Hello All,
Recently i applied local update on my one plus 8t and it wiped all my data everything is lost. Backup to drive and oneplus cloud was also NOT turned ON.
Any way to recover files ? I already tried Wondershare and few other applications but none of them worked.
One of my friend suggested RECUVA but its not showing my phone as a drive.
Please help.
May be an authorized service center has the means to recover the wiped data, means the forensic software needed. In any case, phone's Android must be rooted.
Don't trust the 3rd-party-softwares you've to pay for: are all more or less only crap.
Thanks for replying but can i mount my android as a drive (removable storage). just like flash drive.
it's pointless. FDE crypto-footer is garbage even if just a single byte is overwritten. FBE encryption keys aren't stored in userspace at all. your device uses both FBE + FDE. userdata partition is F2FS file system, no recovery tools will work. your data is unrecoverable per design
How to recover a deleted file from /data partition?
I factory reset my rooted Android M phone but now I realize that there was a file in the /data directory which I need. Is it possible to create an image (.img or something similar) of the /data
android.stackexchange.com
aIecxs said:
it's pointless. FDE crypto-footer is garbage even if just a single byte is overwritten. FBE encryption keys aren't stored in userspace at all. your device uses both FBE + FDE. userdata partition is F2FS file system, no recovery tools will work. your data is unrecoverable per design
How to recover a deleted file from /data partition?
I factory reset my rooted Android M phone but now I realize that there was a file in the /data directory which I need. Is it possible to create an image (.img or something similar) of the /data
android.stackexchange.com
Click to expand...
Click to collapse
so data on my samsung j4+ which was factory resetted (because i had to unlock the boot loader) cannot be recovered?
I was talking about OnePlus 8T. That's different from yours
Hello guys,
I run into a problem recently were my device won't boot. I tried a plethora of different solutions but nothing worked, I will have to factory reset to fix the issue.
My problem right now is that I can't access my files to make a backup. On my computer the device is connected and recognized but I can't access it's files. I also have TWRP and in TWRP Recovery it's unable to mount the Internal Storage and it shows up as 0MB. After a lot of research what seems to be the problem is that my files are encrypted, I don't know why this is (I guess for protection) but I didn't have any problems before. To my understanding if the phone is booted up you can access the files but if it can't boot then they stay encrypted. The encryption key should still be in my phone since I haven't formated it.
So how can I decrypt my data so that I can backup my files ? there must be a way for cases like this when something happens and the device can't boot, since the key is in the device it's self and I have the phone I should be able to, I also have access to every single account (google, xiaomi etc.) that is associated with this smartphone. If for security reasons that is not possible, would an authorized repair center be able to do it with proof of purchase and ownership ?
I am not 100% sure of my os version but it was 12.5.x.x, I have the unofficial twrp 3.5.0_10-beta. USB Debugging is enabled. Any other information you might need I can provide!
Thanks a lot everyone !
Your phone basically uses FBE ( File-Based Encryption ) to encrypt /data partition. When you boot phone into Recovery mode then the recovery.fstab file gets read by system
If you take a look into this file then you can notice that /data partition isn't encrypted ( it's only flagged encryptable and NOT fileencryption ).
TWRP will ask for lock screen credentials used for decrypting userdata partition. on FBE encryption the partition is mounted and even with no credentials provided one should at least see encrypted files.
In your case it's bit more complicated as that device uses FBE + metadata encryption. while in TWRP provide recovery.log to see what is going on. (share link to pastebin.com with expiration date 1 month)
Code:
adb pull /tmp/recovery.log
Note: there exist no relation between (FDE) encryptable= and (FBE) fileencryption= flags, these flags aren't interchangeable.
https://github.com/mhmdeve/twrp_dev...-twrp/recovery/root/system/etc/twrp.fstab#L18
aIecxs said:
TWRP will ask for lock screen credentials used for decrypting userdata partition. on FBE encryption the partition is mounted and even with no credentials provided one should at least see encrypted files.
In your case it's bit more complicated as that device uses FBE + metadata encryption. while in TWRP provide recovery.log to see what is going on. (share link to pastebin.com with expiration date 1 month)
Code:
adb pull /tmp/recovery.log
Note: there exist no correlation between (FDE) encryptable= and (FBE) fileencryption= flags, these flags aren't interchangeable.
https://github.com/mhmdeve/twrp_dev...-twrp/recovery/root/system/etc/twrp.fstab#L18
Click to expand...
Click to collapse
Here is the pastebin: Recovery.log
I read somewhere that changing the flags would solve the problem, after looking into it I pretty much found out what you said.
I also have an updated thread, if you can take a look it has some extra information provided !
Updated Thread
Hello guys,So my devices is stuck in a bootloop, I want to reflash the ROM but I need a backup first.Things I've tried to fix bootloop that didn't work:
Re-flashed the boot.img
Re-flashed the vbmeta.img
Wiping cache through TWRP Recovery
Things I've tried to back up my data:
Going into TWRP to make a backup it reads: "Internal Storage (0MB)", when I try to mount system or data I get "Unable to mount."
When I use the Mount->Decrypt Data option it asks me for a password, I tried every password I ever had on the phone and any "default" ones I found online and nothing worked.
I tried the adb pull command from my computer I get: "0 files pulled, 0 skipped." and nothing gets copied over.
So I don't know where to go from here, I have some things I have yet to try like:
Re-flashing ROM (dirty flash)
Re-flashing ROM update
Flash TWRP Update (if any)
But I don't know if they're going to to anything or just waste my time. Also I am not sure any of the 3 options will 100% keep my data.I am not too worried about apps and settings but more about Photos, Videos, PDFs, TXTs and Downloads.
Any ideas on what I should do ? Thanks a lot !
My device: Xiaomi Mi 10T Pro
If Stock Recovery would be the default recovery - and not TWRP - then if ADB got successfully established there would be a chance to pull the data interested in.
Code:
I:Unable to decrypt metadata encryption
E:Unexpected value for crypto key location
E:Error getting crypt footer and key
Code:
I:operation_start: 'Repair Partition'
Repairing Data using fsck.f2fs...
I:Repair command: /system/bin/fsck.f2fs /dev/block/sda34
Info: No support kernel version!
Info: Segments per section = 1
Info: Sections per zone = 1
Info: sector size = 4096
Info: total sectors = 28051451 (109575 MB)
Invalid SB CRC offset: 1205917355
Can't find a valid F2FS superblock at 0x0
Invalid SB CRC offset: 876348585
Can't find a valid F2FS superblock at 0x1
/system/bin/fsck.f2fs /dev/block/sda34 process ended with ERROR: 255
Unable to repair Data.
you have formatted userdata partition. your data is gone now...
Code:
I:operation_start: 'Change File System'
Formatting Data using mke2fs...
I:mke2fs command: mke2fs -t ext4 -b 4096 /dev/block/sda34 28051451
mke2fs 1.44.4 (18-Aug-2018)
Discarding device blocks: 4096/28051451 done
Creating filesystem with 28051451 4k blocks and 7020544 inodes
Filesystem UUID: c9db44bf-b076-41c6-b191-1013f3c1184e
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872
Allocating group tables: 0/857 done
Writing inode tables: 0/857 done
Creating journal (131072 blocks): done
Writing superblocks and filesystem accounting information: 0/857 done
I:mke2fs -t ext4 -b 4096 /dev/block/sda34 28051451 process ended with RC=0
I:Cannot lookup security context for '/data'
Done.
to fix boot-loop, factory reset device and format userdata back to f2fs from fastboot.
Code:
fastboot format:f2fs userdata
fastboot format:ext4 metadata
jwoegerbauer said:
If Stock Recovery would be the default recovery - and not TWRP - then if ADB got successfully established there would be a chance to pull the data interested in.
Click to expand...
Click to collapse
of course not. stock recovery neither provides adb nor is able to decrypt data.
aIecxs said:
Code:
I:Unable to decrypt metadata encryption
E:Unexpected value for crypto key location
E:Error getting crypt footer and key
Code:
I:operation_start: 'Repair Partition'
Repairing Data using fsck.f2fs...
I:Repair command: /system/bin/fsck.f2fs /dev/block/sda34
Info: No support kernel version!
Info: Segments per section = 1
Info: Sections per zone = 1
Info: sector size = 4096
Info: total sectors = 28051451 (109575 MB)
Invalid SB CRC offset: 1205917355
Can't find a valid F2FS superblock at 0x0
Invalid SB CRC offset: 876348585
Can't find a valid F2FS superblock at 0x1
/system/bin/fsck.f2fs /dev/block/sda34 process ended with ERROR: 255
Unable to repair Data.
you have formatted userdata partition. your data is gone now... factory reset device and format back to f2fs from fastboot.
Code:
I:operation_start: 'Change File System'
Formatting Data using mke2fs...
I:mke2fs command: mke2fs -t ext4 -b 4096 /dev/block/sda34 28051451
mke2fs 1.44.4 (18-Aug-2018)
Discarding device blocks: 4096/28051451 done
Creating filesystem with 28051451 4k blocks and 7020544 inodes
Filesystem UUID: c9db44bf-b076-41c6-b191-1013f3c1184e
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872
Allocating group tables: 0/857 done
Writing inode tables: 0/857 done
Creating journal (131072 blocks): done
Writing superblocks and filesystem accounting information: 0/857 done
I:mke2fs -t ext4 -b 4096 /dev/block/sda34 28051451 process ended with RC=0
I:Cannot lookup security context for '/data'
Done.
Click to expand...
Click to collapse
But how ? I never formatted my data ?
you have formatted -> to ext2 -> to ext4 -> with the 'Change File System' option in TWRP
aIecxs said:
of course not. stock recovery neither provides adb nor is able to decrypt data.
Click to expand...
Click to collapse
It's NONSENSE what you tell here. It's not the 1st time you do so. Wondering why?
aIecxs said:
you have formatted -> to ext2 -> to ext4 -> with the 'Change File System' option in TWRP
Click to expand...
Click to collapse
That deletes your data ? I read it on a guide and it was not mentioned. I has 110+ GBs worth of files and the process was done in seconds, are you sure the data is gone ? Or that this was the cause ?
jwoegerbauer said:
It's NONSENSE what you tell here. It's not the 1st time you do so. Wondering why?
Click to expand...
Click to collapse
actually it's you repeating nonsense without reading explanations because usually you already "no longer participate in this thread"
https://forum.xda-developers.com/t/...e-is-stuck-on-boot-loop.4536965/post-87941947
btw should I remind you to forum rules
MikeChannon said:
14. Create only ONE User Account
You are allowed ONE User Account at XDA-Developers. If you create additional accounts, Moderators will disable them and your original account may also be disabled or infracted.
Click to expand...
Click to collapse
https://forum.xda-developers.com/t/xda-developers-forum-rules.4200559
Leonniar said:
That deletes your data ? I read it on a guide and it was not mentioned. I has 110+ GBs worth of files and the process was done in seconds, are you sure the data is gone ? Or that this was the cause ?
Click to expand...
Click to collapse
No, that wasn't the cause of boot-loop. but next time you must not follow random guides without understanding what you're actually doing. yes, formatting userdata partition deletes all data. it's too late now...
aIecxs said:
No, that wasn't the cause of boot-loop. but next time you must not follow random guides without understanding what you're actually doing. yes, formatting userdata partition deletes all data. it's too late now...
Click to expand...
Click to collapse
I was under the impression that changing the system file could be done without deleting the data, that's what the guide said and there was no warning or message regarding loss of data inside TWRP (for example there are a lot of messages in the WIPE section) so I figured it could work... I was out of options... damn...
So I am screwed pretty much ?
wording matters.
changing the system file could be done without deleting the data.
changing the file system of the partition not. this is common sense, no warning required.
my explanation: you don't know what a file system actually is (but then you're not in the position of dealing with file systems anyway)
https://forum.xda-developers.com/t/...ed-to-unlock-bootloader.4531349/post-87917999
that said, if it's any consolation to you, encryption of userdata partition was already corrupted beforehand. on (plain) FBE encryption some users could repair ext4 file system with e2fsck. your device is formatted f2fs which isn't as easy to repair as ext4.
'Repair Partition' fsck.f2fs could have worked in case the f2fs file system have had (minor) issues.
But in your case most likely (if I got the recovery.log right) the early metadata encryption was broken (maybe metadata partition faulty) so there were no chance to decrypt block device anyway, which is prerequisite for mounting/decrypting or even just repairing (FBE encrypted) userdata partition.
So the chances to recover any files were very low to zero from the beginning.
aIecxs said:
wording matters.
changing the system file could be done without deleting the data.
changing the file system of the partition not. this is common sense, no warning required.
Click to expand...
Click to collapse
Yeah I know, for real I don't know why I didn't realize. I've been changing file systems of USB Drives to use for softmoded consoles and I format them every time. Yet I didn't even realize I did the same here...
But yeah, since I didn't have much luck from the beginning I guess it just made it easier for me to delete my files...
Thanks for all the help and the explanations !
aIecxs said:
wording matters.
changing the system file could be done without deleting the data.
changing the file system of the partition not. this is common sense, no warning required.
my explanation: you don't know what a file system actually is (but then you're not in the position of dealing with file systems anyway)
https://forum.xda-developers.com/t/...ed-to-unlock-bootloader.4531349/post-87917999
that said, if it's any consolation to you, encryption of userdata partition was already corrupted beforehand. on (plain) FBE encryption some users could repair ext4 file system with e2fsck. your device is formatted f2fs which isn't as easy to repair as ext4.
'Repair Partition' fsck.f2fs could have worked in case the f2fs file system have had (minor) issues.
But in your case most likely (if I got the recovery.log right) the early metadata encryption was broken (maybe metadata partition faulty) so there were no chance to decrypt block device anyway, which is prerequisite for mounting/decrypting or even just repairing (FBE encrypted) userdata partition.
So the chances to recover any files were very low to zero from the beginning.
Click to expand...
Click to collapse
Hello and sorry for bothering you again.
I am currently trying to fix the bootloop, I formatted userdata back to f2fs but I noticed Cache is also on ext4 format, should I change that as well ?
Also on your original comment on how to fix bootloop you told me
aIecxs said:
factory reset device and format userdata back to f2fs from fastboot
Click to expand...
Click to collapse
But factory reset fails so I am changing the file system first before trying again.
I will also root my device again as soon as I have it up and running, will a factory reset be sufficient ? NO leftovers or anything ? Or should I go with "Format Data" or just wipe everything ?
And absolute last question, I am trying all this through TWRP Recovery. Will any of the above mentioned options (Factory Reset, Wipe Data, Format Data) delete TWRP as well ? As I said since I will root the phone again I would like to remove TWRP as well and do a clean install.
Thanks again !
Format Data is what I meant with factory reset. you can do it from TWRP. you haven't changed file system of cache therefore no need to change file system to f2fs.
aIecxs said:
factory reset device and format userdata back to f2fs from fastboot.
Code:
fastboot format:f2fs userdata
fastboot format:ext4 metadata
Click to expand...
Click to collapse
You won't lose root or TWRP, unless you restore backup of stock boot.img
aIecxs said:
Format Data is what I meant with factory reset. you can do it from TWRP. you haven't changed file system of cache therefore no need to change file system to f2fs.
You won't lose root or TWRP, unless you restore backup of stock boot.img
Click to expand...
Click to collapse
Oh so Formatting Data keeps magisk ?
So there is no need for clean install of TWRP or Root ? I just update anything if needed and I am good to go ?
Edit:
After rebooting the device and trying to re-activate it with my Mi Account I can't connect to the internet. SIM Card is inserted, I was not asked for a pin and it shows no signal (there is definitely signal). Turning on wifi shows 0 available networks even tho there are plenty. Any idea why ?
you lose Magisk superuser but you won't lose root. just install apk from github again.
the other issue sounds like you lost baseband, probably due booting into wrong slot.