Hello all, i have searched endlessly on this site and didnt quite find my answer. Or didnt understand what to do, as i am not up to speed to what everything means. A little background...
i bought a used t713 not knowing it was "bricked?" (MDM/FRP). When i first powered it on i was unable to do anything as the home screen does not allow anything to be done. The message "Device turned off, contact IT" appears. Cant access settings nor turn it off.
In my desperate attemps to do a hard reset without being able to turn it off, i reset the tablet then pressed the combination of keys and got it to the "andriod recovery" screen. Tried to "wipe data/factory reset" but was not successful due to mdm. What makes my case unique is that i cant access anything such as setting so any youtube vids or other posts does not really help. Aside from the fact that i do not understand what anything means... Odin vs flashing vs rooting vs etc.
Can anyone provide a solution where a total newbie can follow the instructions?
Please see the attached photos for issues and tablet software version. ***once i figure out how***
So i cant figure out how to post the pics but below is the info from the "Android Recovery" screen
samsung/gts28vewifixx/gts28vewifi
7.0/NRD90M/T713XXU2BQD3
Also, i was able to ender the download mode, which i figured is Odin mode. From there i can see the following options:
FRP LOCK: ON
Secure Dowload: Enable.
with the info provided above what would be my first step?
Flash via odin? Then do a FRP bypass?
If you can enter Download Mode, then flash it with the latest of Android 6 and proceed to bypass FRP
This FRP lock is a joke because many can do it without any problem as long they read and do it properly
h
Beut said:
If you can enter Download Mode, then flash it with the latest of Android 6 and proceed to bypass FRP
This FRP lock is a joke because many can do it without any problem as long they read and do it properly
Click to expand...
Click to collapse
Is there any specific odin version to use? From reading there are a few places to get Android 6... sammobile?
The Odin version is not important as long as it’s close to the latest one. Search Google FRP bypass you will see many discussions from this forum. Read carefully what others did, you will see it’s a piece of cake.
You need to read In order to see mistakes others did too and why they failed.
I'm in the same situation. A used SM-T713 that has FRP lock on. I've researched the web and seen every YouTube scam there is. I've downloaded oldest firmware available on Sammobile and flashed with ODIN. I've also used the newest firmware available from Sammobile. Notta. I am so very very frustrated. There are about a bazillion people with this situation and I cannot find a one that has managed to bypass the FRP lock. If you know how to help, OMG, I would be sooooooooo very grateful. I'm not new to flashing. I have rooted many phones, flashed many ROMS, very familiar with TWRP and Superuser and Chainfires cfautoroot. Is there any hope? Of do I just smash the heck out of this thing and burn it to a puddle of plastic in the middle of my living room????
CanadaHugh said:
I'm in the same situation. A used SM-T713 that has FRP lock on. I've researched the web and seen every YouTube scam there is. I've downloaded oldest firmware available on Sammobile and flashed with ODIN.?
Click to expand...
Click to collapse
You should be patient , FRP is a joke as long as you know how. In order to bypass, you should be specific what build you currently have.
Forget the Android 7 because most methods which don't use OTG cable are not working. The best way is downgrade to Android 6.
I don't have this model but the most popular methods are using Talk Back to open chrome, Hot Spot to create new users, and using Assist to open chrome.
You see a lot of youtube videos which are not working because most posters don't understand a method only work with certain build and model.
As long as you can open Chrome to download needed apps , FRP will be gone . I can bypass FRP on 5 different Samsung tablets so it's not a rocket science as long as you know which method works and uses it.
This is an example of method using Talk Back
https://www.youtube.com/watch?v=fhP_egvc6v0
Thank you for taking time to reply. I've seen this exact message you pasted here. I've tried to do all 3 possibilities offered with no success. I have current os of nugat. I've got backup from sammobile. Also used Odin to attempt downgrade to 6...fail because ftp lock prevents flash in odin. Tried talk back. ..the L during tutorial is prevented. So, for me anyway, this is rocket science! Please allow me the dignity of being able to read, search, view, attempt. ...every conceivable avenue for solution.
My device is SM-T713 running latest update of Nougat with FRP lock on. I do not know the previous user name and password so can not bypass FRP. Does this explanation clarify my dilemma? Do you possibly have a blueprint of the rocket science? Most of the Web results lead to dead end spams.
I see a common mistake of failing to bypass FRP: using methods only work with Android 6. All methods I mentioned only work with Android 6, use it to bypass FRP a tablet with Nougat is pointless because it's not applicable.
Downgrade to Android 6, you need to flash 3 files BL, AP, and CSC. Common mistake when downgrade is just flashing the AP file only.
This is an example of failing to downgrade
https://forum.xda-developers.com/showpost.php?p=76148948&postcount=9
I have done downgraded Android 7 to Android 6 hundred times without any issue to bypass FRP.
Again, thank you for taking time to reply. I sincerely appreciate your efforts.
Sent from my SM-N900W8 using Tapatalk
As long as you can downgrade, I am sure you can bypass FRP as Android 6 has many security flaws that a certain method will work.
Like SM-T280 , it's Lollipop but I can only use Talk Back method with older build. SM-T670, SM-T377 also is Lollipop but I have to use Hot Spot method with the current build.
SM-T560, Hot Spot method only works with older builds of Android 6, the latest build of Android 6 has to use Assist method.
SM-T580, P580 I can bypass FRP on both Android 6 and 7, but the method used in Android 7 will trigger Knox count.
These are few examples what can be done to bypass FRP on 6 different Samsung tablets . It's the same like a certain move in self defense, you cannot use it in every single situation or position. Apply wrongly, you will be hit or fail. As long as you know which one will work, FRP lock is a joke to me.
Beut said:
As long as you can downgrade, I am sure you can bypass FRP as Android 6 has many security flaws that a certain method will work.
Like SM-T280 , it's Lollipop but I can only use Talk Back method with older build. SM-T670, SM-T377 also is Lollipop but I have to use Hot Spot method with the current build.
SM-T560, Hot Spot method only works with older builds of Android 6, the latest build of Android 6 has to use Assist method.
SM-T580, P580 I can bypass FRP on both Android 6 and 7, but the method used in Android 7 will trigger Knox count.
These are few examples what can be done to bypass FRP on 6 different Samsung tablets . It's the same like a certain move in self defense, you cannot use it in every single situation or position. Apply wrongly, you will be hit or fail. As long as you know which one will work, FRP lock is a joke to me.
Click to expand...
Click to collapse
Thank you for taking time to explain the joke
Seriously, this security lock is a joke as I can do with ease on different Samsung tablets. Read this forum you will see, newbies would have troubles to unlock their tablets
but eventually they are able to bypass this FRP lock. So again, it's not a rocket science, you need to be patient and try different methods.
I started the same like yours, didn't know what to do. However, by learning and practicing, I do actually see it's a piece of cake as long as you understand which method can apply to a certain build or OS.
Beut said:
I see a common mistake of failing to bypass FRP: using methods only work with Android 6. All methods I mentioned only work with Android 6, use it to bypass FRP a tablet with Nougat is pointless because it's not applicable.
Downgrade to Android 6, you need to flash 3 files BL, AP, and CSC. Common mistake when downgrade is just flashing the AP file only.
This is an example of failing to downgrade
https://forum.xda-developers.com/showpost.php?p=76148948&postcount=9
I have done downgraded Android 7 to Android 6 hundred times without any issue to bypass FRP.
Click to expand...
Click to collapse
So i downloaded odin, samsung drivers and 7zip. As well as APK6 firmware (latest Android 6 fw i found on updato). From the APK6 download, there was only one tar.md5 file. Question is should i find fw that has the 3 seperate files or running the one i have in AP should work?
Flash the AP file only, it may not erase user data and factory reset. You can try it, it may pass Odin but starts at the same lock screen again.
If you need the BL and CSC files, I could upload for you, but this is an US version.
Beut said:
Flash the AP file only, it may not erase user data and factory reset. You can try it, it may pass Odin but starts at the same lock screen again.
If you need the BL and CSC files, I could upload for you, but this is an US version.
Click to expand...
Click to collapse
So i was able to downgrade the firmware to APK6, with only the AP file but i was greeted with an "to start up device enter password" message. Something i havent seen before... not same lock screen
Tried to do factory reset and failed due to mdm.
https://drive.google.com/file/d/1pwDFqzrl3Dqt9V6ZpDCz60tOutmmpYOM/view?usp=sharing
Flash again with BL, AP, and CSC , this is US firmware.
Beut said:
https://drive.google.com/file/d/1pwDFqzrl3Dqt9V6ZpDCz60tOutmmpYOM/view?usp=sharing
Flash again with BL, AP, and CSC , this is US firmware.
Click to expand...
Click to collapse
Thanks for the files. Flashed all three files and was still greeted with the enter password screen. Mdm still prevents factory reset when trying to resetthru recovery menu. Any other pointers?
Gamma35 said:
Thanks for the files. Flashed all three files and was still greeted with the enter password screen. Mdm still prevents factory reset when trying to resetthru recovery menu. Any other pointers?
Click to expand...
Click to collapse
Are you on marshmallow now or nougat?
ashyx said:
Are you on marshmallow now or nougat?
Click to expand...
Click to collapse
I am on marshmallow.
Related
ODIN FLASHABLE STOCK FIRMWARE
For the Samsung Galaxy Tab S2 - SM-T817P
**** UPDATE: JUNE 30, 2016 - For personal reasons, I am unable to continue to host the flashable tars or any other files for this device. Links have been removed. Moderators, please delete this thread or freeze it.
Sorry for the inconvenience.
These are untampered, unaltered, original firmware in the event that you need to recover from a soft brick or otherwise desire to / need to restore to out-of-box.
NOTE THIS WILL NOT RESET THE KNOX WARRANTY VOID COUNTER.
This will only restore original Samsung firmware
I will add links to new versions when they are released.
DOWNLOAD LINKS:
USE PASSWORD: XDAdevelopers
Password is case sensitive
5.1.1 - OL1 - Released December 23rd 2015 - Link Deleted
5.1.1 - OJ5 - Released November 11th 2015 - Link Unavailable
5.1.1 - OH6 - Initial Version Released September 11th 2015 - Link Deleted
Use ODIN 3.10.7 which can be downloaded at http://androidcentral.us/2013/11/download-odin/
** IF RESETTING, OR RECOVERING FROM A SOFT BRICK, After Flashing, boot to recovery and perform a factory reset or manually wipe /data and /data/media **
Thanks for this, alwwys good to have a copy of the stock firmware on hand.
**** UPDATE: JUNE 30, 2016 - For personal reasons, I am unable to continue to host the flashable tars or any other files for this device. Links have been removed. Moderators, please delete this thread or freeze it.
Sorry for the inconvenience.
**** UPDATE: JUNE 16 2016 - For personal reasons, I will soon be unable to host the flashable tars or any other files. June 30 I will be removing download links. I encourage you to download now. If anyone else wants to host or start a new thread, be my guest. If you host, I would be more than happy to link here.
Otherwise, June 30th, All links will be removed and I will be asking XDA Mods to close and/or delete this thread. Sorry for the inconvenience.
What's the difference between the Sprint version and the normal SM-T815? Is it possible to flash the Sprint firmware on a normal SM-T815?
P3CO said:
What's the difference between the Sprint version and the normal SM-T815? Is it possible to flash the Sprint firmware on a normal SM-T815?
Click to expand...
Click to collapse
NO absolutely not. I assume by "normal SM-T815" you mean WiFi Only? The image for the T817P contains both the radio for the 3G/4G LTE/Spark and Wifi, and is specifically meant for that specific model. If you try to flash it to yours, it might potentially HARD BRICK - as in no way to recover. It becomes a $400 - $800 (depending on what model) paperweight. Always only flash the OEM software for your specific model only.
If you're unable to find the firmware for your device, PM me and I can locate, host and send you a link for it.
What specifically is your model number? after the T-815 is there a letter? T-815X... what is X?
typefortytardis said:
NO absolutely not. I assume by "normal SM-T815" you mean WiFi Only? The image for the T817P contains both the radio for the 3G/4G LTE/Spark and Wifi, and is specifically meant for that specific model. If you try to flash it to yours, it might potentially HARD BRICK - as in no way to recover. It becomes a $400 - $800 (depending on what model) paperweight. Always only flash the OEM software for your specific model only.
If you're unable to find the firmware for your device, PM me and I can locate, host and send you a link for it.
What specifically is your model number? after the T-815 is there a letter? T-815X... what is X?
Click to expand...
Click to collapse
T815 is actually the LTE model, so not much different to the t817p.
Don't know why anyone would want to flash carrier firmware to an international model anyway unless they are attempting to use it with that network?
Unfortunately this is not always possible due to differences in the radio.
I'm adding a password due to bots downloading the file.
The Password is: XDAdevelopers
P3CO said:
What's the difference between the Sprint version and the normal SM-T815? Is it possible to flash the Sprint firmware on a normal SM-T815?
Click to expand...
Click to collapse
Some firmware for the international LTE model T815 is in the thread for the stock firmware collection here, and in my posts like this one and this one. Also see the very useful tool in this thread.
The stock firmware for T815 is still 5.0.2, not 5.1.1, if that was the reason for your question.
GidiK said:
Some firmware for the international LTE model T815 is in the thread for the stock firmware collection here, and in my posts like this one and this one. Also see the very useful tool in this thread.
The stock firmware for T815 is still 5.0.2, not 5.1.1, if that was the reason for your question.
Click to expand...
Click to collapse
Your tool was not able to decrypt the update it downloaded unfortunately. The update hasn't been pushed to Samsung Smart Switch yet so I can't grab and host the MD5 yet. And I have not been able to trick the OTA into downloading it yet even using xposed and wanam to set a fake system status. If you are able to update the decryption method, do let me know and I'll give it another go
typefortytardis said:
Your tool was not able to decrypt the update it downloaded unfortunately. The update hasn't been pushed to Samsung Smart Switch yet so I can't grab and host the MD5 yet. And I have not been able to trick the OTA into downloading it yet even using xposed and wanam to set a fake system status. If you are able to update the decryption method, do let me know and I'll give it another go
Click to expand...
Click to collapse
Not my tool, I was just pointing to the thread of the tool I used to download the firmware for the T815.
For T817P, SPR, the OJ5 seems indeed to be known in OTA mode, but not available for download yet; this also happened for T815 and that delay lasted about a day.
Does anyone have a OJ5 stock odin tar for SM-t817? I have twrp but the boot.img provided put me in a boot loop & I didn't make a backup like a noob.
Edit : Actually I think it was the super su zip (BETA-SuperSU-v2.52.zip)
The tablet is not usable @ all & it's actually a Christmas present for my son that I just wanted to setup & get going. So plz anyone with the file can use smart switch to download it would be greatly appreciated.
Thanks in advanced
Nvm, I'm on OJ5 (sprint variant t817p) & everything including boot.img & su zip work on the latest update. :highfive:
I'm bricked. I have a sprint t817p on latest firmware, and i keep getting frp lock fails on anything i flash in odin and i cant get to recovery, and it will not boot. I cant find the latest tar file, and all the older ones fail. Can anyone assist?
liquidhaste said:
I'm bricked. I have a sprint t817p on latest firmware, and i keep getting frp lock fails on anything i flash in odin and i cant get to recovery, and it will not boot. I cant find the latest tar file, and all the older ones fail. Can anyone assist?
Click to expand...
Click to collapse
I still have not had a chance to update mine. I am not certain why, but newer softwares for a lot of samsung devices have been hard to come by lately *suspiciously looks at Samsung*. Also I am out of town til the 20th of January.
As far as frp lock, or "Factory Reset Protection", you forgot to go into developer settings and enable "OEM Unlock".
It is basically like Samsung's 5.0 "Reactivation Lock", except this is enabled by default and encompasses KNOX verification. It cannot be circumvented now. HOWEVER.... there are TWO THINGS I can think of you can try (If anyone else has anything to add, please do)
1.) Try using the OH6 ROM with ODIN. Yes it's one edition older but it might work. I bricked by Galaxy Note5 after going to the latest firmware and forgot to disable FRP Lock (by enabling "OEM Unlock" under developer settings). Reflashing with ODIN worked. Then Flash your recovery, go into recovery, and format /data /system and /cache and dump the Dalvik/ART cache. Then boot back to download mode and re-flash the same ROM. Upgrade to most recent via OTA, then re root.
It worked when I ran into FRP lock errors with my note 5. it might work for you. It will not let you do anything that is not official samsung. Be prepared to log in with your samsung account info once you finally boot if you registered that before you bricked.
2.) Go to a Sprint store, pretend you're a tech illiterate and say after your cousin or someone messed with it, that happened. Sprint (most locations and employees anyways - try another if one fails) stick with the original pro-development attitude towards Android and will generally look the other way - and flash back the correct software or warranty replace it for you (YES EVEN IF KNOX IS Tripped)
TRY #1 first. It fixed my note which was bricked by FRP.
*Meant to type OH6 not AA1. That was a place holder while I typed (and tried to find the version info)
I already tried to flash oh6 and it won't take it. Probably going to try the tech illiterate route. To make matters potentially worse. It wasn't even on oj5 it was the newest update released Dec 23 (don't have the build number handy), I just found that out late last night. Fortunately Knox is not tripped though, I never made it that far. I guess forgetting to check oem unlocking will prevent a flash but not prevent said flash from corrupting your boot.img? Weaksauce.
typefortytardis said:
[...] and will generally look the other way - and flash back the correct software or warranty replace it for you (YES EVEN IF KNOX IS Tripped).
Click to expand...
Click to collapse
Really? I thought (and heard here and there) that once you tripped KNOX, you have no chance to make your clsims on the warranty. Please prove me wrong
Depressed T.Bear said:
Really? I thought (and heard here and there) that once you tripped KNOX, you have no chance to make your clsims on the warranty. Please prove me wrong
Click to expand...
Click to collapse
You do not. Once KNOX is tripped, your warranty is void. You are no longer eligible to turn in a claim.
However, certain carriers (however they organize their purchasing contracts) have it to where they are authorized to process, handle and fulfill the warranty. Sprint is one of those carriers in the US. And a lot of times you have in store agents that either do not get paid enough to care or otherwise still hold true to the original pro development spirit of Android.
I personally replaced 3 Galaxy S5 devices that had KNOX tripped. That store started actually checking my KNOX thing and didn't let a 4th happen so Samsung probably did not credit them, but my account was never charged back. I did it a 4th time at another Sprint store.
liquidhaste said:
I already tried to flash oh6 and it won't take it. Probably going to try the tech illiterate route. To make matters potentially worse. It wasn't even on oj5 it was the newest update released Dec 23 (don't have the build number handy), I just found that out late last night. Fortunately Knox is not tripped though, I never made it that far. I guess forgetting to check oem unlocking will prevent a flash but not prevent said flash from corrupting your boot.img? Weaksauce.
Click to expand...
Click to collapse
Then yes if you did not trip KNOX, you should have no problem pretending to be tech illiterate and having them swap it out for you or reflash it for you.
If they reflash, take it home and use Samsung SmartSwitch to do an "erase / initialization / reset" (however it is worded). Sprint might also be too lazy and just use the romfile and not the reset romfile which is equivalent to a "dirty flash". So go home and use Samsung Smart Switch to start fresh.
Then make sure you enable "OEM Unlock" under development settings next time you attempt root.
ashyx told me I should find someone with this tablet and the newest update that is still on a stock firmware, if they can possible make a backup of the boot.img and system.img using TWRP. This should help others who are stuck with the issues i'm reading on this post as well as the tablet I'm trying to fix now.
Thanks for reading
So last night I decided to root my T-Mobile Galaxy Note 5. I used the root method from the GalaxyNote5Root website. I followed all the instructions and there were no errors; I had root successfully. In order for me to root however, I had to turn on OEM Unlock. I did. Once I was rooted, I made the mistake (and unknowing the repercussions of this mistake) of turning it off. I didn't realize it would lock me out. I wanted to see if I could still use Samsung Pay with RootCloak. RootCloak required a reboot and so I rebooted only to find out I was locked out.
I did the research I could and read all the threads pertaining to my particular issue but none of them helped. Unfortunately for today, SamMobile free downloads are unavailable due to maintenance. I tried other sources and found myself getting the firmware link from the GalaxyNote5Root website as it was one of the only sources that didn't have downloads so damn slow without paying that it would have taken me like 10 hours. Of course, those failed after cm.bin. I did notice, however, unlike the people in the YouTube tutorials I was watching, my Odin, regardless of version, when I loaded the firmware file into Odin (using AR or PDA), it would start with Enter CS for MD5 and check it even though I haven't plugged in my device yet. I don't know if that's normal but as soon as it hits the Please Wait.. my Odin would stop responding and take forever!
I have been flashing a Lolipop firmware for my Note until I decided to try a Marshmallow firmware variant. It then gave me this error which was sw rev. check fail. device 4 binary 2. I believe this is due to problems with downgrading? I decided to try the Marshmallow variant after that. It came up as that the md5 value hash is invalid. I know that this is the way to fix the lock out but do I really have to wait a day and get the firmware from SamMobile? Is that the only source of firmware that will actually work?
Resolved
I appreciate the help but I have however found an alternative, fast download source to flash with Odin. I've been out of the FRP lock for a few days. This thread can now be closed.
How did you turn off frp lock?
My one is Google sign in lock how to bypass that?
Sent from my SM-G900I using XDA-Developers mobile app
Preface
I understand this tablet is old but the ability to 'possibly' obtain root opens up a modicum of options for enthusiasts looking to prolong their investment.
Summary
Was experimenting tonight (3/27/18) and found it IS possible to change models from T818A (AT&T) to T818W (Canadian variant).
This is significant because, to my knowledge and research, no foolproof method exists to introduce root access to T818A (and possibly T818T and T818V).
By changing T818A to T818W, we can hopefully forgo the need to utilize engineering boot images or Kingroot. We can simplify the root process by utilizing Odin and injecting CF-Root.
A_H_E said:
Preface
I understand this tablet is old but the ability to 'possibility' obtain root opens up a modicum of customization for enthusiasts looking to prolong their investment.
Summary
Was experimenting tonight and found it IS possible to change models from T818A (AT&T) to T818W (Canadian variant).
This is significant because, to my knowledge and research, no foolproof method exists to introduce root access to T818A or T818V.
By changing T818A/V to T818W, we can forego the need to utilize engineering boot images or Kingroot. We can simplify the root process by utilizing Odin and injecting CF-Root.
Current Status
The device is recognized as 'T818W' after multiple restarts and factory resets.
Unfortunately CSC is hit or miss.
Originally, on first flash, there was no CSC listed and as such, every single CSC option was available under 'Settings'. I was able to finally introduce 'RWC' (Rogers) successfully and that eliminated duplicate options.
In addition to the firmware change, in Android Recovery, both 'product.name' and "ro.product.device' reflect the alteration.
On the AT&T Tab S2 9.7", prior to the software flash, the following is seen:
samsung/gts210velteuc/gts210velteatt
After the firmware flash, the syntax is replaced with the following:
gts210veltevl/gts210veltecan
Next Steps
I want to ensure I can go back to T818A from T818W and vice-versa.
I'd also like to see if I can go from T818A to T818V and then to T818W.
If I can do these steps without any alterations to the EFS Partition (e.g, IMEI), I will then attempt root.
If all these methods come back without error, I will provide the necessary steps to use at your discretion.
Misc.
This research was inspired by @ashyx and his efforts to procure root on the AT&T and Verizon versions of the Tab S2 9.7.
Click to expand...
Click to collapse
What parts were you able to flash with odin? The important part is the bootloader.
Also I think I remember someone posting something similar before, may have even been this model, whereby the firmware from one model successfully flashed to the other. As I recall this was Verizon to Rogers, but as it turned out both had locked bootloaders, so it looked like the bootloader images were the same regardless of carrier.
I'm not 100% on this as it's a while ago.
There's a fairly safe way to determine if the bootloader will allow anything to flashed by simply flashing an unsigned recovery image.
One thing I would like to know is how picky the bootloader is with flashing unsigned cache images.
Anyway keep us posted.
@ashyx
Thanks for the response,
When going from T818A to T818W, BL, AP, and CP load successfully however I have to use Prince Cosmy's build of Odin. I found that CSC will sometimes fail when using Rogers, so I keep it set to AT&T.
When reverting back to T818A, I am using the 3.12.7 build of Odin and all four combination files load successfully (BL, AP, CP, and CSC).
A_H_E said:
@ashyx
Thanks for the response,
When going from T818A to T818W, BL, AP, and CP load successfully however I have to use Prince Cosmy's build of Odin. I found that CSC will sometimes fail when using Rogers, so I keep it set to AT&T.
When reverting back to T818A, I am using the 3.12.7 build of Odin and all four combination files load successfully (BL, AP, CP, and CSC).
Click to expand...
Click to collapse
Well at least the bootloader flashes OK. When flashing the CSC is it cache.img that fails?
It's strange.
Prince Cosmy will install CSC without error.
It's during the reboot, and the subsequent 'Installing System Update..." that it will sometimes error out at 34%.
But it's not consistent behaviour.
However, after using CF-Auto-Root-gts210veltecan-gts210veltevl-smt818w.zip, and on T818W after flashing from T818A via Prince Comsy, I have root.
In the process of testing SuperSU to confirm it works.
A_H_E said:
It's strange.
Prince Cosmy will install CSC without error.
It's during the reboot, and the subsequent 'Installing System Update..." that it will sometimes error out at 34%.
But it's not consistent behaviour.
However, after using CF-Auto-Root-gts210veltecan-gts210veltevl-smt818w.zip, and on T818W after flashing from T818A via Prince Comsy, I have root.
In the process of testing SuperSU to confirm it works.
Click to expand...
Click to collapse
Excellent, the fact that CFautoroot even flashed without being rejected is good news. The fact that the script ran is even better news!
I just hope it boots up and is rooted.
Which version of SuperSU did you flash?
Okay, just repeated the process from scratch.
I factory reset the device.
Installed the February 2018 build of Nougat from AT&T via Odin.
Both 'product.name' and "ro.product.device' reflect the alteration:
samsung/gts210velteuc/gts210velteatt
Confirmed that the model name in 'Download Mode' and in Android states 'T818A'.
Factory reset the device again.
Launched Prince Comsy's Odin and loaded Roger's February 2018 build of Nougat via Prince Comsy Odin (including CSC which took without error).
Now 'product.name' and "ro.product.device' is replaced with the following:
gts210veltevl/gts210veltecan
Confirmed that the model name in 'Download Mode' and in Android states 'T818W'.
For SuperSu, I used 2.82-SR3.
(https://download.chainfire.eu/1129/...Root-gts210veltecan-gts210veltevl-smt818w.zip)
Rebooted three times before loading into 'Welcome screen".
Everything else works flawlessly.
I even managed to change CSC to XAC, which wiped root, and I flashed SuperSU again.
See screenshots.
I'm off to work now.
If you need anything else tested or answered, I'll get back to you later this afternoon (I'm in EST).
I'd like to revert back to T818A and test T818T and V (provided I can get proper combination sets).
I'm thinking since T819 is the same hardware, it should work as well but having custom recovery would work wonders so I can do a proper NANDroid backup before something goes to bullocks.
A_H_E said:
For SuperSu, I used 2.82-SR3.
(https://download.chainfire.eu/1129/...oot-gts210veltecan-gts210veltevl-smt818w.zip)
Rebooted three times before loading into 'Welcome screen".
Everything else works flawlessly.
I even managed to change CSC to XAC, which wiped root, and I flashed SuperSU again.
See screenshots.
Click to expand...
Click to collapse
Unbelievable, you've discovered a major thing here!
It seems you've managed to flash an unlocked bootloader over the locked bootloader.
Is SuperSU running in systemless or system mode?
Congrats on actually doing this and taking the risk.
From the system details, under 'Settings', looks like 'system-less root mode'.
Attached is another screenshot.
A_H_E said:
From the system details, under 'Settings', looks like 'system-less root mode'.
Attached is another screenshot.
Click to expand...
Click to collapse
Yep systemless. Which means that a custom recovery can be flashed also.
This is the first time I've ever heard of a Samsung bootloader being overwritten by an unlocked one.
Amazing stuff and you may have opened doors for other devices too.
Given your experience, is this something you can create recovery for or do we need to involve other parties?
Thanks!
A_H_E said:
Given your experience, is this something you can create recovery for or do we need to involve other parties?
Thanks!
Click to expand...
Click to collapse
Recovery no problem, but I doubt there's any need. TWRP for the T819 should work fine.
Restored back to stock T818W using Odin (3.12.7).
Bootloader is unlocked under 'Developer Options'.
TWRP for T815 (twrp_3.1.0-1_sm-t819_14417n) will not boot. See attached screenshot.
TWRP for T819 (twrp_3.1.0-1_sm-t815_13317) works however I've run into a few issues.
Reboot Into Recovery
Whether or not you select the option 'Allow Modifications', if you go to 'Reboot' and attempt to reboot into 'Recovery', the device restarts and proceeds to load into Android.
MTP
Once you 'Allow Modifications', format data and power off, you have the option to mount 'System' on restart.
The problem is that even though MTP is enabled, the device does not appear under 'File Explorer' in Windows.
The Device shows under 'Device Manager' and 'AutoPlay' provides you the option to disconnect but you cannot access the file store.
See screenshots 1 & 2.
ADB does, however, work.
TWRP aside, it appears we can now unlock the T818A bootloader by flashing the T818W bootloader through PrinceComsy.
I only have access to two T818A devices so I can only verify this works for AT&T.
If anyone else is reading this and is on Verizon, T-Mobile or have a T819, you may also have the same luck if you are willing to flash the T818W bootloader.
If there is interest, I can provide the software/steps for the community to further investigate.
A_H_E said:
TWRP aside, it appears we can now unlock the T818A bootloader by flashing the T818W bootloader through PrinceComsy.
I only have access to two T818A devices so I can only verify this works for AT&T.
If anyone else is reading this and is on Verizon, T-Mobile or have a T819, you may also have the same luck if you are willing to flash the T818W bootloader.
If there is interest, I can provide the software/steps for the community to further investigate.
Click to expand...
Click to collapse
Just out of interest did you ever try flashing CFautoroot with Prince comsey odin when it had the T818a bootloader?
Unfortunately not but I understand what you are inferring.
I have one untouched device (locked bootloader) left to test with.
I am happy to try this after the Holiday weekend.
A_H_E said:
Unfortunately not but I understand what you are inferring.
I have one untouched device (locked bootloader) left to test with.
I am happy to try this after the Holiday weekend.
Click to expand...
Click to collapse
I will be trying to flash a VZ model later on. Will update thread with results.
Any chance you can share the files used to do this? I would like to attempt it on my T818A as well.
When attempting to flash any/latest TWRP I continually get message 'Only official binaries are allowed to be flashed(RECOVERY)'. I purchased this phone new just recently and paid quite a bit for it, solely to be rooted (specifically global version SM-N950F/DS). I didn't imagine that the global version with the exynos processor would give me so much trouble rooting. I updated to Pie, because I knew the OEM unlock option would be accessible in developer options and thought it would make the process of rooting simpler, not more challenging.
jwils1236 said:
When attempting to flash any/latest TWRP I continually get message 'Only official binaries are allowed to be flashed(RECOVERY)'. I purchased this phone new just recently and paid quite a bit for it, solely to be rooted (specifically global version SM-N950F/DS). I didn't imagine that the global version with the exynos processor would give me so much trouble rooting and wouldn't have bought it if I would have known (or at least not updated to Pie). I updated to Pie, because I knew the OEM unlock option would be accessible in developer options and thought it would make the process of rooting simpler, not more challenging/impossible. Any help would be appreciated and if a solution is brought to light, I am gladly offering $. This could easily be considered a device with best hardware and when rooted, access to best software -- I didn't see significant enough improvements in Note 9 and figured by now the support from XDA community would be abundant for the exynos processor. Turning out ridiculous waste of money if I can't root it (already purchased silver carbon fiber skin, 256 GB Samsung Evo Select SD card, attachable portable wireless charging pack, etc.). Please help!
Click to expand...
Click to collapse
You need to disable/delete 'security log agent' on first boot or the only official binary message will appear on reboot, you also have to patch rmm state, or it will keep happening too, which can read about here-
https://forum.xda-developers.com/sa...w-to/guide-root-install-twrp-samsung-t3747535
I believe all the roms have already patched this which could save you the hassle, if you just want a stock rooted rom, try Dev-Base.
Its just easy step
Things u needed before proceed
* SD card
*Magisk latest version
*Odin
* Twrp zip file
1. Reflash ur device with proper firmware
2. After done go download mode and flash Twrp zip on odin. After done reboot ur device to Twrp again
3. After boot up to Twrp go to Wipe and do a factory restore . After this done u must install Magisk or u will get official binary only after reboot to system
4. After all the step are followed u are good to go. Cheers
stonedpsycho said:
You need to disable/delete 'security log agent' on first boot or the only official binary message will appear on reboot, you also have to patch rmm state, or it will keep happening too, which can read about here-
https://forum.xda-developers.com/sa...w-to/guide-root-install-twrp-samsung-t3747535
I believe all the roms have already patched this which could save you the hassle, if you just want a stock rooted rom, try Dev-Base.
Click to expand...
Click to collapse
I see. After research, it appears I'm not unlocked like I thought I was -- was thinking since OEM unlock option is accessible and valid in recovery it would be possible to flash TWRP, but didn't consider RMM state. Do you have any idea if it is safe to upgrade to the 'latest' Pie and if the bootloader would change capacity of root? Wouldn't mind being on the latest in the meantime, while I hope and wait 7 days. Also, not sure if the workaround on changing the clock would work or if any info on this to make work -- tried with no luck. Don't want to wait 7 days and seems like there could or should be a workaround, but whatever needs to be done I suppose. Appreciate your assistance.
jwils1236 said:
I see. After research, it appears I'm not unlocked like I thought I was -- was thinking since OEM unlock option is accessible and valid in recovery it would be possible to flash TWRP, but didn't consider RMM state. Do you have any idea if it is safe to upgrade to the 'latest' Pie and if the bootloader would change capacity of root? Wouldn't mind being on the latest in the meantime, while I hope and wait 7 days. Also, not sure if the workaround on changing the clock would work or if any info on this to make work -- tried with no luck. Don't want to wait 7 days and seems like there could or should be a workaround, but whatever needs to be done I suppose. Appreciate your assistance.
Click to expand...
Click to collapse
Also, for anyone reading this with the same issue, extracting the boot image from stock firmware (can be done through command prompt/terminal dump or by extracting from stock firmware -- AP Odin file) and patching with Magisk will not flash or work/give root access either unless this device is fully unlocked -- OEM unlock doesn't matter, if RMM still says "Prenormal" in download mode.
jwils1236 said:
I see. After research, it appears I'm not unlocked like I thought I was -- was thinking since OEM unlock option is accessible and valid in recovery it would be possible to flash TWRP, but didn't consider RMM state. Do you have any idea if it is safe to upgrade to the 'latest' Pie and if the bootloader would change capacity of root? Wouldn't mind being on the latest in the meantime, while I hope and wait 7 days. Also, not sure if the workaround on changing the clock would work or if any info on this to make work -- tried with no luck. Don't want to wait 7 days and seems like there could or should be a workaround, but whatever needs to be done I suppose. Appreciate your assistance.
Click to expand...
Click to collapse
I am quite sure it is still rootable on bootloader 6, so updating would be fine.
The trick to get the OEM toggle is a bit hit and miss, the guide below is the method that has had a higher success rate for me, if followed exacty as written.
https://www.google.com/amp/s/www.xd...-samsung-galaxy-s8-samsung-galaxy-note-8/amp/
jwils1236 said:
I see. After research, it appears I'm not unlocked like I thought I was -- was thinking since OEM unlock option is accessible and valid in recovery it would be possible to flash TWRP, but didn't consider RMM state. Do you have any idea if it is safe to upgrade to the 'latest' Pie and if the bootloader would change capacity of root? Wouldn't mind being on the latest in the meantime, while I hope and wait 7 days. Also, not sure if the workaround on changing the clock would work or if any info on this to make work -- tried with no luck. Don't want to wait 7 days and seems like there could or should be a workaround, but whatever needs to be done I suppose. Appreciate your assistance.
Click to expand...
Click to collapse
I ended up using Chimera Tool to bypass RMM state. Worked instantly. This seems to be a common issue for many Samsung devices, at least on Pie. Not sure there is an alternative solution, currently. Only one I could find for my device.
Hi all. Succesfully rooted my S8 Tab Ultra and was running fine for the past week.
Just rebooted the tablet and its showing "Custom Binary(boot) Blocked due to remaining installment balance" I've read around the forum and apparently its for people who haven't paid for the device fully which I have, paid in full on pre order.
The only way it seems to get it to boot is to flash the original firmware my model is SM-X900NZAFXAR and I can't find the firmware does anyone know how I can get the tablet to boot?
Tried Samsung support but they didn't help
Hello! Get SamFirm at https://samfirmtool.com/ (v0.5.0 is the latest), for model put SM-X900, for Region put XAR. I haven't received mine yet (not until the middle of next month), but this is the closest I could find to what should be the correct firmware. Click "Check Update", then click "Download". It's been too long for me away from Samsung - I don't remember if it matters if you let it decrypt automatically or not. The answer should become apparent, though. At worst, you'll just have to redownload the firmware with the option to decrypt unchecked in SamFIrm.
You can check your CSC (Region) by (copying/pasting someone else's instructions):
go to settings - about - software information - service provider SW ver. The region code (CSC) will be written there.
I don't know if your CSC will match XAR. I don't find anything for XAA or XAS yet in SamFirm.
Good luck! This is concerning since I had planned on rooting mine.
Thanks for the reply. I've downloaded the XAR firmware but now I have another problem getting the USB device not recognised. Device descriptor request failed. Tried locking the bootloader again now its stuck with a Hash fail on boot and wont turn off. Can't unlock the bootloader again. 99% sure its not the laptops fault its the one i rooted on but will try another pc tomorrow. Will have to try Samsung again as although I have rooted which voids warrenty its there mistake on my device thinking it has finance outstanding that has caused the failure.
Cheers
Jono0907 said:
Thanks for the reply. I've downloaded the XAR firmware but now I have another problem getting the USB device not recognised. Device descriptor request failed. Tried locking the bootloader again now its stuck with a Hash fail on boot and wont turn off. Can't unlock the bootloader again. 99% sure its not the laptops fault its the one i rooted on but will try another pc tomorrow. Will have to try Samsung again as although I have rooted which voids warrenty its there mistake on my device thinking it has finance outstanding that has caused the failure.
Cheers
Click to expand...
Click to collapse
You got the latest Samsung drivers installed, as linked to in the SamFirm\Samsung Driver subfolder? (link leads to https://samsungusbdriver.com/category/download)
Wait... Is OEM Unlock still enabled in Dev Options? It might be salvageable even though you have locked the bootloader...
Thank you edor for the help the tablet is running again now however it is unrooted now and the OEM unlock option is missing. The USB fault was resloved using a different PC not sure whats going on with my laptop.
Once in download mode i was able to download the XAR version of the Tab S8 Ultra fimrware from SamFirm and reflash with Odin which brought it back.
I'm not sure if running XAR csc will cause problems? I am in the UK I think my csc originally was OXM which is the universal one but cant find an OXM version at the moment.
fkofilee I actually locked the bootloader from the download mode menu which i shouldnt have. I don't have the option now so think I need to wait for the OEM unlock to show in settings.
For anyone else who has the "Custom Binary(boot) Blocked due to remaining installment balance" Need to reflash back to original firmware to boot and apparently it will re-check in 7 days so cannot be rooted in that time.
I have an open ticket with Samsung to try and find out why my tablet thinks it has finance. The confirmed on the phone that it was paid in full.
I wonder if the S7 Bootloader that i rooted had anything to do with it. Will retry with the bootloader when i can and report back.
@Jono0907 I'm glad you got it back working. I apologize if the XAR firmware has anything to do with your OEM unlocking not being available. Thank you for the advice for myself and for others to follow if we encounter the same problem. You had used the S7 bootloader? I would expect that to be the problem but as I said, I'm rusty on Samsung, and totally unexperienced in Samsung tablets - I only know what I've read in this section so far.
My tablet is working because of your advise so I'm happy. Found the EUX firmware which feels like it should be what my tablet should be running so will flash that and see if Unlock comes back. Tried all the tricks with date/time to try and trick it but no luck.
Also was going to add my experience with Samsung support. He agreed that if the tablet was wrongly reporting it was in finance then it wouldn't have been my fault but also said Samsung would not help because I had rooted the device. He didnt talk about reflashing firmware just said that I needed to send it to them for a new motherboard to repair Knox at a cost of at least $400(£300)
I planned to root s8 ultra, now afraid. So, is it safe to root it, and can someone put here whole procedure?
Many thanks
It's pretty much always safe because you can go back to "Download Mode" and reflash the original firmware.
It will however trip Knox which is Samsungs securityh (Done by breaking a physical fuse on the motherboard) which cannot be undone. This voids the warrenty and could cause problems with Google Pay and other things.
The basic process for rooting the S8 is
1. The process requires OEM Unlocking which some carriers in USA seem to be blocking. If you can OEM unlock it will be an option within the developers options in settings. Sometimes it doesn't show up right away.
2. Download SamFirm and get the firmware for your device. The Model for the Non-5G Tab S8 is SM-X900 and put in the CSC code for your region. Samsung simplified CSC codes before the release of the Tab S8 so you can see the list on wikipedia when searching for the tablet it is probably better to look up how to check your CSC code on your tablet to make sure you are getting the right one.
3. Install Magisk Manager on your tablet. Extract the firmware and copy the AP file to your tablet. Open Magisk Manager and point it at the AP file that you copied. Once complete it should give you a Magisk Patched file copy it back to your computer.
4. Install Odin and Samsung USB drivers. In Odin Select the Magisk Patched file for AP then add the BL file that you downloaded from SamFirm and the CSC file. (This will factory reset the tablet). You can leave CP and Userdata blank.
5. Reboot the tablet into Download Mode. This can be done by powering it off connecting it the the PC and when you see the charge symbol hold down Volume up and Volume down till you get to the Download Mode Menu. From here you need to press the option for OEM Unlock and then go to the download screen. Now press start in Odin.
That's pretty much it
ivanox1972 said:
I planned to root s8 ultra, now afraid. So, is it safe to root it, and can someone put here whole procedure?
Many thanks
Click to expand...
Click to collapse
I want clearly explanation, I don't know about this.
Jono0907 said:
It's pretty much always safe because you can go back to "Download Mode" and reflash the original firmware.
It will however trip Knox which is Samsungs securityh (Done by breaking a physical fuse on the motherboard) which cannot be undone. This voids the warrenty and could cause problems with Google Pay and other things.
The basic process for rooting the S8 is
1. The process requires OEM Unlocking which some carriers in USA seem to be blocking. If you can OEM unlock it will be an option within the developers options in settings. Sometimes it doesn't show up right away.
2. Download SamFirm and get the firmware for your device. The Model for the Non-5G Tab S8 is SM-X900 and put in the CSC code for your region. Samsung simplified CSC codes before the release of the Tab S8 so you can see the list on wikipedia when searching for the tablet it is probably better to look up how to check your CSC code on your tablet to make sure you are getting the right one.
3. Install Magisk Manager on your tablet. Extract the firmware and copy the AP file to your tablet. Open Magisk Manager and point it at the AP file that you copied. Once complete it should give you a Magisk Patched file copy it back to your computer.
4. Install Odin and Samsung USB drivers. In Odin Select the Magisk Patched file for AP then add the BL file that you downloaded from SamFirm and the CSC file. (This will factory reset the tablet). You can leave CP and Userdata blank.
5. Reboot the tablet into Download Mode. This can be done by powering it off connecting it the the PC and when you see the charge symbol hold down Volume up and Volume down till you get to the Download Mode Menu. From here you need to press the option for OEM Unlock and then go to the download screen. Now press start in Odin.
That's pretty much it
Click to expand...
Click to collapse
Succesfully rooted a magisk patched AP. Then later I tried to flash another one with an updated firmware, resulting in a soft brick. Does reflashing unpatched stock rom via Odin wipe all my data? Even if I flash HOME_CSC?
emko7 said:
Succesfully rooted a magisk patched AP. Then later I tried to flash another one with an updated firmware, resulting in a soft brick. Does reflashing unpatched stock rom via Odin wipe all my data? Even if I flash HOME_CSC?
Click to expand...
Click to collapse
Sorry mate never done the HOME CSC flash I've always been happy to wipe the device hopefully someone here knows?
emko7 said:
Succesfully rooted a magisk patched AP. Then later I tried to flash another one with an updated firmware, resulting in a soft brick. Does reflashing unpatched stock rom via Odin wipe all my data? Even if I flash HOME_CSC?
Click to expand...
Click to collapse
Uh-oh. I was just getting ready to update to the latest firmware, Maybe I'll have to wait, see how this plays out.
lloydsw said:
Uh-oh. I was just getting ready to update to the latest firmware, Maybe I'll have to wait, see how this plays out.
Click to expand...
Click to collapse
For what it's worth on my S8 Ultra, I updated from rooted April update to rooted May's update perfectly fine without wiping data. Always do backups, though, things happen.
roirraW edor ehT said:
For what it's worth on my S8 Ultra, I updated from rooted April update to rooted May's update perfectly fine without wiping data. Always do backups, though, things happen.
Click to expand...
Click to collapse
Yup, worked fine on my S8. Sigh of relief!