Hi,
A friend of mine want's to recover some pictures from an old phone of his, but he forgot the pattern to unlock the device...
* The phone is a CAT S41 stock android.
* The phone is in perfect conditions
* The USB debug option of the phone is disabled.
- Because of that, I've been unable to execute any adb commands on the device.
- When the phone is in Recovery Mode, the device is detected by adb, but unauthorized:
[email protected]:~$ adb devices
List of devices attached
S411931008366 unauthorized
[email protected]:~$ adb shell
adb: device unauthorized.
This adb server's $ADB_VENDOR_KEYS is not set
Try 'adb kill-server' if that seems wrong.
Otherwise check for a confirmation dialog on your device.
Click to expand...
Click to collapse
I've tried to set the $ADB_VENDOR_KEYS manually, with no success.
In this situation, I have some questions to ask:
1. Is there a known way of bypassing the pattern lock?
2. Is there a known way of dumping data to any other device, in order to retrieve the pictures
3. Can the debug options be activated somehow?
As a last resource, I'd be willing to open the phone and spend some bucks on whatever hardware is needed to dump the whole disk, if that is relatively feasible to do.
4. Could you give me any feedback/information on hardware methods of dumping the disk of the phone? 0 experience there.
I would greatly appreciate any input you could give me.
If more details of the system or the situation are needed, please ask.
Thank you kindly for your attention,
abocador
Can't offer a solution.
But, even if there is a way to dump the files - what requires phone's Android is got rooted and USB-Debugging is activated , IMO it makes no sense to waste more time in this because since Android 4 data are AES-128 encrypted ( FBE and/or FDE method ) and the encryption probably can't get cracked.
2. + 4. won't work because of encryption, but 1. + 3. is possible on that old android 7 mediatek device.
assuming device runs on FDE full-disk encryption, is encrypted with default_password, one can hack boot.img and authorize usb-debugging. because device decrypts itself on boot that's all you need to get access.
but first install VCOM preloader drivers and make a readback of device with WwrMTK v2.51 + SP Flash Tool (old method) or mtkclient (new method).
I will tell you how to patch and resign boot.img once you made the important backup step. most important partitions are userdata+metadata.
Btw there is maybe another (even more easier) method. Just port TWRP recovery for that device. Because of weak security implementation phone will boot into custom recovery on locked bootloader (I did on Cubot King Kong)
Hi,
Thank you a lot for your reply.
I've been trying to do the backup, but I wasn't able to even use the mtkclient
I think I will just forget about this.
you know device must powered off completely, and preloader only says 'Hello' to computer for ~ 1 second? Did you install VCOM preloader drivers during that second (device manager -> pick device -> Update Driver -> Browse my computer for driver software -> Let me pick from the list of device drivers on my computer -> Show all devices -> Have Disk) ?
Hello again!
Yes, I'm aware the device must be powered off.
I'm quite sure I have all the drivers I need. I'm working from a Debian system.
Some weeks ago, I posted the log I get when I try to connect mtkclient to the phone:
Error on sending data: DA hash mismatch · Issue #575 · bkerler/mtkclient
Hi! I'm trying to use this tool on a CAT S41 phone, but I'm unable to get any proper connection between the device and my computer. After initializing the GUI with_python mtk_gui_, I get the follow...
github.com
One more time, thanks for your help,
I think I'm going to park this project for a while.
Cheers,
abocador
okay, for linux no need for drivers looks good, have you tried some random cmd line usage just for fun?
Code:
python3 mtk printgpt
python3 mtk rl out
python3 mtk crash
python3 mtk --preloader printgpt
python3 mtk --preloader rl out
Related
[TOOL][WIN/LIN/MAC] MiUnlockTool - Unlock bootloader of xiaomi devices on mac & linux
Ciao xda users, I'm here to introduce a new tool of mine, MiUnlockTool.
MiUnlockTool is an unofficial tool used to unlock bootloader on Xiaomi devices. This tool is copied from the original windows MiFlashUnlock tool and works the same way. The main feature of this tool is compatibility with linux and mac operating system (and windows too).
If you want more information about the tool and the story behind you can read below, if you just want the download link, here it is:
DOWNLOAD LINK
Requirements: java (javafx for gui if not included in your jdk/jre)
Usage:
- Download and extract the zip file
- If you don't have it, install java
- On windows:
-- open MiFlashUnlock.bat for graphical interface or:
-- open a cmd windows and cd into extracted dir and use "MiUnlockTool.bat username password" command for command-line usage
- On linux:
-- open a terminal window and cd into extracted dir and use "sudo ./MiUnlockTool.sh" command for gui interface or "sudo ./MiUnlockTool.sh username password" for command-line
- On mac:
-- open (double click) MiFlashUnlock.command for graphical interface or
-- open a terminal window and cd into extracted dir and use "./MiFlashUnlock.command username password" for command-line
- Attach your locked device in fastboot mode.
- If you are using gui just follow what you see on your screen
- If you are using command line version remember that there is no confirmation request before unlock and no check if the bootloader is already unlocked.
Possible errors:
- If you get a permission related error on linux or mac when launching the tool, open a terminal and cd into extracted dir and use "chmod 777 MiUnlockTool.sh" (or MiUnlockTool.command on mac) to set the executable permission.
- If your device isn't recognized:
-- On windows: install adb drivers
-- On linux/mac trying launching the tool with sudo (sudo ./MiUnlockTool.sh on linux or sudo ./MiUnlockTool.command on mac)
- Other problems launching the tool: try running "java -jar bin/MiUnlockTool.jar" command
- If you get some errors with javafx class not found stuff when you try to launch the gui, then you are missing javafx library. See openjfx package on linux.
- Any other problem: provide feedback in the comments.
Additional info: original MiFlashUnlock tool is just a bridge between fastboot, you (and your account login credentials) and xiaomi server: the tool gets device info from the device and send them to the server together with the account login token, the server checks wherever you satisfy all their requirements (account authorized, account associated with device in developer settings etc) and if everything is okay the server reply with the unlock key for your device instance (every time you reboot your phone you need a new key). Then the tool send the key to the device with a custom build of fastboot and if the key is right then the device is unlocked, else it reboots. After I discovered all the process behind the original unlock tool (and all the security encryption techniques) I decided to replicate it with a java (cross-platform) tool which embeds a custom fastboot version and replicates what the original tool does. That's a simple explaination of how my tool works (obviously it's more complicated than that).
This tool requires all of what is required by the original tool (an authorized xiaomi account binded to the device through developer options for three days if I remember correctly).
FAQs:
- Is this tool safe to use?
Yes, the main part is communication between tool and server, a safe thing. Also the unlock procedure itself is safe: or the key is correct or it is not. In both cases the device will not be damage.
- How did you find out how to replicate the original tool?
Thank you for your question. It's been a bit difficult since the original tool has been obfuscated and virtualized (protected against reverse engeneering) with a powerful protector: VMProtect. I've spent some time to reverse it (and custom fastboot too) and I finally did it. I will not explain in details how I did it.
- Is this tool more powerful than the original on? why should I use it on Windows?
Absolutely not, my tool is worst than the original one (it will have more bugs and on windows it doesn't manage drivers for example), that's why you should NOT use it on Windows. I made it work even with Windows because it was very simple to do. You can use it one Windows just to test it if you like, but I recommend using the better original tool MiFlashUnlock.
- Wow, you did a tool already done by developers paid by xiaomi, who is paying for the effort you put into this?
No one, I try to help people and getting appreciation for my work is a bit of a reward to me, but if you want to show your gratitude even more and support me as a developer you can make a donation, I will appreciate that even more (donation link below)
- I have to put my xiaomi account credentials, should I trust this?
I'm the developer of XiaoMiTool, I hope that a little bit of my reputation together with the hopefully good early feedback of reckless users on this tool is enough. If you are more a geek you can track the traffic and see that the only server connected are xiaomi and miui.
- I wanted too see the source of this tool but I see it is a bit obfuscated, why?
Xiaomi clearly doesn't wanted people to see how MiFlashUnlock works (since they obfuscated it a lot), I don't want to disrespect xiaomi decision by releasing the source plain, so I decided to obfuscated it a bit just to make it a bit harder to see (even if my tool is 100 times easier to reverse than the original)
- Can I share this tool?
Of course yes, but I would like you to share it using the xiaomitool.com link (not mega.nz one) so that if I release an update new people will get that and not the old version (there is no tool update enginge built in).
- You're english is not wonderful...
I know, hopefully it is understandable enough
Feedback.
I love feedback, feedback is the best you can do to help me improving this tool. I have not time to answer everybody's questions but I generally read feedback and do my best to make the tool work. If the tool worked or if the tool didn't worked you can write it in the comments, adding additional information like what error you get, what screen you see when the tool get stuck or even what you tried to solve the problem are precious to me. I have not all of xiaomi devices, I fully ested my tool only with two devices (a redmi 4x and a mi note 2) and only on two operating systems (linux and windows), so any new combination could lead to new errors or problems. Please include also your operating system when leaving feedback. Sometimes there are problems on gui which are not on command-line version, so if the tools fails launching or when using gui I suggest trying the command-line version.
Donation: free software is great from users prospective, but developers who spend hours of their time and don't get money for it are more unhappy to develop further free tools, so if you liked the tools and it saved you from the need to do 5000 kilometers to get a windows pc, or from the need to download a virtual machine image with your 32kB internet connection, you can show your gratitude by offering me a tasty, cold beer by clicking the link below
DONATION LINK
Download: you missed the download link at the top? Here it is again:
DOWNLOAD LINK
Fully obfuscated tool. Maybe bloatware or password hijacker
Problems with mi unlock on ubuntu system
Dear,
I tried to run this miunlock on my linux pc and it did not work. I installed the javafx using "sudo apt install openjfx" . After I ran "sudo ./*.sh". The program open, but when I put my email and password, it does not connect with the xiaomi server. I tried to access using facebook login and I have the same problem. How can I solve this problem? Do you have any idea?
Thanks
Danillo
The program does not find the phone connected. But "sudo fastboot reboot" work
---------- Post added at 12:03 PM ---------- Previous post was at 11:51 AM ----------
dpvalverde said:
Dear,
I tried to run this miunlock on my linux pc and it did not work. I installed the javafx using "sudo apt install openjfx" . After I ran "sudo ./*.sh". The program open, but when I put my email and password, it does not connect with the xiaomi server. I tried to access using facebook login and I have the same problem. How can I solve this problem? Do you have any idea?
Thanks
Danillo
Click to expand...
Click to collapse
Reinstall certs
disconnects phone on checking bootloader status with an error message on top left corner of phone "press any key to shutdown"
and stays stuck after reconnecting in fastboot mode when reading device info.
How to install it on manjaro arch Linux. did u keep it in AUR.?
Status : Success unlock bootloader
Device : Redmi 4X
Waiting Time : 72hours
Thx for the tool . love3 ??????
worked a treat.
had been struggling to use the mi tool for windows and my device was not being detected.
this took me barely a minute to unlock.
Waiting for a fastboot device...
Well, the communication with the 'net seems to work as intended but that is where it stops:
Code:
[18:01:15][INFO ] Starting login procedure
[18:01:24][INFO ] Login procedure succeeded
[18:01:25][INFO ] Checking account unlock permission
[18:01:27][INFO ] Unlock permission confirmed
[18:01:27][INFO ] Waiting for a fastboot device
Using the fastboot command line works for the same user account so this won't be solved by running the tool as root. The device reports itself as 18d1:d00d Google Inc. and shows up clearly when using the fastboot command line tool:
Code:
$ fastboot devices
deadbeef fastboot
(no, my device ID is not deadbeef)
Tried OpenJDK 10 and 9, Oracle JRE 8, no difference.
Digging deeper using strace shows the problem: the 'special' fastboot command you include (in bin/MiUnlockTool_res) is a 64-bit executable while I'm running the tool on a 32-bit machine. Substituting the provided tool for a link to the version already present on this machine makes the command progress to the error:
Code:
$ java -jar bin/MiUnlockTool.jar '[email protected]' 'mysupersecretpassword'
[18:19:25][INFO ] Starting login procedure
[18:19:36][INFO ] Login procedure succeeded
[18:19:36][INFO ] Checking account unlock permission
[18:19:39][INFO ] Unlock permission confirmed
[18:19:39][INFO ] Waiting for a fastboot device
[18:19:39][INFO ] Device connected: deadbeef
[18:19:39][INFO ] Obtaining device info...
[18:19:40][INFO ] Device info obtained
[18:19:40][INFO ] Checking if unlock will erase data and server message
[18:19:42][INFO ] Unlock procedure will erase userdata
[18:19:42][INFO ] Server message: An unlocked device is an easy target for malware which may damage your device or cause financial loss.
[18:19:42][INFO ] Querying unlock server for unlock key
[18:19:48][ERROR ] Unlock request replied with error code 20036
[18:19:48][ERROR ] Error meaning: After %d hours of trying to unlock the device
I guess I have to wait, how long I do not know as this is not shown in either mode (command line or GUI).
Anyway, you might want to add a 32-bit fastboot command or just tell users to install a native version and use that.
@YetAnotherForumUser
I see the same error message when I tried to unlock MI 8 (global version bought yesterday in official Xiaomi store in Poland). I tried official Xiaomi tools on Windows 10, but without any success (verify failed at 50%).
I'm using it on a Linux laptop, I get "buffer overflow detected" after "starting final unlock procedure" and then it fails
i have this 2 errors on linux tring to unlocking my redmi note 5 [20:59:38][ERROR ] Unlock request replied with error code 20036
[20:59:38][ERROR ] Error meaning: After %d hours of trying to unlock the device
After waiting 360 hours I was able to unlock my Mi 8 with this tool on my Ubuntu! With official MiFlashUnlock tool I wasn't able to unlock this device on Windows 10. Thanks a lot!
YetAnotherForumUser said:
Code:
...
[18:19:48][ERROR ] Unlock request replied with error code 20036
[18:19:48][ERROR ] Error meaning: After %d hours of trying to unlock the device
I guess I have to wait, how long I do not know as this is not shown in either mode (command line or GUI).
Click to expand...
Click to collapse
After about 13 days - I only tried twice in between - the thing is now unlocked. I needed to run the tool on a 64-bit machine as the 32-bit fastboot crashed (with a message in the lines of "* buffer overflow detected *"), possibly due to the longish argument used in the unlocking procedure.
YetAnotherForumUser said:
After about 13 days - I only tried twice in between - the thing is now unlocked. I needed to run the tool on a 64-bit machine as the 32-bit fastboot crashed (with a message in the lines of "* buffer overflow detected *"), possibly due to the longish argument used in the unlocking procedure.
Click to expand...
Click to collapse
I also used 64-bit OS -> Ubuntu 18.04 x64. It would be nice to see amount hours instead of %d, however it's just a minor bug. This tool is the best choice for Linux, MacOS and event Windows 10 users.
Hey guys,
Although I've unlocked & rooted other Android's in the past, this is my first time with a Xiaomi device. I've tried running the tool, and appear to get the "Error meaning: After %d hours of trying to unlock the device" error. Am I right in thinking this is just a bug in terms of the hours displayed, and that I will just need to wait the 15 or so days before I can unlock the device? At what point does that 15 days begin?
Also, once unlocked, what is the best way to flash a ROM? ADB via Terminal?
Looking to flash the Global MIUI over the Chinese one I currrently have.
Thanks!
Help. Can not connect to my phone in fastboot when using this tool. But the MiUnlock is still connected
huynhkhoa said:
Help. Can not connect to my phone in fastboot when using this tool. But the MiUnlock is still connected
Click to expand...
Click to collapse
Windows or linux ?
naik2902 said:
Windows or linux ?
Click to expand...
Click to collapse
window bro, please help me :crying:
huynhkhoa said:
window bro, please help me :crying:
Click to expand...
Click to collapse
Why r u not using original miunlock tool for windows ?
Did u enable oem unlock, usb debugging?
Installed fastboot drivers
Use fastboot devices command to check if u r device connected to pc.
Did u bind ur account to miunlock status in developer option?
Note: It would be great to keep this page open while following through on your PC instead of your phone as you'll be rebooting and resetting your phone by following this procedure.
Click to expand...
Click to collapse
Prerequisites:
ADB (Android Debugging Bridge) tools for your OS (Windows/Linux/Mac)
Windows
Mac
Linux
Custom Recovery Image (TWRP or some other that you prefer):
(Official TWRP web hosted version) Nokia 6.1 (2018)
Download from American Mirrors
Download from EU Mirrors
USB Cable to Connect the phone to the computer
The Phone: Nokia 6.1 (2018) (preferably Fully Charged)
The device drivers (for Windows and Mac)
A good and active Internet Connection
An active Email address and client to quickly view it.
In this tutorial I'll be referring to Linux terminal, Mac Terminal & Windows Command prompt/Powershell simply as terminal.
Click to expand...
Click to collapse
Installing adb and fastboot
Google hosts zips including only adb and fastboot. You can set these up for use with the instructions below.
On Windows
Download the (Windows.zip) from Google.
Extract it somewhere - for example, %USERPROFILE%\adb-fastboot
• On Windows 7/8:
1. From the desktop, right-click My Computer and select Properties
2. In the System Properties window, click on the Advanced tab
3. In the Advanced section, click the Environment Variables button
4. In the Environment Variables window, highlight the Path variable in the Systems Variable section and click the Edit button
5. Append ";%USERPROFILE%\adb-fastboot\platform-tools" to the end of the existing Path definition (the semi-colon separates each path entry)
• On Windows 10:
1. Open the Start menu, and type “advanced system settings”
2. Select “View advanced system settings”
3. Click on the Advanced tab
4. Open the “Environment Variables” window
5. Select the Path variable under “System Variables” and click the “Edit” button
6. Click the “Edit Text” button
7. Append ";%USERPROFILE%\adb-fastboot\platform-tools" to the end of the existing Path definition (the semi-colon separates each path entry)
• Install the device drivers linked in prerequisites (or from Nokia support site), and reboot.
On MacOS
Download the MacOS (Darwin.zip) from Google.
Extract it somewhere - for example, ~/adb-fastboot.
Add the following to ~/.bash_profile:
Code:
if [ -d "$HOME/adb-fastboot/platform-tools" ] ; then
export PATH="$HOME/adb-fastboot/platform-tools:$PATH"
fi
Log out and back in.
On Linux
Download the (Linux.zip) from Google.
Extract it somewhere - for example, ~/adb-fastboot.
Add the following to ~/.profile:
Code:
if [ -d "$HOME/adb-fastboot/platform-tools" ] ; then
export PATH="$HOME/adb-fastboot/platform-tools:$PATH"
fi
Log out and back in.
You may also need to set up udev rules: see (this repository) for more info.
Setting up adb
To use adb with your device, you’ll need to enable developer options and USB debugging:
1. Open Settings, and select “About”.
2. Tap on “Build number” seven times.
3. Go back, and select “Developer options”.
4. Scroll down, and check the “Android debugging” entry under “Debugging”.
5. Plug your device into your computer.
6. On the computer, open up a terminal/command prompt and type adb devices.
7. A dialog should show on your device, asking you to allow usb debugging. Check “always allow”, and choose “OK”.
Congratulations! adb is now ready to use with your device.
Unlocking the bootloader
Note: The steps below only need to be run once per device.
Code:
Warning: Unlocking the bootloader will erase all data on your device! Before
proceeding, ensure the data you would like to retain is backed up to your PC and/or
your Google account, or equivalent.
1. Make sure your computer has working fastboot and adb.
2. Enable USB debugging & OEM unlocking on your device under Settings->Developer Options. Incase you don't see Developer Options, then you need to unlock it by tapping Build Number 7 times in Settings->About Phone.
3. Get the current status of your bootloader:
Open a terminal on the PC and boot the device to fastboot mode by typing:
Code:
adb reboot bootloader
Once the device is in fastboot mode, verify your PC finds it by typing:
Code:
fastboot devices
If you see "no permissions fastboot" or "<waiting for device>", try running
Code:
fastboot
as root/Administrator.
From the same terminal, type the following command to get the bootloader status:
Code:
fastboot oem device-info
4. Follow the instructions at (Nokia Support) to unlock your bootloader, you will need to register at this site with a working/active email to proceed. They'll verify your device using an app to issue a validation code.
Note: If your device is not supported by the Nokia Bootloader Unlock
website, you will need to use an alternative bootloader unlock method.
Installing a custom recovery using fastboot
1. Make sure your computer has working fastboot and adb.
2. Enable USB debugging & OEM unlocking on your device under Settings->Developer Options. In case you don't see Developer Options, then you need to unlock it by tapping Build Number 7 times in Settings->About Phone. This needs to be done again due to resetting of your phone.
3. Download recovery - visit twrp.me to obtain the latest version of Team Win
Recovery Project for your device. Nokia 6.1 (2018) does have an official TWRP recovery that you can find here: Nokia 6.1 (2018) [PL2] respectively.
4. Connect your device to your PC via USB.
5. Open a terminal on the PC and boot the device to fastboot mode by typing:
Code:
adb reboot bootloader
6. Once the device is in fastboot mode, verify your PC finds it by typing:
Code:
fastboot devices
If you see "no permissions fastboot" or "<waiting for device>" , try running
Code:
fastboot
as root/Administrator.
7. Boot into TWRP temporarily:
Code:
fastboot boot twrp.img
8. Use adb to push the zip onto your device:
Code:
adb push twrp.zip /
9. Go to `Install` option on the TWRP menu and browse to the zip (Scrolling to the bottom should have the zip) and install the zip. The zip will install TWRP to both boot slots. Installing TWRP at this time will remove root if you are currently rooted.
If you accidentally flash TWRP to your device using fastboot instead of temporarily booting the image, you will need to download the latest factory image for your device and reflash the boot image.
Click to expand...
Click to collapse
This command assumes the recovery image is present in your current working directory (Check using `DIR` on command prompt or `ls` command on terminal)
If it isn't you can change your current directory to the directory containing the recovery image or copy/move the recovery image to your current working directory.
10. Now reboot into recovery to verify the installation:
That's all folks. You may now root your phone, or even flash a custom ROM. I suggest getting openGapps for the custom ROM if you wish to use Google play services on the custom ROM.
Popular adb commands
Code:
adb shell
Launches a shell on the device accessed through the terminal on your computer.
Code:
adb push <local> <remote>
Pushes the file <local> to <remote>
Code:
adb pull <remote> [<local>]
Pulls the file <remote> to <local>. If <local> isn’t specified, it will pull to the current folder.
Code:
adb logcat
Allows you to view the device log in real-time. You can use adb logcat -b radio to view radio logs, and adb logcat -C to view logs in colour
Code:
adb install <file>
Installs the given .apk file to your device
<local> refers to location on your computer (like c:\\Users\%USERPROFILE%\adb-fastboot on windows or ~/adb-fastboot on unix based OS), while <remote> refers to location on your android device (like "/sdcard/", without quotes)
Reserved
What do you do if oem unlocking in developer is greyed out? TA-1045
@toxicmender The official bootloader unlock was only released to the Nokia 8. So, what is the point posting it here?
Or have they silently added the 6.1?
singhnsk said:
@toxicmender The official bootloader unlock was only released to the Nokia 8. So, what is the point posting it here?
Or have they silently added the 6.1?
Click to expand...
Click to collapse
Unfortunately no, they haven't, removed the [incomplete] tag prematurely after reading it somewhere.
Currently only known way to unlock Nokia 6.1 seems to be to flash signature file.bin from these guys for fee.
at Step 4:
Code:
fastboot flash signature signature_file.bin
Also it has follow up instructions for flashing TWRP for anyone who has successfully unlocked their bootloader, since flashing TWRP is a bit different from most other phones
toxicmender said:
Unfortunately no, they haven't, removed the [incomplete] tag prematurely after reading it somewhere.
Currently only known way to unlock Nokia 6.1 seems to be to flash signature file.bin from these guys for fee.
at Step 4:
Code:
fastboot flash signature signature_file.bin
Also it has follow up instructions for flashing TWRP for anyone who has successfully unlocked their bootloader, since flashing TWRP is a bit different from most other phones
Click to expand...
Click to collapse
Why would you make start this thread then? It is completely pointless and misleading.
It is like making a post saying that there are flying cars and marking it [Incomplete]. It is just ****ing stupid.
I hope you drop your 6.1 and break it so you make **** posts in other phone forums instead of this one.
cmaxwe said:
.
I hope you drop your 6.1 and break it so you make **** posts in other phone forums instead of this one.
Click to expand...
Click to collapse
Hey now, there is really no need for that level of hostility. He knew they were doing unlocks for at least one Nokia phone, and me may not have known that they didn't have it for the 6.1.
Please don't talk to peope like that if they make a simple mistake when trying to provide info and help out the community. We're all human.
toxicmender said:
Unfortunately no, they haven't, removed the [incomplete] tag prematurely after reading it somewhere.
Currently only known way to unlock Nokia 6.1 seems to be to flash signature file.bin from these guys for fee.
at Step 4:
Code:
fastboot flash signature signature_file.bin
Also it has follow up instructions for flashing TWRP for anyone who has successfully unlocked their bootloader, since flashing TWRP is a bit different from most other phones
Click to expand...
Click to collapse
Honestly if there was a good amount of roms available for this phone I would gladly pay the $5 to unlock bootloader, although that method leaves me with questions. does that method survive ota? Does it actually work? Can it relock and unlock without paying again?
Is there really not that many people on here willing to try unlocking and flashing the many gsi roms available?
cmaxwe said:
Unfortunately no, they haven't, removed the [incomplete] tag prematurely after reading it somewhere.
Currently only known way to unlock Nokia 6.1 seems to be to flash signature file.bin from these guys for fee.
at Step 4:
Why would you make start this thread then? It is completely pointless and misleading.
It is like making a post saying that there are flying cars and marking it [Incomplete]. It is just ****ing stupid.
I hope you drop your 6.1 and break it so you make **** posts in other phone forums instead of this one.
Click to expand...
Click to collapse
It's not like there isn't a way, there is, just not a transparent method. Somehow those (refer to link in reply) are able to generate and send the signature file allowing you to unlock the phone, how it works or if your bootloader be locked again after updating is unknown to me ATM
mymeatb18 said:
Unfortunately no, they haven't, removed the [incomplete] tag prematurely after reading it somewhere.
Currently only known way to unlock Nokia 6.1 seems to be to flash signature file.bin from these guys for fee.
at Step 4:
Honestly if there was a good amount of roms available for this phone I would gladly pay the $5 to unlock bootloader, although that method leaves me with questions. does that method survive ota? Does it actually work? Can it relock and unlock without paying again?
Is there really not that many people on here willing to try unlocking and flashing the many gsi roms available?
Click to expand...
Click to collapse
Well the ROM development begins after an Official TWRP recovery, so the chances are there might be some. I'm not clear on the the OTA being able to relock the bootloader either since I was running Pie update when I got to know about it.
thread closed as per OP request
Hi guys!
I have the redmi k20 pro premium china rom, but its currently stuck in a bootloop so I cant get past the booting-up screen.
However, I still really want to get my photos from the phone, I don't have any cloud services connected.
I was wondering if there was any way to retrieve the photos since to get out of a bootloop I need to factory reset which will delete the memory.
Im willing to tear apart the phone however I doubt that will do anything?
Thanks in advance!!
If you can boot phone into Recovery mode then it's possible to fetch the photos via ADB.
jwoegerbauer said:
If you can boot phone into Recovery mode then it's possible to fetch the photos via ADB.
Click to expand...
Click to collapse
Do you know if theres a good tutorial i can follow for that, I'm having trouble grasping what exactly adb is?
If USB Debugging ( AKA ADB ) got enabled on your phone - and ONLY IF THIS GOT DONE - here the road map what to do
1. Download and install on PC the Android USB Drivers ( contains ADB ) suitable to your phone and make them systemwide accessible - i.e. add the install location to Windows OS's PATH variable
Download Xiaomi USB Driver For All Xiaomi Devices | Jan 2022
Here you can Download Xiaomi USB Driver of Any Xiaomi Device. We have shared both ADB Driver and Qualcomm Drivers for Mac & Windows 7/8/8.1/10 OS.
xiaomibuzz.com
2. On PC's drive C: create a folder named "pulled"
3. Boot phone into Recovery mode pressimg the related keys
4. Connect phone with PC via USB-cable that came with phone
5. In PC's command prompt run the commands - one after one -
Code:
adb devices
adb pull /sdcard/DCIM/ C:\pulled
If you don't understand the procedure printed above take phone to authorized service center and let them do the job.
root infinix XOS 12 (Android 12)
Infinix Zero 5G Ant-Man and the Wasp: Quantumania Edition
Easy unlock
1. Enable developer options and turn on/allow OEM unlocking and enable USB debugging
2. Reboot to fastoot
Code:
Code:
adb reboot bootloader
3. Unlock bootloader via fastboot (you will be prompted to accept yes with volume up on phone.
Code:
fastboot flashing unlock
4. Setup and install MTK client Linux (fallow guide)
[GUIDE] [MTK] How to use MTKClient and set it up!
So most of you probably don't know what mtkclient is. It is basically an exploit which is used to boot any (mtk) phone into BROM mode (basically EDL for mtk) I am writing this guide especially for the RM6785 community. This tool is very useful...
forum.xda-developers.com
4. backup all partitions with MTKClient/MTKTool GUI (launch the mtk_GUI with su/root)
in mtk_GUI
Go to,
Read Partition(s) Tab and tick all boxes to be read/backup the partitions except data partition (internal storage)
Now you should have a backup of your files/.bin
5. copy boot_a.bin to your phone internal for magisk patching manually on phone
(Time of writing latest)
https://github.com/topjohnwu/Magisk/releases/download/v25.2/Magisk-v25.2.apk
6. Rename (magisk renames the default .bin)
patched_boot_a.img to patched_boot_a.bin
7. Copy patched boot_a back to your computer/home folder.
8. flashing.
From fresh started Android reboot to fastboot.
Code:
adb reboot bootloader
DO THE NEXT 2 STEPS AT THE SAME TIME IN FASTBOOT.
(Fastboot commands)
Code: terminal
Code:
fastboot flash boot_a /path/to/patched_boot_a.bin
Code2: (disable verity/secure boot) use vbmeta_a.bin that you backed up from you're phone.
Code:
fastboot --disable-verity --disable-verification flash vbmeta_a /path/to/vbmeta_a.bin
AFTER flashing above you should now have root
############## system r/w#############
If you want system R/W writable (full root) fallow next steps.
1. go to system r/w website and get this version tested here.
Official SYSTEM-RW v1.41 by lebigmac for Samsung Galaxy S23 Ultra and other devices
lebigmac's software
lebigmac
www.systemrw.com
Link to file above
11.21 MB file on MEGA
mega.nz
This must be run on the phone!
Step 1
Decompress (7zip) SYSTEM-RW_v1.41.zip to this directory on device. sysrw_1.41
Code:
/data/local/tmp
Step 2 in Android terminal type
Code:
Code:
su
cd /data/local/tmp/sysrw_1.41
chmod +x sysrw
./sysrw
This will build the new patched r/w super.bin in /data/local/tmp/sysrw_1.41/IMG
Use file explorer (fx-file explorer) to copy patched_super.bin to phones internal/storage and then copy to computer to flash with fastboot.
Step 3
Code:
On computer/PC with adb and fastboot flash super. (Should be around 8gb file)
Code:
Code:
sudo adb reboot bootloader
sudo fastboot flash super /path/to/patched_super.bin
sudo fastboot reboot
########################
Enjoy system r/w[/code]
Lposed
CPU Demensity 1080, can play most emulators (dolphin/athersx2) at 30-60 FPS,a really powerful gaming phone
Phone
Infinix Zero 5G Ant-Man and the Wasp Quantumania Edition
Any help please
Can elaborate this please. Im stuck at this step
Mtk-client has a user interface see photo
Step4 in mtk_GUI
Go to,
Read Partition(s) Tab and tick all boxes to be read/backup the partitions except data partition (internal storage)
Now you should have a backup of your files/.bin
Still can not change SELinux to permissive or install.... some madgisk modules..?? Assuming because the boot is reed only, wish system r/w worked on boot to as it contains the kennel..
Hi what version is your device? Is it v810? I was wondering if your device can boot into BROM mode.
Build number:
X6815C-H777A-S-GL-221010V451
Should work on
X6815
X6815B
And to get into BROM mode (to my understanding) on any mediatek CPU/phone simply power the device off with no USB connected...
Launch mtk_GUI with root, and it will ask to hold volume up or down while connecting the USB from a powered off state (try different button combinations)
Mtk _GUI is touchy!... with how it connects it usually takes me 2-3 attempts of rebooting and powering off my phone to get it connect/recognize in brom mode
(Might be worth noting)
If your Linux sysctl.conf has these security JIT settings
net.core.bpf_jit_harden=2
kernel.unprivileged_bpf_disabled=1
kernel.kexec_load_disabled=1
Or more...
mtk client will not recognize your devices... Simply move sysctrl.conf temporarily and reboot your Linux machine and try again
notreal456789 said:
Build number:
X6815C-H777A-S-GL-221010V451
Should work on
X6815
X6815B
And to get into BROM mode (to my understanding) on any mediatek CPU/phone simply power the device off with no USB connected...
Launch mtk_GUI with root, and it will ask to hold volume up or down while connecting the USB from a powered off state (try different button combinations)
Mtk _GUI is touchy!... with how it connects it usually takes me 2-3 attempts of rebooting and powering off my phone to get it connect/recognize in brom mode
(Might be worth noting)
If your Linux sysctl.conf has these security JIT settings
net.core.bpf_jit_harden=2
kernel.unprivileged_bpf_disabled=1
kernel.kexec_load_disabled=1
Or more...
mtk client will not recognize your devices... Simply move sysctrl.conf temporarily and reboot your Linux machine and try again
Click to expand...
Click to collapse
Damn sadly im on v810 now and it doesn't enter into BROM mode anymore or maybe am i doing something wrong but idk. I hope infinix will enable it again
Hnojohn said:
Damn sadly im on v810 now and it doesn't enter into BROM mode anymore or maybe am i doing something wrong but idk. I hope infinix will enable it again
Click to expand...
Click to collapse
This is why I don't update things, also it could be the setup Maby I'll post a Linux.iso with mtk client setup correctly
I still use Android apps from 2008 that still work on Android 12 fine
PrefaceLuckily, it looks like Infinix is following the general trend of Android root solutions being more straightforward than in the recent past. Besides the usual spiel about your warranty being voided, and the annoying chirp each time you boot your phone, this hopefully won't present any problems for you if you do end up rooting your phone.
Notices
Still, I'm not responsible for anything bad that will happen to your phone if you do this, and there's no support guaranteed either from me or your OEM/support centre.
There's quite a few steps to this, and naturally you're gonna need a few more things to setup before you even start.
Your phone's data will be reset, please backup everything you'd like to keep before rooting your phone (now and in general).
You do need to know some things already, mainly what ADB and Fastboot are, and how to keep your working environment clean and straightforward.
Please do review all the tools you're working with, be sure that you personally trust all the software you're running.
And last but not least, you won't be able to update your phone through OTA updates anymore unless you go back to stock firmware.
The process
Make an environment for easy access:
Setup ADB and Fastboot (either as a local executable or a global environment variable to that executable).
Setup an easy to access directory with the Google Fastboot driver in it.
Grab your firmware's boot.img file, or grab the one attached to this post, or from here (and skip to the preliminary work section):
1. Download your phone's current ROM.
2. Extract it, as it should be a simple .zip file.
3. Look for the file of the same name (boot.img).
4. Copy it to your phone's storage, anywhere works.
Install the Magisk APK (from their Github).
Once it's installed, Magisk's app frontend allows you to patch your stock boot.img with itself, the gist of it is:
Click on Install within the app, in the "Magisk" section of the main menu.
Click "Select and patch a file", a file selection menu will show up, select the stock boot.img, then start the installation.
Magisk should spit out a patched boot.img named in the format of magisk_patched_[random_strings].img, in your phone's /sdcard/Download/ directory.
Copy that back into our working directory, and rename it to magisk_patched.img for easier usage.
Now, let's do some preliminary work, in any order, really:
Have Powershell or CMD open in the directory of all your tools, alongside the patched image.
Click to expand...
Click to collapse
From here on out, if you have to use adb as a command, and it's not a global environment variable, use ./adb while in the working directory instead, the same goes for fastboot.
Click to expand...
Click to collapse
Make sure that the adb daemon (adbd) is properly detecting your phone:
Enable developer options.
Enable ADB debugging.
Run adb devices to start the server daemon for ADB, and see if ADB detects your phone.
Authorize your PC for ADB debugging if it prompts you to.
Click to expand...
Click to collapse
Infinix's implementation of Fastboot will exit back out of itself and into normal boot after 60 seconds of inactivity, which makes this a tad annoying, although you can simply send it any input to reset that timer.
Click to expand...
Click to collapse
Let's start:
Restart the phone into Fastboot, adb reboot bootloader loader, it'll take a second, the phone is slow.
Unlock flashing 3rd party software, fastboot flashing unlock, the phone will prompt you on the screen to confirm doing this. Yes, this will void your warranty.
Flash magisk_patched.img to both A and B virtual partitions, fastboot flash boot_a magisk_patched.img and then fastboot flash boot_b magisk_patched.img.
That should be it! fastboot reboot to boot normally!
Be sure to also run the Magisk app so it finishes setting itself up, with another reboot, naturally.
TechnicalitiesThe Infinix Hot 30 Play does have a dedicated vbmeta partition, it's advised that you also flash it alongside flashing the patched boot.img for Verified Boot, but that's not necessary if you don't want to tinker with your super partition's crypto keys.
Thank yous- topjohnwu for their work on Magisk.
- ansh_/ and their post/guide on rooting the Infinix Hot 11, that I used originally.
Addendum
Using fastboot with MediaTek SoCs will be a bit of a pain as their driver availibilty is limited, if it doesn't get installed by Windows automatically, you have a few options:
Grab the Google's Pixel driver, and install it in realtime during fastboot.
Try to install the VCOM driver from a source you trust.
For grabbing the Google one, you'll have to:
Extract the driver somewhere easy to access.
Open Windows' Device Manager.
Plug in your phone during fastboot to your Windows PC.
Replace the "Unknown" entry for your phone with the Google driver in device manager, within the 60 second window it stays open in.
Note that you'll have to do this every time you go into fastboot.