Decrypt and Extract OPS - OnePlus 7 Pro Questions & Answers

I've looked into Decrypting the OPS files used for MSMDownloadTool, in order to use the Firehose in QFIL. So we can accomplish single partition flashing via EDL using QFIL.
I've successfully implemented BKerlers decryption python script which can be found here: https://github.com/bkerler/oppo_decrypt , to retrieve the partition xmls.
The problem is, this method requires you to go through the flashing process in MSMDownloadTool... I own a Sprint OP7 Pro 5G, and therefore do not have access to an OPS file to flash in order to obtain the Firehose and partitions.
With the ability to flash individual partitions through QFIL, we can flash any signed partitions we want without recovery or fastboot. Which would open up the possibility of not requiring SIM unlocks to achieve BL unlocks.

Another nice thing about this would be the ability to backup and restore partitions.

jthein1989 said:
I've looked into Decrypting the OPS files used for MSMDownloadTool, in order to use the Firehose in QFIL. So we can accomplish single partition flashing via EDL using QFIL.
I've successfully implemented BKerlers decryption python script which can be found here: https://github.com/bkerler/oppo_decrypt , to retrieve the partition xmls.
The problem is, this method requires you to go through the flashing process in MSMDownloadTool... I own a Sprint OP7 Pro 5G, and therefore do not have access to an OPS file to flash in order to obtain the Firehose and partitions.
With the ability to flash individual partitions through QFIL, we can flash any signed partitions we want without recovery or fastboot. Which would open up the possibility of not requiring SIM unlocks to achieve BL unlocks.
Click to expand...
Click to collapse
yes you are correct, I know the layout pretty well.. I have the xml and loader for the OP6T and 7Pro, and also, you are right, you can flash twrp with a patch0.xml that will allow to bypass locked bootloader..
as of matter of fact, I just did that to my brother in laws old ZTE Zmax Pro, which now had twrp and root running on it, while bootloader is still locked...... or was locked.. Since you cant access fastboot mode to unlock it.
So yes, its possible............. Sorry if I am late on this reply and has already been fixed or replied else where.. but I just happen to see this and wanted to add my 2 cents..

Don't be sorry. This is a road that is still wide open, but OnePlus stated that even they don't have the MSMDownload Tool for the 5G version... Which is ridiculous!

And ?

Eliminater74 said:
yes you are correct, I know the layout pretty well.. I have the xml and loader for the OP6T and 7Pro, and also, you are right, you can flash twrp with a patch0.xml that will allow to bypass locked bootloader..
as of matter of fact, I just did that to my brother in laws old ZTE Zmax Pro, which now had twrp and root running on it, while bootloader is still locked...... or was locked.. Since you cant access fastboot mode to unlock it.
So yes, its possible............. Sorry if I am late on this reply and has already been fixed or replied else where.. but I just happen to see this and wanted to add my 2 cents..
Click to expand...
Click to collapse
Does that mean we can copy the widevine l1 keys and copy it over after we bl unlock so we can watch HD Netflix on a bl unlocked phone?

So, question? How can I help, I want to do whatever would be helpful to allow the oneplus 7 t or pro from t-mobile or any other oem to be converted with out unlocked bootloader.

Eliminater74 said:
yes you are correct, I know the layout pretty well.. I have the xml and loader for the OP6T and 7Pro, and also, you are right, you can flash twrp with a patch0.xml that will allow to bypass locked bootloader..
as of matter of fact, I just did that to my brother in laws old ZTE Zmax Pro, which now had twrp and root running on it, while bootloader is still locked...... or was locked.. Since you cant access fastboot mode to unlock it.
So yes, its possible............. Sorry if I am late on this reply and has already been fixed or replied else where.. but I just happen to see this and wanted to add my 2 cents..
Click to expand...
Click to collapse
Bro please tell me how u do it can u please help me do install twrp without unlock bootloader on oneplus 7

gigawatt said:
So, question? How can I help, I want to do whatever would be helpful to allow the oneplus 7 t or pro from t-mobile or any other oem to be converted with out unlocked bootloader.
Click to expand...
Click to collapse
Do you still have a LOCKED bootloader and are on the oneplus 7T (tmobile) or do you know anyone who is? This would be of EXTREME help. If so I know a way you could be of HUUUUUGGE help... Basically, the theory is that once the bootloader is unlocked, it deletes a file (/data/reserve/reserve.img) and without this file, tmobile phones cannot take OTA's. The good news is that the file can be extracted with a special tool(edl.py) without an unlocked bootloader, be placed back on an unlocked device and can take OTA's. So what we would have you do is run this edl.py tool and pull the data partition and extract that specific reserve.img file. And then we could distribute it and everyone with unlocked bootloaders could again take OTAs. Please contact me immediately.

Hi, what about if I upgraded to the 5g would this still help?

Eliminater74 said:
yes you are correct, I know the layout pretty well.. I have the xml and loader for the OP6T and 7Pro, and also, you are right, you can flash twrp with a patch0.xml that will allow to bypass locked bootloader..
as of matter of fact, I just did that to my brother in laws old ZTE Zmax Pro, which now had twrp and root running on it, while bootloader is still locked...... or was locked.. Since you cant access fastboot mode to unlock it.
So yes, its possible............. Sorry if I am late on this reply and has already been fixed or replied else where.. but I just happen to see this and wanted to add my 2 cents..
Click to expand...
Click to collapse
Can you please tell me the process in explained way to extract ops file,I tried (bkerler) way but I didn't succeed,please help me ..

jthein1989 said:
I've looked into Decrypting the OPS files used for MSMDownloadTool, in order to use the Firehose in QFIL. So we can accomplish single partition flashing via EDL using QFIL.
I've successfully implemented BKerlers decryption python script which can be found here: https://github.com/bkerler/oppo_decrypt , to retrieve the partition xmls.
The problem is, this method requires you to go through the flashing process in MSMDownloadTool... I own a Sprint OP7 Pro 5G, and therefore do not have access to an OPS file to flash in order to obtain the Firehose and partitions.
With the ability to flash individual partitions through QFIL, we can flash any signed partitions we want without recovery or fastboot. Which would open up the possibility of not requiring SIM unlocks to achieve BL unlocks.
Click to expand...
Click to collapse

jthein1989 said:
I've looked into Decrypting the OPS files used for MSMDownloadTool, in order to use the Firehose in QFIL. So we can accomplish single partition flashing via EDL using QFIL.
I've successfully implemented BKerlers decryption python script which can be found here: https://github.com/bkerler/oppo_decrypt , to retrieve the partition xmls.
The problem is, this method requires you to go through the flashing process in MSMDownloadTool... I own a Sprint OP7 Pro 5G, and therefore do not have access to an OPS file to flash in order to obtain the Firehose and partitions.
With the ability to flash individual partitions through QFIL, we can flash any signed partitions we want without recovery or fastboot. Which would open up the possibility of not requiring SIM unlocks to achieve BL unlocks.
Click to expand...
Click to collapse
do you extract .ops files with it if yes please guide how you can do it

Eliminater74 said:
yes you are correct, I know the layout pretty well.. I have the xml and loader for the OP6T and 7Pro, and also, you are right, you can flash twrp with a patch0.xml that will allow to bypass locked bootloader..
as of matter of fact, I just did that to my brother in laws old ZTE Zmax Pro, which now had twrp and root running on it, while bootloader is still locked...... or was locked.. Since you cant access fastboot mode to unlock it.
So yes, its possible............. Sorry if I am late on this reply and has already been fixed or replied else where.. but I just happen to see this and wanted to add my 2 cents..
Click to expand...
Click to collapse
can you send One Plus 7 Pro xml and loader files for me, because im trying messing around with qfil and i need those file rawprogram and patch0

It's does not matter . The firehose programmer elf has the write disabled.I have unpacked multipal ops files. OnePlus MSM tool signs the write option ,so you will not be able to write with any other tool.even with the xml files

justencase6 said:
It's does not matter . The firehose programmer elf has the write disabled.I have unpacked multipal ops files. OnePlus MSM tool signs the write option ,so you will not be able to write with any other tool.even with the xml files
Click to expand...
Click to collapse
Could you provide me all those files? Or teach me how to extract it?

luciferobert said:
Could you provide me all those files? Or teach me how to extract it?
Click to expand...
Click to collapse
Even if you get those files you can't do anything with that....i have tried everything that you are trying to do right now..! Nothing going to work
@justencase6 helpd me with it

Prinçe çharming ap said:
Even if you get those files you can't do anything with that....i have tried everything that you are trying to do right now..! Nothing going to work
@justencase6 helpd me with
Click to expand...
Click to collapse
Prinçe çharming ap said:
Even if you get those files you can't do anything with that....i have tried everything that you are trying to do right now..! Nothing going to work
@justencase6 helpd me with it
Click to expand...
Click to collapse
Probably Jtag is my last weapon to resurrect my OP7P

luciferobert said:
Probably Jtag is my last weapon to resurrect my OP7P
Click to expand...
Click to collapse
If you need firehose and xml for OnePlus 7 pro then it is already available on xda.

Prinçe çharming ap said:
If you need firehose and xml for OnePlus 7 pro then it is already available on xda.
Click to expand...
Click to collapse
Can you give me the link please

Related

C185 OEMINFO Extraction

So guys, like many of you, I messed up my device and now I found a friend with same model. I can extract OEMINFO from the device if someone tell me the exact procedure of doing this. Please guide me. I need to go back to stock as soon as possible.
goldenevil47 said:
So guys, like many of you, I messed up my device and now I found a friend with same model. I can extract OEMINFO from the device if someone tell me the exact procedure of doing this. Please guide me. I need to go back to stock as soon as possible.
Click to expand...
Click to collapse
There is a debranding guide in my signature, 2 in fact, just follow the same for backing up the oeminfo. Thanks in advance for sharing with us
shashank1320 said:
There is a debranding guide in my signature, 2 in fact, just follow the same for backing up the oeminfo. Thanks in advance for sharing with us
Click to expand...
Click to collapse
Thanks a lot mate... I'll try to do asap... Just backing up the data is pain in a**...
Any way to relock BL after unlocking except dload...
goldenevil47 said:
Thanks a lot mate... I'll try to do asap... Just backing up the data is pain in a**...
Any way to relock BL after unlocking except dload...
Click to expand...
Click to collapse
Yes you can via same command but just use relock instead of lock OEM but it will erase data. Dload will not relock but it will lock so not a problem and not data erase also.
shashank1320 said:
Yes you can via same command but just use relock instead of lock OEM but it will erase data. Dload will not relock but it will lock so not a problem and not data erase also.
Click to expand...
Click to collapse
Command seems to be the easy way... thanks
what happened ? how u messed it ?
To extract it, with the help of a root explorer, (like MiXplorer, Total Command, ecc.) go to root/dev/block/platform/hi_mci.0/by-name, and in this folder you'll find "oeminfo" file. Copy it elsewhere, it'll be around 66MB; zip it, and it'll become only 160KB
mahrukhsa2 said:
what happened ? how u messed it ?
Click to expand...
Click to collapse
Flashed OEMINFO of C432 without backing up mine... Now can't flash stock ROM through dload method also...
RedSkull23 said:
To extract it, with the help of a root explorer, (like MiXplorer, Total Command, ecc.) go to root/dev/block/platform/hi_mci.0/by-name, and in this folder you'll find "oeminfo" file. Copy it elsewhere, it'll be around 66MB; zip it, and it'll become only 160KB
Click to expand...
Click to collapse
Any command to pull it through adb so that we don't have to go through the hassle of unlocking BL and rooting?
goldenevil47 said:
Any command to pull it through adb so that we don't have to go through the hassle of unlocking BL and rooting?
Click to expand...
Click to collapse
Thats System file under root directory. Even adb wont work with root for this. You can try multi tool as given in debranding guide
shashank1320 said:
Thats System file under root directory. Even adb wont work with root for this. You can try multi tool as given in debranding guide
Click to expand...
Click to collapse
Doesn't that tool need root???
goldenevil47 said:
Doesn't that tool need root???
Click to expand...
Click to collapse
You run that tool via pc and not as a phone app, so you won't need root for opening an update.app with Huawei Multi Tool
RedSkull23 said:
You run that tool via pc and not as a phone app, so you won't need root for opening an update.app with Huawei Multi Tool
Click to expand...
Click to collapse
Ok thanks for letting me know... I thought Multitool needed root to extract OEMINFO from device... This was a huge problem for me coz my friend is far away from me and he's too noob that he can't even get Product ID by dialing the code...(for BL unlock code)
I would already have done it yesterday if I knew that Multitool didn't need root...
These instructions:
"Unlock your bootloader, flash custom recovery and root"
In this guide:
"https://forum.xda-developers.com/honor-6x/how-to/guide-debranding-to-india-variant-bln-t3679402"
made me think root was necessary.
goldenevil47 said:
Ok thanks for letting me know... I thought Multitool needed root to extract OEMINFO from device... This was a huge problem for me coz my friend is far away from me and he's too noob that he can't even get Product ID by dialing the code...(for BL unlock code)
I would already have done it yesterday if I knew that Multitool didn't need root...
These instructions:
"Unlock your bootloader, flash custom recovery and root"
In this guide:
"https://forum.xda-developers.com/honor-6x/how-to/guide-debranding-to-india-variant-bln-t3679402"
made me think root was necessary.
Click to expand...
Click to collapse
i have same problem with my gr5 Bll-l21 if you are able to get oem info share it with me please
goldenevil47 said:
Ok thanks for letting me know... I thought Multitool needed root to extract OEMINFO from device... This was a huge problem for me coz my friend is far away from me and he's too noob that he can't even get Product ID by dialing the code...(for BL unlock code)
I would already have done it yesterday if I knew that Multitool didn't need root...
These instructions:
"Unlock your bootloader, flash custom recovery and root"
In this guide:
"https://forum.xda-developers.com/honor-6x/how-to/guide-debranding-to-india-variant-bln-t3679402"
made me think root was necessary.
Click to expand...
Click to collapse
I still thinks its needed but still you can copy via multi tool. However, you wilp get prompt on multi tool that su not found. But yeah it generates a copyof oeminfo. Have tested this but as have done lot of trails so can not say 100% if it will work. Can go with this without a problem

Help on rooting a BLU Studio G2 S010Q

Can somebody help me on trying to root my BLU Studio G2? I have tried non-PC methods, but it never worked. Then I tried to root with Kingroot, but because there isn't any class of recovery for my phone, I'm attempting to use Magisk. My bootloader can have the option to be unlocked, but when I hit the Volume Up button to confirm it, it doesn't do anything. Please, I would like this to be solved ASAP.
Try This
Jerry181 said:
Can somebody help me on trying to root my BLU Studio G2? I have tried non-PC methods, but it never worked. Then I tried to root with Kingroot, but because there isn't any class of recovery for my phone, I'm attempting to use Magisk. My bootloader can have the option to be unlocked, but when I hit the Volume Up button to confirm it, it doesn't do anything. Please, I would like this to be solved ASAP.
Click to expand...
Click to collapse
Hi there,
Try this website it might help you:
https://www.getdroidtips.com/twrp-recovery-blu-studio-g2/
KIBS2173 said:
Hi there,
Try this website it might help you:
https://www.getdroidtips.com/twrp-recovery-blu-studio-g2/
Click to expand...
Click to collapse
Thanks for your appreciation, but I've visited this page multiple times, but it's imposible, since first of all, the bootloader can't be unlocked because the volume buttons don't do anything to confirm its unlocking. And second, it's nearly impossible to get a twrp recovery for my phone. The page I had visited multiple has it, but I can't have the download access. ????
Try This
Jerry181 said:
Thanks for your appreciation, but I've visited this page multiple times, but it's imposible, since first of all, the bootloader can't be unlocked because the volume buttons don't do anything to confirm its unlocking. And second, it's nearly impossible to get a twrp recovery for my phone. The page I had visited multiple has it, but I can't have the download access.
Click to expand...
Click to collapse
Hi there,
Have you tried enabling the boot loader option by going into the developer mode.
And try using ADB Command to unlock the boot loader and it can also help you to root and maybe also install a custom recovery.
KIBS2173 said:
Hi there,
Have you tried enabling the boot loader option by going into the developer mode.
And try using ADB Command to unlock the boot loader and it can also help you to root and maybe also install a custom recovery.
Click to expand...
Click to collapse
Indeed I did, but as I said, the volume buttons won't do anything to confirm its unlocking. Would it be possible to flash the patched boot image using SP flash tool, avoiding the bootloader to be unlocked?
Try This
Jerry181 said:
Indeed I did, but as I said, the volume buttons won't do anything to confirm its unlocking. Would it be possible to flash the patched boot image using SP flash tool, avoiding the bootloader to be unlocked?
Click to expand...
Click to collapse
Hi there,
so I have found a website which contains all Chinese phone roms and your phone is included
www.needrom.com
all the instructions are given on that website try it ............
KIBS2173 said:
Hi there,
so I have found a website which contains all Chinese phone roms and your phone is included
www.needrom.com
all the instructions are given on that website try it ............
Click to expand...
Click to collapse
You must've confused the G2 HD (S555Q) with the standard G2 (S010Q) which is the one I have. Also, is it possible to flash the patched boot image from Magisk using SP Flash Tool?
TRY THIS
Jerry181 said:
You must've confused the G2 HD (S555Q) with the standard G2 (S010Q) which is the one I have. Also, is it possible to flash the patched boot image from Magisk using SP Flash Tool?
Click to expand...
Click to collapse
HI there,
It might not be possible as SP FLASH TOOL will definitely give you an error.........
AND IF YOU DID BYPASS THE PROCESS THERE MIGHT BE A CHANCE THAT IT WILL BRICK SO I SUGGEST THAT NOT TO DO IT
there might be another way
Many months ago, I had found the latest stock rom for this phone and took the boot.img from the file to flash itvon sp flash tool. Worked like a charm!

Question Has anyone successfully changed tmobile to internation yet?

using OnePlus 9 5g from tmobile and looking to convert to internation.anyone had any issues or tips to make sure I don't mess up?
So I come from the OnePlus 9 Pro forum, but the tips are identical because pretty much the same phone except for a few differences.
1. DO NOT FLASH BOOTLOADER
I can't stress this enough, flashing the bootloader will render the MSM tool that OnePlus provides for you USELESS! I figured this out the hard way!
2. Make a full device backup, if you're rooted already use Partitions backup and restore available on the Play Store
3. Keep OEM UNLOCKING ON THE WHOLE TIME! Don't turn it off until and unless you return to complete stock using a MSM tool! Also, keep your bootloader unlocked please.
4. Don't trust random "conversion" folders that flash everything at once without looking at the files, ESPECIALLY not without looking at the .bat file(s) such as a flashall.bat.
Sounds too risky. It's not so simple anymore .
Can I ask a clarifying question @razercortex ? You're saying to not flash the bootloader; does that mean I could simply take the boot.img, do the magisk thing to it, and at least have root? I don't wanna brick my T-Mobile variant here, but I really want to have root.
You don't need to do any of that to root. I'm running the tmo variant and have had root since I unlocked it.
Just grab the rooted boot.img and Fastboot BOOT! THE IMG, run magisk and choose direct install and restart then you got root. If you flash anything, you'll be in trouble most likely so just Fastboot boot boot.img
What if I don't want root, just international version
I am interested to switch from T-Mobile variant to international as well.
Josh McGrath said:
You don't need to do any of that to root. I'm running the tmo variant and have had root since I unlocked it.
Just grab the rooted boot.img and Fastboot BOOT! THE IMG, run magisk and choose direct install and restart then you got root. If you flash anything, you'll be in trouble most likely so just Fastboot boot boot.img
Click to expand...
Click to collapse
When you run the Safetynet check in Magisk, does it show "pass" ? Mine failed check.
inspron said:
When you run the Safetynet check in Magisk, does it show "pass" ? Mine failed check.
Click to expand...
Click to collapse
Do you have magiskhide enabled?
inspron said:
When you run the Safetynet check in Magisk, does it show "pass" ? Mine failed check.
Click to expand...
Click to collapse
Im showing to be passing. There was a magisk issue a week ago or so that cause it to fail but it was updated.
Playstore shows "Device is certified"
I really want international myself. This battery is complete garbage and tmo likes to drag their feet on an update the international got to fix the battery issue weeks ago
jfsat said:
Can I ask a clarifying question @razercortex ? You're saying to not flash the bootloader; does that mean I could simply take the boot.img, do the magisk thing to it, and at least have root? I don't wanna brick my T-Mobile variant here, but I really want to have root.
Click to expand...
Click to collapse
@jfsat If you just want root, patching the boot.img with magisk should be good enough. Just don't forget to keep OEM unlocking checked and keep the unlock code just in case. Also, don't relock until you have flashed stock boot.img.
Josh McGrath said:
You don't need to do any of that to root. I'm running the tmo variant and have had root since I unlocked it.
Just grab the rooted boot.img and Fastboot BOOT! THE IMG, run magisk and choose direct install and restart then you got root. If you flash anything, you'll be in trouble most likely so just Fastboot boot boot.img
Click to expand...
Click to collapse
It literally does not matter, but I would recommend flashing the boot.img instead because I don't know what the Direct Install method does to your phone's firmware. Flashing the boot.img works great, it only touches your boot partition and if you have the stock boot you can just flash it back and relock it, no problem. Direct Install could potentially change something else though it looks like it could be fine, but YMMV.
inspron said:
I am interested to switch from T-Mobile variant to international as well.
Click to expand...
Click to collapse
I know how to do it, you need to extract payload.bin from the EU OTA and flash all the partitions, find a tutorial online. Just make sure to make a full backup using Partitions backup and restore on the play store or manually dump partitions from your phone. You don't need userdata, it's too big and probably incompatible with the region change, just a side note that flashing partitions in the super partition (system, vendor, product, system_ext, odm, etc.) requires you to be in fastbootd, so use fastboot reboot fastboot to do so. Other than that, make sure there's an MSM tool available, you can check with OnePlus support.

Help rooting phone received from beta testing.

I signed up for a beta test on centernode and received a smartphone to test. The phone is so new that I cannot find any information about it on the internet. The bootloader is unlocked on it. I was reading that you can use magisk to root any device with an unlocked bootloader and system image. Since the phone is so new I cannot find a system image. Is it still possible to root the device? Is there a way I can backup the stock ROM and create a system image that way? Is there something else that will work? I really want to root the device because it came with a preinstalled app which is a system booster type app. It will not let me uninstall it, disable it, or force stop it. When I install my app for my alarm clock it keeps killing the app and the alarm will not go off. I have went through all of the app settings and cannot get it to stop. It also keeps interfering with my VPN. I would also like to root th device to remove some of the bloatware and to have access to the HOST file. Could someone please help me this? I would greatly appreciate it. Thanks guys!
I'm not known for giving good advice but if I was in your situation I would try to install the lastest version of Magisk and hope for the best. Knowing how I am it would be driving me nuts wondering if it would work.
That booster app, have you tried uninstalling it with adb?
Gregbmil1 said:
I'm not known for giving good advice but if I was in your situation I would try to install the lastest version of Magisk and hope for the best. Knowing how I am it would be driving me nuts wondering if it would work.
That booster app, have you tried uninstalling it with adb?
Click to expand...
Click to collapse
Hey, thanks for your reply. I am really eager to root it. I almost just went for it. However, then I thought about it. If something went wrong I would not have any way to recover the phone since there is not a system image available yet. I have not given adb removal a try yet as I figure it would just be easier to go with rooting since it will help me with everything I am trying to achieve. If I cannot root it then I will go the adb route. Hopefully someone will come along and help me out. Fingers crossed
Let us know what you end up doing. Are you expected to send the phone back after the beta testing? If you are responsible for any damages done to it, I would not try it.
You could send it back bricked and say you have no idea what happened to it, lol. That or say you were "testing" the security of the device and that it passes
bigroc2223 said:
I signed up for a beta test on centernode and received a smartphone to test. The phone is so new that I cannot find any information about it on the internet. The bootloader is unlocked on it. I was reading that you can use magisk to root any device with an unlocked bootloader and system image. Since the phone is so new I cannot find a system image. Is it still possible to root the device? Is there a way I can backup the stock ROM and create a system image that way? Is there something else that will work? I really want to root the device because it came with a preinstalled app which is a system booster type app. It will not let me uninstall it, disable it, or force stop it. When I install my app for my alarm clock it keeps killing the app and the alarm will not go off. I have went through all of the app settings and cannot get it to stop. It also keeps interfering with my VPN. I would also like to root th device to remove some of the bloatware and to have access to the HOST file. Could someone please help me this? I would greatly appreciate it. Thanks guys!
Click to expand...
Click to collapse
If you have the firmware then you're in luck (especially if it's the full one)
Download a program for windows called "Payload Dumper"
Open the zip (firmware) and copy out the payload.bin file.
Copy this to the input folder from payload dumper.
Run the exe for payload dumper
It'll output a bunch of files to output folder
You'll see a boot.img file this is essentially the file you use to boot your phone and also where magisk would reside too.
Copy this to your phone.
Install the latest Magisk then open it
Click install and then patch a file, navigate to the boot.img
Click the boot.img and it'll output a file to "SDcard\Downloads" usually called magisk_patched.img
Copy this to your fastboot folder on your computer and open a CMD / Powershell command to that location.
Then boot to fastboot / bootloader mode
Then type:
fastboot boot "name of patched boot.img"
eg:
fastboot boot magisk_patched.img
The phone will boot
From this point you are rooted but you need to make it permanent as you haven't flashed the boot sector at this point, you're only booting an image, if you were to reboot you'd lose it.
Open Magisk again then click install again.
Now instead of just seeing patch a file you'll see "Install Directly" + "Install after an OTA"
Click Install directly, allow it to finish, then reboot.
You're now fully rooted.
Heres my guides for the oneplus 8 pro, don't use the images there as they're for the 8 pro, you also can download payload dumper from there too.
(ROOT) Android 11 / Latest stock and patched img's / payload dumper / magisk_patched guides
Hi all, Have seen a lot of requests for patched boot images on these threads so thought i'd share a guide on how to get it yourself as well as all the files required, plus the patched boot.img if you just want to go ahead and boot/flash it...
forum.xda-developers.com
IT's easy.
Good luck
dladz said:
If you have the firmware then you're in luck (especially if it's the full one)
Download a program for windows called "Payload Dumper"
Open the zip (firmware) and copy out the payload.bin file.
Copy this to the input folder from payload dumper.
Run the exe for payload dumper
It'll output a bunch of files to output folder
You'll see a boot.img file this is essentially the file you use to boot your phone and also where magisk would reside too.
Copy this to your phone.
Install the latest Magisk then open it
Click install and then patch a file, navigate to the boot.img
Click the boot.img and it'll output a file to "SDcard\Downloads" usually called magisk_patched.img
Copy this to your fastboot folder on your computer and open a CMD / Powershell command to that location.
Then boot to fastboot / bootloader mode
Then type:
fastboot boot "name of patched boot.img"
eg:
fastboot boot magisk_patched.img
The phone will boot
From this point you are rooted but you need to make it permanent as you haven't flashed the boot sector at this point, you're only booting an image, if you were to reboot you'd lose it.
Open Magisk again then click install again.
Now instead of just seeing patch a file you'll see "Install Directly" + "Install after an OTA"
Click Install directly, allow it to finish, then reboot.
You're now fully rooted.
Heres my guides for the oneplus 8 pro, don't use the images there as they're for the 8 pro, you also can download payload dumper from there too.
(ROOT) Android 11 / Latest stock and patched img's / payload dumper / magisk_patched guides
Hi all, Have seen a lot of requests for patched boot images on these threads so thought i'd share a guide on how to get it yourself as well as all the files required, plus the patched boot.img if you just want to go ahead and boot/flash it...
forum.xda-developers.com
IT's easy.
Good luck
Click to expand...
Click to collapse
So it sounds like since this is a beta device and I cannot find a firmware image in out of luck?
I guess the only other option I have is finding someone who can port twrp for my device. Then I can just root via TWRP. However, from what I have read that might not even be an option as Android 11 mostly has to be rooted the hard way which you have gave instructions on above.
Can anyone think of anything else I can try?
bigroc2223 said:
So it sounds like since this is a beta device and I cannot find a firmware image in out of luck?
I guess the only other option I have is finding someone who can port twrp for my device. Then I can just root via TWRP. However, from what I have read that might not even be an option as Android 11 mostly has to be rooted the hard way which you have gave instructions on above.
Can anyone think of anything else I can try?
Click to expand...
Click to collapse
You can also extract the boot image... Can't remember the commands for this via ADB, Google ADB extract boot.img
dladz said:
You can also extract the boot image... Can't remember the commands for this via ADB, Google ADB extract boot.img
Click to expand...
Click to collapse
Awesome this is exactly what I was trying to figure out in my original post. Since there is no stock firmware available yet (beta unit) what is the best way to backup the device so I do not get a brick in the process? Thanks again for your help.
bigroc2223 said:
Awesome this is exactly what I was trying to figure out in my original post. Since there is no stock firmware available yet (beta unit) what is the best way to backup the device so I do not get a brick in the process? Thanks again for your help.
Click to expand...
Click to collapse
An actual back up? Probably twrp if available.
If not then you'd need a recovery method.
So providing you have a recovery solution you should be fine.
dladz said:
An actual back up? Probably twrp if available.
If not then you'd need a recovery method.
So providing you have a recovery solution you should be fine.
Click to expand...
Click to collapse
Ahhh okay since it is a beta device no one has made TWRP for it yet. What do you think the risk is of manually pulling the boot img, patching, and flashing is? If I can get that to work I will try to port twrp to the device. Thanks again for the help.
bigroc2223 said:
Ahhh okay since it is a beta device no one has made TWRP for it yet. What do you think the risk is of manually pulling the boot img, patching, and flashing is? If I can get that to work I will try to port twrp to the device. Thanks again for the help.
Click to expand...
Click to collapse
You're very welcome.
Chances of it not booting after doing that? Absolutely zero.
It's a copy not a cut, so you're fine.
The only problem you may encounter is the ability to access the device on that level.
Just turn on usb debugging and make sure ADB works as it should be checking on ADB devices.
Then go ahead with the pull.
You'll be fine.
Also once you have the boot.img if the patched one doesn't work then just reboot and you're back to normal.
I would advise against flashing it, just boot it.
dladz said:
Just turn on usb debugging and make sure ADB works as it should be checking on ADB devices.
Then go ahead with the pull.
You'll be fine.
Also once you have the boot.img if the patched one doesn't work then just reboot and you're back to normal.
Click to expand...
Click to collapse
You can't simply run
Code:
adb devices
adb pull boot.img > C:\boot.img
to clone phone's boot.img to PC.
The correct way is described here
Extract Boot.img Directly from Device Without Downloading Firmware
In this tutorial, we will show you the steps to extract the boot.img file directly from your device without downloading the firmware.
www.droidwin.com
jwoegerbauer said:
You can't simply run
Code:
adb devices
adb pull boot.img > C:\boot.img
to clone phone's boot.img to PC.
The correct way is described here
Extract Boot.img Directly from Device Without Downloading Firmware
In this tutorial, we will show you the steps to extract the boot.img file directly from your device without downloading the firmware.
www.droidwin.com
Click to expand...
Click to collapse
I did not say that you could?? I said pull it.
Before that I said look it up / Google it
Thanks for your help guys I appreciate it greatly. I am going to give this a try today. I will report back and let you guys know how it goes.
One last question. Since this beta unit I got is a tracfone branded unit with an unlocked bootloader is it possible that they could push a firmware which will lock the bootloader at some point? If so is there any way to prevent that from happening? Thanks again for all your help.
bigroc2223 said:
Thanks for your help guys I appreciate it greatly. I am going to give this a try today. I will report back and let you guys know how it goes.
One last question. Since this beta unit I got is a tracfone branded unit with an unlocked bootloader is it possible that they could push a firmware which will lock the bootloader at some point? If so is there any way to prevent that from happening? Thanks again for all your help.
Click to expand...
Click to collapse
Possible yes, but I doubt they would do that.
Is it an ambassador phone? Or for testing?
Locking the bootloader wipes the phone so I wouldn't imagine they'd do that without forewarning.
Plus locking a bootloader comes with its risks too, so you could say that it broke from the update.
But it won't come to that, I've had several ambassador phones myself and honestly they're fire and forget for the most part, I wouldn't worry about it
dladz said:
Possible yes, but I doubt they would do that.
Is it an ambassador phone? Or for testing?
Locking the bootloader wipes the phone so I wouldn't imagine they'd do that without forewarning.
Plus locking a bootloader comes with its risks too, so you could say that it broke from the update.
But it won't come to that, I've had several ambassador phones myself and honestly they're fire and forget for the most part, I wouldn't worry about it
Click to expand...
Click to collapse
It's a phone for testing which I am allowed to keep.
dladz said:
Possible yes, but I doubt they would do that.
Is it an ambassador phone? Or for testing?
Locking the bootloader wipes the phone so I wouldn't imagine they'd do that without forewarning.
Plus locking a bootloader comes with its risks too, so you could say that it broke from the update.
But it won't come to that, I've had several ambassador phones myself and honestly they're fire and forget for the most part, I wouldn't worry about it
Click to expand...
Click to collapse
It is a phone for testing which I am allowed to keep. Specs are Snapdragon 750g, Adreno 619, and 4gb of ram. Not too shabby for a free phone. It is a lot snappier than the moto e6 I was previously using.
dladz said:
I did not say that you could?? I said pull it.
Before that I said look it up / Google it
Click to expand...
Click to collapse
This method requires TWRP. So this will not work.
bigroc2223 said:
Nvm
Click to expand...
Click to collapse
dladz said:
Again!!!? What's your problem??
You're just trying to (for whatever reason) prove me wrong and yet again I wasn't being descriptive of an ADB pull!!!
You're pulling the boot.img off the device by whatever means.
To be clear for the final time, I'm not stating to use twrp, a script or anything else I said look it up / Google it!
Now if you've helped the chap then that's great, looking at what I said and attempting to put me straight when you clearly don't have to, is no help to you or the chap needing help it's just making you look like you're on a power trip.
Click to expand...
Click to collapse
I'm just trying to get some help here guys that's it. I appreciate everyone's efforts and opinions. Let's all try to work together and try to find a solution peacefully please.
So far I have adb installed and working. I have tried to use the commands I was able to locate via google. So far nothing works. I have also tried uninstalling some programs using adb which did not work. I think I am going to have to find someone who could port twrp for me
bigroc2223 said:
I'm just trying to get some help here guys that's it. I appreciate everyone's efforts and opinions. Let's all try to work together and try to find a solution peacefully please.
So far I have adb installed and working. I have tried to use the commands I was able to locate via google. So far nothing works. I have also tried uninstalling some programs using adb which did not work. I think I am going to have to find someone who could port twrp for me
Click to expand...
Click to collapse
Sorry I got the wrong end of the stick, I thought you was a second person posting..
Forget what I said

Question OP9 Brick

Hey guys i followed this guide www.youtube.com/watch?v=9XT-qGo_Emk&t=830s, now my OP9 hangs on splash screen wont boot into recovery I tried downloading MSM just not sure how to get it working i get error 'pacced image does not exist' can someone shed some light please
DeuceLew22 said:
Hey guys i followed this guide www.youtube.com/watch?v=9XT-qGo_Emk&t=830s, now my OP9 hangs on splash screen wont boot into recovery I tried downloading MSM just not sure how to get it working i get error 'pacced image does not exist' can someone shed some light please
Click to expand...
Click to collapse
Just flash with stock msm and u will be back just take ur phone to edl mode u can find guide to use msm easily
rizzmughal said:
Just flash with stock msm and u will be back just take ur phone to edl mode u can find guide to use msm easily
Click to expand...
Click to collapse
I appreciate your response but im not sure which msm to download the one i tried tells me 'packed image doest exist' do you know what this error is?
DeuceLew22 said:
I appreciate your response but im not sure which msm to download the one i tried tells me 'packed image doest exist' do you know what this error is?
Click to expand...
Click to collapse
What exact model do you have?
That error may mean you only have msm.exe and not the image file that's included/needed to flash inside of msm
Appreciative said:
What exact model do you have?
That error may mean you only have msm.exe and not the image file that's included/needed to flash inside of msm
Click to expand...
Click to collapse
LE2115 i downloaded the stock firmware before i tried root
DeuceLew22 said:
LE2115 i downloaded the stock firmware before i tried root
Click to expand...
Click to collapse
GLOBAL OnePlus 9 MSM TOOL UPDATED
Frist off Im not responsible for anything that happens to your phone!!! VERY SIMPLE IF YOU ARE BICKED,BOOTLOOPED OR JUST WANT TO GO BACK TO 100% STOCK THIS WILL WIPE ALL DATA!!! AN RELOCK BOOTLOADER OOS 11.2.4.4.LE25AA MUST HAVE QAULCOMM...
forum.xda-developers.com
Did you try this or did you have ota firmware? Which msm did you get?
Don't add/remove things from the msm tool folder after extracting, is device detected in msm with above tool?
Appreciative said:
GLOBAL OnePlus 9 MSM TOOL UPDATED
Frist off Im not responsible for anything that happens to your phone!!! VERY SIMPLE IF YOU ARE BICKED,BOOTLOOPED OR JUST WANT TO GO BACK TO 100% STOCK THIS WILL WIPE ALL DATA!!! AN RELOCK BOOTLOADER OOS 11.2.4.4.LE25AA MUST HAVE QAULCOMM...
forum.xda-developers.com
Did you try this or did you have ota firmware? Which msm did you get?
Don't add/remove things from the msm tool folder after extracting, is device detected in msm with above tool?
Click to expand...
Click to collapse
yes thats the exact tool i tried as soon as i select other it tells me 'packet mage not exist' and closes i think im in edl it shows up under COM3, but i also have the stock firmware from oxy updater
Appreciative said:
GLOBAL OnePlus 9 MSM TOOL UPDATED
Frist off Im not responsible for anything that happens to your phone!!! VERY SIMPLE IF YOU ARE BICKED,BOOTLOOPED OR JUST WANT TO GO BACK TO 100% STOCK THIS WILL WIPE ALL DATA!!! AN RELOCK BOOTLOADER OOS 11.2.4.4.LE25AA MUST HAVE QAULCOMM...
forum.xda-developers.com
Did you try this or did you have ota firmware? Which msm did you get?
Don't add/remove things from the msm tool folder after extracting, is device detected in msm with above tool?
Click to expand...
Click to collapse
i have to go get mom from airport be bacc in 1 hr
DeuceLew22 said:
i have to go get mom from airport be bacc in 1 hr
Click to expand...
Click to collapse
The file should be huge. A few gb minimum. Maybe that one is broken. Try this one:
一加9/9008线刷救砖包氧OS 11.2.10.10 - 一加手机官方ROM - 一加手机官方ROM下载
本站提供一加全机型ROM下载,包括一加Ace 2V、ACE2、Ace/10R、一加10 Pro、9Pro、9RT、9R、8T、8 Pro、一加8、7T Pro、7T、7Pro等全系一加机型的升级全量包、降级包、9008线刷救砖包等各种官方和原厂ROM,全部资源完全免费,不限速,无需登录
yun.daxiaamu.com
Edit: from the end of the thread, others reported the same issue (the file is missing) and said the above one worked for them. Check out page 11/12 from the first msm thread
DeuceLew22 said:
I appreciate your response but im not sure which msm to download the one i tried tells me 'packed image doest exist' do you know what this error is?
Click to expand...
Click to collapse
The reason for this error is the fact that you have probably downloaded the wrong version of the tool.
You have to choose the correct firmware ONLY for your device ! (OP9? OP9PRO? OP9R ? - Indian?global?T-Mobile?etc)
The msm tool is included .You can use Google search to find the file for your device ..
Appreciative said:
The file should be huge. A few gb minimum. Maybe that one is broken. Try this one:
一加9/9008线刷救砖包氧OS 11.2.10.10 - 一加手机官方ROM - 一加手机官方ROM下载
本站提供一加全机型ROM下载,包括一加Ace 2V、ACE2、Ace/10R、一加10 Pro、9Pro、9RT、9R、8T、8 Pro、一加8、7T Pro、7T、7Pro等全系一加机型的升级全量包、降级包、9008线刷救砖包等各种官方和原厂ROM,全部资源完全免费,不限速,无需登录
yun.daxiaamu.com
Edit: from the end of the thread, others reported the same issue (the file is missing) and said the above one worked for them. Check out page 11/12 from the first msm thread
Click to expand...
Click to collapse
Trying now
daitalos said:
The reason for this error is the fact that you have probably downloaded the wrong version of the tool.
You have to choose the correct firmware ONLY for your device ! (OP9? OP9PRO? OP9R ? - Indian?global?T-Mobile?etc)
The msm tool is included .You can use Google search to find the file for your device ..
Click to expand...
Click to collapse
it worked thank god so whats the proper way to root man
DeuceLew22 said:
it worked thank god so whats the proper way to root man
Click to expand...
Click to collapse
What I do to root;
Enable adb and enable bootloader unlocking.
Open MSM, press f8, select boot_a, (password is oneplus) and save my boot image directly from msm. (Read back)
It saves to c:\. I then push c:\boot_a.img to my phone's sdcard over adb.
Install Magisk, select Patch Boot Image.
Patch that new stock boot image so it becomes a magisk boot image.
I then copy/pull that new magisk boot image to my pc over adb.
Head into fastboot and fastboot boot magiskboot.img, I do not flash, just boot.
Start phone normally but we aren't done yet.
Now I'm on a magisk patched boot image so I head back into magisk app and do Direct Install. And install usnf module only.
When it comes to taking OTAs, I uninstall using Restore Images, take the OTA, do not reboot. After OTA is done, I go to magisk and do "install to inactive slot after OTA"
Then I reboot.
But you could take the OTA first and root afterwards. The reason I didn't do it that way is because I would get device uncertified on my previous phone and lose l1 Widevine (hd on netflix and such). But if I had root, took the OTA, and restored it thru magisk, I would keep l1.
I can't remember if that's the case for the 9 series also, I can only confirm that I am rooted, unlocked bootloader and retain certified device, l1 Widevine, using the latest version available of Android 11, going the magisk restore image+install to other slot ota way.
I'm not going to a12/13, it may be better or worse to go one way or the other for a12/13.
I don't use twrp, just temp boot the patched boot image with fastboot

Categories

Resources