Related
This is my attempt at a Bell FAQ, it is a work in progress.
Q. Why don't the instructions I found on how to do X not work?A. This is a development forum, sometimes things are written in shorthand assuming you know things you don't. At lot of things are specific to one carrier's phone or another. Sometimes things change and are now obsolete, something new was found, a better way of doing things, if you were not following it all along you are likely to be lost. Read between the lines, you are a human being with reasoning abilities, figure it out. Q. What should I do first?
A. Backup your phone. That means everything, especially your pds partition. Nandroid won't cut it and you have already modified your phone beyond the ability to get back if you can run it.
Ex. dd if=/dev/block/mmcblk0p3 of=/sdcard/backup/mmcblk0p3
Save your backup on your computer, create a zip of all the files, burn it off on cd/dvd, put it in a safety deposit box at your bank. Be prepared for bricking your phone. A lot of things mentioned in threads here are developed and tested for ATT phones, they may not work 100% on your phone.Q. What is ADB?A. It stands for Android Debug Bridge or something like that. It is a program that runs on your computer that lets you talk to your phone using special commands. Your phone has to have adb enabled, it's a setting under application/development.
Ex. adb shell
This opens a linux shell connected to your phone. Linux is an operating system for computers, it is also used as the base for android phones.
Ex. adb install file.apk
Ex. adb push file /tmp
Ex. adb pull /tmp/file .
Q. What is CWM recovery?A. Android phones come with a special boot configuration that allows for changes to the android system from a place outside the system. It is very corporate and does the job for official signed updates, but only Motorola and it's oems can sign the updates. Not much fun for us. CWM recovery is a replacement for the official recovery system that doesn't require signed updates.
You install CWM recovery using fastboot or moto-fastboot.Q. What is unlocking the bootloader all about?A. It is the means of putting CWM recovery on your phone so you can install roms and other packages. It allows you to flash a partition with mods and have the phone not soft brick when you reboot. When the unlocked versions of the atrix bootloader were found it started a new round of mods. A lot of the threads prior to that are now obsolete.Q. How do I unlock the bootloader?A. There is a huge thread already about this, see here.
WARNING: this is a permanent change to your phone.
Summary:
1. Download the archive
2. Extract the sbf inside, whatever it's called, that is the one to use.
3. Use linux sbf_flash or rsdlite from windows to install it.
3. fastboot oem unlock
4. Copy code fastboot spits out.
5. fastboot oem unlock code
6. fastboot reboot
You will see unlocked while booting and when you get into android you will have ~300MB of ram. This will need to be fixed. Also, you will lose all your data during the process, do a backup first.Q. What is fastboot/moto-fastboot?A. It's a program to access the phone and do stuff, write phone partition images mostly. The stock one can only handle tiny system images, pretty useless for the Atrix, xda member eval- compiled the motorola version for us that can handle larger system images, do a search for moto-fastboot.
Ex. moto-fastboot flash recovery recovery.img.Q. How do I fix the ram problem?A. I did up a CWM recovery zip to update the boot and recovery partitions to contain a kernel command line with the missing bit "[email protected]" added. See here.
There are other means of doing this, some boot images come prepackaged with the command line already embedded. There are ATT compiled kernels with a patch inside the kernel itself to do the same thing. You can search for those when you are ready to try things like custom ATT kernels on your phone.Q. How do I root the phone?A. If you are unlocked and you have fastboot flashed a version of CWM recovery, it is trivial. By that I mean almost impossible for newbies to figure out.
It would go something like this:
1. Boot into CWM recovery.
2. use adb shell
3. adb push a su binary to the phone.
4. mount system as read write as /system
5. copy su binary to /system/bin
6. make sure it has the right permissions, 06755 mode , user root, group root.
7. unmount -l /system
8. when in android look on the market for Superuser.apk, install.
Every rooting method out there is all about putting su into /system/bin with 06755 permissions, most don't work anymore since Gingerbread. If you are looking for a simple, no brain involved solution, you are likely to get something working and also something else you didn't want like a replaced preinstall partition or an installed busybox with different functionality for some important system commands. (Busybox may be more up to date even, but if it doesn't do what is expected of the older version, it's still not good.)
Another way would be to create a CWM zip that simply puts the linux su binary in system with the correct permissions. Some info about creating your own can be found here. Doing this is more involved that just doing it manually, but it would be a good practice for getting into creating CWM updates.
Here is a link to a exploit someone did up to root the phone when running GB. Haven't tested it, and with an unlocked phone it is totally redundant, but it's nice that some found yet another security hole in the OS, seems similar in result to psneuter, so be sure to reboot the phone to fix the exploited system.
Seriously, if you are going to be reading or posting in the development section of xda for an android phone, take the 5 minutes to become familiar with adb and a few linux shell commands, it will save you hours of confusion and aggravation. If you fly blind trying things on your phone without understanding what you are doing you are eventually going to get into a place you can't get out of and need a new phone or REALLY have to struggle to understand things. You were warned. Q. How do I get back to stock?
A. You can't unless you have a backup of all your phone partitions and can update your radio and bootloader to be stock. Once you unlock your phone, it is recorded that you did so by blowing a physical fuse on the phone. This cannot be restored, you will need a new phone.
What does stock mean to you? When I bought my phone it had a certain radio, the bootloader couldn't be unlocked, the android system files had certain versions, etc. Beyond the android system there are 18 partitions that I know of on the phone, most phones do with 5-6. Every ota update or sbf files take the normal files and change them to something else, non android partitions get modified or replaced.
I have some solutions for getting close to stock, do a search for Gobstopper. There is one for Bell 2.2.2 and Bell 2.3.4, use one or the other. These attempt a full back to stock operation, that means the radio and bootloader will be stock, recovery will be stock as well. (All the partitions that are on the phone are written over with the ones that were on my phone when I bought it, with the exception of partitions 3 (pds), 15 (cache), 16 (data), and 18 (userdata or internal memory), factory reset clears cache and data, you don't want pds touched or internal memory.) Unlocked will no longer be displayed when you boot and you will no longer have CWM recovery installed. You will need to install the unlocked bootloader again and fastboot flash recovery again if stock is not what you wanted. (Your pds partition is not involved in this operation, so if you made changes to it, either directly or indirectly via a sbf this will not restore it, your pds partition contains individual phone information.)
More about sbf format here.Q. What does the pds partition taste like?A. It's not really fit to eat. Now you know.
It is mmcblk0p3, a partition on your phone, it is mounted as /pds when android boots and contains a bunch of folders and files that nobody really understands fully but Motorola. Having a look at some of the files you will see things like your network physical address, bluetooth physical address. You will find threads where the display is all arsed up, cpu running at half speed, touch screen not working right, etc, all due to something going wrong with /pds. It is best to back it up and not mess with it. Restore it in an emergency. Maybe one day everything in there will be figured out, take a stab at it yourself.
See this thread by edgan for how to back up your pds partition.
See this thread by KeRmiT80 about attempting to fix your pds partition. Good motivation to see previous link.
Q. I lost network data access after flashing X.
A. Check your APN list, if it's not a Bell firmware you are using, it probably doesn't have Bell's APN list. Scratch that, you don't know what that is or how to check it.
It stands for Access Point Name and a big list of them is stored on your phone in one big file (/system/etc/apns-conf.xml), each firmware has it's own version of it. Your phone will get two numbers from your carrier's phone network to do a look up in this list to figure out what configuration to use. So say it gets mcc 302, mcn 610, it will check the phone and look up 302, 610 in the file and read what it says there and use that config to try to connect. Now, another thing is that the phone knows what the home network is by these two numbers, embedded somewhere in the system. A foreign, non Bell carrier won't have Bell's numbers in there so your phone will think it's roaming. If you have roaming disabled, guess what, no data connection. Your carrier should be smart enough not to charge you for roaming, never had a problem with that, but you never know.
Here are the apn settings you can enter manually for your phone, see Bell's support link.
Q. How do I get webtop over HDMI to work?
A. There are several threads on getting this to work on ATT phones and others, they are specific to the firmware being run on the phone. They involve copying two deodexed files to your system/app folder and replacing the ones already there. You will also need to clear your dalvik cache to get the new code recognized. They are DockService.apk and PortalApp.apk. If you are not deodexed then you also have to remove the .odex files for both.
Here is one thread for Gingerbread, in the zip there is one for ORFR that will get you to viewing the webtop on Bell GB, but applications don't load.
Here is another thread for Froyo that works, see the Bell specific bit in the OP. This does not work from Bell Gingerbread. To be continued...
Hoping the Mods sticky this
A link should be attached to the wiki as well. I will try to when I get home if it isn't done already.
shouldn't this be in general? or q&a?
Magnetox said:
shouldn't this be in general? or q&a?
Click to expand...
Click to collapse
Probably both. Most things referenced are in development.
Cheers!
Sent from my MB860 using xda premium
y2whisper said:
Hoping the Mods sticky this
A link should be attached to the wiki as well. I will try to when I get home if it isn't done already.
Click to expand...
Click to collapse
+1 this should be a sticky on either or both general or development...
cheers for this...this thread is going to help me with my youtube viewers BIG TIME!!
Very nice!
Keep it up NFHimself!
NFHimself said:
This is my attempt at a Bell FAQ, it is a work in progress.
Q. How do I root the phone?A. If you are unlocked and you have fastboot flashed a version of CWM recovery, it is trivial. By that I mean almost impossible for newbies to figure out.
It would go something like this:
1. Boot into CWM recovery.
2. use adb shell
3. adb push a su binary to the phone.
4. mount system as read write as /system
5. copy su binary to /system/bin
6. make sure it has the right permissions, 06755 mode , user root, group root.
7. unmount -l /system
8. when in android look on the market for Superuser.apk, install.
Every rooting method out there is all about putting su into /system/bin with 06755 permissions, most don't work anymore since Gingerbread. If you are looking for a simple, no brain involved solution, you are likely to get something working and also something else you didn't want like a replaced preinstall partition or an installed busybox with different functionality for some important system commands. (Busybox may be more up to date even, but if it doesn't do what is expected of the older version, it's still not good.) To be continued...
Click to expand...
Click to collapse
I used this method to root the stock Bell Gingerbread ROM. Works on an Atrix too. It's a quick download and easy for those people who may not be comfortable with the adb command line.
http://www.psouza4.com/Bionic/
thx
useful for newbies
but can you put some more details about returning to stock and explain the pds partition in details plz?
papakilo10 said:
I used this method to root the stock Bell Gingerbread ROM. Works on an Atrix too. It's a quick download and easy for those people who may not be comfortable with the adb command line.
http://www.psouza4.com/Bionic/
Click to expand...
Click to collapse
Had a look at the script in that one, should be fine, doesn't install a busybox or anything like that. I don't care for Superuser.apk in /system/app myself, but it won't harm anything having it there.
Cheers!
ytwytw said:
thx
useful for newbies
but can you put some more details about returning to stock and explain the pds partition in details plz?
Click to expand...
Click to collapse
I added a few things, anything in particular you wanted?
I am trying to avoid step by step tutorials or spoon feeding everything, so people who are lazy/careless will have to attempt to think for themselves. It just leads to more questions, more laziness, and bricked phones, and I don't have the time these days.
Cheers!
ATTENTION: PUBLIC SERVICE ANNOUNCEMENT
It has come to my attention that under certain circumstances when the Kindle HD's get stuck in a bootloader bootloop the information on the "boot0" block of the internal storage can be ERASED and RESET.
This partition is special and contains ALL of your device's hardware specific information:
- Wifi MAC address + Encoded Secret for registering w/ Amazon services
- BT MAC address
- Serial #
etc
FOR BACKING UP THIS PARTITION:
Code:
adb shell su -c "dd if=/dev/block/mmcblk0boot0 of=/sdcard/boot0block.img"
adb pull /sdcard/boot0block.img
Place the "boot0block.img" file with the other files that you backed up in the original instructions for safe keeping.
FOR RESTORING THIS PARTITION:
(do not do this unless you are absolutely SURE that your boot0 block got wiped out -- hopefully you never need to)
This is done via adb from your PC while the device is in TWRP recovery or in the Android OS (not fastboot):
Code:
cd <your safekeeping files>
adb push boot0block /sdcard/boot0block.img
adb shell "echo 0 > /sys/block/mmcblk0boot0/force_ro; dd if=/sdcard/boot0block.img of=/dev/block/mmcblk0boot0;"
THIS FILE IS UNIQUE TO YOUR DEVICE AND CANNOT BE REPLACED OR REBUILT FROM ANOTHER DEVICE. DO NOT SHARE IT WITH ANYONE AS IT CONTAINS INFORMATION ABOUT YOUR DEVICE USED BY AMAZON DURING REGISTRATION.
I tried to backup my device's 0boot however,
I have no idea about why the KFHD (Cyanogenmod 10.1, your build on 11 May) cannot be detected with ADB devices command.
I have enable the Developer Options in settings menu and have both Android Debugging & ADB over network enabled. Any comment about this?
Thank you.
Thanks Haschode - worked first time
ryanhein said:
I tried to backup my device's 0boot however,
I have no idea about why the KFHD (Cyanogenmod 10.1, your build on 11 May) cannot be detected with ADB devices command.
I have enable the Developer Options in settings menu and have both Android Debugging & ADB over network enabled. Any comment about this?
Thank you.
Click to expand...
Click to collapse
Blimey - a little less aggressive would be good!
If adb is not recognising your device perhaps the drivers are not installed properly as it worked fine for me first time.
Assuming you have the android sdk installed, if you need help installing the drivers look at posts 7 and 8 in this thread.
Im still on stock rom rooted has 2nd bootloader and CCW
try to back up but I got this when i try to pull
D:\sdk\sdk\platform-tools>adb devices
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
List of devices attached
B0C9100425160LG8 device
D:\sdk\sdk\platform-tools>adb shell su -c "dd if=/dev/block/mmcblk0boot0 of=/sdcard/boot0block.img"
D:\sdk\sdk\platform-tools>adb pull /sdcard/boot0block.img
remote object '/sdcard/boot0block.img' does not exist
Any thing i did worng? and boot0block.img is not in my sdcard folder
Thanks advance
ryanhein said:
I tried to backup my device's 0boot however,
I have no idea about why the KFHD (Cyanogenmod 10.1, your build on 11 May) cannot be detected with ADB devices command.
I have enable the Developer Options in settings menu and have both Android Debugging & ADB over network enabled. Any comment about this?
Thank you.
Click to expand...
Click to collapse
Depending on your setup & your environmental variable paths, you may have to launch the CMD window from your Android SDK folder. Depending on what version of the SDK you are using, it may be in platform tools for the older sdk, or in X:\Android\system\bin, where X equals whatever drive you installed the SDK on. It works from that folder every time for me & only sporadically from anywhere else.
Yes. Had same problem here.
I am on build 0511 at present and everything is good enough to me.
Since Hash reminded all of backup for one more image 0boot recently. Then I tried to connect to pc in ADB mode so I can backup it and push it to my pc in OS windows7. The enviroment for adb was good because I used same computer and system to install the second bootloader already.
At first I stuck with enabling ADB in my kindle but I eventually figure out how to do that. However, now when I hook my kindle to pc, the adb still doesn't work as a result adb.exe (command: adb devices) can not recognize my kindle device. At same time when my kindle connects to pc I found kindle is recognized as a removable device (MTP mode). And in kindle, in notification bar there are 2 items, one tells me that kindle is connect as Media Device and the other tells me ADB is enable. This is weird when both MTP and ADB are enabled at same time and I guess maybe this is the reason why pc can not see kindle in adb mode.
Then I tried to disable MTP (uncheck MTP in setting-storage-setting) to see whether ADB will work, I found I just can not do it, I can only switch between MTP and PTP rather than unselect both MTP and PTP.
Fastboot always works.
Appreciate if any help.
ryanhein said:
I tried to backup my device's 0boot however,
I have no idea about why the KFHD (Cyanogenmod 10.1, your build on 11 May) cannot be detected with ADB devices command.
I have enable the Developer Options in settings menu and have both Android Debugging & ADB over network enabled. Any comment about this?
Thank you.
Click to expand...
Click to collapse
Sent from my Amazon Kindle Fire HD using Tapatalk 2
While you are figuring out the problem, you can still backup this boot0 by issuing the command from the kindle cmd terminal and copy it over to some place safe.
AlexAquarium said:
While you are figuring out the problem, you can still backup this boot0 by issuing the command from the kindle cmd terminal and copy it over to some place safe.
Click to expand...
Click to collapse
Did it as you said.
Thanks.
Sent from my Amazon Kindle Fire HD using Tapatalk 2
CM10 cannot be detected with ADB devices
ryanhein said:
I tried to backup my device's 0boot however,
I have no idea about why the KFHD (Cyanogenmod 10.1, your build on 11 May) cannot be detected with ADB devices command.
I have enable the Developer Options in settings menu and have both Android Debugging & ADB over network enabled. Any comment about this?
Thank you.
Click to expand...
Click to collapse
I am pretty sure the reason is that the Vendor ID in the Cm10 build is not 0x1949 (Kindle).
Before you flashed the Cm10. the Vendor ID was 0x1949 and after was not (Probably was google 0x18D1).
Unless your PC is setup to recognize the new Vendor ID, ADB and Fastboot will no longer work.
The good news is that if you loaded 2nd bootloader and TWRP, if you are in recovery, the recovery Vendor ID is 0x1949.
The solution is to wait until Hashcode modifies his CM10 builds to put the 0x1949 vendor ID back into the build.
This kind of thing happens more often than you would think and creates some issues after a ROM change.
Regards Jerry
@Hashcode
Just curious...is this something that was added to Amazon's code (intentionally, perhaps?), or is it just an unfortunate byproduct of making a mistake while attempting to modify the device?
Is it due to a recent update or had it always been the case?
soupmagnet said:
@Hashcode
Just curious...is this something that was added to Amazon's code (intentionally, perhaps?), or is it just an unfortunate byproduct of making a mistake while attempting to modify the device?
Is it due to a recent update or had it always been the case?
Click to expand...
Click to collapse
There is code in 1 of the bootloaders to erase the boot0 block and reset the info after many failed boots. And this info is so important that I felt it was worth keeping a backup of. Without it, you can never re-register the Kindle w/ Amazon services.
Sent from my XT894 using Tapatalk 2
So, apart from screwing people over, would there be any real need for such an addition?
Not to revive a old thread but how would one know if the boot0block had definitely been wiped or reset what can be done to check if it had been or not?
Hey everyone,
first off, I have my Kindle for a few weeks now and it's my first Androit device. I started reading into rooting and adb commands only a few days ago, so please excuse me if I'm not writing accurately with some terms. Additionally, I could not find a similar problem via searching.
Here's my problem (I'll try to be as detailed as possible):
I rooted my KFSOWI running 11.3.1.0 yesterday using Moronigs rooting method. It went well and I had full root access (typing su in an adb shell resulted in an # and all that).
Today I wanted to edit the framework-res.apk to exchange some images. Stupid as I tend to be I wanted to rename the original file and then paste my modified one. The device started giving out various crashes, telling me that lots of apps stopped working. Only then I realised that the file is needed to run the system. Unfortunately the Kindle had shut down at some point and when I boot it now it only gives me a black screen (although the backlight is still on).
Here's what I tried so far:
1. I wanted to adb push the modified file to the system/framework folder, but it tells me that the folder is read-only.
2. So I wanted to change permissions but it seems I don't have root access anymore (I don't even get the # output in the adb-shell after typing su).
3. I tried installing the package via adb but it says "Error: COuld not access package manager. Is the system running?"
I guess it doesn't boot up the package manager and root access. You guys have any idea what I can do right now? Seems like a lost cause to me. And if so, can I try sending it back via warranty?
Any help is very much appreciated. And thanks for all the great work on these forums.
Does nobody have an idea? Would be very sad if I couldn't use it anymore. Although I'm the only one to blame. Does someone have experience on sending it back to amazon for warranty? As far as I know rooted devices lose their warranty.. :-/
Karelian_ said:
Hey everyone,
first off, I have my Kindle for a few weeks now and it's my first Androit device. I started reading into rooting and adb commands only a few days ago, so please excuse me if I'm not writing accurately with some terms. Additionally, I could not find a similar problem via searching.
Here's my problem (I'll try to be as detailed as possible):
I rooted my KFSOWI running 11.3.1.0 yesterday using Moronigs rooting method. It went well and I had full root access (typing su in an adb shell resulted in an # and all that).
Today I wanted to edit the framework-res.apk to exchange some images. Stupid as I tend to be I wanted to rename the original file and then paste my modified one. The device started giving out various crashes, telling me that lots of apps stopped working. Only then I realised that the file is needed to run the system. Unfortunately the Kindle had shut down at some point and when I boot it now it only gives me a black screen (although the backlight is still on).
Here's what I tried so far:
1. I wanted to adb push the modified file to the system/framework folder, but it tells me that the folder is read-only.
2. So I wanted to change permissions but it seems I don't have root access anymore (I don't even get the # output in the adb-shell after typing su).
3. I tried installing the package via adb but it says "Error: COuld not access package manager. Is the system running?"
I guess it doesn't boot up the package manager and root access. You guys have any idea what I can do right now? Seems like a lost cause to me. And if so, can I try sending it back via warranty?
Any help is very much appreciated. And thanks for all the great work on these forums.
Click to expand...
Click to collapse
At this point, I would send it back to Amazon. all they will check for is physical damage and send it back to China. I hear some people bricking their tablet several times and getting a replacement. Thing is that Amazon's warranty questions are only water damage and did you drop it questions. So you don't even have to BS them to get a replacement.
If you have a fast boot cable you might restore it. Now it's not the cable that came with Kindle, it's a special programming cable that will put it into fast boot mode.
Sent from my Amazon Kindle Fire2 using xda app-developers app
braider said:
If you have a fast boot cable you might restore it. Now it's not the cable that came with Kindle, it's a special programming cable that will put it into fast boot mode.
Sent from my Amazon Kindle Fire2 using xda app-developers app
Click to expand...
Click to collapse
There are no exploits for this boot loader yet. Don't think a fastboot cord will do much at the time.
Sent from Nexus 7 flo running SinLess ROM 4.2.2 using xda app-developers app
Did noone come up with a solution, because i did the same thing, with the framework-res.apk
i can make a fastboot cable if itll do any good without an unlocked bootloader. could i possibly push the most recent update.bin from amazon and restore the device to stock???
---------- Post added at 04:06 AM ---------- Previous post was at 03:10 AM ----------
i wouldnt take bricked for an answer and i found a fix
what i did was make sure the kindle was connected to adb and typed the following
adb reboot
adb wait-for-device shell su
the shell managed to snag the SU file and displayed # before the device looped thru all of the boot apps over and over, but then CMD froze.
so i tried this
adb reboot
adb wait-for-device shell su mount -o remount,rw -t ext4 /dev/block/platform/omap/omap.hsmmc.1/by-name/system /system
and in one line got root access and remounted the system as RW
my problem was that framework-res APK was replaced with ZIP so all i had to do was rename it
# cp /system/framework/framework-res.zip /system/framework/framework-res.apk
and success!!
# exit
$ exit
adb reboot
and she booted right up!!!!
First response so please be kind. My KFSOWI is stuck in the bootloop too. I have a factory cable and can get into fastboot but don't have any factory images to restore. Anyone have any ideas?
Do you get any adb access? I don't think casebook will be any help until someone unlocks the bootloader
Sent from my KFSOWI using XDA Premium 4 mobile app
I no longer have this phone!
---
Are you having problems flashing custom ROMs and then getting bootloops? Are you sick of using the Stock ROM?
I found that it is caused by accidentally wiping the PDS partition in some versions of CWM an TWRP.
By going into Settings > About > Status the serial number will no longer be shown. (Unknown or Error.)
A long time ago, someone posted their PDS (yay!) here.
The second post has an extracted PDS.
You will need to download both the pds.img and efi.zip for this tutorial.
To see where the PDS is located for the XT890, look here. (mmcblk0p12)
~
Note: I've attached some pics to help - see below.
Step One:
While booted into Android, you need to use the following commands: (Make sure you enable USB Debugging.)
Code:
adb push pds.img /data/local/tmp
adb shell
su
chmod 777 /data/local/tmp/pds.img
dd if=/data/local/tmp/pds.img of=/dev/block/mmcblk0p12
exit
exit
adb reboot
At this point, if you boot into fastboot, you'll notice the PDS is fixed, but it will not show YOUR serial number.
Step Two:
Extract efi.zip
Open up efi\factory\fti using a hex editor (I use XVI32)
Find the decimal address (Address > Goto) 21
Insert your serial number as a text string T********H (Edit > Insert string)
Remember, the serial number is TEN characters.
Remove the old serial number using Delete on the keyboard.
You should end up with your serial number and EA4 on the end.
Save the file and copy it to your phone.
Using a root explorer file manager (I use ES File Explorer) mount / as RW
Browse to /pds/factory/, copy your edited fti file and overwrite.
Step Three:
Restart the phone and boot into fastboot.
Code:
fastboot erase cache
fastboot reboot-bootloader
fasboot should now show the correct serial number.
Congrats!
I hope this has helped you, please give feedback.
Good find. Thanks for the contribution
So my Serialnumber is the MSN on my phonebox right, the one right above the IMEI? Cause mine is not beginning wit a "T", but it has 10 characters.
Btw, the Serialnumber is not the only thing that is unique - the mac adress is saved in the pds too. I will try to change mine later, should work with the same method, i just create a new one i guess - dont know how to get my old one.
I lost my box a long time ago, but had my serial number saved in a screenshot from when I unlocked the phone's bootloader.
Thanks for the info on the MAC address, I'll look into it later.
Sent from my XT890
Worth a try with the Moto X Style?
AlertRobotdude said:
Worth a try with the Moto X Style?
Click to expand...
Click to collapse
Maybe, but not this one. Do know u are in the "Razr I" forums of XDA and not in the "Moto X Style" forums.
In case anybody cares, here's a pure C reimplementation of 'cuber.py'
(my own earlier reimplementation of @vortox's signature.py).
This is what I'm using in my '1-Click' bootloader unlock VM...
See 'grep ^gcc' for "build instructions".
Hack, you can probably build this for ARM and run it right on your very HDX tablet... (-;
UPDATE (JanuaryFebruary 2017):
OK; so, @zivimo had built this for ARM, but people still haven't noticed.
I repacked his binary from a .tar.gz to a .zip archive and decided to spell out the instructions for use.
Perhaps, this helps... With the right bootloader in place, and adb/fastboot installed (and working),
the unlock is as easy as follows...
Download and extract unlock.zip (SHA256: e40e3010f8eccfa9cbd1e73eecac30cf799099d183de23b2d256fc3407f143f6e5db0b8d82c8fd2a25a22b0a598014d22a2ec33cef27a8d4b65a36acde08f27a)
to the same directory that holds the adb and fastboot executables (unless you have added them to your PATH)
Click on get_code.bat in the extracted folder
-- optional (but commonly required) step(s) --
fix root (roll back, if you need to), flash vulnerable bootloader
[you'll definitely need to perform at least some of these if the last step fails]
Click on unlock.bat in the extracted folder
The archive also includes .sh variants of the .bat files for convenience.
You could also just click to show the hidden section and cut&paste... (-;
Code:
[STRIKE]unzip cuber.zip[/STRIKE]
adb push cuber /data/local/tmp/
adb shell chmod 0755 /data/local/tmp/cuber
adb shell 'id=$(cat /sys/class/block/mmcblk0/device/{manfid,serial}); echo "$id"; echo 0x${id:6:2}${id:11:8} | /data/local/tmp/cuber > /sdcard/unlock.code'
adb pull /sdcard/unlock.code
adb shell rm /sdcard/unlock.code /data/local/tmp/cuber
adb reboot-bootloader
fastboot -i 0x1949 flash unlock unlock.code
NOTE: download and extract the attached 'cuberunlock.zip' and run the above commands
in the directory where 'cuber' got extracted to.
Nice job! Originally I wanted to use OpenSSL BigNum too, but I hadn't enough time and Python was easier to use
hey,
made a static compile with an arm debian (jessie). seemed the easiest solution to me. compile command:
Code:
# gcc -fPIE -static cuber.c -o cuber -lssl -lcrypto
# strip cuber
# ldd cuber
not a dynamic executable
# ./cuber
Usage: cuber [RSA-bytes] < data > sig
seems to work. arm(!) binary attached.
ok draxie, you pointed me here but something seems to be missing. i downloaded unlock.zip, put the files in my adb directory. when i run get_code.bat, it pushes cuber to the kindle in the right directory, changes permissions (dont see any errors there) but then stops saying the system can't find the specified path. Whats funny is i used es file explorer to check the paths in the script, and they are there so not sure where the hang up is.
chin_bone said:
ok draxie, you pointed me here but something seems to be missing. i downloaded unlock.zip, put the files in my adb directory. when i run get_code.bat, it pushes cuber to the kindle in the right directory, changes permissions (dont see any errors there) but then stops saying the system can't find the specified path. Whats funny is i used es file explorer to check the paths in the script, and they are there so not sure where the hang up is.
Click to expand...
Click to collapse
Did you check all three paths?
/data/local/tmp
/sdcard
/sys/class/block/mmcblk0
The 2nd one _may_ be problematic if you're on SafeStrap.
I don't know why. I'm yet to install that on one of my test
devices to investigate. (Or, was that the 1st... )
The 0 in the 3rd one may actually be a 1 on some systems.
I have a few extra lines in my VM script to work around
that, I can easily add that here as well, if that turns out
to be the issue.
BUT, to try and troubleshoot: how far does the script get?
If it didn't complain with the permissions, the 1st path is probably OK.
Does it print your manfid/serial?
If so, mmcblkX would be right as well.
Any chance that you're on SafeStrap?
Can you push/pull to/from /sdcard?
- - - - -
On a second thought: I've only ever tested this on Linux.
String quoting on Windows may work differently, and could *royally* mess up how that more complex command is interpreted.
I'll test tomorrow; it's like 20 past 1am here. I need to get some sleep.
In the meantime, as a workaround, you could just hard-code your manfid/serial, and replace this line:
Code:
adb shell 'id=$(cat /sys/class/block/mmcblk0/device/{manfid,serial}); echo "$id"; echo 0x${id:6:2}${id:11:8} | /data/local/tmp/cuber > /sdcard/unlock.code'
by the decidedly much simpler:
Code:
adb shell 'echo 0xmmssssssss | /data/local/tmp/cuber > /sdcard/unlock.code'
draxie said:
Did you check all three paths?
/data/local/tmp
/sdcard
/sys/class/block/mmcblk0
The 2nd one _may_ be problematic if you're on SafeStrap.
I don't know why. I'm yet to install that on one of my test
devices to investigate. (Or, was that the 1st... )
The 0 in the 3rd one may actually be a 1 on some systems.
I have a few extra lines in my VM script to work around
that, I can easily add that here as well, if that turns out
to be the issue.
BUT, to try and troubleshoot: how far does the script get?
If it didn't complain with the permissions, the 1st path is probably OK.
Does it print your manfid/serial?
If so, mmcblkX would be right as well.
Any chance that you're on SafeStrap?
Can you push/pull to/from /sdcard?
- - - - -
On a second thought: I've only ever tested this on Linux.
String quoting on Windows may work differently, and could *royally* mess up how that more complex command is interpreted.
I'll test tomorrow; it's like 20 past 1am here. I need to get some sleep.
Click to expand...
Click to collapse
It's all good draxie, i figured out what i was doing wrong with the other procedure, that damn STEP 2, once i did it, everything fell into place. Bootloader unlocked and now just trying to figure out which rom to try first. Thanks again, you guys are great and i know how valuable everyones time is. :good:
I keep hitting road blocks, I am rooted and on Fire OS 4.5.5.2 I click get code a screen flashes up then I click Unlock and my Kindle boots to the Grey Kindle screen with Fastboot underneath and nothing else happens. Same happens when I copy and past the code into ADB. What step am I failing at? Thanks for the help!
pdanforth said:
I keep hitting road blocks, I am rooted and on Fire OS 4.5.5.2 I click get code a screen flashes up then I click Unlock and my Kindle boots to the Grey Kindle screen with Fastboot underneath and nothing else happens. Same happens when I copy and past the code into ADB. What step am I failing at? Thanks for the help!
Click to expand...
Click to collapse
@draxie - I have no experience with this tool; python/gmpy2 works reliably for me. Sorry to pull you in ...
Davey126 said:
@draxie - I have no experience with this tool; python/gmpy2 works reliably for me. Sorry to pull you in ...
Click to expand...
Click to collapse
I am up and running now, unlocked and running kk-fire-nexus-rom-thor-20161017. Play store is also up and running.
pdanforth said:
I am up and running now, unlocked and running kk-fire-nexus-rom-thor-20161017. Play store is also up and running.
Click to expand...
Click to collapse
Did you end up using some other method, or did these scripts work for you in the end?
Either way, others may find useful if you could share whatever worked for you. (-;
Unfortunately, I still haven't had a chance to test these scripts in Windows;
so, I couldn't answer your first call for help in a good way. If there's something
wrong and there's enough interest, I'll be happy to fix it as soon as I can.
draxie said:
Did you end up using some other method, or did these scripts work for you in the end?
Either way, others may find useful if you could share whatever worked for you. (-;
Unfortunately, I still haven't had a chance to test these scripts in Windows;
so, I couldn't answer your first call for help in a good way. If there's something
wrong and there's enough interest, I'll be happy to fix it as soon as I can.
Click to expand...
Click to collapse
@stangri did my unlock file and I used this thread to unlock https://forum.xda-developers.com/kindle-fire-hdx/general/thor-unlocking-bootloader-firmware-t3463982
I had trouble making the Unlock file, once that was done and some help from other users I am now up and running!