Database Info

HOW TO: Manually backup 3rd-party application settings and data

This tutorial will explain how to backup application data and settings for 3rd-party apps that do not have an export/import settings feature. Looking to upgrade your ROM but don't want to lose your todos/highscores/whatnots after a data wipe? Then read on..
(I've never used apps to SD, so I'm not completely sure how the data is stored with that. I'm assuming the entire data partition is moved to the SD though, so the procedures outlined in this guide are not necessary / do not apply to apps2sd)
Tools needed:
adb
Backing up settings
Run a adb shell in the command prompt and navigate to /data/data
Code:
c:\android-sdk-windows-1.5_r1\tools> adb shell
# cd /data/data
Find the folder of the app whose settings you want to backup. In android 1.5, M/SMS are stored in com.android.providers.telephony and bookmarks are in com.android.browser. For third party apps, you can use ls to list all installed apps and find your app folder manually, or use find - say I want to find the app folder for the Astrid todo app:
Code:
# ls
<.....lots of directories....>
com.timsu.astrid
<.....more directories....>
# find *astrid* -maxdepth 0
com.timsu.astrid
Now open a separate command prompt and use adb pull to copy the application's data folder to your computer. This does not copy the app itself, only its saved data and settings. App .apks reside in /data/apps, which you can also adb pull out if you want. In this example I pull out settings for Astrid:
Code:
c:\android-sdk-windows-1.5_r1\tools> adb pull /data/data/com.timsu.astrid d:\desktop\com.timsu.astrid
Feel free to replace d:\desktop with the location of your choice, of course. Repeat the above for each app folder you want to backup.
Restoring settings after a wipe
First thing to do is reinstall the apk, from sdcard, adb install, market, whatever. After the app is installed, you can restore settings in one of two ways: the easy way or the hard but safe (paranoid) way.
The Easy Way:
This quick and dirty method will give everyone full read/write/execute permissions on the application's settings/data. This is normally a Very Bad Idea with a normal linux computer, but realistically there is very little risk of this posing any real security issues on a device like a phone.
First, adb push the settings into the data folder, overwriting the app's stock settings (in this example, the astrid data I backed up) then adb shell into the phone and navigate to /data/data:
Code:
c:\android-sdk-windows-1.5_r1\tools> adb push d:\desktop\com.timsu.astrid /data/data/com.timsu.astrid
Done
c:\android-sdk-windows-1.5_r1\tools> adb shell
# cd /data/data
Now give full permissions to the app's data folder and its contents:
Code:
# chmod 777 com.timsu.astrid
# cd com.timsu.astrid
# chmod 777 * */*
And that's it. Launch the app and your settings/data should be restored.
The Hard Way
I'm not going to go into this in detail because if you're reading this, you probably know the commands to do this anyway. After you reinstall the app, the general idea is to run ls -l on the stock app data directory and its subdirectories to display the owner and permissions of each file/folder as setup by the android system. Write these down then adb push the backup app data folder in, which overwrites everything with directories and files owned by root. Then use chown and chmod to restore the original owners and permissions for each file and directory. Needless to say this can be quite a hassle if you're dealing with more than a few application backups.

is there any way to backup up wifi wep and wpa keys?
if there was i wouldnt mind wiping, but typing in a 63character long passkey gets very tedious after a while!

Wifi settings are stored in /data/misc/wifi:
-rw-rw---- system wifi 29620 2009-04-29 21:31 wpa_supplicant.conf

ah cool, thank you very much

Excel guide. I tried this before wiping my rom and installing a new one and it worked perfectly for 2 different applications. Great! Thanks!

good idea, can save some time.

Thanks for this

So ...
cyricc said:
Tools needed:
adb
Code:
c:\android-sdk-windows-1.5_r1\tools> adb pull /data/data/com.timsu.astrid d:\desktop\com.timsu.astrid
Click to expand...
Click to collapse
i am just wondering why would you use adb instead of just copying to the sdcard?!?
Code:
# mkdir /sdcard/my_backup_data
# cp /data/data/com.timsu.astrid /sdcard/my_backup_data
this would perform the same function "on the fly" without the need of even having a computer .. maybe add this into the OP?

I just used root explorer to copy the apks to sdcard

LucidREM said:
i am just wondering why would you use adb instead of just copying to the sdcard?!?
Code:
# mkdir /sdcard/my_backup_data
# cp /data/data/com.timsu.astrid /sdcard/my_backup_data
this would perform the same function "on the fly" without the need of even having a computer .. maybe add this into the OP?
Click to expand...
Click to collapse
And you can use "tar" instead of "cp" to also automagically save/restore the correct UID, GID & permissions... or compress data...

Hmm i cud write a batch script to do all this. If theres a huge percentage of windows users here that would like this let me know. Features im thinking of are
1 click backup of all apps or choose from list of apps
launcher icon / wifi settings backup
1 click restore of all apps or specific app

Daneshm90 said:
Hmm i cud write a batch script to do all this. If theres a huge percentage of windows users here that would like this let me know. Features im thinking of are
1 click backup of all apps or choose from list of apps
launcher icon / wifi settings backup
1 click restore of all apps or specific app
Click to expand...
Click to collapse
+1 here!
While these methods work fine, I am never one to reject a streamlined version. Thanks for this OP and Dane.

Scripting
Daneshm90 said:
Hmm i cud write a batch script to do all this. If theres a huge percentage of windows users here that would like this let me know. Features im thinking of are
1 click backup of all apps or choose from list of apps
launcher icon / wifi settings backup
1 click restore of all apps or specific app
Click to expand...
Click to collapse
that's very easy

TAR
joseangel.alv said:
And you can use "tar" instead of "cp" to also automagically save/restore the correct UID, GID & permissions... or compress data...
Click to expand...
Click to collapse
serious? so:
# tar /data/data/com.timsu.astrid /sdcard/my_backup_data/com.timsu.astrid.tar
would do this? or something different? i will look over the syntax myself .. that makes scripting so easy too

TAR
LucidREM said:
serious? so:
# tar /data/data/com.timsu.astrid /sdcard/my_backup_data/com.timsu.astrid.tar
would do this? or something different? i will look over the syntax myself .. that makes scripting so easy too
Click to expand...
Click to collapse
# tar -czf /sdcard/my_backup_data/com.timsu.astrid.tgz /data/data/com.timsu.astrid
this (i guess) would be the correct functioning

Any idea where the homescreen layout is saved ? is it specific to the launcher ur using ?
W/e i think my script covers that by backing up data folder. Alright guys these r the options i have so far. Anything missing ?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Launcher
Daneshm90 said:
Any idea where the homescreen layout is saved ? is it specific to the launcher ur using ?
Click to expand...
Click to collapse
that would depend on which launcher you have i suppose

LucidREM said:
that would depend on which launcher you have i suppose
Click to expand...
Click to collapse
Correct. Its the database folder within the specific launcher u are using. So in essense by backing up the whole /data folder or just ur specific launcher's /data folder u are preserving ur icons/widget layout.

Ok so here it is :
This assumes adb is in ur path.
Just place .bat file anywhere and run.

TAR
ok .. so i am just a sucker for the obvious i guess .. try this one out:
# lucid -archive
yay me! what this will do is to archive (tar) the whole /data/data folder .. not just one specific app .. then you can restore one part or all parts later (ok .. i did NOT script the restore portion)

Root tool DirtyCow Apk && adb

Hi,
I have developed a tool to exploit the dirtycow vulnerability and get TEMPORAL ROOT
It bypass the selinux in lollipop 32bits system only, we are working now in a 64bits and Marshmallow version and will be soon, have a lot of work to do it universal.
Im bringing 2 tools, one apk (no computer required) and one rar for adb and linux.
With this tool we will access to those partitions and start the attack there, but in the actual state if you have locked your bootloader a good choice is to have root even temporal one.
·APK
Required: SDCARD
The apk exploits this vuln in the vold context so, is necessary to have a sdcard and mount or extract it, when the app requires, one time per session.
This tool has some utilities for flash boot and system partition, also for backup and 2 methods of root:
·Attack init process (lollipop 32 bits only)
·Attack app_process.(all devices, not really good)
·Get root
Uninstall any supersu manager before root.
The way to use this app is first click in check perms(optional) and you will see if you have permissions to /init file.
If you have permisisons and lollipop 32 you can use the first method to get root.
Also in check permissions you will see if you have rights to backup/flash boot and system partition.
The process takes until 2 minutes to finish so wait please and watch the log window.
# ISSUES #
If you get reboot after get root you can:
-Clean init (restore init process sometimes crash the device, but is safe)
-Install selinux permissive (Set permanent the new selinux policy, not tested)
The first option is safe you just can get a reboot.
The second option is just tested in 3 devices(oppo,xperia,Moto E), so test it with a recovery system working, can break some selinux rule..
·ADB
The adb rar contains some utilities to get root via run-as and init and is only working in Lollipop 32bits.
To execute it:
-Pass rar:"nox"
-Extract the rar in /data/local/tmp/
Code:
chmod 755 /data/local/tmp/exploit.sh
cd /data/local/tmp/
./exploit.sh
This process take some time 1-2 minutes but you will see the progress in the console, please wait,
After will ask to turn off bluetooth do even sometimes is not required, it can accelerate the process.
It will ask to install selinux permissive, if you don't have reboot problems, don't install it, otherwise be sure you have a recovery system working and a stock rom ready to flash, this feature is stable but need more testing.
if all is ok you will see this:
Code:
#Type run-as -s1 to get a shell"
#Type run-as -s2 to execute su daemon"
The run-as -s1 give you a shell with init context but some restrictions because selinux autotransfer domain to run-as
The run-as -s2 will execute su dameon and a su init context with no restrictions.
# ISSUES #
If you get reboot after get root you can:
·mount system partition with flag abort:
Code:
mount -o remount,abort /system
You won't able to mount system in write mode.
This app is in BETA BETA state for now, just 7/9 devices passed not bad at all
I'll add more devices in the list soon
List of rooted devices:
Moto G 5.1 lollipop
Xperia 5.1 lollipop
Oppo 5.1 lollipop
Emulator 5.1 lollipop
XT1528 (MOTO E Verizon prepaid) 5.0.2 lollipop(reboot issues)
Asus Zenfone Go ZB452KG Lollipop(5.1.1)
Smartfren Andromax A / Haier a16c3h (Lollipop 5.1 Firmware 12.2)
Version:0.4
Adb:http://www.mediafire.com/file/r3i900n7jb2zfoo/EXPLOIT_ADB.rar
Apk:http://www.mediafire.com/file/38tyscsaxms00sa/croowt%282%29.apk
Implemented selinux pemissive after reboot.(adb,apk)
Enforce mode working.(adb,apk)
Version: 0.3
Fixed bug creating bl instruction.
Version: 0.2
-Fix bug in apk for some devices
Version: 0.1
-More compatible adb with lollipop 32 bits
-Fixed bug in the shellcode.
-64 bits version of run-as-dirtycow.
Todo:
-Working in Marshmallow 32 bits.
-Apk some fix.
Thanks to n0x for his great help debugging the shellcode issue in Moto G

Great work!
Waiting for 64 bit

I will gladly test with my v10 I've been able to get a temp root shell with dcow. Happy holidays!

Sweet ! Has anyone tested on Note 4? N910A on 5.1.1
I'm currently on 6.0.1 MM so I'm waiting for that release.
Anyone know if this will work with the November Security patch of 2016?
Sent from my SAMSUNG-SM-N910A using Tapatalk

Really cool. I am having a problem trying to connect my device over adb wifi and now this!!! I have a locked head unit and i can't install any apps (all installations blocked and developer mode, usb debug all hidden. ) any way for me to install this onto my phone and attack my device via bluetooth or something? Or autorun once connected to usb? It's a long shot but hey its Christmas!!
Merry Christmas by the way

Can we have access to the run-as-dirtycow source code?
Thanks.

Exploit process
For the developers that are testing this exploit or want to know how it works deeply:
First we dirtycow some privileged process, for example run-as has suid 0 given by selinux capabilities not by the bit setuid.
When we have overwritten run-as, this binary can read /init path, so we copy to other place with our run-as "trojan".
In our run-as we need to put some code to read files, my run-as-dirtycow does:
run-as /init
Will print this file to the stdout(console), if we redirect this output to a file:
run-as /init > /data/local/tmp/init.dmp
We copy /init file through our dirtycowed run-as that has root privileges, and is permitted by Selinux.
We patch init.dmp to create our init.patch with a shellcode to load new policy.
We will use run-as to dirtycow again our init.dmp but patched with a shellcode.
So our run-as trojan also will have the dirtycow exploit and when we exec this binary with the right arguments also will dirtycow any file with read permissions to root.
run-as /init /data/local/tmp/init.patch
Once finish and when the new policy is loaded exec run-as trojan wiht the special parameter -s1 or -s2 give to you a shell root or install su in the device TEMPORAL, no modifies any partition but mount a ext4 partition in /system/xbin with the su binary.
Well this is the process to do it in adb shell, in the apk i am using fsck_msdos to do all this chain of steps.
I like to get some different init from lollipop 32 bits and Marshmallow 32bits to adjust the patcher to Marshmallow.

jucaroba said:
Can we have access to the run-as-dirtycow source code?
Thanks.
Click to expand...
Click to collapse
Is very simple just have the dirtycow exploit original and some code to copy files read and puts.
Anyways soon ill post here, has no many secrets lol, just copy file or execute sh, the main problem now is the patcher, to make it working in Marshamallow and 64bits, i don't have any device with 64bits, yes one xperiaZ that i can install a custom rom with Marshmallow.
But i think the first is to check if the patcher is working in lollipop32 bits well, even ive tested 2 devices and reversed some other inits is not enough to be completely sure that all is ok.

kryz said:
Is very simple just have the dirtycow exploit original and some code to copy files read and puts.
Anyways soon ill post here, has no many secrets lol, just copy file or execute sh, the main problem now is the patcher, to make it working in Marshamallow and 64bits, i don't have any device with 64bits, yes one xperiaZ that i can install a custom rom with Marshmallow.
But i think the first is to check if the patcher is working in lollipop32 bits well, even ive tested 2 devices and reversed some other inits is not enough to be completely sure that all is ok.
Click to expand...
Click to collapse
Thanks for your answer.
I'm trying to use your exploit to be able to read my /data/misc/vold/expand_*.key file. My wife has a Moto G 2014 mobile with official (non rooted) Android 6 Marshmallow. The bootloader is locked. She has deleted accidentally all the pictures in her SD card, that is configured as adopted card (not portable). I have made a cloned copy of the SD in my linux laptop with dd command, but I can not mount the partitions in the SD because I have to know the encryption key.
I can not unlock the bootloader, because the phone will be reseted to factory and the encryption key will be deleted. And I can not read the key file without being root, because of the permissions of the file. I have tried your run-as-dirtycow trojan in the phone, and I can read files I have no permissions for, such as /init.rc. The only missing piece now is that I don't know the exact name of the key file. I only know that it is of the form "expand_*.key". Can your trojan run-as-dirtycow be modified to be able to read the files with this pattern name in a given directory?
Thanks in advance.

kryz said:
Is very simple just have the dirtycow exploit original and some code to copy files read and puts.
Anyways soon ill post here, has no many secrets lol, just copy file or execute sh, the main problem now is the patcher, to make it working in Marshamallow and 64bits, i don't have any device with 64bits, yes one xperiaZ that i can install a custom rom with Marshmallow.
But i think the first is to check if the patcher is working in lollipop32 bits well, even ive tested 2 devices and reversed some other inits is not enough to be completely sure that all is ok.
Click to expand...
Click to collapse
I'm trying to root my boost max+ running 5.1.I tried the check perm option but couldn't remount sdcard,it just froze.Upon reboot it hang at starting apps.Had to remove sdcard to get phone to boot properly.
Sent from my N9521 using Tapatalk

tnomtlaw said:
I'm trying to root my boost max+ running 5.1.I tried the check perm option but couldn't remount sdcard,it just froze.Upon reboot it hang at starting apps.Had to remove sdcard to get phone to boot properly.
Sent from my N9521 using Tapatalk
Click to expand...
Click to collapse
When you mount the sdcard is normal that doesn't mount again, the process hijack fsck_msdos, you have to come back to the application, wait and watch the window log.
It depends on mount will get 1-5 seconds to see the information.
If you see that init is OK, you can proceed with the get root.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

jucaroba said:
Thanks for your answer.
I'm trying to use your exploit to be able to read my /data/misc/vold/expand_*.key file. My wife has a Moto G 2014 mobile with official (non rooted) Android 6 Marshmallow. The bootloader is locked. She has deleted accidentally all the pictures in her SD card, that is configured as adopted card (not portable). I have made a cloned copy of the SD in my linux laptop with dd command, but I can not mount the partitions in the SD because I have to know the encryption key.
I can not unlock the bootloader, because the phone will be reseted to factory and the encryption key will be deleted. And I can not read the key file without being root, because of the permissions of the file. I have tried your run-as-dirtycow trojan in the phone, and I can read files I have no permissions for, such as /init.rc. The only missing piece now is that I don't know the exact name of the key file. I only know that it is of the form "expand_*.key". Can your trojan run-as-dirtycow be modified to be able to read the files with this pattern name in a given directory?
Thanks in advance.
Click to expand...
Click to collapse
The run-as context can't see /data or even /data/misc folders, anyways i will implement the list of directories in the next update.

kryz said:
The run-as context can see /data or even /data/misc folders, anyways i will implement the list of directories in the next update.
Click to expand...
Click to collapse
Yes, I know it can see those folders, I only need to know the name of the file I am interested in.
If you implement the "list of directories" functionality it will be fantastic. Thanks for it.
I will also be very grateful to see the full source code of the trojan.
Waiting eagerly for both things.
Thanks in advance.

jucaroba said:
Yes, I know it can see those folders, I only need to know the name of the file I am interested in.
If you implement the "list of directories" functionality it will be fantastic. Thanks for it.
I will also be very grateful to see the full source code of the trojan.
Waiting eagerly for both things.
Thanks in advance.
Click to expand...
Click to collapse
Sorry wrong type i wanted to say that run-as context can not see those folders.
I mean ive implemented all ready that function "-d" and run-as can not list those folders:
run-as -d /system/etc
Attached run-as-dirtycow.c

kryz said:
Sorry wrong type i wanted to say that run-as context can not see those folders.
I mean ive implemented all ready that function and run-as can not list those folders.
Click to expand...
Click to collapse
Mmmm, so the only way to be able to read a file in /data/misc/vold/ is to be root?
If that is the case, then I suppose I have to wait til your exploit can be used to root a Marshmallow phone.
Am I correct?
Thanks.

jucaroba said:
Mmmm, so the only way to be able to read a file in /data/misc/vold/ is to be root?
If that is the case, then I suppose I have to wait til your exploit can be used to root a Marshmallow phone.
Am I correct?
Thanks.
Click to expand...
Click to collapse
I think so, i don't have that folder in my devices, but i was trying to read on /data folder and no success in one of its sub folders.
Btw what cpu is your device 32 o 64 bits?
Can you post your init file?

kryz said:
I think so, i don't have that folder in my devices, but i was trying to read on /data folder and no success in one of its sub folders.
Btw what cpu is your device 32 o 64 bits?
Can you post your init file?
Click to expand...
Click to collapse
My CPU is 32 bits. It is a Moto G 2014.
I suppose you don't have the /data/misc/vold folder because you are not looking at a Marshmallow system.
What file are you interested in? The /init.rc file?

jucaroba said:
My CPU is 32 bits. It is a Moto G 2014.
I suppose you don't have the /data/misc/vold folder because you are not looking at a Marshmallow system.
What file are you interested in? The /init.rc file?
Click to expand...
Click to collapse
I'm interested in /init file and 32 bits is great

kryz said:
I'm interested in /init file and 32 bits is great
Click to expand...
Click to collapse
No /init file in Marshmallow. At least not in that path.
---------- Post added at 02:19 AM ---------- Previous post was at 01:48 AM ----------
kryz said:
I'm interested in /init file and 32 bits is great
Click to expand...
Click to collapse
Sorry, the file exist, but I can not read it. I can not copy it with your trojan run-as (run-as-dirtycow) either.

Hi kryz,
Please find the /init from 32bit 6.0.1
It is from Xperia Z2 with custom rooted rom (Mx ROM v8.6.0)
How can i copy /init from my boot locked, unrooted, stock 6.0.1 64bit X Performance?

[Q] How to root xtrons on oreo (android 8.0) device

Hi, is there any solution to root an Xtrons Android 8.0 Device?
Kingoroot plus SuperSu was a perfect solution in past, but did not work longer.
Kingoroot keep crashing on startup on oreo.
Need help

Me too. I need a sollution for rooting. And second... I need to know if I can use others theme. I want a black theme. Not gray.

I don't think its out yet. KingoRoot, Kingroot, and *#hct#root# don't work. I'm gonna try to do KingoRoot or unlock the bootloader with adb from a computer. If that doesn't work, I'll try downgrading the firmware and try all the appropriate root procedures. Outside of all that, I'm at a loss of what else to try. I have an GS MTCD/E.

jdisco1 said:
I don't think its out yet. KingoRoot, Kingroot, and *#hct#root# don't work. I'm gonna try to do KingoRoot or unlock the bootloader with adb from a computer. If that doesn't work, I'll try downgrading the firmware and try all the appropriate root procedures. Outside of all that, I'm at a loss of what else to try. I have an GS MTCD/E.
Click to expand...
Click to collapse
You have succeeded in making root on Oreo?

One is to flash the Magisk patch created by kumarai.
https://forum.xda-developers.com/showpost.php?p=75741195&postcount=519
Some people said this mod worked, but it was unstable and unusable for my GS unit.
Another is to install Malaysk ROM.
https://forum.xda-developers.com/an...-malaysk-roms-px5-2-4-gb-8-0-android-t3762724
This worked for my GS, but the cold startup time doubled, the overheating problem also got worse.
But I want you to remember. Our Chinese android unit was originally backdoor open.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Using the terminal emulator, enter the following command...
PHP:
setprop persist.adb.tcp.port 5555
setprop sys.rkadb.root 1
Once restarted, you can delete, add, or change system files via wi-fi adb.
So I returned to stock ROM, deleted bloatware via adb, modified the build.prop add custom apk and used it.

warata said:
But I want you to remember. Our Chinese android unit was originally backdoor open.
Using the terminal emulator, enter the following command...
PHP:
setprop persist.adb.tcp.port 5555
setprop sys.rkadb.root 1
Once restarted, you can delete, add, or change system files via wi-fi adb.
So I returned to stock ROM, deleted bloatware via adb, modified the build.prop add custom apk and used it.
Click to expand...
Click to collapse
Great news, thanks!
Where can I find a tutorial about that? All the instructions tell them that we need to connect usb to the computer, but our units do not have a usb port.
Thanks!

adioperator said:
Great news, thanks!
Where can I find a tutorial about that? All the instructions tell them that we need to connect usb to the computer, but our units do not have a usb port.
Thanks!
Click to expand...
Click to collapse
No, only Wi-Fi adb can be used. I do not know how to USB debug.
By inputting the command with the terminal emulator and restarting it, you can make adb connection via wi-fi from the PC on the same network.
However, it may need to enable USB debugging for developer options.
If people need an instructions I will make it in a few days.

warata said:
No, only Wi-Fi adb can be used. I do not know how to USB debug.
By inputting the command with the terminal emulator and restarting it, you can make adb connection via wi-fi from the PC on the same network.
However, it may need to enable USB debugging for developer options.
If people need an instructions I will make it in a few days.
Click to expand...
Click to collapse
It would be great if you make an tutorial about how to push an app to system over wifi, without root. I would like to replace canbus.apk from system app.
Thanks!

ADB via Wi-Fi You can edit system files with stock ROM
PHP:
setprop persist.adb.tcp.port 5555
setprop sys.rkadb.root 1
Enter the above command with the terminal emulator. I learned this content at 4pda(Thanks to booroondooks).
But you may not be able to use virtual keyboard(AOSP) to enter the command.If so, please use another keyboard or connect a USB keyboard.
Restart and check the HU's IP address.
(Settings, Networks, Wi-Fi, and tap the connected network)
PHP:
adb kill-server
adb connect ##.##.##.##
Open a command prompt as an administrator on a PC connected to the same network and enter the above command.(##.##.##.## is your HU's IP address)
If you see the message"connected to ##.##.##.##:5555", you are connected successfully.
If not, restart PC and HU and try again.
"ADB ROOT"
This command is necessary to run adb with administrator privileges.
PHP:
adb root
"ADB REMOUNT"
This command is needed first to manipulate system files.
PHP:
adb remount
"PULL"
You can download any files with this command.
PHP:
adb pull
"PUSH"
You can upload any files with this command.
PHP:
adb push
"CD"
Please change the directory before downloading the file. Android files should not be downloaded to the Windows system folder.
PHP:
cd
"ADB SHELL"
You can operate the terminal emulator from the PC.
PHP:
adb shell
"chmod"(emulator command)
This command can change the permissions of the system file.
PHP:
chmod
***Very important***
The system file uploaded from the PC needs to give correct authority.
Most system apks require 644 privileges and will not work if they are missing.
Aiso build.prop needs 644. If you forget this, the system will be a brick.
"rm -rf "(emulator command)
You can delete system files with this command.
However, some system files may not work properly when deleted.
PHP:
rm -rf
I am not an English speaker and I am not familiar with the unix commands. So from an advanced level I may be doing something useless or dangerous.But I tried all the contents introduced here with my own HU.I attached an example of command use as an image, so I want you to compensate for the missing explanation. Good luck!

Thanks it work, i use my Archlinux Laptop to use adb wifi (android-tools), and I could change my boot logo (alfa 1024x600 for me) :
https://forum.xda-developers.com/an...evelopment/mod-boot-animation-toyota-t3351617

mum1989 said:
Thanks it work, i use my Archlinux Laptop to use adb wifi (android-tools), and I could change my boot logo (alfa 1024x600 for me) :
https://forum.xda-developers.com/an...evelopment/mod-boot-animation-toyota-t3351617
Click to expand...
Click to collapse
Did you try adding a custom boot logo in factory settings?

You Can only choose a static picture,
I want boot animation.

mum1989 said:
You Can only choose a static picture,
I want boot animation.
Click to expand...
Click to collapse
https://play.google.com/store/apps/details?id=com.jrummy.apps.boot.animations&hl=en
Try this. You can add a few custom animations with this. It works, and it works with Oreo, but it might not work with your radio. YMMV.

I would say I can't change to an boot animation in the setting
so manualy I add news boot_animation_droid file. (with root)

mum1989 said:
I would say I can't change to an boot animation in the setting
so manually I add news boot_animation_droid file. (with root)
Click to expand...
Click to collapse
Mostly that is correct, there is a an option in the "factory settings" menu of the radio to change the boot animation to be one of any number of car manufacturer logos, or a static picture, as you said, but perhaps not a custom animation like you suggest.
Custom boot logos are touchy things, they have to be the proper size, proper resolution and cannot take up too much space. They have to be written to the system in the proper fashion, and if you overwrite into another part of the system you brick your unit and must recover.
You've heard of Project Treble, right?
https://www.xda-developers.com/project-treble-custom-rom-development/
https://www.xda-developers.com/how-project-treble-revolutionizes-custom-roms-android-oreo/
TWRP-type recovery with Project Treble currently allow you to flash a custom boot animation. Sadly, we don't have TWRP or Treble for these px5 units. Some people have gotten close, but no cigar, as we say.
Even with TWRP, I've heard of people bricking their phones after a custom bootanimation.zip flash, then they have to recover and re-flash the ROM. I had to restore one of these units after a failed root flashing attempt in Oreo and it took hours (sitting in a hot car, on a hot 38°C day) unit we were fully restored and back to where I wanted the OS to be. It can be done but if you screw up, or the animation isn't exactly perfect, you're in trouble.
So the short answer is, use the boot animations from that app or a similar app and be satisfied with that.
---------- Post added at 12:35 PM ---------- Previous post was at 12:26 PM ----------
warata said:
...
"chmod"(emulator command)
This command can change the permissions of the system file.
PHP:
chmod
***Very important***
The system file uploaded from the PC needs to give correct authority.
Most system apks require 644 privileges and will not work if they are missing.
Aiso build.prop needs 644. If you forget this, the system will be a brick.
"rm -rf "(emulator command)
You can delete system files with this command.
However, some system files may not work properly when deleted.
PHP:
rm -rf
Click to expand...
Click to collapse
This is excellent, thank you for sharing.
As a general note, if you are rooted, you can use Titanium Backup app to rapidly freeze or uninstall unneeded system apps, like the Easter Egg, printing services, gMail, etc. It can be done with the terminal but you can do it much faster with Titanium.

I've tried installing the LineageOS terminal, from https://www.apkmirror.com/?post_type=app_release&searchtype=apk&s=terminal but although it claims to have installed, its not not appearing as an icon on any of the screens, and when I tried to launch it from the APK launcher App (that comes built into the Xtrons Oreo unit), it doesnt seem to start
Any ideas ???

Ignore my last post.
I found an terminal emulator that worked.

Finally got this working with my Xtrons unit
ro.build.id=OPR5.170623.007
ro.build.display.id=px5-userdebug 8.0.0 OPR5.170623.007 eng.hct.20180504.142413 test-keys
ro.build.version.incremental=eng.hct.20180504.142413
ro.build.version.sdk=26
ro.build.version.preview_sdk=0
ro.build.version.codename=REL
ro.build.version.all_codenames=REL
ro.build.version.release=8.0.0
ro.build.version.security_patch=2017-10-05
ro.build.version.base_os=
ro.build.date=Fri May 4 14:24:13 CST 2018
ro.build.date.utc=1525415053
I initially miss-typed the setprop persis command, but now I got that right, I've been able to pull virtually everything off the unit, (albeit surprisingly slowly, considering the HU is sitting right next to my WiFi router)
Edit.
BTW. Is there any way to push SuperSU etc onto the device to root it using this method ?

I don't seem to be allowed to post a link to it but, here is the path to the topic about rooting the xtrons unit
android-auto/mtcd-discussion-questions-development/how-to-root-ctrons-oreo-android-8-0-t3747975
Note the processed described in the post isn't actually how to root the device, but how to use ADB to make changes when its given root privilages
There is also a replacement ROM, which is pre-rooted, but the installation process carries risks, and I've seen some people report they have gone back to the stock ROM because of issues with the replacement ROM

Hello friends, i was just wondering if it would be possible to use adb from a laptop to send just a line of command to the Head unit via a male to male usb cable since my xtrons unit has 3usb out.
I'm really fed up of using here maps, Google maps, YouTube and shuttle+ (my music player) with the notification bar always showing up and the system ui tuner app allows to remove it in a per app basis without root.
Many thanks in advance.

I need help rooting my zte quest 5

Ok so i got a zte quest 5 (z3351s) though qlink. Not the phone i wanted but it was one i could afford. And it works very well just can't run amazon music and other apps at the same time.
But the bloatware is unreal. Used to in my galaxy s3&s4 days i could root and delete all apps i didn't need. I know i can disable them but i want them gone completely.
Majisk didnt work
Kingoroot same even used pc.
I am hoping someone knows of a way i can root this phone or at least delete all the un needed apps for example i have Google maps go (came stock) i put the org google maps which is better plus offers sat view.
Edit i did some math and converting and the useless apps 11 out of 58 come out to 349.72mb which is a lot if your phone only has 16gb of space. Also note i don't have hardly anything.
Worst case i can Hotspot to my note10+ for multitasking but not sure of data limit.

@TexasPride
a phone's Android can get considered "rooted" as soon as in Android the SU-binary is present. Hence you at any time at your own can install the appropriate SU-binary onto your phone's Android by means of ADB.

I heard about adb methods but i haven't messed with it in forever since apk/ios apps came out

jwoegerbauer said:
@TexasPride
a phone's Android can get considered "rooted" as soon as in Android the SU-binary is present. Hence you at any time at your own can install the appropriate SU-binary onto your phone's Android by means of ADB.
Click to expand...
Click to collapse
Are you sure it will always work?
I tried this method of installing supersu: https://github.com/spff/install-supersu-via-adb
As a result, I got my phone eternally showing the boot logo and not booting.
Not a problem to re-flash stock ROM but it is an example that there in no universal way to install SU (or SuperSU) via adb.
If you could give a link to some other method how SU could be installed, I'll give it a try of course.

vp1117 said:
Are you sure it will always work?
I tried this method of installing supersu: https://github.com/spff/install-supersu-via-adb
As a result, I got my phone eternally showing the boot logo and not booting.
Not a problem to re-flash stock ROM but it is an example that there in no universal way to install SU (or SuperSU) via adb.
If you could give a link to some other method how SU could be installed, I'll give it a try of course.
Click to expand...
Click to collapse
I spoke of SU-binary and NOT of SuperSU installer package
Example:
Code:
adb devices
adb push <location-of-matching-su-binary-on-computer> /sdcard/Downloads/ 2>nul
adb shell "chmod 0777 /sdcard/Downloads/su"
Of course you can install SuperSU package by means of ADB and this even when device is booted into Stock Recovery: but this requires to make some mods to SuperSU zip.

TexasPride, sorry I stepped in your thread.​
jwoegerbauer said:
I spoke of SU-binary and NOT of SuperSU installer package
Click to expand...
Click to collapse
I see. It is often mixed in numerous materials one can find in the net. Subject is SU-binary update, but the ultimate goal is to install supersu.
jwoegerbauer said:
Example:
Code:
adb devices
adb push <location-of-matching-su-binary-on-computer> /sdcard/Downloads/ 2>nul
adb shell "chmod 0777 /sdcard/Downloads/su"
Click to expand...
Click to collapse
What should be result of running this code? SU-binary located in Downloads with 777 permission? What is the practical sense/use of it?
What software/application would use SU in that location?
Sorry for my questions. I'm not arguing. I try to understand the idea.
jwoegerbauer said:
Of course you can install SuperSU package by means of ADB and this even when device is booted into Stock Recovery: but this requires to make some mods to SuperSU zip.
Click to expand...
Click to collapse
Somehow, with my almost zero knowledge of edify and linux command line I got the same conclusion: SuperSU zip has to be modified in order to install it via adb on devices that do not have TWRP for sideload. I failed to find any examples of SuperSU modding...

@vp1117
Answering your questions from last to first:
Installing SuperSU.zip via ADB
The SuperSU.zip doesn't come with an EDIFY coded script, but with an Android SHELL script - everyone who has knowledge of LINUX scripting can read / modify it.
Android comes with TAR-binary, but not ZIP-binary. Hence the SuperSu.zip must get repacked into SuperSU.tar thus it can get extracted on Phone. The contents of such a TAR-file would look as shown here
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Making use of SU-binary
The SU-binary ( ~110KB ) is nothing else then the root user, as known from LINUX.
Running in Android via ADB a command that requires super-user ( root ) rights is done as follows
Example:
Code:
adb devices
adb shell "/sdard/Downloads/su -c '<ommand-that-requires-root-here>'"

jwoegerbauer said:
Answering your questions from last to first:
Installing SuperSU.zip via ADB
The SuperSU.zip doesn't come with an EDIFY coded script, but with an Android SHELL script - everyone who has knowledge of LINUX scripting can read / modify it.
Android comes with TAR-binary, but not ZIP-binary. Hence the SuperSu.zip must get repacked into SuperSU.tar thus it can get extracted on Phone. The contents of such a TAR-file would look as shown here
Click to expand...
Click to collapse
OK. I guess, I can repack zip to tar.
Sorry for my silly question but why should I need to keep superSU as an archive? Could not I just upload all folders + update-binary.sh to the phone? I'm sure I can do it.
Am I right my next step would be running update-binary.sh (~60 KB) from <adb shell> command line?
jwoegerbauer said:
Making use of SU-binary
The SU-binary ( ~110KB ) is nothing else then the root user, as known from LINUX.
Running in Android via ADB a command that requires super-user ( root ) rights is done as follows
Example:
Code:
adb devices
adb shell "/sdard/Downloads/su -c '<ommand-that-requires-root-here>'"
Click to expand...
Click to collapse
Interestingly, I can execute all commands I need without having su-binary (~100 KB) uploaded to my phone. It is strange but I see #-prompt after I ran <adb shell>. This happens on my UNrooted phone, running stock ROM. I guess, it's a specifics of my phone, no need to try explain it.

I done failed trying to read i dont really understand linux all that well. But if anyone has any links so i can download it and try it

vp1117 said:
Sorry for my silly question but why should I need to keep superSU as an archive? Could not I just upload all folders + update-binary.sh to the phone? I'm sure I can do it.
Am I right my next step would be running update-binary.sh (~60 KB) from <adb shell> command line?
Click to expand...
Click to collapse
Of course it's your decision how you transfer the SuperSU package onto phone: many ways lead to Rome.
My decision was to push SuperSU package repacked as TAR-file onto phone, extract it there, and finally run the modified update-binary.sh when phone is booted into recovery mode:
Code:
adb shell "$(cat < %supersu_dir%/update-binary.sh); echo $?"

So I rebooted to stock recovery and then uploaded following from UPDATE-SuperSU-v2.82-20170528234214.zip package to my phone's folder /tmp:
/arm64
/common
/META-INF
update-binary.sh
Here is what I got:
Z:\android\adb>adb shell "$(cat < /tmp/update-binary.sh); echo $?"
127
/system/bin/sh: #!/sbin/sh: not found
And here's what I got running same command from # command line:
# $(cat < /tmp/update-binary.sh); echo $?
/system/bin/sh: #!/sbin/sh: not found
127
In response to # ls -al /sbin I get lots of lines one of them is as follows:
lrwxrwxrwx 1 root root 7 1970-01-01 00:00 sh -> busybox
I feel that I'm doing something wrong, but what exactly?
In attached txt-file I put some more details I got in command line.

jwoegerbauer said:
... and finally run the modified update-binary.sh when phone is booted into recovery mode:
Click to expand...
Click to collapse
Am I right the only modification needed is to rename update-binary to update-binary.sh ?

@vp1117
NO.
When I said modified then I didn't mean simply rename it: The contents of original update-binary file must be rewritten / deleted in some parts. Also, believe me, it makes sense to repack original SuperSU.zip to SuperSu.tar as I demonstrated above. Take also note that, if device's Android isn't rooted yet, the location for unpacked SuperSU mandatory must be /data/local/tmp.
BTW:
I can see BusyBox is installed on your device's Android. Take note that BusyBox by default comes with the SU-binary. Hence your device's Android is rooted! Wondering why you waste your time with trying to completely install SuperSU from scratch?

jwoegerbauer said:
Wondering why you waste your time with trying to completely install SuperSU from scratch?
Click to expand...
Click to collapse
Good question.
Probably, because I see this when phone restarts from recovery to normal android:

jwoegerbauer said:
Also, believe me, it makes sense to repack original SuperSU.zip to SuperSu.tar as I demonstrated above.
Click to expand...
Click to collapse
OK, no problem, I can re-pack zip into tar.
However, what you demonstrated above was a screenshot showing update-binary.sh being inside the tar. At the same time you don't tell how update-binary.sh must be amended. Is it OK?

TexasPride​
I'm very sorry I put so much spam in your thread. Please forgive me. If I knew how to delete my posts here I would deleted them.

vp1117 said:
TexasPride​
I'm very sorry I put so much spam in your thread. Please forgive me. If I knew how to delete my posts here I would deleted them.
Click to expand...
Click to collapse
Its ok, i dont mind at all.

@TexasPride
FYI: I no longer participate this hijacked thread.

Reading dd dump to extract data from internal storage?

hi, i have a xiaomi mi mix 2s that was running los18. one morning i woke up before my alarm, checked my phone and went back to sleep. when i woke up again, i found the phone was on the splash screen and then started bootlooping. going into orangefox recovery, i was greeted with numerous /data mount errors, namely:
Code:
Could not mount /data and unable to find crypto footer.
Failed to mount '/data' (Invalid argument)
Unable to recreate /data/media folder.
Unable to mount storage
from what i can tell, the only way to get the device working again is to format the /data partition, which means losing all my data which im trying to avoid. i did manage to obtain a dd dump of /dev/block/bootdevice/by-name/userdata through usb otg, though ive been unable to read the img file, either through windows or ubuntu. is there any way to mount it and retrieve the data? i did specifically flash dfe from the start, so it should be unencrypted. the file system is ext4.
would also greatly appreciate other suggestions on how to recover the data.

bump, any input is appreciated!

You restore the data backed up with DD command as following
Code:
dd if=dump.img of=/dev/mmcblk0p29
assuming partition named userdata is block device named mmcblk0p29

check getprop ro.crypto.type and ro.crypto.state from adb shell. also check dump.img with xxd or hexdump has ext4 / f2fs magic 53.ef / 10.20.f5.f2 starting at 1080 / 1024 byte

apologies for the late reply, dont really check xda that often.
xXx yYy said:
You restore the data backed up with DD command as following
Code:
dd if=dump.img of=/dev/mmcblk0p29
assuming partition named userdata is block device named mmcblk0p29
Click to expand...
Click to collapse
is that after wiping? wouldnt that make the data partition unreadable again?
aIecxs said:
check getprop ro.crypto.type and ro.crypto.state from adb shell. also check dump.img with xxd or hexdump has ext4 / f2fs magic 53.ef / 10.20.f5.f2 starting at 1080 / 1024 byte
Click to expand...
Click to collapse
ro.crypto.type=file
ro.crypto.state=encrypted
as for checking the dump, are you referring to the commands:
Code:
xxd -l 1080 dump.img | grep 53ef
xxd -l 1024 dump.img | grep 1020.f5f2
if so, i did not receive any output. if they are wrong commands please let me know what i should enter.

looks like (FBE) file-based encryption. if dump is really encrypted there is nothing you can do on PC.
you can only restore + decrypt on device (as long as you did not factory reset)

aIecxs said:
looks like (FBE) file-based encryption. if dump is really encrypted there is nothing you can do on PC.
you can only restore + decrypt on device (as long as you did not factory reset)
Click to expand...
Click to collapse
i havent factory reset as i read some things about tee keys that would be wiped during data format, so i thought it would be handy to keep if i needed them. how would i go about trying to decrypt on device though?
also, what would have been the point of flashing dfe if in the end data is still encrypted?

right, encryption is bonded to TEE (which is flushed on factory reset). just restore and let orangefox or twrp decrypt (assuming it has well implemented encryption support). otherwise your only chance to decrypt is via regular booting into android (to at least stage with lockscreen or adb).
FBE data is encrypted with screen lock credentials, remember old pin, pattern, password used at time of dump.
"dfe" stands for disable force encryption (encryption will no longer forced after formatting) and there is a good chance this is the reason for failed decrypts. you can undo by restoring vendor partition.

aIecxs said:
just restore and let orangefox or twrp decrypt (assuming it has well implemented encryption support).
Click to expand...
Click to collapse
do you mean restore as in simply
Code:
dd if=/dump.img of=/dev/block/sda21
as @xXx yYy mentioned? would that make a difference? since the block device is fundamentally holding the same bits before and after doing so, at least to my understanding. im also quite apprehensive about making any modifications to the data partition as it is right now.
aIecxs said:
otherwise your only chance to decrypt is via regular booting into android (to at least stage with lockscreen or adb).
Click to expand...
Click to collapse
the phone doesnt get to lockscreen... i did enable usb debugging, but not sure if it is possible to access while bootlooping.
aIecxs said:
"dfe" stands for disable force encryption (encryption will no longer forced after formatting) and there is a good chance this is the reason for failed decrypts. you can undo by restoring vendor partition.
Click to expand...
Click to collapse
the thing is, i flash dfe right after flashing the rom with a data format, so i thought i would be safe from this kind of things happening. plus, i had been running this setup since the start of the year, and hadnt so much as changed any system settings recently, so its quite odd that the problem would just randomly manifest. it is not the first time it has happened either, in fact this happening the first time was what prompted me to start using dfe, so it is quite disappointing to see that it did not have its intended effect.
so to clarify, should i dd to the userdata block device and restore vendor (presumably from rom zip) or is dd enough?

yes, dd is fine (one could also use of=/dev/block/bootdevice/by-name/userdata)
and no, of course it doesn't make sense in that case.
I don't know what is the cause but I am afraid the only way to access that data is fix boot-loop.
It is unclear to me if encryption worked for a year or if you encrypted recently. Open dump with HxD and check first 1088 bytes for ext4 magic, or at least you should see many zeros on plain disk image.
Also check /vendor/etc/fstab* for flags in line /dev/block/bootdevice/by-name/userdata with notepad++ this could help to identify encryption is broken by dfe or healthy.

I checked two devices offhand, one was block encrypted, the other file encrypted.
I looked at the last 1M of the partitition of the file encrypted.
I thought that there was a footer there, there wasn't.
Your original message said that it couldn't find the footer.
I know some things use footers and they are usually a specific number of blocks before the end of the partition.

@Renate unable to find crypto footer - is misleading message from orangefox twrp recovery - it always check for any type of encryption but FBE encryption requires no crypto footer (only FDE or metadata encryption)

aIecxs said:
yes, dd is fine (one could also use of=/dev/block/bootdevice/by-name/userdata)
and no, of course it doesn't make sense in that case.
Click to expand...
Click to collapse
so should i still do it?
aIecxs said:
I don't know what is the cause but I am afraid the only way to access that data is fix boot-loop.
Click to expand...
Click to collapse
but it also seems that the bootloop is caused by the inability to mount data...
also it seems adb is not accessible while it bootloops.
aIecxs said:
It is unclear to me if encryption worked for a year or if you encrypted recently.
Click to expand...
Click to collapse
i flashed dfe along with the rom and magisk at the start of the year, havent flashed anything since. i also did not initiate any encryption process the whole time.
aIecxs said:
Open dump with HxD and check first 1088 bytes for ext4 magic, or at least you should see many zeros on plain disk image.
Click to expand...
Click to collapse
it is mostly 0000 or ffff, though there is mention of ext4 map blocks a little further down.
Spoiler: long image
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
aIecxs said:
Also check /vendor/etc/fstab* for flags in line /dev/block/bootdevice/by-name/userdata with notepad++ this could help to identify encryption is broken by dfe or healthy.
Click to expand...
Click to collapse
Code:
<src> <mnt_point> <type> <mnt_flags and options> <fs_mgr_flags>
/dev/block/bootdevice/by-name/userdata /data ext4 noatime,nosuid,nodev,barrier=0,noauto_da_alloc latemount,wait,check,=ice,quota

okay the good news it's probably not encrypted (at least no FDE) no need to decrypt disk image on phone.
the bad news it doesn't look like valid ext4 file system, you cannot mount it.
on linux pc, try fsck on dump2.img (make a copy first) then try to loop mount file. you can also try testdisk or photorec
the flag fileencryption=ice is broken by dfe (which is intended) so encryption/decryption won't work (as desired, not required on plain ext4)

aIecxs said:
on linux pc, try fsck on dump2.img (make a copy first) then try to loop mount file. you can also try testdisk or photorec
Click to expand...
Click to collapse
THANK YOU SO MUCH! my data is now readable on linux, will copy as much over before doing anything else. i was legitimately not expecting it to work.
should i also dd the repaired img to my userdata block device? i know twrp/ofox has e2fsck command, seems like it may be able to repair the partition on device in a similar manner.

didn't expect it's so easy lol.. yeah try e2fsck on /dev/block/bootdevice/by-name/userdata directly first.
NightRaven49 said:
ro.crypto.type=file
ro.crypto.state=encrypted
as for checking the dump, are you referring to the commands:
Code:
xxd -l 1080 dump.img | grep 53ef
xxd -l 1024 dump.img | grep 1020.f5f2
if so, i did not receive any output.
Click to expand...
Click to collapse
TWRP/Orangefox properties was bit misleading...
sometimes the solution is simpler than we think

aIecxs said:
didn't expect it's so easy lol..
Click to expand...
Click to collapse
same, actually the last time it happened (over 1.5 years ago) i also tried something similar, but didnt work because it was f2fs if i remember correctly. so i didnt think of trying e2fsck this time around. i suspect it may be a hardware flaw that caused it, since i am running a different rom now.
aIecxs said:
yeah try e2fsck on /dev/block/bootdevice/by-name/userdata directly first.
Click to expand...
Click to collapse
it works now, again thank you so much. funny how i was stuck without a phone for a month, went to so many data recovery specialists that told me that there was no hope and yet the fix was finished in mere seconds.