THIS THREAD IS FOR UPDATING MOTO X4 RETAIL WITH Android 8.0 OCTOBER PATCH DIRECTLY TO PIE. If it doesn't work, or if you're on any other version of Android, then please refer to the other thread. https://forum.xda-developers.com/moto-x4/development/stock-install-stock-android-pie-t3873129
So I was basically just tired of the other thread not being updated and having all these people posting about updating to Android 8.1 and THEN 9.0 (pie) and sideloading, and fastbooting, and all this crazy ****.
So I decided to streamline the whole thing with a three step process:
(NOTE: I have only tested this on locked bootloader Android 8.0.)
STEP ONE:
Download this file and place it in your root INTERNAL STORAGE folder:
https://moto.netlib.re/payton/OTAs/ab_delta-Blur_Version.27.301.32-29.11.36.payton.retail.en.US.zip
UPDATE:
https://mega.nz/#!QQ1mgKpS!ce2kysojSUv9pzA-V4YE4kv5jg0S7X5X1lNrIWn6su0
STEP TWO:
Enable Storage access for Motorola Update Service by going into Apps, selecting "Show System" from the three dot menu, and enabling storage permission.
STEP THREE:
Go to System Update and check for new updates. And update your system.
Software Channel should remain the same... All your apps should be in place. No need to software reset. No need to do ANYTHING other than update to Pie 9.0.
I did this on my own XT1900-7 RETEU which still has locked bootloader and was originally on Android 8.0 October update.
TESTED ON (tag me in your post and I'll add here):
XT1900-4 (latam)
Android: 8.0
Security patch: 1 Oct 2018
Build number: OPWS27.2.5
Software Channel: openmx
XT1900-7
Android: 8.0
Security patch: 1 Oct 2018
Build Number: OPW27.2.5
Software Channel: reteu
Duplicate thread I think )
Is it under project treble(android P)?
TeamRainless said:
So I was basically just tired of the other thread not being updated and having all these people posting about updating to Android 8.1 and THEN 9.0 (pie) and sideloading, and fastbooting, and all this crazy ****.
So I decided to streamline the whole thing with a three step process:
(NOTE: I have only tested this on locked bootloader Android 8.0.)
STEP ONE:
Download this file and place it in your root INTERNAL STORAGE folder:
https://moto.netlib.re/payton/OTAs/ab_delta-Blur_Version.27.301.32-29.11.36.payton.retail.en.US.zip
STEP TWO:
Enable Storage access for Motorola Update Service by going into Apps, selecting "Show System" from the three dot menu, and enabling storage permission.
STEP THREE:
Go to System Update and check for new updates. And update your system.
Software Channel should remain the same... All your apps should be in place. Not need to software reset. No need to do ANYTHING other than update to Pie 9.0.
I did this on my own XT1900-7 RETEU which still has locked bootloader and was originally on Android 8.0 October update.
Click to expand...
Click to collapse
This OTA file is specific for the Android 8.0 with October Security Patch with the blur version mentioned on the file name (Blur_Version.27.301.32).
St.Noigel said:
Duplicate thread I think )
Click to expand...
Click to collapse
NOPE. The other thread is all about updating to 8.1 first... and fastbooting. This one you just use the regular OTA update to go from 8.0 to 9.0. That isn't mentioned in the OP of the other thread.
abrfilho said:
This OTA file is specific for the Android 8.0 with October Security Patch with the blur version mentioned on the file name (Blur_Version.27.301.32).
Click to expand...
Click to collapse
Pretty sure I mentioned (At the bottom) that I was upgrading from the October Patch to Pie. I don't know that it's specifically necessary or will only work from that exact version.
Prior to updating I was on OPWS27.57-40-25 or build # OPW27.2.5
Worked just fine.
TeamRainless said:
NOPE. The other thread is all about updating to 8.1 first... and fastbooting. This one you just use the regular OTA update to go from 8.0 to 9.0. That isn't mentioned in the OP of the other thread.
Pretty sure I mentioned (At the bottom) that I was upgrading from the October Patch to Pie. I don't know that it's specifically necessary or will only work from that exact version.
Prior to updating I was on OPWS27.57-40-25 or build # OPW27.2.5
Worked just fine.
Click to expand...
Click to collapse
Mention the Blur Version too, if I'm not wrong, there's a 306 instead of 301, the OTA file will not work with that.
abrfilho said:
Mention the Blur Version too, if I'm not wrong, there's a 306 instead of 301, the OTA file will not work with that.
Click to expand...
Click to collapse
I don't think I had either of those and it worked for me...
It fails at the end od step 3 of the update with "
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(50)] Error opening fstab file.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(50)] Error opening fstab file.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(90)] Failed to open /proc/mounts.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(50)] Error opening fstab file.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(50)] Error opening fstab file.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(90)] Failed to open /proc/mounts."
How to I fix this?
vidra said:
It fails at the end od step 3 of the update with "
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(50)] Error opening fstab file.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(50)] Error opening fstab file.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(90)] Failed to open /proc/mounts.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(50)] Error opening fstab file.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(50)] Error opening fstab file.
12-06 16:39:00.973 5164 6584 I OtaApp : [1206/163900:ERROR:utils_android.cc(90)] Failed to open /proc/mounts."
How to I fix this?
Click to expand...
Click to collapse
Which phone do you have? What adroid version are you on? What is your build #?
TeamRainless said:
Which phone do you have? What adroid version are you on? What is your build #?
Click to expand...
Click to collapse
He probably has UN-locked, based what I can see from his post history:
"Ok, I did some more digging and as it turn out, even when I restored my phone to stock and tried to install from OTA, it somehow set the ROOTED flag to true, I don't understand why since my deice..."
bookworth said:
He probably has UN-locked, based what I can see from his post history:
"Ok, I did some more digging and as it turn out, even when I restored my phone to stock and tried to install from OTA, it somehow set the ROOTED flag to true, I don't understand why since my deice..."
Click to expand...
Click to collapse
Ah yes... It's definitely NOT going to work if you have an unlocked bootloader. (I mean... if you unlocked your bootloader... then why would you still be on Android 8.0?) This is, again, only for Android 8.0 phones with the October patch.
I don't think it matters so much WHICH October patch you have (I've heard a few different build numbers now...) but until I hear somebody with a Locked 8.0 October patch that *doesn't* work... I'm going to assume that everyone who has the October patch and hasn't unlocked their bootloader should be just fine.
If it doesn't work for you just go over to the other thread.
Working with XT - 19000 -2. ( Indian version) ?
Cuz I feel Motorola have different plans for Indian version
Do i need to change name of the file or something else??
as i am not able to see any update in about after checking for update also, please help please
dimpsa said:
Do i need to change name of the file or something else??
as i am not able to see any update in about after checking for update also, please help please
Click to expand...
Click to collapse
You have to give storage permission to the Motorola Update Service. Otherwise it won't be able to see the file.
And the file HAS to be in the root of your Internal Storage. You might have to enable Internal Storage in whatever your file manager is. (*I* had to for the default file manager.)
It won't work if you just have it in like your "Downloads" folder or something...
just to make sure, this will NOT wipe my data?
Cisencjusz said:
just to make sure, this will NOT wipe my data?
Click to expand...
Click to collapse
Not that I know of. It didn't wipe mine or anyone else's on this thread. But... AS ALWAYS... I would do a full backup anyway just because there are a thousand REASONS why you should always have a backup. Even when you're doing 100% legit updates, security updates, and anything else.
But I can tell you for sure that it did not wipe MY data.
TeamRainless said:
You have to give storage permission to the Motorola Update Service. Otherwise it won't be able to see the file.
And the file HAS to be in the root of your Internal Storage. You might have to enable Internal Storage in whatever your file manager is. (*I* had to for the default file manager.)
It won't work if you just have it in like your "Downloads" folder or something...
Click to expand...
Click to collapse
bro, it's not in any folder, and permission given but not able to detect update file.... help plzz ??
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my moto x4 using XDA-Developers Legacy app
Cisencjusz said:
just to make sure, this will NOT wipe my data?
Click to expand...
Click to collapse
yes bro, if you getting the update, it will not wipe anything... you can proceed... ??
Sent from my moto x4 using XDA-Developers Legacy app
dimpsa said:
bro, it's not in any folder, and permission given but not able to detect update file.... help plzz View attachment 4659918View attachment 4659919
Sent from my moto x4 using XDA-Developers Legacy app
Click to expand...
Click to collapse
And you have NEVER unlocked your bootloader or rooted your phone, right?
TeamRainless said:
And you have NEVER unlocked your bootloader or rooted your phone, right?
Click to expand...
Click to collapse
The clock is showing "seconds" in the screenshot. Not sure I've seen that stock?
Related
Hi All
Today I am releasing Moto X Play (India) Official Marshmallow 6.01 OTA ZIP File. This was released by Motorola for Indian Version of Moto X Play. Get your hands dirty and share your feedback. :laugh:
Mega - Download
MediaFire - Download
GitHub - Download
This OTA Update can be applied ONLY on Android 6.0 Build MPD24.65-18 and will be updated to Android 6.01 Build MPD24.107-52. Detailed info on new update can be read at Motorola Forum
==================================================
Filename : Blur_Version.24.61.52.lux_retasia_ds.retasiaall.en.03.zip
MD5 : 1646ecaa99392fd8507abab218a60b95
SHA1 : ba4c6f578e6cb3f1348738b59a5899348a765786
CRC32 : 0a024399
SHA-256 : 877a3f9eca01c45b37da8e2f2abf89650f081122683f141b638690309403ad8e
SHA-512 : 4ac7d32df70e8525c49184729d55cf82604be826251aa1cddcbc9b66553c0a19cdf5bf2cf819e745ebec144a28ddd6fc96066b28593bfa6119cd758c87c1ee85
SHA-384 : 86b3ac3bc98066c76e0fc0a3d5711770b17176b067bf015cec28c9ea760ff0bd4ec27cda04d4c2b5799292acb9d3c3d9
Modified Time : 23-Mar-2016 11:44:31
Created Time : 23-Mar-2016 11:45:47
File Size : 406,244,549
Extension : zip
File Attributes : A
Model : Indian XT1562 100% [ Unsure if it will be compatible with other regions and variations of handset ]
==================================================
Results Reported By Users
EU Version - Success As Reported By ndrsgan
Steps To Update To Android 6.01
Save the downloaded file to Root of SD Card and follow instructions :
Method 01
Just Save the downloaded file to Root of SD Card [External Memory Card and not Internal Memory] and go to Settings --> About Phone --> System Updates. Update will be auto recognized and user will be prompted to apply update. In case update is not recognized and do not get any update prompt, then try Method 02.
Method 02 :
With the phone powered off, press and hold the Volume Down button and the Power button at the same time until the device turns on.
Press the Volume Down button to highlight "Recovery mode"
Press the Power button to restart into Recovery mode.
You'll see an image of an Android robot with a red exclamation mark.
While holding down the Power button, press the Volume Up button.
Phone will auto reboot to Recovery Mode.
Using Volume Down Button highlight Apply update from SD Card and press Power Button.
From the contents of SD Card Listed, using Volume Up / Down button select dowloaded .zip File and press Power Button.
Updatation Process will start. It will take about 30 Mins to complete updatation.
My Australian build number matches so I will give this a go when the link is live.
Link Is Live
bambalam said:
My Australian build number matches so I will give this a go when the link is live.
Click to expand...
Click to collapse
Mega link is live. Enjoy :laugh: :fingers-crossed:
Thanks i try it with the german Version
Timate5 said:
Thanks i try it with the german Version
Click to expand...
Click to collapse
Thanks. Do Let me know your build number and result. I will update thread with your inputs and it will help others as well.
My BUILD number is 24-65-18 but dont work the ota recures retasia 6.0 i have reteu so i need to wait
XDASNR said:
Thanks. Do Let me know your build number and result. I will update thread with your inputs and it will help others as well.
Click to expand...
Click to collapse
I've updated with your file, and all ok... I have an EU moto x play, but when I updated to 6.0, I changed to the indian version.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
ndrsgan said:
I've updated with your file, and all ok... I have an EU moto x play, but when I updated to 6.0, I changed to the indian version.
Click to expand...
Click to collapse
I dont think it should matter much. I have read on forum many in EU have RETASIA Firmware Out Of The Box. The Only Difference should be in Modem Files but phone calls should not be affected.
Few have used RETASIA Firmware in France and Germany without any Issues. I Wonder it is same in your case else you can download and flash EU Stock 6.01. As far as i know, bootloader need not be unlocked when flashing Stock.
XDASNR said:
I dont think it should matter much. I have read on forum many in EU have RETASIA Firmware Out Of The Box. The Only Difference should be in Modem Files but phone calls should not be affected.
Few have used RETASIA Firmware in France and Germany without any Issues. I Wonder it is same in your case else you can download and flash EU Stock 6.01. As far as i know, bootloader need not be unlocked when flashing Stock.
Click to expand...
Click to collapse
yes, I want to say that the file works fine. I have the indian firmware (6.0) since one month ago, and I haven't had any problem. With 6.0.1, at this moment, any problem... I have green network, not red as most people report in EU.
ndrsgan said:
yes, I want to say that the file works fine. I have the indian firmware (6.0) since one month ago, and I haven't got any problem. With 6.0.1, at this moment, any problem... I have green network, not red as most people report in EU.
Click to expand...
Click to collapse
Thanks.
Link doesn't work for me. BSNL is my ISP. Any other links?
New Download Site Added
lokesh.acm said:
Link doesn't work for me. BSNL is my ISP. Any other links?
Click to expand...
Click to collapse
MediaFire Link Added
XDASNR said:
Hi All
Today I am releasing Moto X Play (India) Official Marshmallow 6.01 OTA ZIP File. This was released by Motorola for Indian Version of Moto X Play. Get your hands dirty and share your feedback. :laugh:
Mega - Download
MediaFire - Download
This OTA Update can be applied ONLY on Android 6.0 Build MPD24.65-18 and will be updated to Android 6.01 Build MPD24.61-52. Detailed info on new update can be read at Motorola Forum
==================================================
Filename : Blur_Version.24.61.52.lux_retasia_ds.retasiaall.en.03.zip
MD5 : 1646ecaa99392fd8507abab218a60b95
SHA1 : ba4c6f578e6cb3f1348738b59a5899348a765786
CRC32 : 0a024399
SHA-256 : 877a3f9eca01c45b37da8e2f2abf89650f081122683f141b638690309403ad8e
SHA-512 : 4ac7d32df70e8525c49184729d55cf82604be826251aa1cddcbc9b66553c0a19cdf5bf2cf819e745ebec144a28ddd6fc96066b28593bfa6119cd758c87c1ee85
SHA-384 : 86b3ac3bc98066c76e0fc0a3d5711770b17176b067bf015cec28c9ea760ff0bd4ec27cda04d4c2b5799292acb9d3c3d9
Modified Time : 23-Mar-2016 11:44:31
Created Time : 23-Mar-2016 11:45:47
File Size : 406,244,549
Extension : zip
File Attributes : A
Model : Indian XT1562 100% [ Unsure if it will be compatible with other regions and variations of handset ]
==================================================
Results Reported By Users
EU Version - Success As Reported By ndrsgan
Steps To Update To Android 6.01
Save the downloaded file to Root of SD Card and follow instructions :
Method 01
Just Save the downloaded file to Root of SD Card [External Memory Card and not Internal Memory] and go to Settings --> About Phone --> System Updates. Update will be auto recognized and user will be prompted to apply update. In case update is not recognized and do not get any update prompt, then try Method 02.
Method 02 :
With the phone powered off, press and hold the Volume Down button and the Power button at the same time until the device turns on.
Press the Volume Down button to highlight "Recovery mode"
Press the Power button to restart into Recovery mode.
You'll see an image of an Android robot with a red exclamation mark.
While holding down the Power button, press the Volume Up button.
Phone will auto reboot to Recovery Mode.
Using Volume Down Button highlight Apply update from SD Card and press Power Button.
From the contents of SD Card Listed, using Volume Up / Down button select dowloaded .zip File and press Power Button.
Updation Process will start. It will take about 30 Mins to complete updatation.
Click to expand...
Click to collapse
Are you sure that the updated Build Number on 6.0.1 is MPD24.61-52 and not MPD24.107-52... Checking over at https://github.com/motoxplay/stock the new build on OTA as well as full Stock firmware is MPD24.107-52 not the one you're refering to...
Should my phone be rooted to flash this??
siddharthnair96 said:
Are you sure that the updated Build Number on 6.0.1 is MPD24.61-52 and not MPD24.107-52... Checking over at https://github.com/motoxplay/stock the new build on OTA as well as full Stock firmware is MPD24.107-52 not the one you're refering to...
Click to expand...
Click to collapse
Well this time Build Number and System Number is not same!! System Number is 24.61.52 and Build Number is MPD24.107-52. BTW Thanks for raising this up; I have updated my posted to include Build Number and not System Number.
the_harsh said:
Should my phone be rooted to flash this??
Click to expand...
Click to collapse
No, it mustn't.
I have a rooted play with twrp and xposed framework installed.. Could someone explain how to update?
Uninstall xposed, unroot, flash stock recovery.
How do i unroot without losing data or flashing a stock rom
Gauravpreet said:
How do i unroot without losing data or flashing a stock rom
Click to expand...
Click to collapse
There already a TWRP release of 6.01. Just download and follow instructions. Typically all you have to do is boot to TWRP and select restore the newly downloaded firmware. Its that simple. Dont get in trap of unroot and all. Its a OTA Update and will check for system integrity which you must have lost and fail.
Just use the search function of XDA. You will be amazed with results. Just in case you dont, lemme know to get you the link.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
This method is based on Amazing Temp Root for MediaTek ARMv8 by diplomatic
Clever work that give MTK-soc devices a bootless root ( Root remains until reboot ). And lucky enough it works on our Nokia 5.1 Plus
So to begin :
-Grab diplomatic lastest mtk-su.zip in Amazing Temp Root for MediaTek ARMv8
- Follow instructions from Bootless root with Magisk and MTK-SU
#You can install Magisk Manager from the magisk 18.1 package, or any version below 7.1.2. Lastest version of MM doesn't work.
And your device should have root permission.
Hi stizzir,
Great post I've tried it and it works.
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Best regards,
voidRunner
I tried it as well and it works. Thanks for letting us know I've been checking these forums every week waiting for something like this. I also used Magisk 7.0.0 inside the 18.1 Magisk zip. Latest version didn't work.
@vddrnnr
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
Click to expand...
Click to collapse
Wow good to know, i encountered that problem too, and you figure it out !
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Click to expand...
Click to collapse
I don't think full root can be acquired since there are still no Bootloader unlock solution yet, really looking for that. N-tool devs are working on it and they said X5 unlock is coming soon. But the bootless root work fine ! couldn't complain anything, it's basically a rooted device.
I tried Adaway it didn't work first time but worked second time, After that it would not work again no matter what I tried, says not enough space on partition. I checked host file when it worked and it had changed. Titanium backup worked, SD maid worked. Looks like I was wrong you can't edit or delete anything in system folder.
@rustdroid
I tried it as well and it works. Thanks for letting us know I've been checking these forums every week waiting for something like this. I also used Magisk 7.0.0 inside the 18.1 Magisk zip. Latest version didn't work.
Click to expand...
Click to collapse
No problems, but again, all the credits go to diplomatic for his work, I'm just lucky enough to come across his thread.
Yes latest Magisk doesn't work, diplomatic had already mentioned it the original thread.
rustdroid said:
I tried Adaway it didn't work first time but worked second time, After that it would not work again no matter what I tried, says not enough space on partition. I checked host file when it worked and it had changed. Titanium backup worked, SD maid worked. Mixplore root worked I deleted Google drive app from system/apps but took a few tries and reboots for it to be uninstalled, the folder always restores after reboot.
Click to expand...
Click to collapse
This is just a temporary solution so don't expect much out of it.
The doors will be open once the Bootloader can be unlock
Yes I know and I'm happy with it until we can unlock bootloader. Hopefully they can find a way soon but this will do until then.
Can someone else with this phone try Adaway to see if it can edit host file or delete a system app like Google drive (move the app file in system/apps replace it after tested) ? Just want to see if I'm only one that can't edit system folder.
Edit: It's okay I just read that you can't modify System/Vendor partition unless boot image modified. Will have to wait until bootloader unlocked.
vddrnnr said:
Hi stizzir,
Great post I've tried it and it works.
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Best regards,
voidRunner
Click to expand...
Click to collapse
rustdroid said:
Can someone else with this phone try Adaway to see if it can edit host file or delete a system app like Google drive (move the app file in system/apps replace it after tested) ? Just want to see if I'm only one that can't edit system folder.
Edit: It's okay I just read that you can't modify System/Vendor partition unless boot image modified. Will have to wait until bootloader unlocked.
Click to expand...
Click to collapse
Man i just can't wait for the Bootloader unlock. Nokia obviously doesn't want to offer a official unlock service ( at least for now ) since the android one line-up is meant to be as stock as possible. The company also promised to support new Android One devices in the next 3 years, so allowing Bootloader unlock will work agains their product course i think.
I have seen many attempts from the community however, and i have trust in them, many devices get unlocked by a unofficial method so.... Wait for the good news.
@stizzie I can't wait, hate having a device that I don't have full control. I've asked Nokia on there forums and signed a partition that is closed now, That's all I can do and just wait. I read somewhere that Nokia will allow it soon but who knows how long. Hopefully someone finds another way soon.
Doing this won't kill OTA, right?
Rajeel911 said:
Doing this won't kill OTA, right?
Click to expand...
Click to collapse
Absolutely not
stizzie said:
This method is based on Amazing Temp Root for MediaTek ARMv8 by diplomatic
Clever work that give MTK-soc devices a bootless root ( Root remains until reboot ). And lucky enough it works on our Nokia 5.1 Plus
So to begin :
-Grab diplomatic lastest mtk-su.zip in Amazing Temp Root for MediaTek ARMv8
- Follow instructions from Bootless root with Magisk and MTK-SU
#You can install Magisk Manager from the magisk 18.1 package, or any version below 7.1.2. Lastest version of MM doesn't work.
And your device should have root permission.
Click to expand...
Click to collapse
Can I give permission to es file file explorer if yes than how??
And can I modify this partition Device/data/nvram/APCFG/APRDEB
Ranjhag said:
Can I give permission to es file file explorer if yes than how??
And can I modify this partition Device/data/nvram/APCFG/APRDEB
Click to expand...
Click to collapse
Just follow instructions in the provided links, you should have root permission. Applications working or not really depends on your device so it won't hurt if you try it yourself.
Device is Nokia 5.1 plus?
And sir can u tell me where I have to paste mku-su file? In the pc
I got OTA update today while this thing was running so no OTA issues.
Just 2 warnings:
1) Don't write even a single byte to system partition or boot partition.
2) Don't expect Netflix etc to work since it breaks CTS profile and basic integrity. Banking apps etc will whine for rightful reasons too.
Ilgazc said:
I got OTA update today while this thing was running so no OTA issues.
Just 2 warnings:
1) Don't write even a single byte to system partition or boot partition.
2) Don't expect Netflix etc to work since it breaks CTS profile and basic integrity. Banking apps etc will whine for rightful reasons too.
Click to expand...
Click to collapse
It doesn't let you do anything to system or boot partition. I tried editing and deleting and doesn't work. Have to wait until bootloader unlocked.
Rajeel911 said:
Doing this won't kill OTA, right?
Click to expand...
Click to collapse
rustdroid said:
It doesn't let you do anything to system or boot partition. I tried editing and deleting and doesn't work. Have to wait until bootloader unlocked.
Click to expand...
Click to collapse
If you (by chance) are able to write a single byte to system or boot partition on this dm-Verity enabled device, it won't boot and will need service center.
That changes if bootloader can be unlocked of course.
Ilgazc said:
If you (by chance) are able to write a single byte to system or boot partition on this dm-Verity enabled device, it won't boot and will need service center.
That changes if bootloader can be unlocked of course.
Click to expand...
Click to collapse
Okay thanks for the info. Guess I was lucky that you can't do anything. I tired to delete a few pre installed apps and edit the host file. Looks like this is as good as it gets until we can unlock bootloader.
This is a stop-gap solution until we get a fully working TWRP with data decryption on the OnePlus 7T Pro 5G McLaren.
Tutorial video here (up to 4K; fullscreen recommended): https://youtu.be/rNwyb_gaByE
requirements:
*OnePlus 7T Pro 5G McLaren (HD1925)
*bootloader unlocked
*USB connected to PC with adb/fastboot
installation:
fastboot getvar all
(look for the (bootloader) current-slot text)
fastboot flash recovery_a recovery_11.0.1.4_adb_nosec.img
or
fastboot flash recovery_b recovery_11.0.1.4_adb_nosec.img
usage:
adb shell
removal:
fastboot getvar all
(look for the (bootloader) current-slot text)
fastboot flash recovery_a recovery_11.0.1.4.img
or
fastboot flash recovery_b recovery_11.0.1.4.img
recovery_11.0.1.4_adb_nosec.img.zip
https://drive.google.com/file/d/1iq-LyWItf1P_0LdoGs5WKaH79TX849G6/view?usp=sharing
recovery_11.0.1.4.img.zip
https://drive.google.com/file/d/1NhVeCjunEJ2X4cdyPuHbxTISu91uTR6H/view?usp=sharing
OLD
recovery_11.0.1.3_adb_nosec.img.zip
https://drive.google.com/file/d/1sxZGQpXG_Fk-yK4NZmB6Im8wSxlcbSPZ/view?usp=sharing
recovery_11.0.1.3.img.zip
https://drive.google.com/file/d/1LDydnV4fdTFbzPD2orZycaYUeSeYYnT-/view?usp=sharing
recovery_11.0.1.2_adb_nosec.img.zip
https://drive.google.com/file/d/1J0jQXJhKmEiH9sLExUPb1arehXeMQGWn/view?usp=sharing
recovery_11.0.1.2.img.zip
https://drive.google.com/file/d/1Avb2y9bc0oZGVMBS40BXQ-_-efzWNJyj/view?usp=sharing
recovery_10.0.43_adb_nosec.img.zip
https://drive.google.com/file/d/1GD1QWWN_q5Lq5-O_w0OgN2jE3dG2_-M0/view?usp=sharing
recovery_10.0.43.img.zip
https://drive.google.com/file/d/1OL1oy9yb3dFE5gsWdrUQVZd5PcHi9ap-/view?usp=sharing
recovery_10.0.42_adb_nosec.img.zip
https://drive.google.com/file/d/1n7tQWR1nRp2vDwejE2dKCjHONwm32ZTs/view?usp=sharing
recovery_10.0.42.img.zip
https://drive.google.com/file/d/1IdMuwj-onVeUYGe0u0XjlIbU0E4mnz0-/view?usp=sharing
recovery_10.0.41_adb_nosec.img.zip
https://drive.google.com/file/d/1zRBMHHIDmTCtReTUCorhNDknzwU4Z5Jf/view?usp=sharing
recovery_10.0.41.img.zip
https://drive.google.com/file/d/1jPC9R5ZY8obIXfOH9k7ghnm3oCsBfTCs/view?usp=sharing
recovery_10.0.40_adb_nosec.img.zip
https://drive.google.com/file/d/1k_GSg4EBf8ejhA2Yk6JInnd8oQTz4WPE/view?usp=sharing
recovery_10.0.40.img.zip
https://drive.google.com/file/d/12YSaIiQhroRXehGR3xi4nzBUx7oeNiNL/view?usp=sharing
recovery_10.0.39_adb_nosec.img.zip
https://drive.google.com/file/d/1eqPCZ9ExaEDpNt3huTmU07z2WVKR-i72/view?usp=sharing
recovery_10.0.39.img.zip
https://drive.google.com/file/d/1Elpc8jv1kYeNAMWyU1nJyjkzG0rd6zTg/view?usp=sharing
recovery_10.0.37_adb_nosec.img.zip
https://drive.google.com/file/d/1CUplbaMHpSV49siLzK3tSN-tmtfYJ2jd/view?usp=sharing
recovery_10.0.37.img.zip
https://drive.google.com/file/d/1z7uG-F7SedzAJwBHn6pY81Nqa44vkUcz/view?usp=sharing
recovery_10.0.36_adb_nosec.img.zip
https://drive.google.com/file/d/1AHy863Z_CFBHfRNSAhYN7E0UFCzU-YHs/view?usp=sharing
recovery_10.0.36.img.zip
https://drive.google.com/file/d/1AIk09glW0ZVLDWastbQVEXGxxJLZ6sqp/view?usp=sharing
recovery_10.0.35_adb_nosec.img.zip
https://drive.google.com/file/d/1UxRvakxsKHZ-pEaZQcGy6YiL_23jLscK/view?usp=sharing
recovery_10.0.35.img.zip
https://drive.google.com/file/d/1Ut-JqzAJKz7jNvb6bp14zO-L0haVjz57/view?usp=sharing
recovery_10.0.34_adb_nosec.img.zip
https://drive.google.com/open?id=16S3eJS3WrKIekJAijFtIgP4a34sMJE78
recovery_10.0.34.img.zip
https://drive.google.com/open?id=1yCvTsT-2NKzToGUn_-1FtiMbNur6Livw
recovery_10.0.31_adb_nosec.img.zip
https://drive.google.com/open?id=1-H92H_TIQUJjQbIElQLsryRq0299lM1k
recovery_10.0.31.img.zip
https://drive.google.com/open?id=1Lp4wuql8j0FwD1I1OPj1r4ebi1Ti3XTg
recovery_10.0.27_adb_nosec.img.zip
https://drive.google.com/open?id=13sp8k6Vk6n6v8SpnjvO9sIFr_5mJ6UYV
recovery_10.0.27.img.zip
https://drive.google.com/open?id=13uRw5yfsBiWJ_nviiXB3Qk3yLl7IPxQG
recovery_10.0.25_adb_nosec.img.zip
https://drive.google.com/open?id=1CapeyuagSK0XxKbI-OuRSXjyKf9ylstV
recovery_10.0.25.img.zip
https://drive.google.com/open?id=1CaNNsZ4q3QVKrzzJ8S7LW5r8TUPuW7OC
recovery_10.0.19_adb_nosec.img.zip
https://drive.google.com/open?id=1-gfQlKcHkIoTzWgHaGenyda6AU614dct
recovery_10.0.19.img.zip
https://drive.google.com/open?id=10Nal33Bw5q_dpBQSbdjKpizGghAV4Wda
Android SDK Platform-Tools
https://developer.android.com/studio/releases/platform-tools
-----------------------------------------------------------------
Special thanks to @aer0zer0 for his input
and to @osm0sis for his: [TOOL] Android Image Kitchen - Unpack/Repack Kernel Ramdisk [Win/Android/Linux/Mac]
https://forum.xda-developers.com/showthread.php?t=2073775
Forgive the noob question but Are we able to use this recovery to flash kernels etc?
lendawg said:
Forgive the noon question but Are we able to use this recovery to flash kernels etc?
Click to expand...
Click to collapse
If you just wanted to flash kernels, if already rooted you could could just use an app like Franco Kernel Manager, etc., to flash kernels. A main purpose of this adb enabled stock recovery is to allow decrypted filesystem access in case you could not successfully boot into OS normally. For example, I know of someone who used it to delete a particular file that was causing boot loop after they rebooted right after installing Viper. When we get a fully functioning TWRP for the 5G McLaren, this recovery will be unnecessary.
Can this be used to update our Android version since unlocking the bootloader has messed up receiving OTAs?
Bildo41383 said:
Can this be used to update our Android version since unlocking the bootloader has messed up receiving OTAs?
Click to expand...
Click to collapse
@ntzrmtthihu777 came up with an OTA fixer, which is currently located at https://forum.xda-developers.com/7t-pro-mclaren/how-to/hd1925-10-0-19-fastboot-rom-ota-fixer-t4040629 . Also, you would want to flash back the stock recovery (i.e, without adb enabled), and fully unroot, etc., before OTA as well. If you still couldn't OTA update at that point, then you'd want to backup important files to external storage and flash our device's latest MSM image.
Does anyone here know a good Post on how to unroot my device so I can go ahead and do the update for my phone?
I have a McLaren 5G T-Mobile. I'm currently on version 0.19 and I just received the OTA this morning to update to version 0.25.
I'm new to all of this rooting world. Any help is appreciated.
Thank you.
lramos_90 said:
Does anyone here know a good Post on how to unroot my device so I can go ahead and do the update for my phone?
I have a McLaren 5G T-Mobile. I'm currently on version 0.19 and I just received the OTA this morning to update to version 0.25.
I'm new to all of this rooting world. Any help is appreciated.
Thank you.
Click to expand...
Click to collapse
You could try the OTA fixer linked in the post above your post, and this restores the reserve.img file in /data/reserve/ . After restoring reserve.img, you could open Magisk Manager and choose full unroot. Then, after rebooting, OTA might be able to install; if not, a surefire option is to flash the latest MSM image. The MSM flash in our device forum should be a last resort, because you would probably want to back up important files to external storage and almost everything is replaced starting from scratch.
jhofseth said:
You could try the OTA fixer linked in the post above your post, and this restores the reserve.img file in /data/reserve/ . After restoring reserve.img, you could open Magisk Manager and choose full unroot. Then, after rebooting, OTA might be able to install; if not, a surefire option is to flash the latest MSM image. The MSM flash in our device forum should be a last resort, because you would probably want to back up important files to external storage and almost everything is replaced starting from scratch.
Click to expand...
Click to collapse
I bricked my phone but I was able to use the MSM tool and fresh install everything. Thank you very much for the recommendation..
Thank you for the update version.
im not getting any updates for my phone I am still stuck on 19 can I use this to update to 31 I am waiting for my unlock code for the bootloader should i wait to root before I update or update first
cgrimm9 said:
im not getting any updates for my phone I am still stuck on 19 can I use this to update to 31 I am waiting for my unlock code for the bootloader should i wait to root before I update or update first
Click to expand...
Click to collapse
No, you'd need to use latest MSM tool if you were stuck on 19, but you may want to backup any important files to external storage first. https://forum.xda-developers.com/7t-pro-mclaren/how-to/op7tpro-tmo-5g-unbrick-tool-to-restore-t4043925
jhofseth said:
No, you'd need to use latest MSM tool if you were stuck on 19, but you may want to backup any important files to external storage first. https://forum.xda-developers.com/7t-pro-mclaren/how-to/op7tpro-tmo-5g-unbrick-tool-to-restore-t4043925
Click to expand...
Click to collapse
I figured it out after messing around. I meant to come back and edit my post. I saw the msm post and thats the only reason I messed around with this phone. I just wish there was a working twrp for this phone so some roms come over. but that may never happen.
seems like the 31 recovery is wrong - cannot install OTA without it = = FIXED!!!! HAD TO APPLY ORIGINAL 2X for some reason" literally used the same download to apply again... I dont get this phone
05-24 21:16:19.553 1349 1349 E update_engine: [0524/211619.553051:ERROR:delta_performer.cc(522)] Unable to open ECC source partition recovery on slot B, file /dev/block/bootdevice/by-name/recovery_b: Invalid argument (22)
05-24 21:16:19.553 1349 1349 E update_engine: [0524/211619.553106:ERROR:delta_performer.cc(1230)] The hash of the source data on disk for this operation doesn't match the expected value. This could mean that the delta update payload was targeted for another version, or that the source partition was modified after it was installed, for example, by mounting a filesystem.
05-24 21:16:19.553 1349 1349 E update_engine: [0524/211619.553148:ERROR:delta_performer.cc(1235)] Expected: sha256|hex = 001B4315FE31C5A4F1C23D1B16A2C64F137950FF2C28CBC7A7 BD85F3FCB6C987
05-24 21:16:19.553 1349 1349 E update_engine: [0524/211619.553187:ERROR:delta_performer.cc(1238)] Calculated: sha256|hex = 9FF662AA7D1616A5CAB2E532839F6D41429D4214CF38012A49 96D6228A806AF7
05-24 21:16:19.553 1349 1349 E update_engine: [0524/211619.553228:ERROR:delta_performer.cc(1249)] Operation source (offset:size) in blocks: 0:1,15252:1
05-24 21:16:19.553 1349 1349 E update_engine: [0524/211619.553274:ERROR:delta_performer.cc(1530)] source_fd != nullptr failed.
05-24 21:16:19.553 1349 1349 E update_engine: [0524/211619.553323:ERROR:delta_performer.cc(305)] Failed to perform BROTLI_BSDIFF operation 848, which is the operation 0 in partition "recovery"
05-24 21:16:19.553 1349 1349 E update_engine: [0524/211619.553367:ERROR:download_action.cc(336)] Error ErrorCode::kDownloadSta
I moved from TMO to Google Fi about a month ago and I haven't had any issues since moving over, other than this weird call terminating thing that I fixed with a new SIM card. However, I would like to get rid of the TMO ROM that is on here. Does anyone have any advice on what to go with? Just stock OxygenOS rom? I found it at the oneplus.in/support/softwareupgrade forums. However, I can't follow the instructions at the bottom because my "System Update" page does not have a settings button in the top right hand corner (I assume bc of TMO build). Also, the build number appears to be different. 10.3.3.HD01AA vs. 10.0.9 that I have seen elsewhere, but similar dates on them.
Do I need to unlock my bootloader and completely flash a new ROM? Sorry for being such a noob about this.
cregets said:
I moved from TMO to Google Fi about a month ago and I haven't had any issues since moving over, other than this weird call terminating thing that I fixed with a new SIM card. However, I would like to get rid of the TMO ROM that is on here. Does anyone have any advice on what to go with? Just stock OxygenOS rom? I found it at the oneplus.in/support/softwareupgrade forums. However, I can't follow the instructions at the bottom because my "System Update" page does not have a settings button in the top right hand corner (I assume bc of TMO build). Also, the build number appears to be different. 10.3.3.HD01AA vs. 10.0.9 that I have seen elsewhere, but similar dates on them.
Do I need to unlock my bootloader and completely flash a new ROM? Sorry for being such a noob about this.
Click to expand...
Click to collapse
If you're on the TMO 5G variant, I would get the bootloader unlocked and then flash AOSiP. You can definitely use stock ROM, but are limited to TMO's update schedule which differs from OnePlus devices sold directly. With a custom ROM, you get flexibility. Just know you won't have a fingerprint scanner for the time being, but the software advantages and flexibility and battery life increase are worth it in my opinion!
10.0.37.HD61CB is out now, anyone know how to download recovery and add adb?
t436h05t said:
10.0.37.HD61CB is out now, anyone know how to download recovery and add adb?
Click to expand...
Click to collapse
37 is now added to the OP
39 is now added to the OP
anyway to remove a magisk module this way - data is empty?
recovery_10.0.37_adb_nosec.img works and askes for decrypt 39 broken
7T Pro McLaren HD1913 Official Build
Hello, can someone please provide the links to the official builds for the 7T Pro McLaren Edition HD1913. I would really appreciate it.
EDIT: FIXED. I flashed persist.img from version "S250260_210804..." (unzip, flash via `fastboot flash persist persist.img`) https://mirrors.lolinet.com/firmware/lenovo/Tab_P11_Pro/TB-J706F/
Hello dear community,
I am in need of some help. So here is what I did:
* Coming from latest Android 11 ROW, flashed ZUI using QFIL from here: https://mirrors.lolinet.com/firmware/lenovo/Tab_P11_Pro/TB-J706F/
* tried upgrading to ZUI 12.5, 12.6 and 13 but didn't work
* used fastboot to unlock and unlock_critical (i know, i know...)
* used payload_dumper (from some github repo) to extract zui 13 update.zip
* flashed every image I extracted manually using fastboot (I know, I'm stupid)
* Got ZUI 12.0 working, didn't like it and wanted ROW android 11 back
* flashed latest ROW rom using QFIL from lolinet url -> bootloop
* flashed oldest ROW rom using QFIL, updated 3x via OTA to latest version -> few bootloops, then device booted back to android 10 and created notification "failed to install ota"
So I can install any version between TB-J706F_S210002_201015_ROW and TB-J706F_S250260_210804_ROW from lolinet url, but nothing above that. Neither through QFIL, nor using lenovo smart rescue assistent, nor using OTA update from android 10 (which is working fine).
I tried following things to fix this:
* ####6030# -> change to CN and change the NV value to 00
* ####6030# -> change to DE and change the NV value to 02 or 00
* flash latest ROW using QFIL, then change NV value from 02 to 00
nothing of that worked and I'm starting to believe, that I ****ed up some partitions using fastboot. Because I flashed images from ZUI android 11 and I can't install ROW android 11 now.
Could I possibly try restoring a TWRP backup from some other user?
What else could I do to install android 11?
PS: I used QFIL backup and restore tool to change the NV value. Because the nv reader/writer tool didn't seem to work.
It might help, if someone would be kind enough to provide me with the following images (by backing them up with twrp):
* abl
* xbl_a
* xbl_b
Hi there, I also got into this trouble that can't flash any global ROM including TB-J706F_S250260_210804_ROW. What I did is change the NV value to 02 and not 00 using QFIL. After that I was able to update via OTA and currently on the latest global ROM.
Thanks to this thread: https://forum.xda-developers.com/t/check-region-unlock-p11-tb-j606f-l-n.4356451/
MateUserHHTTI have similar problem before, can not flash to Android 11, even ROW or ZUI, bootloop~
please check your J706F screen auto rotate and auto brightness(and pair bluetooth devices) still functional?
If not functional, I'm following below post instruction to flash presist.img, and can upgrade to Android 11, both of ROW & ZUI are available.
<TB-J706F> Auto-rotation & Auto Brightness Broken.But Serial Number shows 123456789ABCDEF, wifi /bluetooth MAC shows 00:00:00... still not solve even functional.
auston said:
But Serial Number shows 123456789ABCDEF, wifi /bluetooth MAC shows 00:00:00... still not solve even functional.
Click to expand...
Click to collapse
I may found a fix for Bluetooth MAC by generating a file for the "NV-items_reader_writer.exe" and wrote it to NV item 447 (some one sait this is BT). Problem was that this item (447) was NOT present at this time inn QCN.
WARNING! May my guess of "Items size" 128 is wrong, I don't know. Use at your own risk and change the file to your MAC.
After that I flashed "persist.img" (matching the actual ROM), some one wrote that this fixed the autorotate. I can confirm this.
But still not found solution for serial, the correct serial is still in NV item 2497.
Okay, Serial number restore can be done the same way.
See here https://forum.xda-developers.com/t/tab-j706f-serial-number.4318901/
Best would be to have the full original QCN file (or an editor for this files)
MateUserHHTT said:
* abl
* xbl_a
* xbl_b
Click to expand...
Click to collapse
abl (_a and _b) = abl.elf
xbl (_a and _b) = xbl.elf
You will find both in the ROM Zip's at lolinet.
Mine updates successfully from 10 to 11 after I have restored BT, Wifi, SN, PN and region lock. And flashed persist.img.
Oh, and you have to set region code in QCN NV 6858, somebody found out that Android 11 checks that value. If it is wrong, device boot loops.
auston said:
please check your J706F screen auto rotate and auto brightness(and pair bluetooth devices) still functional?
Click to expand...
Click to collapse
Firstly, let me thank you for your reply! It's interesting, I indeed noticed just a few days ago, that auto rotation isn't working!
I will follow the guide you linked and update my post accordingly.
Edit: THANK you very much indeed! My problem was solved instantly by this!
Flashed persist.img via fastboot, flashed the latest ROM from lolinet using QFIL and had no issues whatsoever.
Oh, and you have to set region code in QCN NV 6858, somebody found out that Android 11 checks that value. If it is wrong, device boot loops.
Click to expand...
Click to collapse
as I said in my post, I did tried both 00 and 02. I read the thread about the second region code checking.
CryptMan said:
Mine updates successfully from 10 to 11 after I have restored BT, Wifi, SN, PN and region lock. And flashed persist.img.
Click to expand...
Click to collapse
I don't have any problem but just in case...
I guess PN is Product Number where did you change it and where do you get the correct value? I only found a code before the SN that looks unique per tablet but it's not in the box.
MrCrayon said:
I guess PN is Product Number where did you change it and where do you get the correct value?
Click to expand...
Click to collapse
Well I changed the PN in NV item 2497
I found this PN number here: https://forum.xda-developers.com/t/tab-j706f-serial-number.4318901/#post-86315607
My other device, P11 (TB-J606F), has this number: 8SSP69A6PB5XHA6213L0864
Because they look pretty same (length, etc.) I decided to try it.
May somebody would confirm if this PN are the same on all device.
Open settings and type in the search bar "####2222#". That will display PN and SN.
One issue persists though, which is that my widewine level is set to L3.
1. I flashed persist.img from TB-J706F_S250260_210804_ROW
2. I then installed the TB-J706F_S620150_211226_ROW via QFIL and
3. updated to TB-J706F_S630185_220128_ROW via OTA in system settings.
My serial number is also 1-9A-F. My device is locked. I'm unlocking my device and flashing the persist.img of the latest ROM. If that doesn't work, what are my options to restore L1?
CryptMan said:
Well I changed the PN in NV item 2497
I found this PN number here: https://forum.xda-developers.com/t/tab-j706f-serial-number.4318901/#post-86315607
My other device, P11 (TB-J606F), has this number: 8SSP69A6PB5XHA6213L0864
Because they look pretty same (length, etc.) I decided to try it.
May somebody would confirm if this PN are the same on all device.
Open settings and type in the search bar "####2222#". That will display PN and SN.
Click to expand...
Click to collapse
Ah ok, so the number before SN is the PN.
I have two J706F and they have different PN, The last 8-9 digits are different and the other ones are the same.
I could not find that code anywhere else.
MateUserHHTT said:
One issue persists though, which is that my widewine level is set to L3.
Click to expand...
Click to collapse
If you check in play store settings does it say your device is certified?
On my J706F, the one on which I have lost QCN with SN MAC etc. , I have the same problem as MateUserHHTT.
The device lost L1 cert. PlayStore says NOT certified and "DRM Info" app says L3.
I also have a property "sys.lenovo.widevine_security_level" with value "L3".
My guess it that there is a file or partition holding this certifications, but I don' t know which.
And of course I don't have a backup ...
If you check in play store settings does it say your device is certified?
Click to expand...
Click to collapse
It says "Device is not certified"
Now that's curious: my tablet, running the latest Android 11 ROW version, is offering me to upgrade my device to Android Kitkat 4.4. Now that's an offer I can't resist (yes, of course I clicked "update". I want all the new features!)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
CryptMan said:
The device lost L1 cert. PlayStore says NOT certified and "DRM Info" app says L3.
I also have a property "sys.lenovo.widevine_security_level" with value "L3".
Click to expand...
Click to collapse
Is your bootloader unlocked or did you unlock it previously and relocked?
MateUserHHTT said:
It says "Device is not certified"
Now that's curious: my tablet, running the latest Android 11 ROW version, is offering me to upgrade my device to Android Kitkat 4.4. Now that's an offer I can't resist (yes, of course I clicked "update". I want all the new features!)
Click to expand...
Click to collapse
Maybe the OTA app is getting some wrong data / not set data and that's the result
I tried to decompile that app to get the address called to download updates but my knowledge of android programming is really basic and did not have enough time.
MrCrayon said:
Is your bootloader unlocked or did you unlock it previously and relocked?
Maybe the OTA app is getting some wrong data / not set data and that's the result
I tried to decompile that app to get the address called to download updates but my knowledge of android programming is really basic and did not have enough time.
Click to expand...
Click to collapse
I previousl, unlocked and afterwards relocked it (both flashing lock and flashing lock_critical)
Yes, I once said "erase all before download" and accidentally deleted my original qcn file so some NV fields seem to be missing. Maybe that caused the app to default back to 4.4 it was Lenovo Feature Updater by the way, not the settings - system - update.
If you share your past work in a git repo I will take a look at it. I'm no expert for sure but I'm developing fir android for some years and have stuck my nose a tiny bit under the surface of android rom development (1mm and it was very painful still).
My widewine lvl is L3. Any chance of resetting to L1 myself? I don't know much about how trust attestation works. :/
MateUserHHTT said:
It was Lenovo Feature Updater by the way, not the settings - system - update.
Click to expand...
Click to collapse
I disabled that as soon as I saw it
MateUserHHTT said:
If you share your past work in a git repo I will take a look at it. I'm no expert for sure but I'm developing fir android for some years and have stuck my nose a tiny bit under the surface of android rom development (1mm and it was very painful still).
Click to expand...
Click to collapse
Not much really, I'm not at my desk now but I extracted LenovoOTA from stock ROM and decompiled it with apktools, but even with online tools is probably ok.
Then I see two options:
Recompile that package changing package name and adding a log with full address and parameters or get the code that construct the URL and put it in a new app.
For you probably the last one is easier.
I went for a third I was trying to understand if i could get the data with adb or in files but I did not find documentation.
MateUserHHTT said:
My widewine lvl is L3. Any chance of resetting to L1 myself? I don't know much about how trust attestation works. :/
Click to expand...
Click to collapse
I don't think there is a way to force it, this widevine a thing is a pain.
MrCrayon said:
Is your bootloader unlocked or did you unlock it previously and relocked?
Click to expand...
Click to collapse
Locked, and was never unlocked before.
I tried to unlock now, but does not succeed with flashing sn.img.
Because I'm not interested on Custum ROM, I will leave it locked.
Do you know where the device certification is stored?
I unlocked without flashing sn.img. Does that make a difference?
Did you try monitoring the network traffic with wireshark?
Background:It all started back in 2019 by @flanker017 who revealed a major bug in Samsung In-House TTS engine Apk which allows a third-party app to call malicious intent to load library as system shared library which can invoke a shell with user system .against which Samsung patched and issued an updated app.
Original CVE: CVE-2019-16253
Original Github Repo of POC: SMT-CVE-2019-16253
Original Write UP: Flanker017 Blog
Present Time in 2023:Another user @K0mraid3 recently in January leveraged a malfunctioned ADB command which allows downgrading any system app to any version as long as Build SDK supports it to reinstall vulnerable version code: 300200002 against which Samsung issued a patch in OneUI 5.1 March Update to mitigate downgrading of system apps by normal users but again it was limited to selected installers which gives error
Failure [-3005: INSTALL_FAILED_ADP_VERSION_LOCKED]
Click to expand...
Click to collapse
So now , this is something that does not exist in AOSP Code , upon further looking into Samsung Internal Sources , I found out that samsung heavily customises different AOSP APIs according to it's own need so such patch was introduced to mitigate moderately the vulnerability not a concrete solution , it still left some place for itself to rollback system app updates or introducing other updates without any future hassles. that's where comes the another backdoor to introduce downgrading of system apps . Samsung has own Package Installer which goes by package id com.sec.android.preloadinstaller , which invokes system updates and another updates internally of Samsung apps . Samsung was careful or lazy enough to whitelist its own package installer for downgrade of system apps either debuggable or not which also comes under bigger purview of Samsung In-House Security Daemon ASKSMANAGER whitelisted app to perform alleviated restriction free packages installations , and thanks to Android PackageManager , it allows providing installer package id for any app installation.
TLDR; we are going to use a secret installer to downgrade our target app to a vulnerable version on Latest ONEUI 5.1 March/ April Update .
adb install -d -i com.sec.android.preloadinstaller vulnerable_com.samsung.SMT.apk
Click to expand...
Click to collapse
or
adb shell pm install -d -i com.sec.android.preloadinstaller vulnerable_com.samsung.SMT.apk
Click to expand...
Click to collapse
Results:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Epilogue:Finally Google stepped in as Knight in shining armour for Samsung and put last nail in the coffin for stopping further fun play with May Android Security Update . Now system apps can no longer be downgraded below factory installed version.
More Details : Google Git ; CVE-2023-21116
adiós, amigo !
BLuFeNiX , See and Update your tool !
Camlin3 said:
BLuFeNiX , See and Update your tool !
Click to expand...
Click to collapse
Already did it...and since you made the post available now. I'll be forking soon and uploading my version of this...ENJOY the Video
Your browser is not able to display this video.
wr3cckl3ss1 said:
Already did it...and since you made the post available now. I'll be forking soon and uploading my version of this...ENJOY the Video
View attachment 5907003
Click to expand...
Click to collapse
Does that mean the watch app should be updated as well?
EDIT: will update it soon...
Camlin3 said:
BLuFeNiX , See and Update your tool !
Click to expand...
Click to collapse
Using "com.sec.android.preloadinstaller" does not work for samsung watches 1 April 2023... results are yielding downgrade failure
Dante63 said:
Using "com.sec.android.preloadinstaller" does not work for samsung watches 1 April 2023... results are yielding downgrade failure
Click to expand...
Click to collapse
What is exact error message with code ?
Are you sure , it's android security update is 1 April 2023 not 1st May 2023 ? Try these installer
Code:
"com.samsung.android.seinstaller"
"PrePackageInstaller"
Camlin3 said:
What is exact error message with code ?
Are you sure , it's android security update is 1 April 2023 not 1st May 2023 ? Try these installer
Code:
"com.samsung.android.seinstaller"
"PrePackageInstaller"
Click to expand...
Click to collapse
Absolutely sure, nothing visible in logs as the app used belongs @BLuFeNiX, mine is a tweaked version to work on the watch, for April patch, the smt and the preloadinstaller both give downgrade failure...
I will try the other two and see...
But it might be the watch gotten its update and patched before the phone ...
Will keep you updated...
Camlin3 said:
What is exact error message with code ?
Are you sure , it's android security update is 1 April 2023 not 1st May 2023 ? Try these installer
Code:
"com.samsung.android.seinstaller"
"PrePackageInstaller"
Click to expand...
Click to collapse
Neither of those work, so I am assuming watch April 2023 security patch has it fixed...
Dante63 said:
Absolutely sure, nothing visible in logs as the app used belongs @BLuFeNiX, mine is a tweaked version to work on the watch, for April patch, the smt and the preloadinstaller both give download failure...
I will try the other two and see...
But it might be the watch gotten its update and patched before the phone ...
Will keep you updated...
View attachment 5910269
Click to expand...
Click to collapse
Dante63 said:
Neither of those work, so I am assuming watch April 2023 security patch has it fixed...
Click to expand...
Click to collapse
What is error code ?
Camlin3 said:
What is error code ?
Click to expand...
Click to collapse
Downgrade failure
Using this exploit, can I get oem unlocking to show on my phone, for some stupid reason Samsung activated Knox Guard on my A53 and they don't even know why,
Dante63 said:
Neither of those work, so I am assuming watch April 2023 security patch has it fixed...
Click to expand...
Click to collapse
Correct. It seems patched.
Your browser is not able to display this video.
GitHub - wr3cckl3ss1/system_shell_2: SMT Shell with a twist! Fully updated and upgraded.
SMT Shell with a twist! Fully updated and upgraded. - GitHub - wr3cckl3ss1/system_shell_2: SMT Shell with a twist! Fully updated and upgraded.
github.com
wr3cckl3ss1 said:
View attachment 5915361
Click to expand...
Click to collapse
Doesn't work on S21+ with April or May update. I just get the "failed" error message.
bkdwt said:
Doesn't work on S21+ with April or May update. I just get the "failed" error message.
Click to expand...
Click to collapse
A bit overkill with posting on two XDA threads and on GitHub. But could you elaborate more on your firmware?
Hi @wr3cckl3ss1, thank you for your work. I got system shell on my S23U S918B on april update.
Do you know what command I can use to enable the second physical sim slot on my device? It's an Australian version with only one physical SIM slot.
Changing CSC and factory reset makes it recognize the second physical SIM until I finish the setup wizard, where it got disabled again. Hence it must be a software thing.
It has 2 distinct IMEIs and supports DSDS with a physical SIM and eSIM.
nguyenlucky said:
Hi @wr3cckl3ss1, thank you for your work. I got system shell on my S23U S918B on april update.
Do you know what command I can use to enable the second physical sim slot on my device? It's an Australian version with only one physical SIM slot.
Changing CSC and factory reset makes it recognize the second physical SIM until I finish the setup wizard, where it got disabled again. Hence it must be a software thing.
It has 2 distinct IMEIs and supports DSDS with a physical SIM and eSIM.
Click to expand...
Click to collapse
To my knowledge there is not a command to do this. But if your saying it happens right after finishing the setup wizard. Don't finish it or at least get close as possible to almost finishing. Get shell or system shell thru PC and disable or uninstall the package for set-up wizard. Reboot and see if you can see the second sim like you want.
wr3cckl3ss1 said:
To my knowledge there is not a command to do this. But if your saying it happens right after finishing the setup wizard. Don't finish it or at least get close as possible to almost finishing. Get shell or system shell thru PC and disable or uninstall the package for set-up wizard. Reboot and see if you can see the second sim like you want.
Click to expand...
Click to collapse
How can I enable adb during the setup wizard?
T
nguyenlucky said:
How can I enable adb during the setup wizard?
Click to expand...
Click to collapse
That's for you to find. I will not disclose that here or in private unfortunately. Info like that would be heaven for thieves. Look around at different sites and in different languages. If i can find it...you could too.