[WIP] 1 Click Partition Back-Up v0.1 - ZTE Axon 7 ROMs, Kernels, Recoveries, & Other Deve

YOU MUST HAVE ROOT ACCESS TO PROCEED
THIS WILL NOT WORK IF YOU DON'T HAVE ROOT
A MINIMUM TEMPORARY SPACE OF 400MB ON YOUR INTERNAL STORAGE IS REQUIRE FOR THIS BACKUP PROCEDURE
THIS PROGRAM IS FOR PARTITIONS BACKUP PURPOSES AND NOTHING ELSE ​
Hello everyone,
After trial and error and keep trying with lot of errors finally got this puppy working, backups 19 Partitions from your device, i don't know if the A2017 (chinese variant) have the same partition table but as far as i know and have seen the A2017U and A2017G does have the same partition table which is awesome for any Rom developers to work on things or any dev.
Steps:
1- Download the zip file from here 1CLick_Partition_Backup_v0.1
2- Decompress anywhere you want (i prefer in the root of drive C: )
3- Make sure you have enable USB-Debbuging
4- Plug your Device
4- Double Click 1click_PartitionBackup_by_DrakenFX.exe and watch the program run
5- When Done your Partition Back-up will be in you C:/a2017u_partitions_backup folder
6- DONE
This is just the beginning i may be adding more Options like Single backup or group backup.
NOTE 01 : I didn't add the system partition backup for the sole reason of been huge file 6gb at least and I can add system in future update as separate option.
NOTE 02 : I'm not a savvy when comes to dev. but if i can do something that can help other do things a little easier , i'll be around

Reserve 01

Reserve 02

Do we have any way to restore these backups after?

XblackdemonX said:
Do we have any way to restore these backups after?
Click to expand...
Click to collapse
There is a way using flashable zip via TWRP, but I'll look into for something else... I'm new to all this so still learning , fastboot is another way but I'll look into it

I had to disable windows defender in order to download this. It kept flagging it as malware. Just a heads up.

CandyFoxJ said:
I had to disable windows defender in order to download this. It kept flagging it as malware. Just a heads up.
Click to expand...
Click to collapse
really? i'm ensure you there's no malware or anything malicious in this file.... i have downloaded and my windows doesn't detect anything. (Win10 Latest Update)

I've seen it throw false positives before, I'm not worried about it. Probably the packer used in your app. This is what it picked up.

Since this is XDA after all, you should probably either post your source and/or release it as a script/command list. It's not really security friendly to release a .exe that runs root commands. It could probably be run all as a batch command.

CandyFoxJ said:
I've seen it throw false positives before, I'm not worried about it. Probably the packer used in your app. This is what it picked up.
Click to expand...
Click to collapse
Could be cuz the commands it runs?
the zip file contains the following...
-adb.exe
-adbWinApi.dll
-adbWinUsbApi.dll
-1click_PartitionBackup_by_DrakenFX.exe
adb files needed just in case the user doesn't have adb install and these 3 files will do the job, Why sees it as Malware i really don't know but for command it have to Pull the Partitions out of the device.

---------- Post added at 09:06 PM ---------- Previous post was at 09:04 PM ----------
[/COLOR]
DrakenFX said:
YOU MUST HAVE ROOT ACCESS TO PROCEED
THIS WILL NOT WORK IF YOU DON'T HAVE ROOT
A MINIMUM TEMPORARY SPACE OF 400MB ON YOUR INTERNAL STORAGE IS REQUIRE FOR THIS BACKUP PROCEDURE
THIS PROGRAM IS FOR PARTITIONS BACKUP PURPOSES AND NOTHING ELSE
Hello everyone,
After trial and error and keep trying with lot of errors finally got this puppy working, backups 19 Partitions from your device, i don't know if the A2017 (chinese variant) have the same partition table but as far as i know and have seen the A2017U and A2017G does have the same partition table which is awesome for any Rom developers to work on things or any dev.
Steps:
1- Download the zip file from here 1CLick_Partition_Backup_v0.1
2- Decompress anywhere you want (i prefer in the root of drive C: )
3- Make sure you have enable USB-Debbuging
4- Plug your Device
4- Double Click 1click_PartitionBackup_by_DrakenFX.exe and watch the program run
5- When Done your Partition Back-up will be in you C:/a2017u_partitions_backup folder
6- DONE
This is just the beginning i may be adding more Options like Single backup or group backup.
NOTE 01 : I didn't add the system partition backup for the sole reason of been huge file 6gb at least and I can add system in future update as separate option.
NOTE 02 : I'm not a savvy when comes to dev. but if i can do something that can help other do things a little easier , i'll be around
Click to expand...
Click to collapse
OMG!
This is nice!
But I'm running linux!
You make the script universal please.
Or I could write one myself...

manu7irl said:
OMG!
This is nice!
But I'm running linux!
You make the script universal please.
Or I could write one myself...
Click to expand...
Click to collapse
if i only knew how to this in java (Universal) i'll do it in a flash, but i have no clue....i'm creating a new file and may by i'll do it as .bat (you can look it up if i release it this way with some choices and adding probably more partition if i have miss any + separate choice for system dumb (is way to big of a file),
P.S. if you know java PM

DrakenFX said:
if i only knew how to this in java (Universal) i'll do it in a flash, but i have no clue....i'm creating a new file and may by i'll do it as .bat (you can look it up if i release it this way with some choices and adding probably more partition if i have miss any + separate choice for system dumb (is way to big of a file),
P.S. if you know java PM
Click to expand...
Click to collapse
Bat file is good for me...
You can check the partition list under
Code:
ls -al /dev/block/....

manu7irl said:
Bat file is good for me...
You can check the partition list under
Code:
ls -al /dev/block/....
Click to expand...
Click to collapse
Yeah I have the partition table by-name , just don't see the need of adding every single one but just the necessary ones (modem, Bluetooth, aboot, few more) and I'll add system in the next release.....

DrakenFX said:
There is a way using flashable zip via TWRP, but I'll look into for something else... I'm new to all this so still learning , fastboot is another way but I'll look into it
Click to expand...
Click to collapse
you could fire up twrp or any terminal app.
In twrp mode:
Just comnect your device to your PC with adb installed.
Push the partition image you want to flash in /sdcard/ folder.
Code:
adb push [IMAGE.IMG] /sdcard/
then do:
From your PC, run first:
Code:
adb shell
Then do,
Code:
su
dd if=/sdcard/[IMAGE.IMG] of=/dev/block/bootdevice/by-name/[NAME OF IMAGE]
Example:
Code:
dd if=/sdcard/modem.bin of=/dev/block/bootdevice/by-name/modem
This will overwrite the chosen partition as dd works at a very low command level.
Do not try to flash recovery or boot or aboot through this if you are on locked bootloader. this will brick your device.
Do not try this at home if you don't know what you are doing, you may kill your neighbor's dog or worse the cat.

I made a script to backup any partition in our A7:
YOU HAVE TO BE ROOT, TO USE IT.
To run it simply push to the sdcard fire up adb shell to launch the script.
from the computer while connected to the A7 with usb debugging turned on
Code:
adb push PATH_to_the_script/full-backup.sh /sdcard
and
Code:
adb shell
su
cd /sdcard/
sh full-backup.sh
you will see a menu to choose which partition to backup.
As in the attachment.
enjoy, and please hit the thanks button.

Related

Any way to get data back after wipe?

Ive used programs like TestDisk to get pictures from a "formatted" flash card. I forgot to backup my SMS messages before doing a wipe (backed up everything...). Is there a way I can access the phones built-in memory using software like TeskDisk?
http://www.cgsecurity.org/wiki/TestDisk
androidmonkey said:
Ive used programs like TestDisk to get pictures from a "formatted" flash card. I forgot to backup my SMS messages before doing a wipe (backed up everything...). Is there a way I can access the phones built-in memory using software like TeskDisk?
http://www.cgsecurity.org/wiki/TestDisk
Click to expand...
Click to collapse
Did you do a nandroid? if not then I am pretty sure the answer is no.
That's like formatting my HDD then asking if can i recover all those programs.
Ace42 said:
That's like formatting my HDD then asking if can i recover all those programs.
Click to expand...
Click to collapse
Umm... you do know that when you format your hard drive you can still get some of the data back, right? Unless you use a secure erase program, the data is still on the hard drive. The same goes for flash memory. Format or delete images from your flash card and use TestDisk to see what you can get back. If you havent written anything to the drive, chances are you can get it all back. For your sake, I hope you securely wipe your hdds before throwing/giving them away. That goes for everyone.
Back to the topic. I just want to know how to access the built-in memory where this stuff is stored. Some type of developer tool maybe?
I'd personally like to know what this really has to do with development. You may be looking for some "developer tool" to recover lost data, but this adds nothing to any development going on or anything.
grandomegabosses said:
I'd personally like to know what this really has to do with development. You may be looking for some "developer tool" to recover lost data, but this adds nothing to any development going on or anything.
Click to expand...
Click to collapse
The chances of such a tool existing would be known by the smart developers/coders in this forum
androidmonkey said:
The chances of such a tool existing would be known by the smart developers/coders in this forum
Click to expand...
Click to collapse
Check the rules of the forum. This section isn't meant to ask developers something. It's meant for development.
I would try booting into recovery and then use adb to manually mount your partitions. I would assume you just need to mount the /data partition.. I know this works on my Magic so just check and make sure that you have the right block device if your running on a Dream!
1. open adb shell
2. make a new directory with mkdir "name of new dir"
3. mount /data with mount -t yaffs /dev/block/mtdblock5 "name of new dir"
4. open new terminal/command prompt and use adb pull command as follows
to bring the data partition over to your computer:
adb pull "name of new dir" "name of file to be placed on computer"
5. now see if you have any files and attempt recovery of your sms database
Good Luck
[EDIT] Oh yeah the other guy's are right you should post this type of question in General next time. Fortunately I'm not a **** so I posted how I would try to rescue my stuff and remember Nandroid would have saved your ass
nrmerritt said:
I would try booting into recovery and then use adb to manually mount your partitions. I would assume you just need to mount the /data partition.. I know this works on my Magic so just check and make sure that you have the right block device if your running on a Dream!
1. open adb shell
2. make a new directory with mkdir "name of new dir"
3. mount /data with mount -t yaffs /dev/block/mtdblock5 "name of new dir"
4. open new terminal/command prompt and use adb pull command as follows
to bring the data partition over to your computer:
adb pull "name of new dir" "name of file to be placed on computer"
5. now see if you have any files and attempt recovery of your sms database
Good Luck
[EDIT] Oh yeah the other guy's are right you should post this type of question in General next time. Fortunately I'm not a **** so I posted how I would try to rescue my stuff and remember Nandroid would have saved your ass
Click to expand...
Click to collapse
Thanks nrmerritt, ill give it a try. How do I get root in adb shell via windows? When I try to mkdir, it says "Read-only file system"
Also, I do have a Dream (G1), any ideas which block to use?
Thanks
Are you using Amon_Ra's latest recovery? On my phone when I boot into recovery mode and connect with adb it's already in a root environment.
About the block device I would try the one I posted. You can always just do an "ls" command on the new directory you mounted it on before you copy it to the computer so can you see if/what files are possibly still left.
As a last resort effort you could also try the "dd" command to make an image of the partition while it's still on the phone then copy that to your computer with adb.
One more thing..If you did a wipe and rebooted your phone, your chances are not very good for recovery since the phone would have written a whole bunch of files to the data partition on first boot into Android. Side note, maybe one day Google will incorporate messages into sync and improve our lives a little.

[MOD] Fully deodexed/zipaligned App and Framework

You will have to manually install it via adb push or adb shell.
Below is the link for a package that contains /system/app and /system/framework fully deodexed and zipaligned (not signed). It's the Stock version, I didn't remove any apk or framework.
Use at your own risk!
Backup your /system before upgrade!
I did notice speed increase and better memory utilization.
http://www.usk.bz/android/system-deodexed.bz2
EDIT: Here is a quick howto do it. Do some research, speacially on the "Recovering from a software brick" thread posted by Designgears. You may need it, in ase you don't execute this right.
Warning: Do those steps carefully! If you get any error as a return for a command you did, stop immediately and post here with the error to make sure it's safe to continue or what you should do before continue.
1. Download the file system-deodexed.bz2 (it's a tar.bz2)
2. uncompress it with tar zxf system-deodexed.bz2. You will get a folder called "system" with two other folders inside(app and framework).
3. First push it to the device to a safe location (your internal sdcard):
Code:
adb push system /mnt/sdcard/deodexed/system
4. Now open an adb shell and backup the folders you will mess with to the sd card, in case you need to recovery them
Code:
adb shell
$ su
# mkdir /mnt/sdcard/original_system
# mkdir /mnt/sdcard/original_system/app
# mkdir /mnt/sdcard/original_system/framework
# cp /system/app/* /mnt/sdcard/original_system/app
# cp /system/framework/* /mnt/sdcard/original_system/framework
5. Now the tricky part, you will get force closes on the device screen, because you will do this with the system running, don't worry for now. It should clear up once you are done. (Thx for the tip!) Lets update the system with the deodexed files. While still on the adb sheel as root, from the previous step, continue with these commands:
Code:
# stop
# mount -o rw,remount /dev/block/mmcblk0p12 /system
# cp /mnt/sdcard/deodexed/system/framework/* /system/framework
# cp /mnt/sdcard/deodexed/system/app/* /system/app
# rm /system/framework/*.odex
# rm /system/app/*.odex
6. Once you are done, exit the adb shell and do a reboot:
Code:
adb reboot
It should take a little longer to reboot, its normal for the first time. Then you should have normal boot speeds.
I recommend do this on a clear system, or that you do a factory reset once you reboot. The reason for that is that sometimes you get some data corruption during the force closes (corruption on the configuration files, not user data). But a factory reset fixes that.
If all go well, you have a deodexed system and are ready to use some Mods!
Have fun!
[ Known issues ]
- None! Please report if you notice anything!
http://forum.xda-developers.com/showthread.php?t=961382
Hey, here is a fully working on I did over the weekend.
Thanks! I didn't see it before. Will still compare with mine to see which package I messed up.
uskr said:
Thanks! I didn't see it before. Will still compare with mine to see which package I messed up.
Click to expand...
Click to collapse
usually packages with sound files get messed up for whatever reason when deodexing
designgears said:
usually packages with sound files get messed up for whatever reason when deodexing
Click to expand...
Click to collapse
Are you still planning on posting your mod version with steps? I am asking because I want to take look before making I own edits if necessary. I figured you may have it the way I want and it would less work for me either way.
designgears said:
usually packages with sound files get messed up for whatever reason when deodexing
Click to expand...
Click to collapse
Do you use an automated script to deodex them? or manually do one by one? The BOOTCLASSPATH dependencies sometimes give me some headache.
Also, do you mind to share which zip compression level do you use to repackage them?
Thank again!
designgears said:
usually packages with sound files get messed up for whatever reason when deodexing
Click to expand...
Click to collapse
Actually, I just tried yours and it has the same problem. Can you try to add the "Social Status" motorola widget to your MotoBlur and tap it to Setup your account and see if it starts something?
Mine doesnt start the Setup intent and I can see a Java exception on adb logcat.
uskr said:
Actually, I just tried yours and it has the same problem. Can you try to add the "Social Status" motorola widget to your MotoBlur and tap it to Setup your account and see if it starts something?
Mine doesnt start the Setup intent and I can see a Java exception on adb logcat.
Click to expand...
Click to collapse
Nevermind. Neither were bugged. I installed the deodexed without a data wipe and something got corrupted on the /data (some configuration file or something). I did a factory data reset and everything is working!
Not to play with changing some apks!
Hi guys,
I don't have an Atrix for now, so maybe it's just a dumb question. Sorry if it is.
With the Defy, if you push files and your phone won't reboot because you messed with something, you're screwed, as we don't have a true custom recovery. (you need a booting system to be able to get to the bootstap custom recovery, which you can't get into if your system is messed and the phone doesn't boot).
So when we are in that case with a Defy, our only option is to reflash a Motorola signed sbf file using RSD lite, root again, install again bootstrap recovery,... and try again ;-).
I guess it has to be the same with the Atrix (as the bootloader is locked as in the Defy)
So my question is:
- Are there already Atrix sbf files out there to recover a soft-bricked Atrix?
- If not, how do you recover it if you messed with the system files and the Atrix won't boot into a working system (of at least a state where you can get root shell though adb).
adlx.xda said:
So my question is:
- Are there already Atrix sbf files out there to recover a soft-bricked Atrix?
- If not, how do you recover it if you messed with the system files and the Atrix won't boot into a working system (of at least a state where you can get root shell though adb).
Click to expand...
Click to collapse
If you only messed only with /system/app or /system/framework folders/files, designgear posted how to recovery those files using the stock, that you can also download a tar with all the /system files from this forum.
Updated the post with a short howto.
If you get a software brick, search the forum for a post from designgears about how to recovery from a software brick.
As per the link below - I type "stop" once in the adb shell and it allowed me to transfer everything over without corrupting everything.
http://forum.androidcentral.com/mot...cks/30539-how-manually-deodex-your-phone.html
slhawkins said:
As per the link below - I type "stop" once in the adb shell and it allowed me to transfer everything over without corrupting everything.
http://forum.androidcentral.com/mot...cks/30539-how-manually-deodex-your-phone.html
Click to expand...
Click to collapse
Thx. Added to the howto!
uskr said:
Thx. Added to the howto!
Click to expand...
Click to collapse
Add the following to your instructions otherwise you will get an error message
You need the below line before the others
# mkdir /mnt/sdcard/original_system
The below are in your original instructions but the above is needed prior to the below
# mkdir /mnt/sdcard/original_system/app
# mkdir /mnt/sdcard/original_system/framework
lpsi2000 said:
Add the following to your instructions otherwise you will get an error message
You need the below line before the others
# mkdir /mnt/sdcard/original_system
The below are in your original instructions but the above is needed prior to the below
# mkdir /mnt/sdcard/original_system/app
# mkdir /mnt/sdcard/original_system/framework
Click to expand...
Click to collapse
Thanks! Updated.
I want to try this but i dont have linux to uncompress the file. possible to recompress it in something like zip or rar format?
NguyenHuu said:
I want to try this but i dont have linux to uncompress the file. possible to recompress it in something like zip or rar format?
Click to expand...
Click to collapse
Extract it to the file with no extension.
Open winrar.
Drag drop this file into that (u'll find the zipped up contents)
Drag drop these to ur desktop or anywhere u want them
NguyenHuu said:
I want to try this but i dont have linux to uncompress the file. possible to recompress it in something like zip or rar format?
Click to expand...
Click to collapse
push the file to sdcard of the device and using tar there after all it is also a linux system
diablo009 said:
Extract it to the file with no extension.
Open winrar.
Drag drop this file into that (u'll find the zipped up contents)
Drag drop these to ur desktop or anywhere u want them
Click to expand...
Click to collapse
great! thanks.
uskr said:
I recommend do this on a clear system, or that you do a factory reset once you reboot. The reason for that is that sometimes you get some data corruption during the force closes (corruption on the configuration files, not user data). But a factory reset fixes that.
Click to expand...
Click to collapse
Hi all,
I just did deodexed my atrix. Thanks much for the wonderful work~!!!
Mine has handful of apps installed prior to deodex. I was wondering what would be implication for not having clean system after deodex.

[SCRIPT/MOD] Deodexed files for Bell (06/05/11)

If you are looking for how to get back to stock Bell, go HERE.​
Disclaimer: I have not tested this on anything but my phone. This is a development section of a hacking website. Make backups. Know what you are doing.​
Credits:
Brut.all for apktool
edgan for 2nd-init
designgears for aroot inspiration.
xda for being a source of info.
​
Requirements:
Windows 7 or Ubuntu 10.10+ (10.10 and 11.04 tested)
Java installed. (For applymods, it uses apktool)
Running Phone, not in recovery mode, etc.
Tips:
Don't factory reset please if something goes wrong, it just erases your personal settings, it doesn't write to the system partition. It also deletes your data partition, making it harder to get back to stock.
Early usb mode, turn your phone on while holding down the lower volume button, when it says fastboot, release and press volume down repeatedly until it says early usb enumeration, then press up volume. It takes 30 seconds or so before adb is ready.
​
Version 9:
Download it here.
What's new:
Added support for 2nd-int (WIP, tested on stock Bell only)
shsu updated to allow a super user to become a super user, acts like sh in that case.
fixed linux install_recovery.sh and uninstall_recovery.sh scripts to use shsu instead of remaining using su. Ditto with ApplyMods.sh
Boot animation now smaller, using jpegs instead of png files, no difference in appearance.
​
Version 8:
Download it here.
What's new:
Added full phone backup and full restore phone options to the menu. It will download a backup if there is none found.
root script more universal, tries psneuter first, then gingerbreak.
Early usb recovery updated, now uses a tmpfs for system, also mounts /sdcard and /sdcard-ext.
Deodexed French 2.1.1 files incorporated.
Misc fixes
​
Version 7:
What's new:
New Menu script for windows and linux in the top folder, double click Menu and enter options.
ApplyMods and other scripts updated to use /data/local/tmp/system, this means I can update system.tar.gz and add folders to be copied into system.
Early USB enumeration recovery option. (experimental but useful as is)
Fixed bugs in windows scripts. Can't get user input from bat file while in a parenthesis block apparently.
Bloat backed up to sdcard now
root and unroot scripts updated with more prompts for rebooting phone.
​
Version 6:
What's new:
Support for Telstra 1.4.2.
ApplyMods can create signed update.zips now, Create_update.bat updated. both using basic ready made scripts in main bin folder instead of creating them on the fly, CR LF issues.
Updated root and unroot scripts, more fool proofing, has to be Bell stock firmware (psneuter doesn't work on telstra).
Includes basic boot animation, and mod for Bell apn on telstra firmware. (Have to reset to default under access point names in settings.)
transparent status bar, yellow tinted white for text color, matches front buttons somewhat.
​
Version 5.1:
Features:
Works under Linux and Windows 7
Includes root and no ads scripts
Patch system for applying modifications.
What's new:
New scripts for doing mods, fixes issues with patch 9 images.
Updated root and unroot scripts, more fool proofing.
New RestoreSystemPartition script
Custom apktool for more [hopefully] bug free installations.
How to use:
Extract archive, keeping folder structure intact.
run a command prompt/terminal (There is a link to one in the windows folder)
run root.bat or root.sh from the linux or windows folders, depending on which one you are using.
Turn the phone off after that is done and turn it back on again.
The rest of the scripts shouldn't be run with psneuter affecting the phone.
run ApplyMods.bat (.sh) [OPTIONAL] This applies webtop hack and translucent status bar, translucent notification drop down, etc. Select update system.tar.gz.
run install_bell_deodex.bat or .sh
System image of stock Bell.
Mirror of above​
Cheers!
Very nice! Looks good!
Will try this when I get home
Sent from my Motorola Olympus
So what is the benefit of this? Will I be able to theme my device with some of the themes that are available? Or should I play it safe and wait for a bell. Sbf to leak before I try anything and brick my phone again lol thanks in advance
EDIT: i see that you have included soft_brick.bat is it the same as this one http://forum.xda-developers.com/showthread.php?t=982859 because that one did not work for me thanks again
Sent from my MB860 using XDA Premium App
cool, i'll try this tomorrow when i don't still have a ****load to do and only 5 hours to sleep
nice to see a Bell dev here!
Also I just wanted to say major props for the crazy awesome idea of doing over-the-air download and installation. Really smart and original.
Atrices, just so you know
NFHimself said:
Hi,
(What is the plural of Atrix?)
Click to expand...
Click to collapse
Can I run this on my mac? Sorry relatively new to adb
Sent from my Motorola Olympus
you could run it on a mac, just had to edit the script a bit.
Hi,
So what is the benefit of this? Will I be able to theme my device with some of the themes that are available? Or should I play it safe and wait for a bell. Sbf to leak before I try anything and brick my phone again lol thanks in advance
Click to expand...
Click to collapse
I wouldn't try theming with ATT files, I would take what was done to them and apply them myself to the deodexed files here. There may or may not be differences that are not obvious. I am never really sure if there is any benefit to this stuff, it's fun to do, about it.
EDIT: i see that you have included soft_brick.bat is it the same as this one http://forum.xda-developers.com/showthread.php?t=982859 because that one did not work for me thanks again
Click to expand...
Click to collapse
The soft_brick.bat script is specific to the folders I am using for transferring data to /system/app and /system/framework. It tries to get root via psneuter, mounts system read write, deletes dalvik-cache files, and tries to copy the files already on the phone to the right folders. It could be that just one file caused the phone to crash mid copy and copying it again will fix things. This avoids trying to do a usb data transfer of all the files which you don't have time to do otherwise. I was also thinking that install-recovery.sh would be a good place to do this, (and then clobber it later with the init.d hack) but I couldn't find setprop and I wasn't in need enough to select a file to use as a semaphore.
Can I run this on my mac? Sorry relatively new to adb
Click to expand...
Click to collapse
It would be easier to do it all from a sh script really, and that would likely be more compatible with a Mac.
Also I just wanted to say major props for the crazy awesome idea of doing over-the-air download and installation. Really smart and original.
Click to expand...
Click to collapse
Thanks!
Cheers!
maledyris said:
Atrices, just so you know
Click to expand...
Click to collapse
Thanks, a lot, really, 10 chars..
How do I recover from a softbrick from this? Thanks.
Before anything is done, all the files are extracted to /data/local/tmp/app and /data/local/tmp/framework. If you run into problems put the phone into fastboot/early usb enumeration mode (see here) and run soft_brick.bat (.sh for linux)
Quote:
A soft brick, in this case, is when you make a bad edit to your framework files and the phone won't fully boot and starts flashing a red LED at you.
There is one catch, you only get about 1-2min to do all of this before the phone reboots on its own. If that happens, do SuperOneClick steps again and continue where you left off. Better yet, build a script to do it all for you
Power off your device
Enter Fastboot:
Hold Volume down + power until you see Fastboot at the top left
Use volume down to scroll down to "Early USB Enumeration" (only shows one item at a time, if you pass it, keep going down, up selects)
Press Volume up to select​
This is the message I get when i run the batch file.
This is of course when invoking Early USB Enumeration.
Wait for the count down to finish ...
'TIMEOUT' is not recognized as an internal or external command,
operable program or batch file.
clearing Dalvik cache..
rm failed for /data/dalvik-cache/[email protected]*.dex, No such file or directory
rm failed for /data/dalvik-cache/[email protected]*.dex, No such file or director
y
rm failed for /data/dalvik-cache/[email protected]*.odex, No such file or directory
rm failed for /data/dalvik-cache/[email protected]*.odex, No such file or directo
ry
reinstalling apps
cp: cannot stat '/data/local/tmp/app/*': No such file or directory
reinstalling framework..
cp: cannot stat '/data/local/tmp/framework/*': No such file or directory
done.
The timeout message means you are running a version of windows without timeout, see adeo thread.
The lines for rm just mean there are no files to delete in the Dalvik-cache, which is normal, you should see that the second time around.
The cp lines are saying that there are no files in /data/local/tmp/app (/framework).
So, that's unusual, in order to get soft bricked using my script you would to have copied files from /data/local/tmp to /system, and if you are bricked would be unable to delete the files afterword.
sequence:
cd /system
cp /data/local/tmp/app/* app/
sync
reboot now
**brick**
So, how are the /data/local/tmp/app files being deleted?
No clue. I'm not sure what to do here? Is my phone permanently bricked? Any other way to recover from this? The one thing that could have gone wrong is I tried installing from my behind my works firewall. Maybe I could not download the proper files.
No, you are soft bricked, you only made a change (that I know of) in system files.
Were you rooted before you tried this?
If you copy the soft_brick.bat files and change the last line to be adb.exe shell ls -R /data/local/tmp, what do you get?
Basically, it sounds like to need to get the files copied over to data/local/tmp, how they are missing/inaccessible is odd. So, create a script to copy the files over bit by bit, might take a while but it should be able to be done.
EDIT:
Do this:
from command prompt:
adb.exe shell ./data/local/tmp/psneuter
wait a few seconds
type this:
adb shell ls -l -R /data/local/tmp
if psneuter fails, it isn't in /data/local/tmp, which is also odd.
I was rooted before this. So I should attempt all these commands while Early USB Enumeration right? That doesn't give me much time Lol.
OK, here's the output.
C:\bell_deodex>adb.exe shell ./data/local/tmp/psneuter
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
property service neutered.
killing adbd. (should restart in a second or two)
C:\bell_deodex>adb shell ls -l -R /data/local/tmp
/data/local/tmp:
-rwxr-xr-x root root 585731 2011-01-09 02:02 psneuter
-rw-r--r-- mot_tcmd mot_tcmd 4 2011-03-30 21:00 ap_tcmd.pid
C:\bell_deodex>^A
And sorry to be a pain. How would I create the script? What are the files that need to be copied? Are they included in your script?

[HowTo] making a System Dump of Stock Firmware for 'Dummies'

Hi folks,
we have some lucky users among us with a generic (Dev) IMEI - some of these are able to get OTA updates, thought for testusers and/or developers from Samsung, after they install latest Test firmware XXLSA from sammobile....some got updates up to XXLSC and already provided a dump. Others got updates up to XXLSD (and maybe higher in future - who knows, where the journey ends...), but don't know what to do to share this firmware with us 'Flashaholics' here on xda and other forums...
Now, as more and more people asking me (why ever me...) how to make a system dump from Stock Firmware, I decided to write a short 'HowTo for Dummies'. So if you know about someone, who has a unknown Test Firmware installed, or YOU are the chosen one, just follow this tutorial and make us happy
This is just one way of several to do this - but as I think, it is the easiest way for newbies (without having to use Android SDK and adb shell on PC --> that's what experienced would do )
Prerequisites:
- at least 1,4 GB free space on internal SDcard
- a brain (and above 80 IQ-points...)!!!!!
Step 1) Rooting your Stock Firmware (thx to Phil for the steps, I just copy/pasted them) --> if you already have Root + busybox installed, go to Step 2) directly
download this Root_Superuser_3.1.3_Busybox_1.20.2-Update1-signed.zip and this cwm-non-touch-6.0.1.4-i9100.zip
Put the previously downloaded cwm-non-touch-6.0.x.x-i9100.zip file on your external sd card
Copy the Root_XXX.zip file you downloaded to internal or external sd card
Boot into stock recovery (volume up+home+power), and select "apply update from external storage". Now select the cwm-non-touch-6.x.x.x-i9100.zip file you copied in previous step (this step gives a temporary flash that will disappear after reboot)
You get CWM recovery interface (this custom recovery is temporary, not permanent)
Inside CWM, select "install zip from sdcard". Then, select "choose zip from sdcard". Now, scroll down to the "Root_XXX.zip" file and hit power button to install it.
It will add SuperSU or Superuser last version apk to system/app, last superuser binary (su) to system/xbin and busybox last version to system/xbin, all with correct file permissions.
Reboot and you get permanent root + busybox installed on your stock kernel.
(You can easily unroot your device afterwards...it is also described in Phils thread, where I took all these from: [20 Sep 2012][ICS]Universal Rooting for most ICS phones, Any ROM, now with CWM6 )
Step 2) Making a complete System Dump of Stock Firmware:
Install 'Terminal Emulator' from Playstore
Open Terminal Emulator
type 'su' with your internal keyboard and press return button
grant Superuser access on upcoming popup window
now type the following line and press return button after finished typing:
Code:
dd if=/dev/block/mmcblk0p8 of=/sdcard/modem.bin
==> this will generate 'modem.bin' (= Modem) on your internal SDcard (will be finished after a few seconds)
now type the following line and press return button after finished typing:
Code:
dd if=/dev/block/mmcblk0p5 of=/sdcard/zImage
==> this will generate 'zImage' (= Kernel) on your internal SDcard (will be finished after a few seconds)
now type the following line and press return button after finished typing:
Code:
dd if=/dev/block/mmcblk0p12 of=/sdcard/hidden.img
==> this will generate 'hidden.img' (= preload partition) on your internal SDcard (will be finished after a few minutes, as it is more then 300 mb!)
now type the following line and press return button after finished typing:
Code:
dd if=/dev/block/mmcblk0p9 of=/sdcard/factoryfs.img
==> this will generate 'factoryfs.img' (= system partition) on your internal SDcard (will be finished after a few minutes, as it is more then 800 mb!)
Now you have the following output / files on your internal SDcard:
modem.bin
zImage
hidden.img
factoryfs.img
==> zip these 4 together and upload them to a hoster ==> post the link here and devs can start building a new ROM (Stock + CustomROMs) and kernel devs (now we luckily have Phil for that) can preroot the kernel + put in CWM recovery.
That's all and really very very easy....
Disclaimer:
I am not responsible for any damages - it is your risk (though it is not a dangerous thing to do!)
hope this will be a very good guide in getting the new leaked rom from sammy
Nicely done my friend this should ease up on some of the users (the ones who get updates for us XD)
Congratulations on this, now you see why community loves you soooo. liebe endet nie !!
es ein vergnugen es zu lesen. gute arbeit eybee :good:
Thank very much boss
Hope you will be one of the prof when xda university will open.
Thank you very much
Hope now when we will see LS(any letter) it will be with the links of the dump
Envoyé depuis mon GT-N7000 avec Tapatalk
Funny
Envoyé depuis mon GT-N7000 avec Tapatalk
Cool bro thanks but you can use the supersu.zip and the busybox.zip from stock recovery
Tapatalking on my n7000
msedek said:
Cool bro thanks but you can use the supersu.zip and the busybox.zip from stock recovery
Tapatalking on my n7000
Click to expand...
Click to collapse
It was easy copy paste for me in the rooting part....you can root and install busybox in 567 different ways...in the end the result counts
Clicked for Newsworthy article. :thumbup:
Sounds really simple for someone who doesn't have the second prerequisite.
Back uped the info.
Sent from my GT-N7000 using Tapatalk 2
Sharing your valuable knowledge and experience is priceless for those who are interested. Well, me, I simply follow pros like you.
Sent from my GT-N7000 using xda premium
In addition to Step 2:
I made the dumps from my PC with a connected device with "adb", so I could copy them to the harddisk directly.
"adb devices" for checking if connection is established, "adb shell" switching to the device, "su" for root access, and then the commands eybee1970 explained in detail.
After that I fetched the files in my file manager from the connected device.
I prefer to work with terminal windows on the PC and not on the device.
With this you do not need Step 1 - because I didn't
another great one from eyebee
great guide for learners like me
thanks
ThaiDai said:
In addition to Step 2:
I made the dumps from my PC with a connected device with "adb", so I could copy them to the harddisk directly.
"adb devices" for checking if connection is established, "adb shell" switching to the device, "su" for root access, and then the commands eybee1970 explained in detail.
After that I fetched the files in my file manager from the connected device.
I prefer to work with terminal windows on the PC and not on the device.
With this you do not need Step 1 - because I didn't
Click to expand...
Click to collapse
That's why I said 'for Dummies'....no PC, no Android SDK, no adb shell...just the device
This is a superb guide! cheers eybee
Deleted
Sent from my GT-N7000 using xda app-developers app
Now the history rolls back...
as people raced to create their own custom roms.
The chosen ones with their great knowledge was kind enough to uncover about the custom rom things and shared it with some tutorials here in xda-dev for people who needed it.
Just like the old time...when WinMo has a bright future here.
Thanks a million for devs and chefs at xda-dev who always spread the lights.
ZacDerbyshire said:
Great guide. A little off topic but I don't know where else to ask and you are an expert in ROM making. How do I put things like all multiwindow apps and 4 way reboot in the ROM build before it goes on the phone? Sorry again for it being in here, can't find anywhere else to ask.
Sent from my GT-N7000 using xda app-developers app
Click to expand...
Click to collapse
4Way reboot mod is at the system/framwork/ directory "android.policy.jar" file is responsible for this stuff....
as for all multi apps after an investigation it appeared it looked for a certain statement to know whether its a sammy app patching that code to the launcher and editting the policy for this feature too gets you all apps access (almost all) as some just dont work....
there are plenty of guides and tutorials over the internet and forums... on different phones mostly but with a little time you can manage everything as you want to so READ some enjoy!
i'am guessing we need to start writing more tutorials in the N7000 section in here we have no knowledge sharing mostly developing and some new guys are ready to try their own so we have to share everything it started with eybee (thanks to him) and hopefully will continue with all other guys who do mods.... no matter how small it can be usefull.
believe it or not but even devs assist each other with mods its not like each one was born with all that OP-Code in his head
Ah...good guide eybee.Let me see if i can make a shell script to dump the partitions and make odin roms out of it.I already have scripts to dump and make odin rom for /system,/data partitions.will add preload,kernel and modem to the script.Let me see how my time permits today.Hope the script will help people.But the only drawback is it will work only on linux.Users may use cygwin too for it
Sent from my GT-N7000 using xda app-developers app
eybee1970 said:
That's why I said 'for Dummies'....no PC, no Android SDK, no adb shell...just the device
Click to expand...
Click to collapse
For my case adb shell was not succeed. Device reboots unexpectedly while dumping factoryfs. Maybe file size is too big. Thus I had to use terminal emulator though pc keyboard is much more convenience
Great tutorial!
Sent from my GT-N7000 using xda app-developers app
Two remarks:
Typing something like "dd if=/dev/block/mmcblk0p9 of=/sdcard/factoryfs.img" is never something I would call easy. If you do not have Linux shell commands knowledge, than these are about "50 characters without meaning" that you have to type (on the keyboard of your device - which is even more error-prone).
PC or Note: it is never dummy-simple.
Making a batch wich automatically generates an ROM installable with ODIN (so the result are tars) is dangerous.
The difference between "dump" and "dumb" isn't so big - as I just proved myself.
When you make a batch with a complete process from dumping, copying, building to a "blob" installable with Odin there will be no step in the process for quality control.
Example (hurts to write this): If there's something in the original Rom you are dumping that couldn't be shared then it makes its way through the process in to the final Rom. And the dummy user of these scripts will never know or can protect himself from it.
Only pro from this: after learning this the hard way you don't feel like a dummy user anymore.

Working towards a root exploit

As their doesn't seem to be a place where developers can put there heads together working on a root exploit, I shall start one.
An exploit that gives system level privileges (not root) was released earlier today http://seclists.org/fulldisclosure/2014/Nov/51 so I decided to look into how sony's apps access the DRM on Z3. I looked into the androidmanifest.xml of the ServiceMenu.apk and found this permission
<uses-permission android:name="com.sonymobile.permission.ACCESS_DRM"/>
I am pretty sure this is only allowed for system apps as: ServiceMenu is listed as
android:sharedUserId="android.uid.system"
and is located in /system/app/
I am interested in what this permission actually gives access to. If it gives access to the DRM keys themselves, backing them up would not be to much of a problem and they could most likely be restored fairly easily after unlocking. This permission could also simply give access to a check if the DRM keys are valid (much less useful for us). I would be interested in having someone with root debugging the service menu and determining what actually gets called when checking the status.
I hope this belongs here and I hope some other developers who actually have access to a device right now (RMA ) could help and work together. If this doesn't belong here let me know.
backup TA
what does this method please: download a correct firmware with pc companion, decrypt these with Flashtool and start then a backup with these files.
then i have a backup from my org. rom inkluding ta partition.
is that correct?
konsolen said:
what does this method please: download a correct firmware with pc companion, decrypt these with Flashtool and start then a backup with these files.
then i have a backup from my org. rom inkluding ta partition.
is that correct?
Click to expand...
Click to collapse
not as i understood it: in order to backup ta partition you need root, but the only way to gain root access currently is by unlocking bootloader, which wipes ta partition -> you need a backup done before unlocking bl, so we need a exploit which grants us root acces or acces to install supersu without unlocking bl first, then you can backup ta and all is fine
yes, i also thinked so.
but then i tried to download a firmware for my plugged device with sonys pc companion.
Then after the decrypt i see there is a ta partition.
i write to sony if every sgp621 can youse this downloadet furnware blobs.
i get the answer that this is only for this tab which was plugged in at the beginning.
so my mind was that this is a complete backup of my device with the device specidic ta partition. because like can this unbrick a totaly bricked device.
How can i locate if this ta partition is the correct one?
My produced ta backup has the folowing inside:
shinano r2 boit config data
author: akio yoshikawa,
Format: TA Partition <HEX8>
UnitID<hex32> UnitSize<hex32> data<hex32>
and here then codes
^^ drm keys arent in the ftf, they are device specific, so to save you some time, there's not likely anything of interest to be found in any decryption of ftf ta partition. (the ta partition is used for more than just drm btw..)
iBuzman said:
^^ drm keys arent in the ftf, they are device specific, so to save you some time, there's not likely anything of interest to be found in any decryption of ftf ta partition. (the ta partition is used for more than just drm btw..)
Click to expand...
Click to collapse
Yes sir i know. But thats no normal firmware file. Thats firm is only for the device id that startet the repair process.
Thats a copy of the Firmware thats on this device. If you flash this on your device with a Phyton Box it will fullbrick.
I found in the ta backup tool:
Searching for S1 Boot..." < nul
tools\adb.exe shell su -c "%BB% cat /dev/block/%1 | %BB% grep -s -m 1 -c -i 'S1_Boot'">tmpbak\backup_matchS1_Boot
set /p backup_matchS1_Boot=<tmpbak\backup_matchS1_Boot
if "!backup_matchS1_Boot!" == "1" (
echo +
) else (
echo -
)
set /p "=Searching for S1 Loader..." < nul
tools\adb.exe shell su -c "%BB% cat /dev/block/%1 | %BB% grep -s -m 1 -c -i 'S1_Loader'">tmpbak\backup_matchS1_Loader
set /p backup_matchS1_Loader=<tmpbak\backup_matchS1_Loader
if "!backup_matchS1_Loader!" == "1"
Exactly that S1 Loader Boot i get after the uncrypt.
Maybe it could help in some way http://seclists.org/fulldisclosure/2014/Nov/81
Xani.e said:
Bounty thread
The link with the exploit seems very interesting.
Click to expand...
Click to collapse
I just put together a POC of the exploit. I was able to launch a few apps, including Root Explorer, from the Add Account dialog. Unfortunately, I couldn't get anything to modify any contents of /system. After looking at the permissions, /system is still under root ownership, so that makes sense. I'm not sure what elevated access file-wise the system user has, if any, beyond a normal user. Sending spoof SMS and doing factory reset isn't going to get us very far lol.
elkay said:
I just put together a POC of the exploit. I was able to launch a few apps, including Root Explorer, from the Add Account dialog. Unfortunately, I couldn't get anything to modify any contents of /system. After looking at the permissions, /system is still under root ownership, so that makes sense. I'm not sure what elevated access file-wise the system user has, if any, beyond a normal user. Sending spoof SMS and doing factory reset isn't going to get us very far lol.
Click to expand...
Click to collapse
Lol, thanks for your work with the POC. Now, I'm sure I'm just stating the obvious, but the way I understand it is that we don't really need to modify any files. As long as we can just read the TA partition to make a backup, that's good enough. Guessing that wasn't possible, though? Right?
elkay said:
I'm not sure what elevated access file-wise the system user has, if any, beyond a normal user. Sending spoof SMS and doing factory reset isn't going to get us very far lol.
Click to expand...
Click to collapse
It seems that system apps have the permission to use "com.sonymobile.permission.ACCESS_DRM" :
minijaws said:
I looked into the androidmanifest.xml of the ServiceMenu.apk and found this permission
<uses-permission android:name="com.sonymobile.permission.ACCESS_DRM"/>
I am pretty sure this is only allowed for system apps as: ServiceMenu is listed as
android:sharedUserId="android.uid.system"
and is located in /system/app/.
Click to expand...
Click to collapse
Xani.e said:
It seems that system apps have the permission to use "com.sonymobile.permission.ACCESS_DRM" :
Click to expand...
Click to collapse
I'll look into this later tonight or tomorrow. Have to head out for the day now.
EDIT - Nm, found the info I needed. Will continue this tonight.
---------- Post added at 01:55 PM ---------- Previous post was at 01:30 PM ----------
Xani.e said:
It seems that system apps have the permission to use "com.sonymobile.permission.ACCESS_DRM" :
Click to expand...
Click to collapse
Got antsy and tried it real quick since I have it set up already to do so. From launching Better Terminal Emulator via the exploit, I tried issuing:
dd if=/dev/block/platform/msm_sdcc.1/by-name/TA of=TA.img
But I still got permission denied. I'll do some more debugging later to ensure that I'm actually getting BTE running as System user.
elkay said:
I'll look into this later tonight or tomorrow. Have to head out for the day now.
EDIT - Nm, found the info I needed. Will continue this tonight.
---------- Post added at 01:55 PM ---------- Previous post was at 01:30 PM ----------
Got antsy and tried it real quick since I have it set up already to do so. From launching Better Terminal Emulator via the exploit, I tried issuing:
dd if=/dev/block/platform/msm_sdcc.1/by-name/TA of=TA.img
But I still got permission denied. I'll do some more debugging later to ensure that I'm actually getting BTE running as System user.
Click to expand...
Click to collapse
Some more digging has shown that BTE is still running as the app user, not System, when issuing the 'id' command. Looks like native code will need to be executed from the intent rather than launching another app. I'm not sure how to go about executing the 'dd' command from busybox manually from an intent.
elkay said:
Some more digging has shown that BTE is still running as the app user, not System, when issuing the 'id' command. Looks like native code will need to be executed from the intent rather than launching another app. I'm not sure how to go about executing the 'dd' command from busybox manually from an intent.
Click to expand...
Click to collapse
Don't think it'll be useful since TA partition has permission 600 and the owner is root [emoji29]
eskamhl said:
Don't think it'll be useful since TA partition has permission 600 and the owner is root [emoji29]
Click to expand...
Click to collapse
Yeah I just noticed that, too. Don't think this exploit is going to do much of anything for us. Looks like System isn't much more privileged than a normal user, from a filesystem perspective.
Instead of trying to backup ta wouldn't it be more useful to try and push supersu binary and app? Once we get this we have access to ta anyways + root seems to be the bigger advantage
EricCartmanez said:
Instead of trying to backup ta wouldn't it be more useful to try and push supersu binary and app? Once we get this we have access to ta anyways + root seems to be the bigger advantage
Click to expand...
Click to collapse
That would be ideal, but System isn't enough to write to anywhere that I'm aware of that we can push the binaries somewhere usable.
iBuzman said:
coz no delete option.....
Click to expand...
Click to collapse
I read your original post. What theme apks were you talking about? Wouldn't modifying the apk code require a resign anyway? I'm just curious which apks you meant because I wasn't aware of those.
Is it possible?
Anyone with root on the Z3 makes a Backup from Root with this -----(play.google.com/store/apps/details?id=com.Supersu_Root_Copy_2) App??? and all Otter Users can restore the Backup of this one Person?
If the root or supersu Binary needs specific Hardware IDs to restore can i these rip if i use gnu root (whezzyx) to read the specific id and Hardware Tags of mm Original Rom? Ort is it possible only with gnu-root Backup the TA-Partition with help from ADB -TOOLZ???
elkay said:
I read your original post. What theme apks were you talking about? Wouldn't modifying the apk code require a resign anyway? I'm just curious which apks you meant because I wasn't aware of those.
Click to expand...
Click to collapse
I was under the impression (probably incorrectly) we actually get away with not resigning, and checking permissions for theme apps suggests system write access - I'll find my original notes on this (from a hangout I had with [NUT] on the topic). my idea was to use a modified theme apk to inject su binary (and I have no idea how to do that)
edit (notes on themes copy/paste from hangout)
just looking into com.android.systemui - and yes looks like it is whitelisted for get "MODE_ALLOWED" default access. Sony signatures seem to remain when making themes so maybe something can be "snuck" into the app to allow root?
I think we got it in in unified xperia section.

Categories

Resources