Related
Hi,
I'm currently waiting for buy the Xperia XZ. I check some of XDA's thread and with Sony's smartphone I'm still afraid. So I want to know if there is a thread gathering all the detailled step to root, install TWRP, flash latest firmware, install custom ROM etc... ?
Thanks a lot
[Guide] Here is the DHGE guide for rooting SONY devices 2019-04
Changelog at the bottom of this post.
nathan30 said:
if there is a thread gathering all the detailed step to root, install TWRP, flash latest firmware, install custom ROM etc... ?
Click to expand...
Click to collapse
No - but you can find all you need to know here in this forum or in the devices-fora later than Z3+ or SONY-cross-device.
https://forum.xda-developers.com/crossdevice-dev/sony
Good introductory (written for devices before Z3+):
https://forum.xda-developers.com/crossdevice-dev/sony/noob-guide-to-sony-ericsson-xperia-t3209012
It is still valid but the 2015 and newer devices are not rootable anymore as described thanks to DM-Verity.
For rooting the current device you have to open the bootloader.
Any claims to the contrary found "on the web" are only tricks to have you install "interesting" software on a Windows PC.
Do you want root?
A classic post to help you decide
No:
wait for the OTA-updates from SONY (over the air - prosaic?)
don't like waiting or want to downgrade: get Flashtool http://www.flashtool.net
it comes with Xperifirm that finds you the latest ROM
https://forum.xda-developers.com/cr...xperifirm-xperia-firmware-downloader-t2834142
Unfortunately Xperifirm only finds the latest ROM (the only available on SONYs servers) so you better keep your downloads (>2 GBytes each) or find an older ROM in case you need it (xda has a search function). Here you'll find some ROM-versions: https://xpericheck.com
since my Xperia XZ/XZ1 I occasionally have problems with Flashtool that it requires a FSC-script which does not come with it or can not easily be copied from a similar device.
Now I use Newflasher https://forum.xda-developers.com/cr...gress-newflasher-xperia-command-line-t3619426 by @munjeni. This is a command line tool that for me unfortunately only works under Windows (have JDK issues under Debian).
You unpack the ROM (ftf-file) and place the newflasher.exe in the directory where you unpacked to. Then you start the device in flash mode (power on while holding the volume down key) and run the tool from the command line as administrator/root.
If you do not delete userdata.sin you will initiate the equivalent of a factory reset (aka loose all your data and settings!). For an upgrade within the same Andoid version I always delete userdata.sin before newflashing.
Yes:
As stated above, you need to unlock the bootloader to modify the system software on your device. Fortunately SONY gives (for non-carrier-locked) devices the option to unlock the bootloader.
Check if unlocking is allowed: in the service menu (dial *#*#7378423#*#* or *#*#SERVICE#*#* ) check under "Service Info"->"Configuration" the line "Bootloader unlock allowed:"
If you read anything other than "Yes" Stop here!
No: flashing another SONY Rom ("Customized CountryX") does not help you.
Hint: there is an app "SONY service menu" in the app-repository (F-Droid or Google).
OK - you can Now it is your last chance to save your device keys or "backup the trim area partition"
You should do this if you ever want to return to a SONY "blessed" state. e.g claiming service in countries where warranty is not for devices with unlocked bootloader or you want to sell it.
There are some device specific kernels out there whose authors state that they mitigate all DRM issues once the TA is restored. I guess you need these kernels otherwise restoring the TA locks up your device ...
Otherwise do not bother with restoring the TA-partition. Doing so after the next steps will soft brick your device.
Now you have to prepare your PC with some drivers in order to start the backup process:
Go to SONY's developver world http://developer.sonymobile.com
Under "Downloads" you will find the drivers for the XZ or any other device http://developer.sonymobile.com/downloads/drivers/xperia-xz/
These drivers are for Windows, do not bother if you are running a free operating system.
To get fastboot running you might additionally have to find the "fastboot_driver" in the download area. Put the content of the ZIP-file into the directory where you you unzipped the device driver and install it via right-clicking on the file android_winusb.inf.
Install these drivers if you are a Windows user. Under Windows 8 and newer there could be problems with installing "non signed" drivers.
Do a web/xda search to circumvent this security measure of Microsoft or do click on reboot while holding the shift-key and figure it out yourself.
http://www.flashtool.net/win8drivers.php
When you are installing: You also need to install the programs adb and fastboot.
https://forum.xda-developers.com/showthread.php?t=2317790
If you are running a free operating system: search for adb/fastboot or Android SDK in your repository and install these.
Running Linux it helps to insert the udev-rule mentioned in http://www.flashtool.net/lininstall.php otherwise you have to run esp. fastboot with root-privileges (not recommended, although the udev rule saves no punches ...)
On Android on your SONY device you have to be root to save a partition - catch 22 :crying: ...
https://en.wikipedia.org/wiki/Catch-22
Don't fear the ... / catch: For Android Marshmallow ROMs, e.g. up to version 39.0.A.3.30 of the Xperia XZ ROM, exists an exploit of the copy on write function in the Linux kernel that gets you root privileges temporarily.
On newer devices where there is no Marshmallow ROM with a vulnerable kernel available you are out of luck until another exploit is found.
Follow https://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236
Hint: In post #21 is described how to restore the TA (read the last sentence! -> you have to flash a stock ROM after restore).
If it does not work the first time let the tarnished bovine do its stride several times more.
Or: Repeat the process until success.
If you are already on Nougat you must downgrade the system ROM (see above) to use the exploit and backup the TA-partition.
The latest exploit that is available for devices that came out with Oreo uses a different exploit.
Search for this exploit in the specific forum or on "Sony Cross Device". If you are already on Pie you have to download an Oreo ROM for your device.
This is similar to the procedure described above that has the Xperia XZ in mind.
TA-partiton backed up?
Now the non-reversible part:
Under http://developer.sonymobile.com/unlockbootloader/ you request an unlock code.
READ, READ what SONY have written there!
- You will lose some DRM functionality: https://forum.xda-developers.com/z3-compact/general/loss-drm-keys-t2890936
- Your device will factory reset. You have a backup?
You can get the IMEI-number from the original package of your phone (if you have good eye sight and nobody swapped the boxes) or pull a tab from the side of the phone (you do not want to do that) or print a screen shot of the relevant page of your service menu or head into settings->about device->status->IMEI-Info.
You follow SONY's instructions to unlock the bootloader and hold your breath as after a long reboot everything on your device is wiped. On the newer devices you get an ugly warning "the device can't be trusted anymore".
NEVER EVER enable the MyXperia software from now on!
On some devices this in combination with an unlocked bootloader will hard brick your device.
Here was a link to fxpblog where they destroyed two devices.
Hey, you have been warned. With the TA-backup you always can return to the chicken den.
Become a "developer"
- Tap seven times on the build number of your device. (settings->device info)
- then enable "OEM unlocking" (new for the 2016 and later devices like XZ) and "USB-debugging"
You have read the SONY advice?
Next decision: Root stock ROM or go Custom Rom?
I am VERY happy with LineageOS on a Tablet Z and other devices in my household. I liked the Resurrection Remix ROM on my SAMSUNG phone.
Your mileage may vary: Testing a ROM and reversing will cost you with a proper backup minimum 4-5 hours.
If you choose a custom ROM:
- read the thread to get a hunch if you really want to install it (get over the off topic noob questions and annoying full quotes)
- Follow the instructions of the first page of the ROM-thread to install it. If you can not do this: stop or be prepared for searching and learning.
From February 2017 until May 2017 I had eXistenZ N on my Xperia XZ and like the UI tuning modifications. This "ROM" does not come pre-rooted it is a patch for the stock ROM (match the versions exactly!) that enhances the settings/look.
On SONY devices I recommend rooting stock ROMs.
Shortcut: Pie users can proceed to step 7 here
Having a custom kernel might still be advantageous for you.
You need a custom (or modified stock) kernel (aka boot image) with DM-Verity and SONY-RIC OFF.
This kernel has to be in sync with your ROM. Flashing an unsuitable kernel (e.g. MM-kernel on N-Roms) will result in a boot loop aka "soft brick".
You even can bake one yourself (no easy task) if you find/adapt the sources for your device. -> first stop SONY developer world
This is might be easy! THANKS to the efforts of @AndroPlus, @janjan and others.
You have to look into the device specific fora to find a proper kernel for your ROM-version.
They have also included many patches to improve battery life, mitigate some (e.g. camera) issues from the loss of the device keys ...
Download the kernel and recovery for your device and ROM-version and follow the kernel makers' instructions.
On devices where there is no custom kernel, you can try patching the stock kernel to switch off RIC and DM-verity. In reality behind the scenes it is a bit more than just patching (=modifying) the kernel. You also get some updated init-scripts and as a end result a new boot.img
Very useful is [PoC][Work in progress] Trim Area Proof Of Concept developed by @munjeni
These scripts not only prepare a stock kernel for rooting but also put your TA backup from above to such a use that you regain the DRM-features lost by opening the bootloader! So you do not need a custom kernel with partial DRM-fixes!
For Oreo it is more complicated (it might be easier to search for a suitable boot.img aka kernel and I have not tested it on Pie but see next step):
@serajr enhanced a script specifically for Xperia X Performance, XZ and XZs
https://forum.xda-developers.com/showpost.php?p=74724162&postcount=2793
Under Linux I had to set the executable attributes on the shell scripts and binaries (chmod +x).
You get the required kernel.elf via the tools menu in Flashtool. Dump "kernel.sin".
I started applying the scripts to the Stock ROM in May 2017 since eXistenZ ROM lagged a bit behind in security patches and Android version:
- flashed stock ROM via Flashtool or Newflasher
- prepared a patched boot image with PoC and my kernel...sin and TA.img and answered all questions with "yes" (hit return each time)
Code:
./ta_poc kernel.sin TA.img ramdisk
I am on Debian as operating system.
On Windows you just run the provided batch files and follow the instructions here and in the thread for the scripts.
- flashed the resulting boot image with fastboot flash boot boot.img and test it works. Service menu/Security: keys provided YEAH
- flash recovery and from there root with SuperSU and flash Titanium Backup
- restored my apps with their data via Titanium Backup
==============
Some hints:
==============
Most of these commands emit useful info on the command line - read it, post their error messages if you are stuck.
Version numbers of the software used speeds diagnosis of problems. Often a good advice: "Use latest version."
adb reboot bootloader or switching OFF the device and then pressing the "volume up" button while plugging the USB cable gets you into fastboot mode. You see a black screen and the blue LED light.
I normally do not flash the kernel-ZIP-file via recovery but unpack it and flash this: fastboot flash boot boot.img
To get into recovery mode:
Switch OFF your device. Press the "power" button shortly to switch ON and hold "volume down" button more than 5 seconds (or when you see the yellow LED light on some devices).
Or: adb reboot recovery
If you can not get into recovery (e.g. AndroPlus has no kernel for your latest SONY ROM):
fastboot boot TWRP_latest_version.img
I use an SD card (content there survives factory resets) and there a directory "for_recovery" well stocked with the zip-files I intend to flash. In TWRP you can tell the file manager on what storage (internal, SD-card, USB ...) it will find the flashable ZIP-files. The default is "internal".
Pressing the Power button and "volume up" for about five seconds gives you a hard reset.
Good if you are totally struck - just flash a SONY ROM for your device with Flashtool and all the wipe boxes checked or use Newflasher (overwrites most partitions including your data).
If you like to read about the haarrrdddd way:
https://forum.xda-developers.com/z4-tablet/help/enybody-root-t3154926
The first rooting of a DM-Verity secured device in 2015. Thanks to SONY for releasing source code and binaries.
Rooting - aaahh, finally
Flash the latest Magisk (up to late 2017 I used SuperSU which still works) from recovery.
https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445
https://www.chainfire.eu/ Find the latest SuperSU from there. You will not find it there any more since Chainfire has sold the rights to the utility. I endorse Magisk since that is open sourced on GitHub.
No: flashing a custom kernel and recovery does not root your device.
For Android Pie users: On my Xperia XZ1 I can skip step 6 completely!
Just install/upgrade to the latest Pie ROM and flash Magisk and install the Magisk app.
Bonus: Debloat the device
https://forum.xda-developers.com/search/forum/2522?query=debloat
Nowadays I use a debloat script written by @serajr for my devices https://forum.xda-developers.com/xperia-xz2/development/oreo-debloat-script-v1-0-t3798979,.
I edit (comment out) the debloat_list.sh in order to keep "com.google.android.apps.maps" and "com.sonymobile.email" which I both use.
mine (you screened my script?):
flash the attached ZIP-file
View attachment xtrm_debloat.flashable_ew_2016-12.zip
found in https://forum.xda-developers.com/xperia-z5/general/discussion-bloat-sony-xperia-z5-t3518860 probably original work by @ganeshbiyer
=============================================================
With opened bootloader you will not get OTA updates any more!
You have to check with the Xperifirm program if there are newer ROMs for your device.
I have not had any problems with installing e.g. a Swiss ROM over a Central Europe. There could be some worries when switching continents.
Download the desired ROM via Xperifirm and follow the instructions of Flashtool to flash the device (over USB update = OUU :laugh.
Accept the use of the FSC script.
Repeat the steps 5 to 6(7) for any other/newer SONY ROMs you flash followed by step 4 (if necessary).
If a wipe is needed I prefer the full wipe in TWRP compared to checking the boxes in Flashtool.
Or use Newflasher without flashing userdata.sin (just delete the file) in case of an upgrade.
=============================================================
CHANGES to this Guide
2019-04-23 updated for Pie, endorsed Newflasher, added link to serjars debloat script, link ckecks
2018-02-28 clarified getting kernel.elf for self patching, some typos, link ckecks
2018-01-31 link for better suited ta_poc added, toned down AndroPlus endorsement, added Magisk
2017-06-25 added link to xpericheck (find older ROMs), added hint for restoring TA for those TLDR-guys
2017-06-02 added procedure for patching stock kernel as alternative to custom kernels
2017-02-05 added recommendation for eXistenZ N ROM
2017-01-25 new URL for SuperSU, typos
2017-01-18 corrected the advice for booting into TWRP
2017-01-17 added info on fastboot driver for Windows users
DHGE said:
No - but you can find anything here or in the devices-fora later than Z3+ or SONY-cross-device.
https://forum.xda-developers.com/crossdevice-dev/sony
Good introductory (written for devices before Z3+):
https://forum.xda-developers.com/crossdevice-dev/sony/noob-guide-to-sony-ericsson-xperia-t3209012
It is still valid but the 2015 and newer devices are not rootable anymore (as described) thanks to DM-Verity.
For rooting the current device you have to open the bootloader.
Any claims to the contrary found "on the web" are only tricks to have you install "interesting" software on a Windows PC.
Do you want root?
No:
wait for the OTA-updates from SONY
don't like waiting or want to downgrade: get flashtool http://www.flashtool.net
it comes with Xperifirm (at least for my linux machines) that finds you the latest ROM
https://forum.xda-developers.com/cr...xperifirm-xperia-firmware-downloader-t2834142
Unfortunately it does not find many older ROMs anymore so you better keep your downloads (>2 GBytes each) or find an older ROM in case you need it (xda has a search function).
Yes:
As stated above, you need to unlock the bootloader to modify the system software on your device. Fortunately SONY gives (for non-carrier-locked) devices the option to unlock the bootloader.
Check if unlocking is allowed: in the service menu (dial *#*#7378423#*#* or *#*#SERVICE#*#* ) check under "Service Info"->"Configuration" the line "Bootloader unlock allowed:"
If you read anything other than "Yes" Stop here!
No: flashing another SONY Rom ("Customized CountryX") does not help you.
Hint: there is an app "SONY service menu" in the app-repository (F-Droid or Google).
OK - you can Now it is your last chance to save your device keys or "backup the trim area partition"
You should do this if you ever want to return to a SONY "blessed" state. e.g claiming service in countries where warranty is not for devices with unlocked bootloader or you want to sell it.
Otherwise do not bother with restoring the TA-partition. Doing so after the next steps will soft brick your device.
Go to SONY's developver world http://developer.sonymobile.com
Under drivers you find the drivers for the XZ under "Downloads" http://developer.sonymobile.com/downloads/drivers/xperia-xz/
These drivers are for Windows (which version?), do not bother if you are running a free operating system.
Install these drivers if you are a Windows user. Under Windows 8+ there could be problems with installing "non signed" drivers. Do a web/xda search to circumvent this security measure of Microsoft. http://www.flashtool.net/win8drivers.php
When you are installing: You also need to install the programs adb and fastboot.
https://forum.xda-developers.com/showthread.php?t=2317790
If you are running a free operating system: search for adb/fastboot or Android SDK in your repository and install these.
Running Linux it helps to insert the udev-rule mentioned in http://www.flashtool.net/lininstall.php otherwise you have to run esp. fastboot with root-privileges (not recommended, although the udev rule saves no punches ...)
You have to be root to save a partition - catch 22 :crying: ...
For Android Marshmallow ROMs, precisely up to version 39.0.A.3.30, exists an exploit of the copy on write function in the Linux kernel that gets you root privileges temporarily.
Follow https://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236
If you are already on Nougat you must downgrade the system ROM (see above) to use the exploit and backup the TA-partition.
TA-partiton backed up?
Now the non-reversible part:
Under http://developer.sonymobile.com/unlockbootloader/ you request an unlock code.
READ, READ what SONY have written there!
- You will lose some DRM functionality: https://forum.xda-developers.com/z3-compact/general/loss-drm-keys-t2890936
- Your device will factory reset. You have a backup?
You can get the IMEI-number from the original package of your phone (if you have good eye sight and nobody swapped the boxes) or pull a tab from the side of the phone (you do not want to do that) or print a screen shot of the relevant page of your service menu or head into settings->about device->status->IMEI-Info.
You follow SONY's instructions to unlock the bootloader and hold your breath as after a long reboot everything on your device is wiped. On the newer devices you get an ugly warning "the device can't be trusted anymore".
Hey, you have been warned. With the TA-backup you always can return to the chicken den.
Become a "developer"
- Tap seven times on the build number of your device. (settings->device info)
- then enable "OEM unlocking" (new for the 2016 devices like XZ) and "USB-debugging"
You have read the SONY advice?
Next decision: Root stock ROM or go Custom Rom?
Well - my opinion - for the newer SONY devices I have not found a recommendable custom ROM yet. I am VERY happy with a generic CyanogenMod on a tablet Z in my household. Do not ask me about the sad story of CyanogenMod as of late 2016...
Your mileage may vary: testing a ROM and reversing will cost you with a proper backup minimum 4-5 hours.
If you choose a custom ROM:
- read the thread to get a hunch if you really want to install it (get over the off topic newbie questions)
- Follow the instructions of the first page of the ROM-thread to install it. If you can not do this stop or be prepared for searching and learning.
On SONY devices I recommend rooting stock ROMs.
You need a custom kernel (aka boot image) with DM-Verity and SONY-RIC OFF.
This kernel has to be in sync with your ROM. Flashing an unsuitable kernel (e.g. MM-kernel on N-Roms) will result in a boot loop aka "soft brck".
You even can bake one yourself (no easy task) if you find/adapt the sources for your device. -> first stop SONY developer world
This is easy! THANKS to @AndroPlus
AndroPlus has also included many patches to improve battery life, mitigate some (e.g. camera) issues from the loss of the device keys ...
https://forum.xda-developers.com/xperia-xz/development/kernel-andropluskernel-v01-t3475240
AndroPlus has kernels for other devices too. Look into the specific device forum for a custom kernel,
Download the kernel and recovery for your device and ROM-version and follow AndroPlus' instructions.
Some hints: (most of these commands emit useful info on the command line - read it, post it if you are stuck)
adb reboot bootloader or switching OFF the device and then pressing the "volume up" button while plugging the USB cable (hooked to your PC! we need DC power for all this) gets you into fastboot mode. You see a black screen and the blue LED light.
I normally unpack the kernel-ZIP-file and flash this: fastboot flash boot boot.img
You get into recovery mode on booting by pressing the "volume up" button when you see the yellow LED light.
If you can not get into recovery (e.g. AndroPlus has no kernel for your latest SONY ROM):
fastboot boot TWRP_latest_version
I use an SD card (content there survives factory resets) and there a directory "for_recovery" well stocked with the zip-files I intend to flash.
Pressing the Power button and "volume up" for about five seconds gives you a hard reset.
If you like to read about the hard way:
https://forum.xda-developers.com/z4-tablet/help/enybody-root-t3154926
The first rooting of a DM-Verity secured device in 2015. Thanks to SONY for releasing source code and binaries.
Rooting - aaahh, finally
Flash the latest SuperSU from recovery.
https://download.chainfire.eu/1019/SuperSU
No: flashing AndroPlus or TWRP does not root your device. You'll have to flash Chainfire's ZIP-file!
Bonus: Debloat the device
https://forum.xda-developers.com/search/forum/2522?query=debloat
mine (you screened my script?):
flash the attached ZIP-file
View attachment 4000189
With opened bootloader you will not get OTA (over the air - prosaic?) updates any more!
You have to check with Xperifirm if there are newer ROMs for your device.
I have not had any problems with installing e.g. a Swiss ROM over a Central Europe. There could be some worries when switching continents.
Download the desired ROM via Xperifirm and follow the instructions of flashtool to flash the device. Accept the use of the FSC script.
Repeat the steps 5 to 6(7) for SONY ROMs followed by step 4 (if necessary).
If a wipe is needed I prefer the full wipe in TWRP compared to checking the boxes in FlashTool.
Click to expand...
Click to collapse
Woaw, thanks a lot for your awesome answer !
I receive my phone today, I'll follow your instructions
@DHGE your guide is well put, and I've not had any problems so far (I used a slightly different version of the Xperia ROM since the version you specified didn't show up, but it worked just fine, is sitting on Android 6.0, and I have the TA backed up).
I've obtained the unlock code from Sony's developer site, but I've still yet to get their email with the instructions on where to shove the code. Its been about two or three hours now, and it was sent to a Gmail address (which has received other mail since). I tried generating a new code to make sure the email was right (it was), and it spat out the same unlock code, so I'm guessing its just based off of the IMEI.
Question is: what does one do with the unlock code? I can't imagine the instructions would be different for each person and am not sure how long it may take Sony to email the Gmail account...
k2trf said:
What does one do with the unlock code?
Click to expand...
Click to collapse
Follow the steps on SONY's website where you obtained the unlock code.
Look at the big link at the right bottom after all the warnings...
Somehow I missed that completely, and just latched onto it saying to wait for the instructions via email. Honestly, I don't even know why they think it necessary. Anyone playing with unlock codes damn sure better be familiar with ADB and fastboot already, or be learning as they go. >_>
Hi,
there something I can do to roll back if I didn't backed up my TA partition?
thanks
bigkekko said:
Hi,
there something I can do to roll back if I didn't backed up my TA partition?
thanks
Click to expand...
Click to collapse
Roll back to recover TA? Unfortunately not.
Note: This is a bash script, meaning to use it you must be on Linux.
Note: You must already have fastboot and adb installed on your system.
Background
I like messing around modding my device, and quite a few times that has resulted in bootloops, and other issues. After getting tired of repeating the recovery process so many times, I decided to just write a bash script to almost completely automate the process. It guides you with easy user-prompts, and can be used by someone with little knowledge.
I'm not a professional, I just have some skills that allow me to develop simple tools for myself. I'm just releasing it in-case it might be helpful to someone else.
Restrictions
It's only for Moto X4 Payton Fi phones, any other device would require modifications to the script. Over time I do plan on making more updates to it as I develop it for myself. It will become and all-in-one tool, with more functionality in the future.
Features
- Ability to recover your phone from soft-bricks automatically.
- Ability to install the latest TWRP as a custom recovery automatically.
- Ability to install latest firmware automatically.
- Ability to install systemless root via Magisk automatically.
Download
The latest version will always be available on my git repository.
Github Repository: github.com/menevia16a/Firmware-Recovery_MotoX4
Thank you, now may actually unlock this device. Still on fence, with no signed images. I may wait for Pie update, if it ever happens. These tools will be a big help.
kkjb said:
Thank you, now may actually unlock this device. Still on fence, with no signed images. I may wait for Pie update, if it ever happens. These tools will be a big help.
Click to expand...
Click to collapse
Thanks for the reply, when the firmware image for the pie update is released I should do another update to this too. But honestly you can always use the tool and when it installs the system and boots up, go to the ota update before continuing the script and accept the ota updates and continue the script once the system is booted up again.
Hi Fellows,
First of all, I’m newbie to flashing (or so-called) phones. I want to change my phone for de-googled one. I’m thinking about POCO X3 Pro with LineageOS 18.1.
I’ve been recently reading a lot about changing OS, but I feel completely overwhelmed by how complex knowledge it is. Even on the forum there is so much info, so much specific vocabulary/acronyms
Can you advise me, how to start?
Or maybe different way... do you know any reliable service/somebody in the UK, who could help? I've already checked services in my town - no one does software modifications
kamien8 said:
Hi Fellows,
First of all, I’m newbie to flashing (or so-called) phones. I want to change my phone for de-googled one. I’m thinking about POCO X3 Pro with LineageOS 18.1.
I’ve been recently reading a lot about changing OS, but I feel completely overwhelmed by how complex knowledge it is. Even on the forum there is so much info, so much specific vocabulary/acronyms
Can you advise me, how to start?
Or maybe different way... do you know any reliable service/somebody in the UK, who could help? I've already checked services in my town - no one does software modifications
Click to expand...
Click to collapse
You don´t need to pay someone else for that, you can do it by your own.
I will give you the topics in order, one by one, and just search for the info till understand what you are want to achieve.
1-Unlocking bootloader.
2-Flashing a custom recovery.
3-Rooting (optional)
4-installing a custom ROM (like LineageOS)
Search for these topics in your own forum, read carefully and apply them when you are sure what you are doing.
Copied these from my old post in other forums, I updated a little but still might be a little outdated
Spoiler: How to unlock bootloader
Link your poco x3 pro to your MI account
Activate "Find my device" for Mi account
Settings > About Phone > Tab "MIUI version (For POCO)" until developer mode unlocked
Settings > Additional Settings > Developer Options
OEM unlocking - Checked
Mi Unlock status > Add account and device - Do only once, anymore will reset 168 hours unlock counter
Go to https://en.miui.com/unlock/and download the mi unlock software
Latest version to date of this post is https://miuirom.xiaomi.com/rom/u1106245679/5.5.224.55/miflash_unlock-en-5.5.224.55.zip
Prepare for future unlock
Turn off your mobile
Boot into fastboot mode - Volume Down + Power
Run "MiUsbDriver.exe" located in the miflash_unlock_en zip
Connect mobile to PC or laptop
Poco X3 Pro driver should be installed
Run "miflash_unlock.exe" and proceed through the software
If you yet to apply for permission to unlock, you can apply from there (I think, the last I applied was years ago, not sure still a thing now or not)
The software will tell you the countdown which is 168 hours aka 1 week.
Exit fastboot mode on phone by holding the power button.
A week later, time to unlock.
Backup your file, if you have used the phone intensively, unlocking will result in factory reset.
Turn off mobile
Boot into fastboot mode - Volume Down + Power
Run "miflash_unlock.exe"
Connect mobile to PC
Proceed through "miflash_unlock.exe"
Unlocked
Spoiler: How to Flash Custom Recovery
Download google platform tool from https://developer.android.com/studio/releases/platform-tools
Extract the tool
In the tool folder, type "cmd" at "Address bar" to open command prompt to that folder
Press enter after you type "cmd", if it isn't obvious.
Turn off mobile
Boot into fastboot mode - Volume Down + Power
Connect mobile to PC
Go to command prompt window, type "fastboot devices".
Your phone will be shown if detected, otherwise, fix your driver.
Download Custom Recovery
OrangeFox - https://orangefox.download/device/vayu
TWRP - https://forum.xda-developers.com/t/recovery-unofficial-teamwin-recovery-project.4269551/
Lineage OS Recovery - https://download.lineageos.org/vayu
Don't use LOS recovery if you are rooting, it doesn't support OTA data decryption thus magisk need to be reflashed everytime during OTA.
Extract the "img" recovery file to the tool's folder
Type "fastboot flash recovery <filename>"
Done, type "fastboot reboot recovery" or Volume Up + Power on mobile to enter recovery
Spoiler: How to Flash Custom Rom
Connect mobile to PC
Copy files to mobile
Firmware - https://xiaomifirmwareupdater.com/firmware/vayu/
Rom
XDA Roms - https://forum.xda-developers.com/f/xiaomi-poco-x3-pro.12163/?prefix_id=33
Xiaomi EU Rom - https://xiaomi.eu/community/forums/miui-rom-releases.103/
Gapp (if you want)
MindtheGapps
NikGapps
FlameGapps
OpenGapps (Personally Recommended)
Magisk (If rooting) - https://github.com/topjohnwu/Magisk/releases
Boot into recovery - Vol up + Power
install in order
Firmware
Rom
Gapps (if you want)
Magisk (if rooting)
Format data in recovery
Wipe Cache and Dalvik/Art Cache (If the recovery support it)
Reboot into system
Done
If you mess up the format data sequence, don't worry, you can always use "adb sideload". Also, if you use LOS recovery, you need to use sideload.
Look for sideload in recovery
Open command prompt in your tool folder, type "adb sideload <filename>" to install the things you want.
Spoiler: How to flash back or to official rom along with official recovery
Download xiaomi flash tool - https://xiaomiflashtool.com/
Download fastboot package - https://xiaomifirmwareupdater.com/archive/miui/vayu/
Extract xiaomi flash tool, run "XiaoMiFlash.exe"
Extract fastboot package to somewhere, preferably root subfolder of c:\ or whatever drive
Long pathname can cause "XiaoMiFlash.exe" to run into error
Boot mobile into fastboot - Vol down + power
Connect mobile to pc
In "XiaoMiFlash.exe", select folder of fastboot package
Bottom right of the software, choose "clean all" or "clean and lock (bootloader)"
Click flash
Once done, it will auto reboot into MIUI
Spoiler: How to pass safetynet for custom rom
At the moment of this post, most custom roms fail safetynet. It is not absolutely necessary to get safetynet to work. Only do this if the gapps you want to install require it.
Install magisk (No way around it)
Install props config module
Reboot
Run any terminal app - https://play.google.com/store/apps/details?id=com.termux
Type "su" and enter
Grant super user rights to it
Type "props" and enter
Type "1" and enter
Type "f" and enter
Type "22" and enter
Type "6" and enter
Basically, you are choosing "Poco X3 Pro (Global)"
Type "y"
Reboot and test your safetynet
Spoiler: How to make Nasty Anti-Root Apps work with Magisk
In magisk, install Riru module
Download Unshare - https://github.com/vvb2060/riru-unshare/releases
In magisk, install Unshare
In magisk, enable "Magisk Hide" in settings
In magisk, "hide Magisk" in settings, choose some really unpredictable name
In magisk, press "Shield", hide all options (dropdown) for the targetted App
Reboot
Try run the apps multiple times
If fail
Install App Manager - https://f-droid.org/en/packages/io.github.muntashirakon.AppManager/
In App Manager, look for the apps, go to "Services", disable that one "(Isolated)" service.
Double make sure it is applied
Reboot
Try run the apps multiple times
Still fail
Try this, some say it worked
In magisk, install LsPosed module
Install XPrivacyLua - https://repo.xposed.info/module/eu.faircode.xlua
In LsPosed, enable XprivacyLua and Singpass in that same list
Reboot
In XPrivacyLua, look for the app, enable restrict on "Get Applications"
Reboot
Try run the apps multiple times
this is the last resort
Install Shelter - https://play.google.com/store/apps/details?id=net.typeblog.shelter
Clone the App in Shelter
In shelter, under work profile, make sure no rooted apps in there
Reboot
Try run the App in work profile multiple times
SubwayChamp said:
You don´t need to pay someone else for that, you can do it by your own [...]
Click to expand...
Click to collapse
Thanks a lot. It makes sense.
I was also told, that before flashing it is esential to do a backup.
What's your opinion? How to do so?
kamien8 said:
Thanks a lot. It makes sense.
I was also told, that before flashing it is esential to do a backup.
What's your opinion? How to do so?
Click to expand...
Click to collapse
About backup the first important is what is important for one, I mean personal information like messages, call, WhatsApp and so on.
But the most important in other sense is about the well functioning of the device itself, for example EFS where is stored the IMEIs, sometimes vendor, dtbo and persist images depending on the custom recovery if it includes these options.
Particularly, I never need any other partition from recovering eventually my device/s.
I would like to suggest you to try flashing some roms on any other device which you don't use(for ex. an old abandoned phone) and gain some experience before trying on your poco x3 pro.
dey18 said:
I would like to suggest you to try flashing some roms on any other device [...]
Click to expand...
Click to collapse
That was my idea. Unfortunately the only 'old' phone I've got is Huawei P9 Lite 2017 with Android 7. I haven't found any information, that there is a way to install LineageOS on the device.
However, for training purposes I could install any different OS, suitable for the device. Do you know any?
By the way, is the following link the only valid repository for the OS?
LineageOS Downloads
download.lineageos.org
kamien8 said:
That was my idea. Unfortunately the only 'old' phone I've got is Huawei P9 Lite 2017 with Android 7. I haven't found any information, that there is a way to install LineageOS on the device.
However, for training purposes I could install any different OS, suitable for the device. Do you know any?
By the way, is the following link the only valid repository for the OS?
LineageOS Downloads
download.lineageos.org
Click to expand...
Click to collapse
yes, thats the official site
kamien8 said:
That was my idea. Unfortunately the only 'old' phone I've got is Huawei P9 Lite 2017 with Android 7. I haven't found any information, that there is a way to install LineageOS on the device.
However, for training purposes I could install any different OS, suitable for the device. Do you know any?
By the way, is the following link the only valid repository for the OS?
LineageOS Downloads
download.lineageos.org
Click to expand...
Click to collapse
If you had no experience of flashing a phone, read and follow this guide with Pictures :
https://forum.xda-developers.com/t/4288121/post-85137963
It should be sufficient to help you flash a ROM.
No tutorial about backup data from phone in that guide, you have to do it on your own.
pl1992aw said:
If you had no experience of flashing a phone, read and follow this guide with Pictures :
https://forum.xda-developers.com/t/4288121/post-85137963
It should be sufficient to help you flash a ROM.
No tutorial about backup data from phone in that guide, you have to do it on your own.
Click to expand...
Click to collapse
I like this method, and this specific guide is what helped me flash custom rom on my X3 pro.
It is detailed and even gives notice if in case we get lost in a step.
I hope the OP can read this as the guide was really helpful. I know they used arrowOS for example, but I applied the method with different rom.
kamien8 said:
That was my idea. Unfortunately the only 'old' phone I've got is Huawei P9 Lite 2017 with Android 7. I haven't found any information, that there is a way to install LineageOS on the device.
However, for training purposes I could install any different OS, suitable for the device. Do you know any?
By the way, is the following link the only valid repository for the OS?
LineageOS Downloads
download.lineageos.org
Click to expand...
Click to collapse
I suggest you to try any other roms available for your device and not just lineage.
Try flashing multiple roms one by one and identify and rectify your errors.
And don't forget to read documentation provided by the wiki completely and also check out some vids on youtube(people on telegram would tell you to watch yt channel named "Munchy" because he has got this phone).
I wouldn't try and flash an old p9 lite. I remember when I had a p9 and tried to flash it it was a nightmare and was an unorthodox method. If you could grab an old Moto like the Moto g as that would be ideal for a practise flash.
Warren_Orange said:
[...] Moto g [...]
Click to expand...
Click to collapse
I've never used Motorola before. Which G would be good to start gaining an experience?
I'll try to find a pre-owned one.
I'd go for a moto g 2nd or 3rd Gen. You can get them for peanuts on eBay and there is still development for them even now.
I recommend Moto G5.. pretty active community on xda, replacable battery and should be very cheap
k3lcior said:
I recommend Moto G5.. pretty active community on xda, replacable battery and should be very cheap
Click to expand...
Click to collapse
Moto G5
Warren_Orange said:
I'd go for a moto g 2nd or 3rd Gen. You can get them for peanuts on eBay and there is still development for them even now.
Click to expand...
Click to collapse
Do you mean something like this?
gsmarena_moto_g
Will it be possible to go with LineageOS 18.1 on such an old phone?
kamien8 said:
Moto G5
Do you mean something like this?
gsmarena_moto_g
Will it be possible to go with LineageOS 18.1 on such an old phone?
Click to expand...
Click to collapse
Yes that's the one. After having a quick look at the forums I don't think you'd get 18.1 on it. There is a micro g 17.1 rom that seems active.
Is this for practice or for use as well? If it's for using I'd probably go with the g5 for a few bucks extra as the Moto g is quite old but it's not a bad spare spare phone. I picked one up as a backup and I liked the feel of it (if your into small phones) . It reminded me of the first Moto X.
QLink Scepter 8 TabletBy Hot Pepper Mobile
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Bootloader Unlocking
& Rooting Guide
For Gen 1 & Gen 2 Models
TABLET MODELS & VARIANTS:
For those members familiar with the firmware restoration thread, there are a total of four model variants of the QLink Scepter 8 tablet: two variants of the Gen 1 model, and two variants of the latest Gen 2 model. Determining which Scepter 8 you have is a very simple two-part check. First, if you don't already know your Android OS version, go to device Settings> About tablet, and locate your Android version. If you are running Android 11 (Go Edition), you have the original Gen 1 model. If you are running Android 12 (Go Edition), your tablet is the latest Gen 2 model. Secondly, you will need to locate the device S/N in order to determine your tablet variant. Your S/N is printed on the manufacturer's label affixed to the exterior of the tablet's rear housing. From the Android OS, you can also locate your S/N by opening device Settings>About tablet>Model. Regardless of whether you have the Gen 1 or the Gen 2, the first two letters of your S/N will be either CF or MD. This is the codification of your tablet variant. To alleviate some of the legwork of rooting, and to keep this thread simple to follow, I have provided boot images pre-patched for Magisk v25.2 systemless root support. I have categorized the download links for each of the boot images in accordance with the respective model and S/N variant. To avoid potential bugs, instabilities, boot loops and the like, it is crucial that you download the boot image that corresponds with your model & variant. OVERVIEW:
This guide outlines step-by-step instructions for unlocking the bootloader and rooting all variants of the Gen 1 & Gen 2 QLink Scepter 8 tablet. This guide also includes a detailed section on properly installing the ADB, fastboot, & USB device drivers on your Windows PC or laptop, as well as steps to troubleshoot & manually update these drivers in the event the tablet is not being recognized while in fastboot mode.
DISCLAIMER:
Unlocking your bootloader and rooting your device are both procedures that carry inherent risks. Because these procedures involve modifying the device from it's stock factory configuration, it is possible to corrupt, damage, or even render your tablet completely inoperable. By proceeding further, you are assuming sole responsibility for the integrity and operability of your device, therefore absolving me of any liability in the event something goes south. I have, however, tested these guides and feel confident that things will go smoothly as long as you follow the instructions carefully. Moreover, I encourage all members to read the instructions fully before starting the steps, in order to first gain a fundamental understanding of the concepts and methods involved.
PLEASE PLAY NICE & FOLLOW XDA RULES:
This thread was created with the intent of being a noob-friendly forum. This simply means that new and inexperienced members are fully welcome here, and will be provided with extra guidance and assistance if needed. Please keep in mind that XDA is a global community of developers, enthusiasts and device users. As such, and although English is the only permitted language in the forums & threads, not all members speak English as their first language, and often rely on text translation tools when asking questions & posting. Accordingly, it is very common for words to be misconstrued, meanings to be misinterpreted, and the context as a whole lost in translation. I ask members to be patient, compassionate and respectful to others on this thread. Those members with the knowledge to do so are urged and asked to help newer members, and recall back when you were new here and others helped you.
Please help me with keeping this thread on point by ensuring that all subject matter herein be kept relevant to the topics of rooting and OEM unlocking the QLink Scepter 8. Any posts about other devices or subject matter run afoul of XDA rules and are subject to removal by moderators -- and potential sanctions imposed upon the offending member. Moreover, an on-topic thread keeps things organized and easier to follow. Thank you for your consideration.
PREREQUISITES:
To unlock the bootloader and root the QLink Scepter 8 tablet, you will need a laptop or PC running on Windows 7/8.1/10/11. (A Mac or Linux machine can also be used. For purposes of this guide, however, I am focusing on a Windows setup.) You will also need the OEM-supplied or a quality equivalent micro USB to USB-A data sync cable. Last but not least, you will need to install compatible USB device drivers for ADB & Fastboot on your PC/laptop. I have included the 15-Second ADB Driver Installer below, under the DOWNLOADS section. This Installer will configure ADB & Fastboot system-wide, and installs the universal Google USB device drivers. I would encourage members to first read the instructions in their entirety prior to actually starting the guide.
•INSTALLING USB DEVICE DRIVERS•
This section is included to install and configure ADB, Fastboot and the proper USB device drivers on your Windows computer. This section can also be used to troubleshoot and fix issues involving your tablet not being recognized by Windows while connected in fastboot mode. If you have already installed the ADB & Fastboot tools (& the proper USB device drivers), and you are not experiencing fastboot recognition issues, you may skip this section and proceed to the bootloader unlocking section.
Many members have reported issues with device recognition while in fastboot mode. I have also noticed a persistence problem with Windows drivers on this tablet. I can manually update the driver using Windows Device Manager, enabling fastboot recognition; yet, once the tablet is disconnected from my PC the updated driver does not always persist, requiring a manual driver update each time fastboot mode is needed. Follow these steps to enable fastboot recognition of your device.
• 1. If you have not yet done so, install the 15-Second ADB Installer from the link below on your Windows PC or laptop. Open the utility and follow the prompts to install the ADB & Fastboot drivers. Next, opt to install ADB system-wide. Lastly, you will be prompted to install the Google USB device drivers. Select Y and install them. You should see an interface informing you that the drivers were successfully installed. NOTE: If you get a warning notification that the drivers are unsigned, select the option to install anyway;
• 2. With your tablet powered off, hold the Power and Volume Down buttons simultaneously until the QLink logo appears, at which time you release the Power button but continue holding Volume Down. When a green Android graphic appears on your display, you are in fastboot mode;
• 3. Connect your tablet to your Windows machine using the OEM-supplied or a quality equivalent micro USB to USB-A data sync cable;
• 4. Open a command window in the path of your ADB/Fastboot directory. Execute this command:
Code:
fastboot devices
If properly connected, the command window will return an alphanumeric string which is synonymous with your tablet serial number. If this occurs, you are finished with this section and may proceed to the instructions for unlocking the bootloader/rooting. If the command window displays Waiting on Any Device, or if your serial number is not displayed, continue with the following steps;
• 5. Keeping your device connected to your Windows PC/laptop, right click your Windows Start icon and select Device Manager. Locate your tablet in the menu. It will likely be located under either the Portable Devices or Android Device heading;
• 6. Right click your device and select Update Driver. Next, select Browse My Computer for Drivers. On the next screen choose the option for Let Me Pick From a List... Now you will see a list of drivers to select from. Depending on the manner in which Windows recognized your tablet in the Device Manager menu, the driver selection menu can vary. If you see an option for Android Device, select that option and then select Android Composite ADB Interface. Or, you may be directly presented with options for Android Bootloader Interface, Android ADB Interface and Android Composite ADB Interface. In any event, choose Android Composite ADB Interface and then click Next. Click Yes in the Update Driver Warning dialogue screen, at which time the drivers will be installed.
• 7. Return to your command window and again execute the fastboot devices command. If your serial number is displayed, your drivers are now properly installed. If you are still experiencing fastboot recognition issues, try using another data sync cable, change USB ports on your computer, and/or reinstall the drivers using the 15-Second ADB Installer.
I. UNLOCKING THE BOOTLOADER:
If you plan on rooting your tablet, this step is mandatory. If your bootloader is already unlocked and you only wish to root your device, skip down to the rooting instructions in the next section below.
WARNING: Unlocking your bootloader forces the device into a factory data reset, which will effectively wipe all saved user data from the device. Make a backup at this point if there are files and media on your tablet that you wish to keep.
INSTRUCTIONS:
1. Enable Developer Options on your tablet by going to device Settings>About tablet and tap Build number approximately seven times. Android will notify you that Developer Options are enabled; this menu will appear under device Settings>System>Advanced.
2. Enable USB Debugging and OEM Unlocking in the Developer Options menu. NOTE: Users have reported the OEM Unlocking option being greyed-out unless you are signed in to your Google account.
3. Now to boot into fastboot mode, and this particular step is extremely important. Android 10 introduced a new fastboot mode for dynamic partitions, known as FASTBOOTD, which is relocated from the bootloader to userspace. This particular fastboot mode supports resizeable partitions within the dynamic scheme, and enables the user to create, resize and delete various logical partitions. However, FASTBOOTD mode cannot be utilized to unlock the bootloader, and will not recognize the unlock command. As such, the user must rely upon legacy fastboot mode in order to unlock the bootloader. From stock recovery mode, you may simply choose the option to reboot to bootloader. DO NOT CHOOSE THE OPTION TO ENTER FASTBOOT, as this option will boot to FASTBOOTD. From the Android OS, you can boot into legacy fastboot mode by executing:
Code:
adb reboot bootloader
Once you see a green Android graphic appear in the center of your display, you are in the correct fastboot mode.
4. Connect your tablet to your PC/laptop using the OEM-supplied or a quality equivalent micro USB to USB-A data sync cable. Next, open a command window in the path of your ADB/Fastboot directory. Check your connection by executing this command:
Code:
fastboot devices
If you are properly connected, the command window will return an alphanumeric string synonymous with your device's serial number. If you do not see this, there is a problem with communications between your tablet and PC/laptop. To troubleshoot the issue, switch to another USB port, try another data sync cable, and/or reinstall the ADB/Fastboot drivers on your PC or laptop. Also, see my instructions above on installing USB device drivers on your Windows computer;
5. Once a proper connection has been verified, execute this command:
Code:
fastboot oem unlock
Once you see the Okay notification in the command window, your bootloader is now unlocked. Execute this command:
Code:
fastboot reboot
Your tablet will now initiate a factory data reset and then reboot into the initial setup for the Android OS.
II. ROOTING THE QLINK SCEPTER 8
Now that the bootloader has been unlocked, rooting this tablet is very straightforward. Again, I have provided pre-rooted boot image files in the DOWNLOADS section for all four models & variants.
INSTRUCTIONS:
A. Gen 1 QLink Scepter 8Android 11 (Go Edition)
NOTE: If your tablet is running Android 12 Go Edition, you're in the wrong place. Skip down to the next section.
1. Download the Gen 1 patched boot image that matches your S/N variant using the links below, and save the file on your PC/laptop in the ADB/Fastboot directory. Note that the file is named patched_boot.img. The flashing command below assumes that you leave this file name unchanged;
2. Go to device Settings>About tablet and tap Build number 7 times or until Developer Options are enabled. (This step is necessary if you unlocked your bootloader using the previous section, due to the factory data reset.) Enable USB Debugging in the Developer Options menu;
3. Power your tablet off. Hold the Power and Volume Down keys simultaneously until the QLink logo appears, at which time you release Power but continue holding Volume Down. The green Android will appear on the display to indicate fastboot mode;
4. Connect your tablet to your PC or laptop using a quality data sync cable. Verify your connection using the instructions in Step 4 of the bootloader unlocking section above;;
5. Once a solid connection is verified, execute these commands:
Code:
fastboot flash boot patched_boot.img
fastboot reboot
NOTE: Your active boot slot should be boot_a. Regardless, the above command flashes your active slot by default, without having to specify slot _a or _b.
Upon reboot, your tablet will be rooted with the latest Magisk systemless root strategy. If you do not see the Magisk app or the placeholder stub in your app drawer, go ahead and download the latest version from the link below and install the APK on your tablet. Open the Magisk app, grant the prompted permissions, and follow any prompts to complete setting up the root environment.
B. Gen 2 QLink Scepter 8Android 12 (Go Edition)
NOTE: If your tablet is running Android 11 Go Edition, you're in the wrong place. Go back to the previous section. .
1.Download the Gen 2 patched boot image that matches your S/N variant and the empty vbmeta.img using the links below, and save the files on your PC/laptop in the ADB/Fastboot directory. Note that the boot image file is named patched_boot.img, and the vbmeta image is named vbmeta.img. The flashing commands below assume that you leave these file names unchanged;
2. Go to device Settings>About tablet and tap Build number 7 times or until Developer Options are enabled. (This step is necessary if you unlocked your bootloader using the previous section, due to the factory data reset.) Enable USB Debugging in the Developer Options menu;
3. Power your tablet off. Hold the Power and Volume Down keys simultaneously until the QLink logo appears, at which time you release Power but continue holding Volume Down. The green Android will appear on the display to indicate fastboot mode;
4. Connect your tablet to your PC or laptop using a quality data sync cable. Verify your connection using the instructions in Step 4 of the bootloader unlocking section above;;
5. Once a solid connection is verified, execute this command:
Code:
fastboot flash boot patched_boot.img
Now, continuing in fastboot mode, you will need to disable dm-verity/Android Verified Boot (AVB) by flashing an empty vbmeta.img via executing the following command:
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
Next, execute this command to reboot your device:
Code:
fastboot reboot
Upon reboot, your tablet should now be rooted with the Magisk systemless root strategy. If you do not see the Magisk app or the stub placeholder in your app drawer, go ahead and download the latest version from the link below and install it on your tablet. Open the Magisk app, grant the prompted permissions, and follow any prompts to update Magisk and/or complete setting up the root environment.
IMPORTANT NOTE:
In the unfortunate event you have a mishap with rooting your tablet and get stuck in a boot loop, or if your tablet will not otherwise boot into the Android OS, have no worries. My tutorial on firmware restoration for the QLink Scepter 8 will revert your device back to its original stock factory state. You can then return here and give it another try.
QLink Scepter 8 Firmware Restoration Guide
DOWNLOADS:
• 15-Second ADB Installer
• Gen 1 (CF) Patched Boot Image
• Gen 1 (MD) Patched Boot Image
• Gen 2 (CF) Patched Boot Image
• Gen 2 (MD) Patched Boot Image
• Empty vbmeta.img
• Official Magisk Releases / GitHub Repo
THANKS & MENTIONS:
Thanks goes out to Hot Pepper Mobile CEO Shawn Sun and Support Specialist Joshua G for providing stock firmware images for this device.
Also, I wish to recognize and thank @13lack13ox for being a huge help to thread members at times when I was not able.
For some reason, I'm stuck on the part where you have to use the fastboot option. So basically, I got my tablet in fastboot mode (the secondary one with the green android graphic), but when I tried to use the adb function, it doesn't detect my tablet. And also, the command, "fastboot devices" doesn't do anything, and when I try to use "fastboot device" it just says waiting for any device and just... stays there, not detecting my tablet. I tried multiple computers, tried both PowerShell and the command prompt with admin privileges, to no avail. For information, it worked when my tablet was on my tablet is the V9 firmware, but it slightly newer since I just updated to V9_20220224... so maybe that might have something to do with it...
64Star said:
For some reason, I'm stuck on the part where you have to use the fastboot option. So basically, I got my tablet in fastboot mode (the secondary one with the green android graphic), but when I tried to use the adb function, it doesn't detect my tablet. And also, the command, "fastboot devices" doesn't do anything, and when I try to use "fastboot device" it just says waiting for any device and just... stays there, not detecting my tablet. I tried multiple computers, tried both PowerShell and the command prompt with admin privileges, to no avail. For information, it worked when my tablet was on my tablet is the V9 firmware, but it slightly newer since I just updated to V9_20220224... so maybe that might have something to do with it...
Click to expand...
Click to collapse
Sounds like you have a common driver issue. Do this: with your device connected to your PC in fastboot mode, right click your Windows start button and open Device Manager. What is your tablet showing up as? We will need to update your driver. I can walk you through it. Did you install the Google driver from the 15-Second ADB Installer? I am nearly finished writing a guide on properly installing the device drivers. I will link it here when posted. It will give you a detailed step-by,-step outline. I don't think it's an issue with the firmware builds. Fastboot detection issues are common with this tablet due to some type of instability with driver persistence. For example, I often need to update my driver every time I use fastboot mode because, for some odd reason, the updated driver doesn't persist once the tablet is disconnected from the PC and then reconnected.
i dont have this tablet but another hot pepper device called the poblano. with that i was able to boot into ffbm from the bootloader and have root adb access. then i ran dd on my boot partition and patched it with magisk and flashed it back
wondering if hot pepper still makes their devices like that or they patched it. either way props to you for getting the fw straight from the oem
luridphantom said:
i dont have this tablet but another hot pepper device called the poblano. with that i was able to boot into ffbm from the bootloader and have root adb access. then i ran dd on my boot partition and patched it with magisk and flashed it back
wondering if hot pepper still makes their devices like that or they patched it. either way props to you for getting the fw straight from the oem
Click to expand...
Click to collapse
The Scepter 8 does not ship with adb root shell (adbd) enabled. In fact, the bootloader was not even intended to be unlocked. The unlock command is disabled in standard fastboot mode. Luckily, the Scepter 8 is integrated with a second fallback fastboot mode, which we were able to use to to the oem unlock.
Many AllWinner tablets and other Chinese devices do, as you pointed out on your Hot Pepper device. When the Scepter 8 was first released I was able to pull a boot image using a Phoenix Suite tool that had been reverse engineered and modded. As luck would have it, I got rid of the tablet and lost my files along with access to the Phoenix Suite tool. So I've been weeks quarreling with Hot Pepper Mobile to provide firmware and the kernel source code. To their credit, the Hot Pepper CEO and support team were very helpful once they understood what I needed. Hot Pepper's software developers are in China, so a language translation issue hindered my request for some time.
Anyway thank you for your kind words and it is a pleasure making your acquaintance.
@64Star I have updated the thread above with some detailed instructions on updating your device drivers. Hope this helps.
Viva La Android said:
@64Star I have updated the thread above with some detailed instructions on updating your device drivers. Hope this helps.
Click to expand...
Click to collapse
It does, I've unlocked the bootloader and now i'm gonna go root it. Thanks for your help!
I have an unfortunate update: When I went to turn on my tablet, I've noticed there was a noticeable crack on the top left corner of the screen... and then when I tried to use it... the touchscreen no longer functions. I have no clue where that crack came from, cause that wasn't there yesterday, and I've kept it safe in a drawer until now, so I have no clue how it's possible. Guess the software isn't the only thing that's cheap, cause my 2020 Moto G Power survived way worse without even a single crack.
TL,DR: Touch screen somehow broke overnight, meaning I can't get past the setup screen, so GG no re, this $10 qlink tablet ****ing sucks.
64Star said:
I have an unfortunate update: When I went to turn on my tablet, I've noticed there was a noticeable crack on the top left corner of the screen... and then when I tried to use it... the touchscreen no longer functions. I have no clue where that crack came from, cause that wasn't there yesterday, and I've kept it safe in a drawer until now, so I have no clue how it's possible. Guess the software isn't the only thing that's cheap, cause my 2020 Moto G Power survived way worse without even a single crack.
TL,DR: Touch screen somehow broke overnight, meaning I can't get past the setup screen, so GG no re, this $10 qlink tablet ****ing sucks.
Click to expand...
Click to collapse
@64Star I hate to hear that but I know exactly how it goes. I've cracked many a screen in my day. But, on a positive note, if you have the extra funds, there are a ton of these tablets available on eBay within the $35 to $40 price range.
Viva La Android said:
@64Star I hate to hear that but I know exactly how it goes. I've cracked many a screen in my day. But, on a positive note, if you have the extra funds, there are a ton of these tablets available on eBay within the $35 to $40 price range.
Click to expand...
Click to collapse
LOL really turning a profit!
13lack13ox said:
LOL really turning a profit!
Click to expand...
Click to collapse
Haha. No doubt
Sorry about the delay on TWRP guys. My mounting issues are actually encryption issues. TWRP isn't decrypting the /userdata or /vendor partitions with the default key. I'm going to chat with one of my friends over at TeamWin and see if I can get a little guidance.
Viva La Android said:
@64Star I hate to hear that but I know exactly how it goes. I've cracked many a screen in my day. But, on a positive note, if you have the extra funds, there are a ton of these tablets available on eBay within the $35 to $40 price range.
Click to expand...
Click to collapse
You really expect me to shell out around 35$ to 40$ on a slow, laggy 10$ tablet just to experiment on? Hahahahahaha....
Spoiler
Perhaps
64Star said:
You really expect me to shell out around 35$ to 40$ on a slow, laggy 10$ tablet just to experiment on? Hahahahahaha....
Spoiler
Perhaps
Click to expand...
Click to collapse
Not really. I was only providing you info as to where they were available. I found one for $19 which is more than I really wanted to give.
As it stands now,.all the lag is gone in mine. I debloated everything that wasn't essential for normal operations. Then I edited the system/build.prop to increase responsiveness and I limited background apps & processes. Finally, I installed a kernel tuner and set the LMK to very aggressive, tweaked the I/o scheduler parameters, and increased entropy from the available pool. And set SELinux to permissive mode. I'm using Nova Launcher Premium with the launcher locked into memory. Believe it or not, the tablet is now very responsive considering the specs. I'm looking into overclocking the CPU a bit, but 1.46 GHz seems to suffice once RAM is optimized. It's a difference in night and day. It's good for a project tablet but that's about it.
There's another government tablet floating around called the Maxwest Nitro 7Q. 4G/LTE supported with a lot better specs. I think I have one located to buy for cheap.
Lots of tweaks it doesnt run too bad just removing bloatware. Would be cool to get your params on your tweaks etc. If you ever got time could you post it up? Maybe the rom you were talking about in another post has all that included? Anyways if not no biggie, this thing is just for playing around on.
13lack13ox said:
Lots of tweaks it doesnt run too bad just removing bloatware. Would be cool to get your params on your tweaks etc. If you ever got time could you post it up? Maybe the rom you were talking about in another post has all that included? Anyways if not no biggie, this thing is just for playing around on.
Click to expand...
Click to collapse
Absolutely. I'll list those for you here in just a little bit. I have a pure stock ROM built with a TWRP installer, but my TWRP has run into a snag. I've reached out to TeamWin for guidance on that.
All in good time, man. Just glad someone with knowledge is doing all this. Wish I could help more. My ability to program and compile is equivalent to stick poking. I've done it once with aosp 6 that was awhile ago.
13lack13ox said:
All in good time, man. Just glad someone with knowledge is doing all this. Wish I could help more. My ability to program and compile is equivalent to stick poking. I've done it once with aosp 6 that was awhile ago.
Click to expand...
Click to collapse
You seem to know your way around the Android OS pretty well. I'm a developer in training myself. Learning every day. Yeah AOSP 6, I still love working with the Marshmallow builds.
Ok first things first. I notice a huge performance boost from some kernel level mods. Here is a link to Kernel Toolkit. Install both APKs. https://mega.nz/folder/QYwA0QTA#O_Zg3h_iVkHOdeyU_yOmLw
First go to the CPU heading and change the scaling governor to Ondemand. Under CPU Governor Params, tap on Performance Profile and select Maximum Performance (you may personally want to scale back to Aggressive or Balanced, depending on your need for battery life). Now, close Kernel Toolkit and restart the app. Next go to the I/O heading. Choose kyber as the I/o scheduler and set the read ahead buffer to 512 KB. Go down to ZRAM and increase to the maximum of 1000 MB. Set Swappiness to 100. Go over to the Profiles heading, create a profile will all settings and give it a name recommended from the list. When complete, tap on the profile, select save settings and then apply settings.
Now go to the menu button in the upper left of the app. Go down and enable Apply Settings on Boot. Select All and set a 5 second delay.
Next, download a build.prop editor from Play Store. There are tons of free ones and any will suffice. Make a backup of your system/build.prop before you tweak anything. Open the editor and grant root permission.
For build.prop edits, locking your launcher into memory helps a lot with responsiveness. Add this line to system/build.prop
ro.HOME_APP_ADJ=1
This basically prevents the launcher from being killed by Android's native LMK.
To increase touch responsiveness, add these lines as well.
debug.performance.tuning=1
video.accelerate.hw=1
Disable the boot animation for faster boot time.
debug.sf.nobootanimation=1
Reboot to enable the tweaks.
Give these a try and let me know your feedback. I'm working on a few more mods to optimize this tablet and I'll keep you posted on those as well.
Thx great changes so far. Yeah more "snappyness" for sure. I'll have to play around and open up as much as i can swap around.
I can't change I/O scheduler though, I get a contact developer message.
13lack13ox said:
Thx great changes so far.
Click to expand...
Click to collapse
Yw. Do you notice a decent improvement?
Hi, I just registered today to ask this question. Through somewhat simple means using the tools I had available, I was able to readback the stock rom from a TCL 20 XE 5087Z branded under Boost Mobile. I have successfully rooted via magisk and have confirmed that it is indeed the correct stock firmware through a bit of an accident, I forgot to patch vbmeta when flashing magisk_patched_boot.img, so in a panic, I flashed back all the roms I had read back from the device except userdata, and miraculously the device worked! Now the problem I run into is all the bloatware the carrier has installed on the phone. My main reason for rooting my device was I wanted the ability to prevent apps from being killed by the "Smart" manager on the device, because it seems that important apps keep getting killed by the built-in software. I ended up determining that the ram manager on the phone was killing apps based on the amount of ram available. Now that the phone is rooted, you would think I would have no problem getting rid of all the bloatware, except that whenever I forcefully uninstall the ram manager (com.tct.onetouchbooster), the app is still available on my apps menu and clicking on it with pretty much no delay opens the app right up as if the data had just been cleared. Now I have no idea what is causing this, probably another app, but I was wondering if maybe an easier alternative would be to get a generic android image for the device without bloatware that I can install just what I need. Now I say easier, but I find little documentation on how to do this, better yet if it will work. I have limited knowledge of how the android system works, mainly I just understand that /boot contains the bootloader, /system contains the os, and /userdata contains all the extra data apart from the stock image. If someone would enlighten me, would it actually be easier to build a generic image? Are there tools to do this? I understand that firmware is very touchy and that there is no "Generic" image in the sense, but having my stock rom available, would I be able to somehow generate a generic image based on the rom contents? If this would be way harder, how would I go about removing bloatware? I would not want to have to reset my phone each time I uninstall the wrong application, is there a non-data-damaging way to go about removing bloatware? If it ends up not being bloatware that is causing it and some hidden property somewhere in the stock rom config, how hard would it be to find that? Any help would be appreciated, and I am open to any comments and criticism. Please let me know how I might go about this, thanks in advance!
The stock firmware for this device can be found here: https://drive.google.com/file/d/1Q5IDP8V7PvuH2_1z63IFe23O2DF0cXZR/view?usp=sharing
The phone was bought from Walmart with prepaid Boost Mobile and it is a TCL 20 XE 5087Z with a MT6765 processor.
The password for the file is: xda5087Z-MT6765
Is the phone Project Treble enabled? If not don't waste your time.
A GSI is related to Project Treble, which means that the image can be installed on any Project Treble-supported device, regardless of the manufacturer, because it does not contain any hardware-specific components. The advantage is that a GSI can theoretically be used on any Project Treble-supported device.
xXx yYy said:
Is the phone Project Treble enabled? If not don't waste your time.
A GSI is related to Project Treble, which means that the image can be installed on any Project Treble-supported device, regardless of the manufacturer, because it does not contain any hardware-specific components. The advantage is that a GSI can theoretically be used on any Project Treble-supported device.
Click to expand...
Click to collapse
I downloaded the treble info app from the play store and indeed it is available with treble, the system image i need is system-arm64-ab.img.xz, would you mind pointing me in the right direction for how to install this? I'm assuming this just gets installed in the /system partition but let me know if I'm wrong. Thanks!
Can't help you, never did this.
You may look inside here:
[GUIDE] How to build a Project Treble GSI ROM from source? [31/08]
Hello guys, in this guide I'll try to simplify building Treble GSI process. As you read this guide now I'll assume you already have a previous knowledge about How to build android from source, so I won't cover some points with too many basic...
forum.xda-developers.com
Yes, only flash system.img. I recommend Android 10 (Android 11+ introduced restricted permissions)
[DISCONTINUED][GSI][10] LineageOS 17.x GSI (all archs)
Background: This is a natural continuation/extension of the LineageOS 16.0 GSIs I've been making since March 2019. If you clicked in here, I bet you know what LineageOS is already, but just to fill the blank: LineageOS is a free, community built...
forum.xda-developers.com
alecxs said:
Yes, only flash system.img. I recommend Android 10 (Android 11+ introduced restricted permissions)
[DISCONTINUED][GSI][10] LineageOS 17.x GSI (all archs)
Background: This is a natural continuation/extension of the LineageOS 16.0 GSIs I've been making since March 2019. If you clicked in here, I bet you know what LineageOS is already, but just to fill the blank: LineageOS is a free, community built...
forum.xda-developers.com
Click to expand...
Click to collapse
DO NOT DO THIS!!!! The TCL 20 XE is NOT compatible with Android 10 (it only supports something 30, which corresponds to Android 11), and the device will bootloop. I have made this mistake but I can not reach fastboot as the option is not in the recovery, therefore I need to run "adb reboot fastboot" within Android. MTKClient should fix this if you can find a stock super.img file for the 5087z.
note "adb reboot fastboot" is for fastbootd which is in recovery, while "adb reboot bootloader" is for fastboot (you can always enter from Volume button, regardless of destroyed boot/system partition)
boot-loop is probably caused by dm-verity, you forgot vbmeta?
alecxs said:
note "adb reboot fastboot" is for fastbootd which is in recovery, while "adb reboot bootloader" is for fastboot (you can always enter from Volume button, regardless of destroyed boot/system partition)
boot-loop is probably caused by dm-verity, you forgot vbmeta?
Click to expand...
Click to collapse
Fastbootd doesn't have an option in the recovery on my model, I've seen other TCL 20 XE phones have it though (I have the Boost Mobile varient like the thread maker), however Fastbootd let's me boot into recovery. I was only able to flash the stock ROM with MTKClient, which mikedcoombs thankfully provided (I just needed the super partition). For vbmeta, I just have an empty vbmeta that I flashed when I first rooted the phone. I don't think it is dm-verity, because LineageOS 20 as an GSI worked except for the Wi-Fi.