[Q] extracting firmware - Galaxy S I9000 Q&A, Help & Troubleshooting

hello
is there any way to extract the whole firmware from a i9000?
a friend of mine just bought a i9000 from the same carrier that i have.. and i want the original rom. is there any way to get it untouched (vanilla)??

Not really untouched, you'd always need root to grab the firmware, so that's flashing a different kernel or trying other ways to get (temporary) root.
But don't let that stop you, the kernel probably won't be any different than the standard Samsung one, so you can put it back later.

the thing is... i cant find the original kernel around, i have searched all over, and there is no where to be found. so.. if i change the kernel, and take it in for warranty related stuff the carrier people will notice that i have changed it.. and they'll say.. sorry you void the warranty!!
so... is there any way to extract a vanilla rom??

Use check fus downloader. Google it or look around xda. You will be able to get your ROM direct from Samsung.
Sent from my GT-I9000 using Tapatalk

Is it me or are you confusing kernel and ROM ? The kernel is the stuff that makes it boot and talk to the hardware and stuff, like a bios from a pc. The rom is the operating system which does everything else.
Can you post the kernel version ?

EDIT: Since you did not quote I am assuming you are replying to my post. If not please just ignore my bantering.
Bubble-be said:
Is it me or are you confusing kernel and ROM ? The kernel is the stuff that makes it boot and talk to the hardware and stuff, like a bios from a pc. The rom is the operating system which does everything else.
Can you post the kernel version ?
Click to expand...
Click to collapse
It's just you. I know what a kernel is, do you know what a rom is? The kernel is included with the rom. If you get the rom, you have the kernel.
Also, the kernel technically does not make your device boot. It is, however, used during the boot process to perform some hardware initialization (initializing IRQs, setting up the scheduler, starting the dynamic module loader).
It is nothing like a BOIS from a PC. This point is illustrated by the fact that a PC running linux requires both a BIOS and a kernel. They are mutually exclusive. The kernel is a part of the OS, the BIOS is a part of the device.
Like I said, get the ROM and you get the kernel. The kernel is simple to extract, and you also have the added bonus of having the complete, unadulterated rom should you need it in the future.

since i`m new to everything here can you help me with smth that is bothering me
i got a i9000 2 months ago and since then i`ve been messing around with rooting and flashing around without understanding o lot but i've been doing exactly what others say step by step
i like this galnet miui rom (the only one i've tried so far) but i have battery drain issues
can you tell me a good combination of kernel and/or bootloader with this galnet so i would not have a battery drain
now i'm using official 2.3.5 and i have a full day battery usage
but i like some features that galnet has
thanks in advance
xxbeanxx said:
EDIT: Since you did not quote I am assuming you are replying to my post. If not please just ignore my bantering.
It's just you. I know what a kernel is, do you know what a rom is? The kernel is included with the rom. If you get the rom, you have the kernel.
Also, the kernel technically does not make your device boot. It is, however, used during the boot process to perform some hardware initialization (initializing IRQs, setting up the scheduler, starting the dynamic module loader).
It is nothing like a BOIS from a PC. This point is illustrated by the fact that a PC running linux requires both a BIOS and a kernel. They are mutually exclusive. The kernel is a part of the OS, the BIOS is a part of the device.
Like I said, get the ROM and you get the kernel. The kernel is simple to extract, and you also have the added bonus of having the complete, unadulterated rom should you need it in the future.
Click to expand...
Click to collapse

xxbeanxx said:
EDIT: Since you did not quote I am assuming you are replying to my post. If not please just ignore my bantering.
Click to expand...
Click to collapse
I did not quote, but was answering to the OP.
Sorry if that was confusing.
It's just you. I know what a kernel is, do you know what a rom is? The kernel is included with the rom. If you get the rom, you have the kernel.
Click to expand...
Click to collapse
Well yes, but I can't imagine a provider customizing the kernel. They do however customize the rom to include their own bootscreen, apps, theme. My previous phone was that way for example. I looked long and hard for the original firmware. But unless you're with one of the really big providers (Orange or the like), the rom is not available on the interwebs.
Showing up at a provider's service center with a bog standard rom can look suspicious that way.
Also, the kernel technically does not make your device boot. It is, however, used during the boot process to perform some hardware initialization (initializing IRQs, setting up the scheduler, starting the dynamic module loader).
It is nothing like a BOIS from a PC. This point is illustrated by the fact that a PC running linux requires both a BIOS and a kernel. They are mutually exclusive. The kernel is a part of the OS, the BIOS is a part of the device.
Click to expand...
Click to collapse
Thanks for clearing that up. I was aware of most things, but decided to paint a simpler picture for the OP.

enushi2002 said:
...can you tell me a good combination of kernel and/or bootloader with this galnet so i would not have a battery drain
...
Click to expand...
Click to collapse
The bootloader has no affect on your battery life.
Also don't assume the kernel is the biggest contributing factor to your battery drain. It very well may be, but there are a lot of other things that could also cause it. It would be better to try to investigate the cause of your battery drain rather than just switching kernels to try to fix it.
To directly answer your question, no I can't tell you a good kernel to use with MIUI. I am running CM7.1 currently with stock kernel and get decent battery life.
Are you on 3G data often? CM (and thus MIUI) has trouble with 3G, causing bad battery drain (so called RIL bug).
---------- Post added at 09:34 AM ---------- Previous post was at 09:27 AM ----------
Bubble-be said:
...the rom is not available on the interwebs.
Showing up at a provider's service center with a bog standard rom can look suspicious that way.
Click to expand...
Click to collapse
If you can update your phone via KIES you can get your ROM via check fus downloader. The rom you download using this tool will be what KIES uses to update your phone. So it is not "bog standard," it is what your provider puts on your phone, complete with provider customizations. It is impossible for a service center to tell the difference.
I had CyanogenMod on my phone when the touchscreen malfunctioned. I downloaded my provider's latest rom using check fus downloader, flashed it with odin, performed a factory reset, and brought it back and they replaced it no questions asked. As far as they knew I had only ever used the "proper channels" (ie: kies) to update my phone.

xxbeanxx said:
Use check fus downloader. Google it or look around xda. You will be able to get your ROM direct from Samsung.
Sent from my GT-I9000 using Tapatalk
Click to expand...
Click to collapse
Hi, thanks, but it did not found it..
in the result box says
Product Code: GT-I9000HKTVMT
no firmware info retrieved for given data
the firmware info would be:
Product code: GT-I9000HKTVMT
PDA: I9000TUBJPA
CSC: I9000TVMTJP6
Phone: I9000TUBJPA
Is a froyo 2.2.1 for a galaxy I9000T from movistar venezuela
I guess i'll keep looking for it

francescopp said:
I guess i'll keep looking for it
Click to expand...
Click to collapse
Wow that's strange. Well anyway, you could try this..it won't work without root but if you don't mind rooting first you can do this to get your kernel, then unroot.
Code:
adb shell su -c "dd if=/dev/block/bml7 of=/sdcard/zImage bs=4096"
If you want to backup your entire rom:
Code:
adb shell su -c "dd if=/dev/block/bml1 of=/sdcard/boot.bin bs=4096"
adb shell su -c "dd if=/dev/block/bml2 of=/sdcard/pit.pit bs=4096"
adb shell su -c "dd if=/dev/block/stl3 of=/sdcard/efs.rfs bs=4096"
adb shell su -c "dd if=/dev/block/bml4 of=/sdcard/Sbl.bin bs=4096"
adb shell su -c "dd if=/dev/block/stl6 of=/sdcard/param.lfs bs=4096"
adb shell su -c "dd if=/dev/block/bml7 of=/sdcard/zImage bs=4096"
adb shell su -c "dd if=/dev/block/stl9 of=/sdcard/factoryfs.rfs bs=4096"
adb shell su -c "dd if=/dev/block/stl10 of=/sdcard/dbdata.rfs bs=4096"
adb shell su -c "dd if=/dev/block/stl11 of=/sdcard/cache.rfs bs=4096"
adb shell su -c "dd if=/dev/block/bml12 of=/sdcard/modem.bin bs=4096"
To verify the dumps you can mount them in linux or use MagicISO in windows (the .rfs ones at least).
You can then turn these files into a full fledged rom with a bit of tinkering. This might be your only option.

Related

adp1 seems unrooted after update to crb43

Hello All and thank you for the amazing work going on.
This question might have been answered, but I didn't found it.
I bought the dev phone at google and updated it to cupcake following this which is solely intended for adp1 :
http://www.htc.com/www/support/android/adp.html
Here are the versions installed :
Baseband : 62.50S.20.17H_2.22.19.26I
Kernel : 2.6.27-00393-g6607056 [email protected] #1
Build : dream_devphone-userdebug 1.5 CRB43 148830 test-keys
from my computer, when getting the prompt after the command "adb shell", I can type su and I don't get any error message ; it seems I can root to it.
But on the other hand, from the app Terminal Emulator on the phone, when typing su I get the error message "su: uid 10046 not allowed to su"
Do you know what's wrong if any, and if I am really root ?
And if not, how to get to it?
Thank you
guyiom
did u use the tmobile cupcake us release? if you did, that rom is not rooted and you should use a rooted cupcake rom like CyanogenMod or JF. I suggest CyanogenMod
Use adb and input the following
adb remount
adb shell
mount -o remount,rw /dev/block/mtdblock3 /system
cat /system/bin/sh > /system/bin/su
chmod 4755 /system/bin/su
You're welcome
in fact as I posted, I said it seems to be rooted from adb but not from device itself. the update I used was provided by HTC only for the dev phone (it is explicitely said not for tmo g1)
anyway what dif between JF and Cyanogen ?
I already donloaded JF 1.51 one. How to apply it (or cyanogen) then ?
Thank you for the quick reply
guyiom
DOHCtor you ROCKS !!!
you just forgot to mention after the adb shell to go to root by su
then all commands went fine
as I like to understand, do you know the reason I had these symptoms ( root in adb but not on device) ?
again thank you very much.
as of ever, nux communities are reliable
guyiom
guyiom said:
DOHCtor you ROCKS !!!
you just forgot to mention after the adb shell to go to root by su
then all commands went fine
as I like to understand, do you know the reason I had these symptoms ( root in adb but not on device) ?
again thank you very much.
as of ever, nux communities are reliable
guyiom
Click to expand...
Click to collapse
They were trying to patch a hole without covering it up completely for the dev phones. Just a security thing I'm guessing.
but the update was for rooted pĥones, so that's weird from htc.
anyway thank you again, from now I will document myself to get JF or Cyanogen.
From your signature you seems to have both, one for recovery, one for running. Can you tell me the differences between them ?
thank you
guyiom
Cyanogen's Recovery Image is amazing and will make your life a lot easier. I suggest using that instead of the JF recovery image. As for the ROM it self. i also suggest cyanogenMOD since its the fastest and probably the most stable in my eyes.
Hi and thank you for the reply,
So are you suggesting me to download this file : http://code.google.com/p/android-roms/downloads/list/cyanogen_JFv1.51_CM3-ADP.zip and rename it to update.zip to go to the process with Power + Home buttons ?
Thank you
guyiom

[HACK] Busybox for HTC Tattoo - CoburnBrew Flavor! :D

This little gem of a phone is a tough little thing to custom install apps on, but that didn't stop the Coburn from being able to get busybox installed.
Therefore, introducing Busybox for your HTC Click/Tattoo!
FOLLOW THIS TUTORIAL CAREFULLY. This guide may brick or NOT brick your Tattoo (most likely the latter), however I cannot assure you that it's 100% fail proof. I have installed it successfully. IN OTHER WORDS: THIS IS NOT FOR THE FAINT HEARTED! IF YOU DO NOT KNOW WHAT 'FLASH','ADB' OR 'HACK' MEANS, PLEASE DO NOT CONTINUE.
Requirements:
1 HTC Tattoo (The Victim)
1 MS Windows Powered Computer (I used Win7 64Bit)
1 HTC Tattoo -> USB Cable (Included with phone... Well, it was in the box).
Download the package attached to this post. Extract all files to a directory like C:\BUSYCLICK . (Actually, please extract them there).
Installation
Connect your Tattoo to your phone, make sure USB Debugging is enabled (Settings -> Applications -> Development) and sit back. Windows should say "New Hardware! OMG!" and ask "What is this piece of tech?" (aka New Hardware Install Wizard). On XP, allow to search Windows Update. On Vista/7, I'm going to have to get back to you on that. The installed driver will be like "HTC Dream blah blah blah ADB Interface" or something. Odd why it says it's a HTC Dream...
Anyway, go to the folder where you extracted the files, and run the Installation.bat file. It's the one that says "Installation" With the cogs icon.
You'll get a DOS Prompt and some text, PAY ATTENTION! My installer will hold your hand and explain what's happening. Should any errors occur, you may be out of space on your Tattoo's internal memory or something. If you do get errors, please post them here! I'll try to fix them for you guys and girls.
Post-install tasks
When complete, run the TestBusybox.bat script in the same folder where you extracted the BusyBox files, and you should get some output. If not, busybox failed to install... Let me know what the error is and I'll try to fix it.
Notes:
You can use the busybox commands in /data/local/bin from "adb shell" or a terminal emulator on the phone itself... /data/local/bin/sh DOES NOT work from adb shell, I don't know why. It will work using a terminal emulator. Try "/data/local/bin/free" and such for some memory read outs, etc, etc.
Feel free to love/like/hate/kill/shoot my work, you can expect to see ROMs and the like in the near future as I love hacking devices.
Cheers,
Coburn64
Ok busybox installed normally...
Do i have root acces with busybox now? I dont see su...
C:\Busybox>adb shell /data/local/busybox ls /data
ls: can't open '/data': Permission denied
I do see /data/local and under tho... including ../bin and ../rights but dont see any use of it...
Coburn Hi, this is a step closer to being root
can be root in busybox?
chmod command does?
thx
Code:
benno.id.au/blog/2007/11/14/android-busybox
chmod command is useless without su...If only su worked
Installed and worked fine, can run busybox but:
it runs with shell privileges
setting setuid bit doesn't solve, because I can chown to root
Do I miss something?
Thanks Really appreciate your work!
Do you have to install the new RUU Click HTC WWE 1.63.405.1 WWE test signed NoDriver first?
coolbits said:
Code:
benno.id.au/blog/2007/11/14/android-busybox
chmod command is useless without su...If only su worked
Click to expand...
Click to collapse
I know friend!
I asked the chmod without adb, or if they could use the chmod as root from the busibox console
leon1984 said:
I know friend!
I asked the chmod without adb, or if they could use the chmod as root from the busibox console
Click to expand...
Click to collapse
All this does is allows you to run more commands from the shell in Android, whereas the standard shell doesn't have many commands built-in. Could be used in conjuction with a root hack.
One step more, but nothing to do with root
I'm starting to believe that Click will never have a root method working because its underused compared with other android devices
MiSSigNNo said:
One step more, but nothing to do with root
I'm starting to believe that Click will never have a root method working because its underused compared with other android devices
Click to expand...
Click to collapse
The next Linux kernel root vulnerability (which works on the Tattoo) should bring us root, as well as other Android devices such as the Eris.
coolbho3000 said:
The next Linux kernel root vulnerability (which works on the Tattoo) should bring us root, as well as other Android devices such as the Eris.
Click to expand...
Click to collapse
What's the new root vulnerability? Is it something that was just discovered?
coolbho3000 said:
The next Linux kernel root vulnerability (which works on the Tattoo) should bring us root, as well as other Android devices such as the Eris.
Click to expand...
Click to collapse
Ok, where to find more info about this? :S
coolbho3000 said:
The next Linux kernel root vulnerability (which works on the Tattoo) should bring us root, as well as other Android devices such as the Eris.
Click to expand...
Click to collapse
I was able to install Busybox on my phone successfully. But the problem is I don't know what it's for. Would anyone be kind enough to post a link or a tutorial for this? Thanks.
sheik_yerbouti said:
I was able to install Busybox on my phone successfully. But the problem is I don't know what it's for. Would anyone be kind enough to post a link or a tutorial for this? Thanks.
Click to expand...
Click to collapse
Busybox just allows you to use more features at the adb shell command line. So, yeah. Heh.
You lost me at 'adb shell command line'. Is that some command line provided by the Android SDK?
sheik_yerbouti said:
You lost me at 'adb shell command line'. Is that some command line provided by the Android SDK?
Click to expand...
Click to collapse
Sorry if I lost you. Let me sum it up: It's a 'feature pack' for Android Developers, which could be used in conjunction with rooting tools.
Coburn64 said:
What's the new root vulnerability? Is it something that was just discovered?
Click to expand...
Click to collapse
zenthought.org/content/file/android-root-2009-08-16-source
This is linked in the other thread...
ivendor said:
zenthought.org/content/file/android-root-2009-08-16-source
This is linked in the other thread...
Click to expand...
Click to collapse
That code is old, and apparently won't work. It won't compile either, Paul from Modaco tried it and it just spat the dummy and gave a make error.
Coburn64 said:
That code is old, and apparently won't work. It won't compile either, Paul from Modaco tried it and it just spat the dummy and gave a make error.
Click to expand...
Click to collapse
That's the code for the old asroot exploit (used in the Hero IIRC). It's been patched in August/09 so it won't affect the kernel in stock Tattoos.
Yeah, that's what I was getting at - the exploit is too old.
We need to either:
1) Get a S-OFF bootloader
2) Find another working root exploit
3) Dig around in the test ROM and extract the SU binary out of that sucker and put it in /data/local on the working ROM.
I think I can do the latter.

[HowTo] ClockWorkMod Recovery

Thanks to Trekfan422991 for cluing me in on the Optimus 3D recovery.
Working:
Nandroid
ADB (after special driver install, need to tweak recovery for it to work with normal drivers)
Mounting USB to computer
Flashing zip files
Dangerous:
Fix Permissions (caused lots of crazy issues, fix by wiping data if you use it)
Sdparted (the sdcards are mount incorrectly, this will probably destroy your device)
I am in the process of making a recovery specifically for our device, it is mostly done and will be posted here when it is ready!
What you are going to need:
ADB (and know how to use it, don't ask in here)
Rooted Phone (again, that will not be covered, don't ask in here)
Optimus 3D recovery image [Download]
If you don't understand something in that list, DO A SEARCH AND LEARN, don't clutter the thread with crap!
Lets get started!
Lets start by getting the recovery.img file on the phone. Open up a cmd prompt and type:
Code:
adb push recovery.img /data
The rest of this will be done on the phone shell. In the cmd prompt type:
Code:
adb shell
We will need to have su access, In the cmd prompt type:
(If you haven't allowed shell su in SuperUser now would be a good time to accept the root request on the phone.)
Code:
su
Now we are going to backup your current recovery to your sdcard. In the cmd prompt type:
(make sure your sdcard is not mounted to your computer)
Code:
dd if=/dev/block/mmcblk0p6 of=/sdcard/mmcblk0p6.backup bs=4096
After that is done we are going to flash ClockWorkMod Recovery! In the cmd prompt type:
Code:
dd if=/data/recovery.img of=/dev/block/mmcblk0p6 bs=4096
Congrats! You now have ClockWorkMod Recovery! In the cmd prompt type:
(each line is single command)
Code:
rm /data/recovery.img
reboot
How to enable ADB access: (only if it's not working already)
Download and install: (unzip and install the 2 exe files)
http://www.mediafire.com/?j5m1plnvzb8r0zc
While booted into ClockWorkMod Recovery, go into your device manager, you should see an "LGE Android Composite Device" with a yellow triangle on it.
right click on it, update driver software...
select browse my computer for driver software
select let me pick from a list of device drivers on my computer
click the "Have Disk" button
click the "browse" button
browse to;
for 64bit:
C:\Program Files (x86)\LG Electronics\LG Android Driver\64BitADB
for 32bit:
C:\Program Files\LG Electronics\LG Android Driver
and select lgandadb.inf
click "ok"
From that list select "Android Sooner Single ADB Interface"
click "next"
click "yes" on the popup
Click to expand...
Click to collapse
Awesome Great Work. Did you figure out the Bootloader? Or is there even one should more be the question I suppose. Good thing I am having issues with permissions with this didn't notice the SD Card Mounting issue till just now. That I can't deal with atm.
malickie said:
Awesome Great Work. Did you figure out the Bootloader? Or is there even one should more be the question I suppose.
Click to expand...
Click to collapse
I found a few modes, but no drivers yet so I don't know what they are. Even if we break stuff the kernel and recovery are separate, so technically we should always be albe to get back into recovery to fix stuff.
thankyou DG for getting this started..
so now with my clockworkmod i just made a backup of stock rom... if i say change the framework and I get boot loop.. will this clockwork mod be able to restore the original rom without any problems???
tiny problem... might just be missing something... but after i made my backup and i choose reboot system now... it just goes back to recovery... how do i boot up my phone!!!
sorry if it is obvious... im super tired...
Trekfan422991 said:
tiny problem... might just be missing something... but after i made my backup and i choose reboot system now... it just goes back to recovery... how do i boot up my phone!!!
sorry if it is obvious... im super tired...
Click to expand...
Click to collapse
I got mixed up as to what partition to flash, you just flashed a recovery image over the kernel... its ok tho.
follow my instructions to the su part, then do this.
// this will restore the kernel
dd if=/sdcard/mmcblk0p5.backup of=/dev/block/mmcblk0p5 bs=4096
// this will backup recovery
dd if=/dev/block/mmcblk0p6 of=/sdcard/mmcblk0p6.backup bs=4096
// this will flash cwm
dd if=/data/recovery.img of=/dev/block/mmcblk0p6 bs=4096
OP is fixed!
edit--
and you have no adb access, this is going to get interesting!
haha... i shoulda noticed
____
LET THIS BE A LESSON FOR ALL OF YOU!!!!
THIS IS WHY YOU ALWAYS ALWAYS MAKE BACKUPS!!!!!!
NEVER SKIP THE BACKUP STEP!!!! haha
Trekfan422991 said:
LET THIS BE A LESSON FOR ALL OF YOU!!!!
THIS IS WHY YOU ALWAYS ALWAYS MAKE BACKUPS!!!!!!
NEVER SKIP THE BACKUP STEP!!!! haha
Click to expand...
Click to collapse
LOL! For sure that is why I always say, " Save early, save often, save to multiple locations!" haha.
47r0n1n said:
LOL! For sure that is why I always say, " Save early, save often, save to multiple locations!" haha.
Click to expand...
Click to collapse
sorry just side note:
how you liking your thrill compared to the evo 3d???
designgears said:
What you are going to need:
ADB (and know how to use it, don't ask in here)
Rooted Phone (again, that will not be covered, don't ask in here)
Optimus 3D recovery image [Download]
Click to expand...
Click to collapse
Thanks so much to DG & Trekfan, I've been looking everywhere for CWM!
I cannot find the download link to the recovery - in the quote above from the OP, where it says download, is that supposed to be a download link? I don't know if there's a typo or if I'm just missing something, but the "download" word doesn't link to anything for me. Instead, I thought I'd try searching for it in the optimus 3d forums, but search is down too Does anyone have a link?
Komodo Rogue said:
Thanks so much to DG & Trekfan, I've been looking everywhere for CWM!
I cannot find the download link to the recovery - in the quote above from the OP, where it says download, is that supposed to be a download link? I don't know if there's a typo or if I'm just missing something, but the "download" word doesn't link to anything for me. Instead, I thought I'd try searching for it in the optimus 3d forums, but search is down too Does anyone have a link?
Click to expand...
Click to collapse
I took it down for now, working on some issues.
Woohoo, got Trekfan422991 all fixed!
its true... i tested out my framework mod and it works great!!! look sway better then stock!!!
designgears said:
I took it down for now, working on some issues.
Click to expand...
Click to collapse
Ah, gotcha. I thought I was going crazy Thanks!
Let's rom this baby dg . I assume you also bought this with plans to possibly exchange it when the AT&T Galaxy S II comes out? I'm very impressed by the performance and build quality so far. The main thing it needs is a better theme... yikes!
designgears said:
Dangerous:
Fix Permissions (caused lots of crazy issues, fix by wiping data if you use it)
Sdparted (the sdcards are mount incorrectly, this will probably destroy your device)
Click to expand...
Click to collapse
After CWM is installed and working on our device, would it be safe to fix permission in "ROM Manager," or does that just fix permissions through whichever recovery is currently installed?
I'm guessing someone here knows how ROM manager works in this regard, but if not, I'd be happy to be a guinea pig... after all, I can make/restore backups now! : )
gtg465x said:
Let's rom this baby dg . I assume you also bought this with plans to possibly exchange it when the AT&T Galaxy S II comes out? I'm very impressed by the performance and build quality so far. The main thing it needs is a better theme... yikes!
Click to expand...
Click to collapse
Sorry for being OT but I must agree: if designgears made a Thrill ROM that's Cognition-esque then I'd consider keeping my Thrill, but considering he already has a ROM for the GSII, I imagine he's going to get the AT&T Galaxy S II? Side note, you know you've really earned some serious nerd-cred when other nerds (who you don't even know) speculate what your next cell is going to be
Komodo Rogue said:
Sorry for being OT but I must agree: if designgears made a Thrill ROM that's Cognition-esque then I'd consider keeping my Thrill, but considering he already has a ROM for the GSII, I imagine he's going to get the AT&T Galaxy S II? Side note, you know you've really earned some serious nerd-cred when other nerds (who you don't even know) speculate what your next cell is going to be
Click to expand...
Click to collapse
Not waiting on dg here. Think you missed the "let's" part. Working on a Thrill ROM as we speak. Just got the Thrill about an hour ago and I already dumped the system image, de-odexed it, created an updater-script, added root and busybox, removed bloat, and updated a few apps. Time to start theming, modding framework, and tweaking.
Im also working on a ROM but if we cannot flash zips with CWM then how am I supposed to flash the ROM? Are you going to flash it with Heimdall or something?
gtg465x said:
Not waiting on dg here. Think you missed the "let's" part. Working on a Thrill ROM as we speak. Just got the Thrill about an hour ago and I already dumped the system image, de-odexed it, created an updater-script, added root and busybox, removed bloat, and updated a few apps. Time to start theming, modding framework, and tweaking.
Click to expand...
Click to collapse
Oh, good to hear! Man I really have to sit down and try to learn some more technical stuff sometime, because ROM creation, and not even just the theming aspects, is so appealing to me.
Maybe you can create a thread placeholder and describe what you've done so far? We're really getting OT, sorry all.
timbrendelaz said:
Im also working on a ROM but if we cannot flash zips with CWM then how am I supposed to flash the ROM? Are you going to flash it with Heimdall or something?
Click to expand...
Click to collapse
Oh, I thought you could flash zips through adb after doing the fix? Or no? (((edit: wait, no, I was thinking about pushing .apks through ADB, not flashing .zip files))) Hopefully this is something DG's new recovery might address. If no to both, could you distribute ROMs via nandroid backup files of a fresh ROM installation? It would be incredibly inefficient, but it would work, right?

[DEV][TOOL] Generic SBK dumper [Source included]

Generic Nvidia Tegra Secure Boot Key Dumper, v0.4
**************************************
YOU MUST GET ROOT BEFORE PROCESSING!!!
This is a temp memory only fix, after you reboot your phone, everything will restore to it's original status. So it WILL NOT brick your phone at all!
**************************************
I am not sure it work for your devices or not, because I only get a SU660 device!
So , you must knew that P880 use a Secure Boot Key to encrypt its nflash communication, if you don't know the SBK, you can't use nvflash backup/restore your partitions.
I found that in the linux kernel, there is some protection that block the user try to read out SBK when the phone in "odm_production" status. So I designed a little software try to patch the phone RAM to bypass the protection.
This is a kernel patcher which will remove the protection when trying to read /sys/firmware/fuse/secure_boot_key
The dumper will patch the kernel in memory, and let you show the secure_boot_key.
Hope it work for all tegra devices.
Usage:
1. adb push dumpSBK /data/local/
2. adb shell
su
chmod 0777 /data/local/dumpSBK
/data/local/dumpSBK
After that, you can
4. cat /sys/firmware/fuse/secure_boot_key
dumpSBK will search the first 1MB physical address(which kernel will be there), and try to patch it.
Usage: dumpSBK [star_mem_addr in KB]
for example: dumpSBK 32
which will search the 32KB~1MB physical memory.
2012/12/31:
re-compile it with -static switch, so it can run on all android platform.
update instructions.
2013/01/01:
modify the program, and let you select which memory range to patch.
usage: dumpSBK [start_memory_addr] [end_memory_addr]
for example: dumpSBK 1 1024
which will search 1MB ~ 1024MB memory and try to patch the kernel.
2013/01/01:
v0.3 add more error detection in the file.
2013/01/06:
v0.4 wil search the first 1MB physical memory, you can specify the start_address , for example dumpSBK 32
and update the search pattern , it will fit for more compiler options.
2013/01/07:
Secure_Boot_Key Dumper for tegra2/tegra3 v0.1
1. adb push ss.ko /sdcard/
2. adb shell
su
cd /sdcard/
insmod ss.ko
dmesg
3. at the end of dmesg, you should see the secure_boot_key.....
2013/01/08:
v0.2 dump all known fuses.....
If you get a error:
Kernel patching failed! Abort....
that means your device kernel has a differnt tegra source code, or compiled with a different compiler........
Please let me know which kernel source code and compiler / compile switch it used.
marsgod said:
If you get a error:
Kernel patching failed! Abort....
that means your device kernel has a differnt tegra source code, or compiled with a different compiler........
Please let me know which kernel source code and compiler / compile switch it used.
Click to expand...
Click to collapse
will it hard brick the phone???
razerblade17 said:
will it hard brick the phone???
Click to expand...
Click to collapse
Do you want to try and find out? I certainly don't.
I like my phone and don't want to end up with an expensive paperweight instead :banghead:
SimonTS said:
Do you want to try and find out? I certainly don't.
I like my phone and don't want to end up with an expensive paperweight instead :banghead:
Click to expand...
Click to collapse
i'd have tried if i didnt sell mine
plus this wont brick the device
nothing can since bootloader's lock so u practically cant mess up anything that matters for booting up
The Troll said:
i'd have tried if i didnt sell mine
plus this wont brick the device
nothing can since bootloader's lock so u practically cant mess up anything that matters for booting up
Click to expand...
Click to collapse
Yep, i think Troll isn't trolling us i would try it out ,but i'm waitin' for my LG, factory reset via recovery bricked it.
This is a temp memory only fix, after you reboot your phone, everything will restore to it's original status. So it WILL NOT brick your phone at all!
The patcher will patch a single byte in your phone RAM, it will not modify any bit in your NAND Flash.
C:\adb>adb shell chmod 0777 /data/local/dumpSBK
Unable to chmod /data/local/dumpSBK: Operation not permitted
I got this
Here is a log of what happened, after I ran the program on my 4X with 10H F/W:
[email protected]:/data/local # /data/local/dumpSBK
/data/local/dumpSBK
[1] + Stopped (signal) /data/local/dumpSBK
[email protected]:/data/local # cat /sys/firmware/fuse/secure_boot_key
cat /sys/firmware/fuse/secure_boot_key
[1] + Segmentation fault /data/local/dumpSBK
Click to expand...
Click to collapse
^ You guys have rooted phone and debugging turned on? maybe that's why these errors.
phone rooted, recheked with root checker.
I have debuging mode one.
But i cant push files to /data/local/
C:\o4xr>adb push dumpSBK /data/local/
push: dumpSBK/Readme.txt -> /data/local/Readme.txt
failed to copy 'dumpSBK/Readme.txt' to '/data/local/Readme.txt': Permission deni
ed
Click to expand...
Click to collapse
So i put those files there with es file explorer and try to run second comand:
C:\o4xr>adb shell chmod 0777 /data/local/dumpSBK
Unable to chmod /data/local/dumpSBK: Operation not permitted
Click to expand...
Click to collapse
Who can explain why?
s7ar73r said:
phone rooted, recheked with root checker.
I have debuging mode one.
But i cant push files to /data/local/
So i put those files there with es file explorer and try to run second comand:
Who can explain why?
Click to expand...
Click to collapse
uhmm
as i seem to recall, the hello world rooting method *only known method* turns on access to that location..
thats where superuser and binaries are added
so if im correct u'd be able to push it if u follow the rooting method and adding the commands to the root.bat *or whatever its name it* that we run in pc by using notepad or anything..
so it should reroot and push ur desired file as well
*again, dun remember, been months but im sure hello world/backuptest thingy will be useful*
k1337Ultra said:
Here is a log of what happened, after I ran the program on my 4X with 10H F/W:
Click to expand...
Click to collapse
I get the this,too.
the v1 patch did not completely work.
The Troll said:
uhmm
as i seem to recall, the hello world rooting method *only known method* turns on access to that location..
thats where superuser and binaries are added
so if im correct u'd be able to push it if u follow the rooting method and adding the commands to the root.bat *or whatever its name it* that we run in pc by using notepad or anything..
so it should reroot and push ur desired file as well
*again, dun remember, been months but im sure hello world/backuptest thingy will be useful*
Click to expand...
Click to collapse
Its not the only known method... but now I don't have time, even to think... I just woke up and came to the computer.
You need to think widder
Gonna back to sleep :angel:
k1337Ultra said:
Here is a log of what happened, after I ran the program on my 4X with 10H F/W:
Click to expand...
Click to collapse
En.... I think it is due to I compiled the dumpSBK with 4.1.2 android, so it will not work on a ICS rom... I will check it later...
s7ar73r said:
C:\adb>adb shell chmod 0777 /data/local/dumpSBK
Unable to chmod /data/local/dumpSBK: Operation not permitted
I got this
Click to expand...
Click to collapse
You MUST root your device.
then type
adb root
to get the adb rooted work.
Of couse, you must have your device USB debug ON.
please do all the steps the right way , starting with the OP instruction you the right way.
OP is assuming we got a "unsecure" booted device, which we have not exactly due to the locked bootloader.
so its pointless to write "root" instruction froms adb when the device is in secure mode. OP is now told and should update the instructions, thank you.
ignore all the "adb shell" instruction and log into the device with "adb shell" once only.
in that shell which is opened execute the "su", so you get a root # prompt.
then run instructions given and skip all "adb shell" infront.
thats it, good luck.
edit:
adb remount,adb root and running root commands only work on unsecure devices , we got ro.secure=1 here and adb not allowed to run root commands
i think it's better toroot Your 4X with Dexter http://forum.xda-developers.com/showpost.php?p=30574547&postcount=85 because it doesn't have any issues, for me with 1st root method for example titanium backup wasn't working.
@marsgod, yep - we don't have 4.1.2 but 4.0.3, but u can leave this version because we'll get 4.1.2 in january
k1337Ultra said:
Here is a log of what happened, after I ran the program on my 4X with 10H F/W:
Click to expand...
Click to collapse
[email protected]:/data/local # /data/local/dumpSBK
/data/local/dumpSBK
[1] + Stopped (signal) /data/local/dumpSBK
[email protected]:/data/local # cat /sys/firmware/fuse/secure_boot_key
cat /sys/firmware/fuse/secure_boot_key
[1] + Segmentation fault /data/local/dumpSBK
i have same result . segmentation fault
whats wrong?
bullghost said:
[email protected]:/data/local # /data/local/dumpSBK
/data/local/dumpSBK
[1] + Stopped (signal) /data/local/dumpSBK
[email protected]:/data/local # cat /sys/firmware/fuse/secure_boot_key
cat /sys/firmware/fuse/secure_boot_key
[1] + Segmentation fault /data/local/dumpSBK
i have same result . segmentation fault
whats wrong?
Click to expand...
Click to collapse
after adb shell type su, u should have [email protected], not [email protected]
@edit so... anyone tested it in right way?

X98 Air III M5C5 with clean stock ROM?

I'm confused. I bought an M5C5 from Gearbest EU warehouse, which arrived today and it's sitting charging quite happily.
I was expecting to have to flash a custom ROM or manually debloat the thing. However out of the box it has a completely blank AOSP type build on it, just with the Google Play Store added.
Android 5.0, build number is V1.00_20151204, kernel version 3.10.2 (December 7th 2015 10:50:43 CST).
I see a couple of other reports of this around other forums. Does anyone know what's going on? More to the point, before I decide whether to flash a custom or not - is there any way of safely dumping this for others more knowledgeable than me to play about with?
I foolishly flashed a custom over the top of this. Other than being rooted, there's no benefit - in fact the stock is better and faster than the customs I've tried (pure Android launcher, no fluff with "reboot to Windows" or phone junk compiled in).
If you have this build, stick with it!
I read about this new stock version on my country's forums. Unfortunately nobody has dumped yet this version because I'm very interested.
Durete said:
I read about this new stock version on my country's forums. Unfortunately nobody has dumped yet this version because I'm very interested.
Click to expand...
Click to collapse
Yeah, I'm an idiot for not doing it. It looks easy to.
I'm pretty happy with sikke1's "Debloated" stock rom. You should try it. I don't like neither customized roms based in stock roms for different devices.
I'm using Mireks now. If someone dumps the build that seems to be showing up on new Air IIIs then I'm going straight back to that, it was perfect!
hordarian said:
I'm using Mireks now. If someone dumps the build that seems to be showing up on new Air IIIs then I'm going straight back to that, it was perfect!
Click to expand...
Click to collapse
I received my M5C5 with clean stock rom yesterday (also from Gearbest Europe store)
1.) I can try to backup this ROM, if you like, but you have to tell me how....
2.) My plan was to flash to mirek V7, but if I understand you correctly, it's better to stay on stock, right?
PS: In fact, the ROM looks ok, the only thing I'm really missing is root!
Till now I can't find a working instruction how to root this stock ROM....
heino69 said:
I received my M5C5 with clean stock rom yesterday (also from Gearbest Europe store)
1.) I can try to backup this ROM, if you like, but you have to tell me how....
2.) My plan was to flash to mirek V7, but if I understand you correctly, it's better to stay on stock, right?
PS: In fact, the ROM looks ok, the only thing I'm really missing is root!
Till now I can't find a working instruction how to root this stock ROM....
Click to expand...
Click to collapse
(1) It looks like there are a few people that would like the backup
Having not done a partition backup before some digging suggests it requires root or booting from a custom recovery.
This should allow you to root it: http://forum.xda-developers.com/android/development/intel-android-devices-root-temp-cwm-t2975096, it might allow a full backup to SD card as well.
(2) I'm always grateful to all of the ROM developers, but it seems in this case (maybe the first time ever!) the stock ROM is absolutely perfect stock Android! It is a better base for anyone to build a custom ROM from than any of the previous ones!
hordarian said:
This should allow you to root it: http://forum.xda-developers.com/android/development/intel-android-devices-root-temp-cwm-t2975096, it might allow a full backup to SD card as well.
Click to expand...
Click to collapse
I know this thread about rooting, but currently I'm waiting for feedback in another (German) forum about this rooting method, which maybe can brick the Air III...
I used that method to Root my Air III with Sikke1's "Debloated" Rom and to install Xposed.
I guess is pretty sure to use since the Root zip only add Supersu and binaries to /System.
I received my Air III M5C5 from Gearbest three weeks ago, but unfortunately it had the previous bloated Chinese ROM. Although I am very satisfied with Mirek v7, I will be very happy to test this one, if you are able to get it.
Durete said:
I used that method to Root my Air III with Sikke1's "Debloated" Rom and to install Xposed.
I guess is pretty sure to use since the Root zip only add Supersu and binaries to /System.
Click to expand...
Click to collapse
Right, the one who posted the problem stated that he followed the proposed steps (option 5 - CWM, and T4) but after installing the SU.zip the reboot failed....
I'm not sure if he did something wrong, I just want to be sure not to brick my Air III
If i succeed, what tool to use to make a full backup? Titanium backup pro?
---------- Post added at 02:12 PM ---------- Previous post was at 01:30 PM ----------
OK, I successfully rooted my device
If anyone is really interested to have the clean stock ROM, please help me how to make this backup...
I'm really interested, but not sure what should be the next step ...
This looks like a sensible guide: http://androidcreations.weebly.com/how-to-get-android-mounts-and-partition-images.html
And this: http://www.slatedroid.com/topic/7220-how-to-dumping-your-rom-by-adb-raw-nand-dump/
Get the Android SDK on your computer first. Looks like you'll need an SD card as well (there appear to be methods that don't require it but I'm not sure whether they work or not).
Let us know if you're struggling. I can probably put together exact commands for this device based on mine, I'm just distant from it at the moment so might take me a day or two.
Durete said:
I read about this new stock version on my country's forums. Unfortunately nobody has dumped yet this version because I'm very interested.
Click to expand...
Click to collapse
Same here!
I ordered 2 units, one came with an old Teclast ROM full of bloat (so I flashed Mireks v7 ROM) but the other one is clean and fast V1.00_20151204) AnTuTu score is 49887 compared to Mireks v7 rom 48547
Someone please send me some instructions on how to dump it and I will happily upload it somewhere! I would not mind sticking this new Teclast ROM on my other air iii
To do a backup. Assuming you're using Windows. You'll need a MicroSD card of a few GB
Get the latest Intel ADB driver and install it: https://software.intel.com/en-us/an...ion-instructions-for-intel-android-usb-driver
Enable USB debugging on your device (about device, hit build number 7 times to enable developer options, open developer options and tick USB debugging).
Connect device by USB.
Open a command prompt, run the following commands:
Code:
adb shell "dd if=/dev/block/by-name/boot | gzip > sdcard/boot.img.gz"
adb shell "dd if=/dev/block/by-name/system | gzip > sdcard/system.img.gz"
adb shell "dd if=/dev/block/by-name/recovery | gzip > sdcard/recovery.img.gz"
adb pull /sdcard/boot.img.gz
adb pull /sdcard/system.img.gz
adb pull /sdcard/recovery.img.gz
I'm not certain whether the device needs to be rooted first to do this, or whether it's all the required partitions.
Could also pull the entire flash down with the following (needs a substantial SD card!). Not sure this is necessary, and you should 100% do a full factory reset/wipe beforehand or you'll be giving easy access to any data you've got on the device.
Code:
adb shell "dd if=/dev/block/mmcblk0 | gzip > /sdcard/mmcblk0.img.gz"
adb pull /sdcard/mmcblk0.img.gz
hordarian said:
To do a backup. Assuming you're using Windows. You'll need a MicroSD card of a few GB
Get the latest Intel ADB driver and install it: https://software.intel.com/en-us/an...ion-instructions-for-intel-android-usb-driver
Enable USB debugging on your device (about device, hit build number 7 times to enable developer options, open developer options and tick USB debugging).
Connect device by USB.
Open a command prompt, run the following commands:
Code:
adb shell "dd if=/dev/block/by-name/boot | gzip > sdcard/boot.img.gz"
adb shell "dd if=/dev/block/by-name/system | gzip > sdcard/system.img.gz"
adb shell "dd if=/dev/block/by-name/recovery | gzip > sdcard/recovery.img.gz"
adb pull /sdcard/boot.img.gz
adb pull /sdcard/system.img.gz
adb pull /sdcard/recovery.img.gz
I'm not certain whether the device needs to be rooted first to do this, or whether it's all the required partitions.
Could also pull the entire flash down with the following (needs a substantial SD card!). Not sure this is necessary, and you should 100% do a full factory reset/wipe beforehand or you'll be giving easy access to any data you've got on the device.
Code:
adb shell "dd if=/dev/block/mmcblk0 | gzip > /sdcard/mmcblk0.img.gz"
adb pull /sdcard/mmcblk0.img.gz
Click to expand...
Click to collapse
Thanks Hordarian.
I will give this a go as soon as I can. I'll also upload whatever I'll dump to my google drive and share so you can have a look. Good suggestion to factory reset before I do the dump. The unit is only 3days old and the only thing installed is Antutu and I am logged on , so I will clear this first and then upload. If I do need to root first then I will do that too.
I'll try to do this on Tuesday.
Thanks for the instructions
Debloated GoogleNow custom roms VS New Stock Rom
Hello,
I too received X98 AIr III with new stock rom. I reflashed my tablet with sikke1 rom to solve the camera problem. (It looks like my x98 might have a defective camera......)
I rooted the sikke1 rom. It works great (well...except the camera).
Sorry. I did not make a back up of stock rom before I flashed.
I am looking forward to having a stock rom back even though I like both roms. Stock rom looked clean (small icons, play store only) and sikke1 rom has large icons (more visible).
Should I go back to stock rom when it is available? I cannot make a choice.....Hmm.
hordarian said:
To do a backup. Assuming you're using Windows. You'll need a MicroSD card of a few GB
Get the latest Intel ADB driver and install it: https://software.intel.com/en-us/an...ion-instructions-for-intel-android-usb-driver
Enable USB debugging on your device (about device, hit build number 7 times to enable developer options, open developer options and tick USB debugging).
Connect device by USB.
Open a command prompt, run the following commands:
Code:
adb shell "dd if=/dev/block/by-name/boot | gzip > sdcard/boot.img.gz"
adb shell "dd if=/dev/block/by-name/system | gzip > sdcard/system.img.gz"
adb shell "dd if=/dev/block/by-name/recovery | gzip > sdcard/recovery.img.gz"
adb pull /sdcard/boot.img.gz
adb pull /sdcard/system.img.gz
adb pull /sdcard/recovery.img.gz
I'm not certain whether the device needs to be rooted first to do this, or whether it's all the required partitions.
Could also pull the entire flash down with the following (needs a substantial SD card!). Not sure this is necessary, and you should 100% do a full factory reset/wipe beforehand or you'll be giving easy access to any data you've got on the device.
Code:
adb shell "dd if=/dev/block/mmcblk0 | gzip > /sdcard/mmcblk0.img.gz"
adb pull /sdcard/mmcblk0.img.gz
Click to expand...
Click to collapse
Gave Hordarians instructions a quick try... But I guess this (below) means that I need root as the very first command resulted in the below:
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
dd: /dev/block/by-name/boot: Permission denied
---------- Post added at 10:42 PM ---------- Previous post was at 10:24 PM ----------
hordarian said:
To do a backup. Assuming you're using Windows. You'll need a MicroSD card of a few GB
Get the latest Intel ADB driver and install it: https://software.intel.com/en-us/an...ion-instructions-for-intel-android-usb-driver
Enable USB debugging on your device (about device, hit build number 7 times to enable developer options, open developer options and tick USB debugging).
Connect device by USB.
Open a command prompt, run the following commands:
Code:
adb shell "dd if=/dev/block/by-name/boot | gzip > sdcard/boot.img.gz"
adb shell "dd if=/dev/block/by-name/system | gzip > sdcard/system.img.gz"
adb shell "dd if=/dev/block/by-name/recovery | gzip > sdcard/recovery.img.gz"
adb pull /sdcard/boot.img.gz
adb pull /sdcard/system.img.gz
adb pull /sdcard/recovery.img.gz
I'm not certain whether the device needs to be rooted first to do this, or whether it's all the required partitions.
Could also pull the entire flash down with the following (needs a substantial SD card!). Not sure this is necessary, and you should 100% do a full factory reset/wipe beforehand or you'll be giving easy access to any data you've got on the device.
Code:
adb shell "dd if=/dev/block/mmcblk0 | gzip > /sdcard/mmcblk0.img.gz"
adb pull /sdcard/mmcblk0.img.gz
Click to expand...
Click to collapse
Thanks for those instructions Hordarian, but as mentioned, it does look like root is needed and this stock ROM does not have it... So, what is the best (easiest) way of rooting? Is it this:
http://forum.xda-developers.com/android/development/intel-android-devices-root-temp-cwm-t2975096
Root link for original rom
guvno said:
Gave Hordarians instructions a quick try... But I guess this (below) means that I need root as the very first command resulted in the below:
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
dd: /dev/block/by-name/boot: Permission denied
---------- Post added at 10:42 PM ---------- Previous post was at 10:24 PM ----------
Thanks for those instructions Hordarian, but as mentioned, it does look like root is needed and this stock ROM does not have it... So, what is the best (easiest) way of rooting? Is it this:
http://forum.xda-developers.com/android/development/intel-android-devices-root-temp-cwm-t2975096
Click to expand...
Click to collapse
Yes. I was able to root the original rom in my tablet using that link. It was fairly easy.
http://forum.xda-developers.com/andr...p-cwm-t2975096

Categories

Resources