hope someone would replay. I am trying trust me. I flash the wrong one. If I brink the phone, O well. All I can say is I am not trying to give up. Not sure if I can flash a rom or a twrp back up in adb or not. I would like to sit and read up on all of this. Then I could have a better understanding and then may play more.
How can flashing the Rom_5.1.1_3153LR_Modem_3153LR_E6782 even lock the bootloader? Eventhing I read talked about it being locked. It says in the box, Failed (remote: bootimage: incomplete or not signed) when I try to boot it into twrp.
Click to expand...
Click to collapse
It locks the bootloader because when you flash the Firmware it upgrades to a different bootloader, one that is locked, it's coded into the firmware, it is intended to verify software signatures at boot, if the signature isn't what it's looking for it won't allow the software to load. Your TWRP, for example won't boot because it doesn't have the right signature, only your stock firmware has the right signature and there isn't a way to fake it. Your only chance of using TWRP is if your bootloader can be unlocked, not all bootloaders can be unlocked. It's a security measure installed by the manufacturer or your carrier to prevent flashing and modding the device, it's pretty effective and has become very common on a lot of devices since KitKat. It was implemented because they got tired of replacing devices due to the user modifying them and screwing them up, modified devices technically void the warranty but if screwed up enough they can't tell it has been modified, thus, they've been replacing devices that they weren't obligated to replace, they know this and are trying to put a stop to it.
Sent from my SM-S903VL using Tapatalk
Droidriven said:
It locks the bootloader because when you flash the Firmware it upgrades to a different bootloader, one that is locked, it's coded into the firmware, it is intended to verify software signatures at boot, if the signature isn't what it's looking for it won't allow the software to load. Your TWRP, for example won't boot because it doesn't have the right signature, only your stock firmware has the right signature and there isn't a way to fake it. Your only chance of using TWRP is if your bootloader can be unlocked, not all bootloaders can be unlocked. It's a security measure installed by the manufacturer or your carrier to prevent flashing and modding the device, it's pretty effective and has become very common on a lot of devices since KitKat. It was implemented because they got tired of replacing devices due to the user modifying them and screwing them up, modified devices technically void the warranty but if screwed up enough they can't tell it has been modified, thus, they've been replacing devices that they weren't obligated to replace, they know this and are trying to put a stop to it.
Sent from my SM-S903VL using Tapatalk
Click to expand...
Click to collapse
I messed up a great phone I was looking forward of using. I thought I had it all lined up. I read a lot and thought I understood things. Can it befixed? By Kyocera only I say. I wanted on 5.0 is while I flashed that rom. I did not know it was a custom one. I truly feel bad that I messed up a great phone. I am going to stick with Motorola Droids and HTC for me wife. I am up very late trying to figure this all out. I am going to stick with things I know even though I love a challenge and learning. Thank you for the help, yes, I should have slowed down but everything was going great. Live and learn.
Claps1775 said:
I messed up a great phone I was looking forward of using. I thought I had it all lined up. I read a lot and thought I understood things. Can it befixed? By Kyocera only I say. I wanted on 5.0 is while I flashed that rom. I did not know it was a custom one. I truly feel bad that I messed up a great phone. I am going to stick with Motorola Droids and HTC for me wife. I am up very late trying to figure this all out. I am going to stick with things I know even though I love a challenge and learning. Thank you for the help, yes, I should have slowed down but everything was going great. Live and learn.
Click to expand...
Click to collapse
When some, lose some.
For future reference, when you want to update or modify a device, try doing some research into what NOT to do or what can go wrong with that particular device and how to fix it if it does BEFORE you focus on what CAN be done on that device and before you actually do anything to the device. Cover the bases, ask questions, search for issues others might have had when they modified their device.
Remember, just because something is available for that device, doesn't mean you can use it. Things change from android version to android version and this stock firmware to that stock firmware for a device, such as whether the bootloader is locked or unlocked, among other possible differences that can turn things into a train wreck.
Android devices are all different and are not all done the same. What and how it is done on "this" device is not the same on "that" device.
Sent from my SM-S903VL using Tapatalk

Proper OS cleanup of new OnePlu7 Pro

Hi Everyone,
Living in Japan, we have no official channel to purchase a OnePlus handset here.
Really wanted to get a OnePlus 7 Pro as I felt it is the best model on the market as of today.
Knowing that, I got mine on Amazon Japan from a HK online shop which had very good reputation.
Now, the problem is these phones always come already opened as they say they need to confirm operation before sending it.
I have been reading news and article about this where we see more third party companies flash their roms with malware/ransomeware already built in...
In these situation, the best way to clean the phone is to do a full re-install of the OS.
I did review a bunch of article on XDA and it seems that now, due to the A/B partition setup, we can't just use official OnePlus image to load from the fastboot easily.
We have to rely on community provided too and stock rom to be able to do so....
When I raised the question to OnePlus and Oneplus forums, they mentioned to me that installed the updated like here (Page: support.oneplus.com/app/answers/detail/a_id/4312/~/oxygen-os-for-oneplus-7-pro)would do the trick using the local update function.
What I was directed to do is use the recovery boot to delete system settings/cache and everything data user and then, run the local update. Doing so, that would do it while not using community tools.
Here are my questions and which I would hope to get your experience:
1 Is the process I did really does use a brand new clean OS and do not rely/integrate part of the OS that came with the handset originally (that was the target).
2 Is there a way for me using OnePlus only provided tools and image to fully delete the phone and install the OS (maybe I am thinking this too much like a PC which I have more experience with...)
3 The OS looks fine and no strange apps shows up at all but how can I be sure nothing dodgy is running? Is there tools I could use to confirm this?
Sorry if I sound paranoid. Ideally, I understand the best thing to do was to buy directly from Oneplus and work a way to have it shipped to Japan but thought it would be interesting for me to learn more about android.
With previous Oneplus, it was easier as they were provided this type of official file for recovery but they stopped...
Thank you again for your time and hopping to learn more about how new android setup works.
Is the bootloader locked? Is Widevine (Netflix HD) certification still there? You can check these things to see if the phone has been tampered with.
brissoukun said:
Hi Everyone,
When I raised the question to OnePlus and Oneplus forums, they mentioned to me that installed the updated like here (Page: support.oneplus.com/app/answers/detail/a_id/4312/~/oxygen-os-for-oneplus-7-pro)would do the trick using the local update function.
What I was directed to do is use the recovery boot to delete system settings/cache and everything data user and then, run the local update. Doing so, that would do it while not using community tools.
Here are my questions and which I would hope to get your experience:
1 Is the process I did really does use a brand new clean OS and do not rely/integrate part of the OS that came with the handset originally (that was the target).
2 Is there a way for me using OnePlus only provided tools and image to fully delete the phone and install the OS (maybe I am thinking this too much like a PC which I have more experience with...)
3 The OS looks fine and no strange apps shows up at all but how can I be sure nothing dodgy is running? Is there tools I could use to confirm this?
Thank you again for your time and hopping to learn more about how new android setup works.
Click to expand...
Click to collapse
Good questions. Before you start, check the model number of your device through Settings > About. I'm assuming it's the international/global/unlocked version (GM1917).
With regard to question 1, a full build downloaded from the link you provided should contain every part of the OS, and flashing it through local update should overwrite anything that was there before. Before flashing, I would perform a full data wipe through recovery like you mentioned.
Q2: There is an MSM tool that will completely flash a system image for the OP7 Pro. I don't think they're generally intended for public use but they always get leaked anyways. They write an image (in the case of OnePlus, a .ops file) to the phone using a PC and USB connection. Here is a link to a thread which contains the MSM tool:
https://forum.xda-developers.com/oneplus-7-pro/how-to/guide-mega-unbrick-guide-hard-bricked-t3934659
Download the tool for the model of your phone (probably the international, firmware GM21AA), and extract its contents into a directory. In order for the tool to work, you need the OnePlus USB drivers installed on your PC. Plug the phone into your PC with it on, and enable USB file transfer. Open File Explorer and you should see a drive labeled "OnePlus drivers" or similar. Open it and run the driver setup executable file. You'll also need ADB to make your phone reboot into a mode that will allow the tool to perform its tasks. Here is a guide to installing ADB:
https://www.xda-developers.com/what-is-adb/
Once you've set that up, make sure the phone is plugged into the PC and the MSM tool is open. Make the phone boot into edl mode by typing
Code:
adb reboot edl
and once it says Connected next to a COM port in the tool, press start. Don't interrupt the process until it completes the download and the status message turns green. The phone should automatically reboot. This method is arguably more risky than using the local upgrade option, so do it at your own risk.
Q3: Make sure that OEM unlocking is turned off in developer settings and that the bootloader is locked (if the bootloader is unlocked, you'll see a yellow warning message after you power on the device from a power off state). Without an unlocked bootloader it would be pretty difficult to make any deep modifications to the device.
Hi @Zocker1304 and @TManchu,
Please let me thank you very much first for your kind and detailed reply, this is really welcome.
@Zocker1304:
I checked using the ADB/Fastboot connection that indeed, the Bootloader is locked so, that looks good.
Also installed (using a separate Google account) DRM Info app to confirm that the Widevine is properly installed and at L1 level which indeed again, looks good.
@TManchu
Thank you again for your very detailed reply! This was exactly what I needed as information.
I did already exactly as mentioned for the #1 so, it looks I should be good now with a proper rom from OnePlus (and did a full wipe in the Recovery boot mode)
For #2, I think I will skip that since as you rightly said, with #1, it should be fine so, prefer to keep with the recommended step.
For #3, we are covering what Zocker1304 mentioned too and I could confirm it.
My only concern about #3 was that you can actually relock the bootloader but (and please correct me If I am wrong), you can only do so if you are using stock OnePlus images (to date...seems like dev teams are working to have this changed? Bootloader locked with custom firmware?) which then means the image is safe.
I suppose the last item was my only open query for your thoughts but so far, the handset looks fine.
Thanks to you and the community, I have learned about the A/B partition scheme, msm tool, Fastboot/Recovery mode and Bootloader and ADB tools.
It is always good to learn more about the tech we use (especially phones, we have so many sensitive information stored into them today).
Not being careful could potentially means quite a lot of troubles down the road with Ransomeware/data leak tools.
Of course again, I could have simply purchased a JP phone from a brick and mortar shop next to my place and be fine with it. :silly:
brissoukun said:
.
For #3, we are covering what Zocker1304 mentioned too and I could confirm it.
My only concern about #3 was that you can actually relock the bootloader but (and please correct me If I am wrong), you can only do so if you are using stock OnePlus images (to date...seems like dev teams are working to have this changed? Bootloader locked with custom firmware?) which then means the image is safe.
I suppose the last item was my only open query for your thoughts but so far, the handset looks fine.
Thanks to you and the community, I have learned about the A/B partition scheme, msm tool, Fastboot/Recovery mode and Bootloader and ADB tools.
It is always good to learn more about the tech we use (especially phones, we have so many sensitive information stored into them today).
Not being careful could potentially means quite a lot of troubles down the road with Ransomeware/data leak tools.
Of course again, I could have simply purchased a JP phone from a brick and mortar shop next to my place and be fine with it. :silly:
Click to expand...
Click to collapse
No problem! I’ve just done some reading and from what I understand, re-locking the bootloader on anything other than a completely stock ROM will result in a bricked phone. I believe this is due to the way Android handles data encryption. If what you’ve heard is true, being able to lock your bootloader on a custom ROM would be great for device security. However, should something go wrong with the ROM having a locked bootloader might make it more difficult to fix.
I know that there are ways to sign system and boot images so that you can lock the bootloader with them installed, but I think that would still show a warning though I'm not sure.
Anyways, if all the build dates and numbers in the system info are correct, the firmware should be stock and as long as the bootloader is locked too, I don't believe you can tamper with that.
Hi Gents,
Thank you very much for the answer to the thread and much appreciated.
Apologies for not getting back to you all earlier as yesterday was family day...haha!
Well, since things looked good on the OS and the build, I went ahead and started to use the phone properly setting up my accounts. It did give me some incentive to get all my sensitive accounts setup with 2FA so that in case I get hacked with my passwords in the future...they would still need the 2fa (using Google Authenticator).
I did check also all system apps/running process and didn't see anything shady.
Just for reference, here were the type of articles I was refering too for the OS being plagued with malware even out of the box:
Page_theverge.com/2019/6/6/18655755/google-android-malware-triada-ota-rom-ads-spam-oem (sorry gents, new account, cannot put links yet)
However here, it seems it is due to lax review from the maker to third party tools which were including malware...
To have the same level on the oneplus I bought from the HK shop, they would have needed access to OnePlus Dev team to inject the malware in official image (knowing anyway I have re-installed a new image from the local update).
Otherwise, I was reading on the web about the fact to relock the bootloader with a custom roam and there seems to have a lot of messages but not concrete steps. It seems it depends a lot on phone model and brand.
When you are checking
Page_gizmochina.com/2019/06/10/relock-bootloader-oneplus-7-pro/
This is where you can read at the end:
"The above method only works if OnePlus 7 Pro is running on stock recovery and stock firmware. The ability to relock devices running custom recovery is expected in the next few weeks. "
That was published last month so, not sure if they got this to work on the OnePlus 7 pro yet.
So that's it, I am now using my new device which looks to work great and hopefully, won't get any bugs down the road.
I appreciate you taking the time to get back to me and will continue to learn about android.:good:

AT&T Radiant Core (Tinno U304AA) - Modding Discussion

Picked up an AT&T Radiant Core for cheap at a store around me. I don't intend to use it with AT&T, it was just such a low price that I figured I'd get it and see if I can break into it just for fun. It's an MTK6739 chipset phone, so in theory it should be easy to pull partitions from this thing with something like SPFT (or Miracle Box, if you paid for it) and do a dirty port of TWRP to get root privileges on it. But this is harder than it seems.
I need an auth file to do anything with SPFT. Apparently this has to do with some kind of "secure boot" mechanism that MediaTeks sometimes have now. There's no stock firmware for this device online from what I can find, nor for the generic version of the device, the Tinno U304AA (AT&T just rebranded it). If I had a stock firmware image, maybe I could risk wiping the partitions and reflashing the stock firmware to get rid of the secure boot stuff.
I saw a guide for how to access the bootloader on the Tinno U304AA generic version, but on the AT&T version of the phone there's no option in the boot select menu (Vol. UP + Power) to get to the bootloader to run a fastboot oem unlock. All the AT&T version has is recovery and normal boot. I'm not sure what I can do to maybe reset this to get the other options. Maybe if I had the stock firmware for the generic version of the phone I could overwrite it and get access to those other options.
Either way, just posting this up for anyone else that got one of these and wants to collaborate/contribute. Maybe with enough collective brainpower we can make something happen.
UPDATE: found a stock system image dump, thank you to @lopestom for directing me to this. This guy's been the MediaTek king for as long as I can remember.
It appears to be a dtbo and system partition dump. It also has the vendor partition and a (partial?) boot image dump. Not sure if things like the full boot and recovery images are stored somewhere in here, I didn't look too deeply into it yet. I have no idea how whoever this is managed to pull these partitions... they either got root access somehow, or they found a proper Download Agent and Auth file to pull it all. Either one of these would be awesome. I reached out to the user to ask them how they did it, we will see what they say if they want to share how they did it.
https://git.rip/dumps/att/u304aa
jasonmerc said:
Picked up an AT&T Radiant Core for cheap at a store around me. I don't intend to use it with AT&T, it was just such a low price that I figured I'd get it and see if I can break into it just for fun. It's an MTK6739 chipset phone, so in theory it should be easy to pull partitions from this thing with something like SPFT (or Miracle Box, if you paid for it) and do a dirty port of TWRP to get root privileges on it. But this is harder than it seems.
I need an auth file to do anything with SPFT. Apparently this has to do with some kind of "secure boot" mechanism that MediaTeks sometimes have now. There's no stock firmware for this device online from what I can find, nor for the generic version of the device, the Tinno U304AA (AT&T just rebranded it). If I had a stock firmware image, maybe I could risk wiping the partitions and reflashing the stock firmware to get rid of the secure boot stuff.
I saw a guide for how to access the bootloader on the Tinno U304AA generic version, but on the AT&T version of the phone there's no option in the boot select menu (Vol. UP + Power) to get to the bootloader to run a fastboot oem unlock. All the AT&T version has is recovery and normal boot. I'm not sure what I can do to maybe reset this to get the other options. Maybe if I had the stock firmware for the generic version of the phone I could overwrite it and get access to those other options.
Either way, just posting this up for anyone else that got one of these and wants to collaborate/contribute. Maybe with enough collective brainpower we can make something happen.
Click to expand...
Click to collapse
OMG! So excited to see this here! My Mom gave my nephew this phone and niece has one. So I've been trying my best to get the thing to at least be a decent phone! I installed a launcher on it, changed the icons and wallpaper and made it look good at least. It will be nice to have someone to talk to about this. The thing has been beyond frustrating! First off though how did you get the computer to recognize it? I can't get Windows or Linux to recognize it and couldn't find any drivers. If you managed that much you got further than I did. I haven't tried with my nieces though. It might just be his phone. She's 13 so it took awhile to pry it from her long enough to find out what kind it was, but I'm willing to try to get it from her once again if the phone can be improved.
sjjtnj said:
OMG! So excited to see this here! My Mom gave my nephew this phone and niece has one. So I've been trying my best to get the thing to at least be a decent phone! I installed a launcher on it, changed the icons and wallpaper and made it look good at least. It will be nice to have someone to talk to about this. The thing has been beyond frustrating! First off though how did you get the computer to recognize it? I can't get Windows or Linux to recognize it and couldn't find any drivers. If you managed that much you got further than I did. I haven't tried with my nieces though. It might just be his phone. She's 13 so it took awhile to pry it from her long enough to find out what kind it was, but I'm willing to try to get it from her once again if the phone can be improved.
Click to expand...
Click to collapse
Linux should just work, plug in the thing and the "drivers" if you will should be there already. Check the phone's settings for USB Debugging in the Developer Options if there's further trouble.
Don't get me wrong too, this phone is, was, and will always be a piece of junk. There's no getting around a screen this bad and 1GB of RAM. I'm actively trying to find a Download Agent and Auth File combo to get this thing to work with SPFT so I can try to port a custom recovery to get us Magisk root permissions at least. Root will make the phone slightly better, but it will still be junk. Unless we can get kernel source for it as well to mess with things like clock speeds and CPU governors (which LEGALLY we are supposed to be guaranteed, but good luck convincing a Chinese company to give it to you) everything we do, if we CAN do anything, will be like deodorant on a turd. It'll smell a little better, but it's still a turd.
jasonmerc said:
Linux should just work, plug in the thing and the "drivers" if you will should be there already. Check the phone's settings for USB Debugging in the Developer Options if there's further trouble.
Don't get me wrong too, this phone is, was, and will always be a piece of junk. There's no getting around a screen this bad and 1GB of RAM. I'm actively trying to find a Download Agent and Auth File combo to get this thing to work with SPFT so I can try to port a custom recovery to get us Magisk root permissions at least. Root will make the phone slightly better, but it will still be junk. Unless we can get kernel source for it as well to mess with things like clock speeds and CPU governors (which LEGALLY we are supposed to be guaranteed, but good luck convincing a Chinese company to give it to you) everything we do, if we CAN do anything, will be like deodorant on a turd. It'll smell a little better, but it's still a turd.
Click to expand...
Click to collapse
Right, I'm considering giving him my current phone when I get a new one. It doesn't seem like I'm going to be able to unlock and root it so I want a phone I can. Mainly for space personally. He's young so he doesn't need it rooted, but I'm thinking if I can root it then I might be able to use it to root my phone. Speaking of rooting I think I found a way to root this phone. It took me a couple days to get the phone since he said he couldn't find it, but I have it now. It just needs to charge, but the battery sucks so it takes forever. I did find out that it does have a decent recovery. I had booted it into recovery and then I was messing around with the keys after the little passed out green guy popped up and suddenly it loaded stock recovery. It had an option to mount the system and flash with adb and everything. The only problem is I kept booting it by messing with keys. So I honestly don't know which ones worked. I kept booting into it last night by messing with them, but now I can't seem to get it to boot into the right recovery now that I'm trying to figure out the right key combination. I will figure it out though (eventually) and let you know what you have to click, but if you get the chance just mess with it and hopefully you'll find it like I did.
Also I was looking up the phones variants and downloaded a couple stock roms that I felt had all the right specs I'm going to try to flash one if I can get it plugged in. I downloaded custom twrp image's for them as well, and even found one twrp that I was able to download in the app. If you used it then you know that it takes you to a download page if you are downloading the wrong twrp.img. So the fact it let me download it in the app meant it tricked twrp into thinking it was that phone. So I'm going to try that stock rom first. Maybe we'll be able to change it to another model. It really needs something flashed, because it's a mess. I thought he messed it up, but after reading what you said maybe it's just the phone. He's young so it doesn't matter as much to him, but I feel bad for my niece. I really need to look into at least getting her another phone. I'm going to work on it later today and see what I can do. First I got to get it to work on the computer, but I may be able to root it without the computer. I'll keep you updated with my progress.
any luck with this?
Yeh, is there a status update?
Sorry, I got a concussion and haven't been able to do much, but really I'm stuck because I can't get it to connect to the computer at all. Not in Windows or Linux. I think he's messed it up beyond repair at this point. The offline root gave me an error around the mounting of the system, but that can be done if you can get the recovery to show up. It's one of the options. I was trying this method. HERE see if you can get it plugged in and to work. Also, Kingoroot gets to 90% on the apk alone. So the computer app might do the trick. Then you can switch it to su. Really a rooted phone can get a lot done with apps like flashify and flashfire that we can't do right now. If you can get even a temp root let me know and I'll tell you what I found out about the apps to unlock the bootloader, flash TWRP, Flash Magisk, then flash ROMs. If you want to try the variant route I was trying then just do a search on google. Some sound just as bad, but other similar phones seem better. You can pick which one you want to try. The phone I have got to a point that it kept deleting applications and stuff on the phone and has trouble with the sd card. So I don't have the stuff I had saved on it anymore. I'm giving him my current phone when I get a new one. It's too messed up to salvage. I hope you have more luck.
sjjtnj said:
Sorry, I got a concussion and haven't been able to do much, but really I'm stuck because I can't get it to connect to the computer at all. Not in Windows or Linux. I think he's messed it up beyond repair at this point. The offline root gave me an error around the mounting of the system, but that can be done if you can get the recovery to show up. It's one of the options. I was trying this method. HERE see if you can get it plugged in and to work. Also, Kingoroot gets to 90% on the apk alone. So the computer app might do the trick. Then you can switch it to su. Really a rooted phone can get a lot done with apps like flashify and flashfire that we can't do right now. If you can get even a temp root let me know and I'll tell you what I found out about the apps to unlock the bootloader, flash TWRP, Flash Magisk, then flash ROMs. If you want to try the variant route I was trying then just do a search on google. Some sound just as bad, but other similar phones seem better. You can pick which one you want to try. The phone I have got to a point that it kept deleting applications and stuff on the phone and has trouble with the sd card. So I don't have the stuff I had saved on it anymore. I'm giving him my current phone when I get a new one. It's too messed up to salvage. I hope you have more luck.
Click to expand...
Click to collapse
I need to unlock my phone U304AA
Ok boys and girls, in case anyone is still wondering here is how to root this sucker.
https://drive.google.com/file/d/1--Ul1ae73zcejNuJ1a7ftq5sTo2VP8Ya/view?usp=drivesdk
Comes with two files. Mtksu amd magisk be sure to use the magisk version included in the zip. Install mtksu then wmagisk, open mtksu and install the top magisk option. Reboot then open magisk hit install when it asks. Now open mtksu scroll to the bottom and hit activate and reboot again. Should be good too go at this point. Oh yeah be sure to click apply at boot in mtksu. Not sure if this had been posted before or not. Now, to find a way to unlock bootloader and install twrp.
Thank you, I tried Mtksu on mine and it didn't work, but it might've been the phone. I don't have one of these anymore, but I hope you all the best of luck. For the bootloader and Twrp try Flashfire or flashify.
MTK bypass method released by some smart dudes out there. I will test if we can use SPFT on this phone now. Stay tuned. This could mean root & recovery in a matter of minutes.
EDIT: It ALMOST works. Technically it bypassed the auth file as advertised. The only thing left now is finding a compatible preloader/scatter file to use.
Used a modified Moto E6 Play scatter file to pull images from the device. Tried flashing over stuff and got an error. Long story short my U304AA is now permanently bricked, so I'm tapping out of this project here
I do have recovery and boot images that (supposedly) work if anyone else wants to try and take over Keep in mind these were pulled with a scatter file from a DIFFERENT phone that's of the same chipset, so not everything is guaranteed to work. For example, the preloader was pulled with the specified parameters but I do NOT know if it's functional
Because I'm tapping out, and because nobody else seems to have anything on this, I'm uploading everything I can. Some pulls are too big to upload and some just won't work for some reason, but use whatever you'd like for anything you can. Hope I did something helpful
I have searched in Google Search and the tutorials forum but not found a tutorial
_____________
Sent from my website: https://topsanphamhay.com/kem-chong-nang-danh-cho-da-dau-mun.html - https://topsanphamhay.com/kem-chong-nang-innisfree-perfect-uv-protection-cream-co-tot-khong.html - https://topsanphamhay.com/kem-chong...ifying-face-fluid-dry-touch-co-tot-khong.html using Iphone X
Well AT&T is giving away lots of Radiant Core devices because of their 3G shutdown: https://www.xda-developers.com/att-3g-shutdown-free-phone/
My wife and I just got one, so now I have two of these but I'm not sure I trust AT&T enough to use the "free" phone that they sent.
It would be great if someone can pickup this project, especially since so many phones are now flooding the market.
I just got 3 of these "free" from AT&T. In fact I don't really need them, I just happen to have phones with an IMEI number that AT&T cannot decipher, so they sent me new phones just in case I can't use 4G.
Anyway, I'm trying to use mine as spare Google assistants scattered around the house, but because they run that crappy Android Go, the Go version of Assistant won't listen to me until I long-press the home button. I would also like to use them when I travel as a spare.
These things are essentially throw-away, so I'm OK to risk bricking one of them.
What I really want to do is install a real version of Android on here, has anyone managed to crack this yet?
I personally have been writing and reading using this tool https://github.com/bkerler/mtkclient, which is much simpler than the others
Its a little rough around the edges, but it certainly works
My final problem is disabling secure boot (I already have a boot.img patched with magisk)
It appears that fastboot is simply not a mode for booting on this model, so I was wondering if anyone knows how to disable AVB by hand with just partition images
kayshinonome said:
I personally have been writing and reading using this tool https://github.com/bkerler/mtkclient, which is much simpler than the others
Its a little rough around the edges, but it certainly works
My final problem is disabling secure boot (I already have a boot.img patched with magisk)
It appears that fastboot is simply not a mode for booting on this model, so I was wondering if anyone knows how to disable AVB by hand with just partition images
Click to expand...
Click to collapse
if it's possible to downgrade the firmware to before the october 2019 patch, it might be possible to mtk-su the device: https://www.att.com/device-support/article/wireless/KM1376142/ATT/ATTU304AA
might be another alternative to trying to disable avb on a locked bootloader
luridphantom said:
if it's possible to downgrade the firmware to before the october 2019 patch, it might be possible to mtk-su the device: https://www.att.com/device-support/article/wireless/KM1376142/ATT/ATTU304AA
might be another alternative to trying to disable avb on a locked bootloader
Click to expand...
Click to collapse
Not possible to do, already tried before when I didn't brick it
KJ7LNW said:
Well AT&T is giving away lots of Radiant Core devices because of their 3G shutdown: https://www.xda-developers.com/att-3g-shutdown-free-phone/
Click to expand...
Click to collapse
Just got mine from this. I'd like to install something like NixOS mobile, but I've never used an android phone before. Will that be possible on this phone? If so, is there a good guide for newbs like myself?

Categories

Resources