Database Develop

[ROOT] EU LMV405EBW - Magisk

I couldn't find any guide for rooting the V40, so I thought I'd write down the steps I took to root my new EUR V40 - LMV405EBW. Maybe it will help others. Sorry if this is somewhat confusing, I didn't have time to make a polished version. It's basically made from my notes during the process with the commands copied from bash history.
-First, unlock the bootloader following LG's instructions here: https://developer.lge.com/resource/mobile/RetrieveBootloader.dev
There's no TWRP for the V40 and the one made for G7 doesn't work. I don't have the time and knowledge to even attempt to compile TWRP for the V40, so I proceeded with just patching an original boot image with Magisk.
You can get the patched boot images that I used from here:
Oreo 10e: boot_a_magisk_patched_10e.img
Oreo 20f: boot_a_magisk_patched_10f.img
Pie 20a: boot_a_magisk_patched_20a.img
Pie 20b: boot_a_magisk_patched_20b.img
Pie 20f: boot_a_magisk_patched_20f.img
Pie 20g: boot_a_magisk_patched_20g.img
Q 30b: boot_a_magisk_patched_30b.img (this requires flashing to the active boot partition).
Q 30c: boot_a_magisk_patched_30c.img (this requires flashing to the active boot partition)
Q 30d: boot_a_magisk_patched_30d.image (this may or may not work with "fastboot boot" and could require flashing to the active boot partition. I haven't tested if live boot still works. I just did fastboot flash boot_x img_file).
You can try to boot it with with fastboot if you have a LNV405EBW and skip the KDZ extraction part.
Installing Magisk:
Flashing this image isn't necessary, just straight boot should be sufficient and safe.
First install Magisk Manager 7 on the phone then connect the phone to the PC and run:
Code:
adb reboot bootloader
fastboot boot boot_a_magisk_patched_10e.img
After the phone boots the OS with the external boot image, open Magisk Manager and tap on Install. Select the option to Direct install to the active slot. I played it safe and decided to NOT flash also on the inactive slot. I've left it alone so I can use it in case of need of recovery.
You'll probably notice that you don't have a connection to the carrier. Just ignore it, it will back once the phone is booted normally.
Reboot and you will have permanent root until you switch the A/B slots.
In case my patched boot image doesn't work, you can just make your own.
Tools needed:
Magisk Manager 7.0.0 installed on the phone
LG Bridge installed on a Windows machine.
a Linux machine or VM (I used the latest ubuntu desktop), python3 with the zstandard module installed and kdztools from steadfasterX's repo. Maybe kdztools would work on Windows too, I haven't tried it.
adb, fastboot
You need to procure an original ROM file for your phone model. It can be downloaded easily with LG Bridge. Just connect the phone to a Windows PC, start LG bridge, go to the Software update tab and click on Update error recovery. Wait for the download to start and disconnect the phone. Ignore LG Bridge complains about not being able to flash after the downloading stage is completed. Don't click anything in Bridge and before closing it go to C:\Users\<your_username>\AppData\Local\LG Electronics\LG Bridge\SWUpgrade and copy your KDZ somewhere else. Preferably send it to the Linux VM to the LG work folder, it'll be needed there.
On Linux open a terminal:
Code:
cd ~/Documents
mkdir LG
cd LG
git clone https://github.com/steadfasterX/kdztools.git
cd kdztools
nano undz.py -c
For kdztools to be able to extract the V40 images, I needed to edit undz.py and comment the lines 88-90. So, this block should all be commented or undz will fail to extract the boot partitions.
Code:
#if len(dz_item['pad']) != 0:
# print("[!] Error: pad is not empty", file=sys.stderr)
# sys.exit(1)
To extract, with the KDZ copied to ~/Documents/LG/
Code:
cd ~/Documents/LG/kdztools
./unkdz.py -f ../V405EBW10e_00_OPEN_EU_DS_OP_0109.kdz -x
cd kdzextracted/
List the partitions contents and look for the IDs of boot_a and/or boot_b. In my case they were 44 for boot_a and 63 for boot_b
Code:
../undz.py -f V40510e_00.dz -l
Extract boot_a or boot_b or both, they're identical:
Code:
../undz.py -f V40510e_00.dz -s 44
../undz.py -f V40510e_00.dz -s 63
You can find the extracted boot images in the dzextracted subfolder. Get boot_a.image or boot_b.image or both from there and send them to the phone in a location accessible by Magisk Manager. The Download folder should do fine.
Open Magisk Manager and tap Install, select Patch Boot Image file and patch the image file(s) you extracted. Get the patched_boot.img that Magisk Manager saves in the Download folder and send it to a PC where you have adb and fastboot.
Go to the beginning of the post to the Installing Magisk section.

Damned tempting, but I'll wait until after Pie drops.
Sent from my LM-V405 using Tapatalk

Glad to see this, hopefully it's a start for all of us.

If anything, at least a way to unlock the bootloader via legitimate channels! Gonna be generating that string, next chance I get, to be ready.
Sent from my LM-V405 using Tapatalk

Once runningnak3d gets a hold of this, we should be good with the v40. Cool beans.

Hey do the unlock codes online work for $ 12-15 on sprint? I used to flash phones back in the day and got a great deal on a bad IMEI sprint lg v40, but so far I can see there isn’t a way yet. On top off all that I m in Europe and don’t want to get the error message that I m out of the Region. I would have to go to USA just to unlock the phone.

@runningnak3d

Can't I install the firmware on a different device?

V version can not unlock BL, so envious

Getting a boot image like that works but I find it stupid to not upload it so that the others don't have to do it. Besides only one model can be bl unlocked so there won't be any model mismatch (except firmware versions but keeping up with them is not that hard)

LameMonster82 said:
Getting a boot image like that works but I find it stupid to not upload it so that the others don't have to do it. Besides only one model can be bl unlocked so there won't be any model mismatch (except firmware versions but keeping up with them is not that hard)
Click to expand...
Click to collapse
Or I could find you stupid for not noticing the patched image is in my first post.

DLS123 said:
I find you stupid for not noticing the patched images are in my first post.
Click to expand...
Click to collapse
I recommend labeling the boot images with their firmware since future firmwares won't be able to run the same boot image but other than that I'm really sorry.

LameMonster82 said:
I recommend labeling the boot images with their firmware since future firmwares won't be able to run the same boot image but other than that I'm really sorry.
Click to expand...
Click to collapse
I mentioned in the description 1 line below the link that it's for 10e. There was no other update in a long time. I don't think there can be any confusion for now. I can edit and label the file when there's will be another fw update.

It looks like unlocking the bootloader breaks Widevine L1 on the V40 and downgrades is to L3. No more HD or UHD Netflix.
I couldn't find any other solution than to re-lock the bootloader to restore L1.
This doesn't happen on the V30.

@DLS123
Thank you for all!
I ask you for more details; i'm stuck at flashing first image in adb; it returns an error; have LMV405EBW with 10f. unlocked bootloader of course
Thx again for your support!

@daphix what do you mean by flashing the first image? You're not supposed to flash my patched boot image. Just boot it without flashing and Direct install Magisk from it with Magisk Manager.

DLS123 said:
@daphix what do you mean by flashing the first image? You're not supposed to flash my patched boot image. Just boot it without flashing and Direct install Magisk from it with Magisk Manager.
Click to expand...
Click to collapse
Thx for answer; i not have too much experience in working with Magisk;
i just folowed your steps:
First install Magisk Manager 7 on the phone then connect the phone to the PC and run:
adb reboot bootloader
fastboot boot patched_boot_a.img
when i run fastboot comand for flash, is runing, but is returning "an error at line x"
i suppose is something wrong in this instructions.

daphix said:
Thx for answer; i not have too much experience in working with Magisk;
i just folowed your steps:
First install Magisk Manager 7 on the phone then connect the phone to the PC and run:
adb reboot bootloader
fastboot boot patched_boot_a.img
when i run fastboot comand for flash, is runing, but is returning "an error at line x"
Anyway; understand now what to do;
Steps are below:
- first install magisk manager
- download magisk zip from magisk site or from magisk manager himself on phone
- download patched_boot_a.img to phone from our good contributor
- use magisk manager and select inslall image of patched_boot_a.img from phone
- magisk manager will generate a magisk patched image
- transfer this magisk patched image (not patched_boot_a.img) to pc in ADB folder
- flash with Adb this magisk patched image from pc to phone.
Thx to our friend!
---------- Post added at 09:53 AM ---------- Previous post was at 09:21 AM ----------
DLS123 said:
@daphix what do you mean by flashing the first image? You're not supposed to flash my patched boot image. Just boot it without flashing and Direct install Magisk from it with Magisk Manager.
Click to expand...
Click to collapse
Hi;
using Magisk mamanger and your file was generated a file: magisk_patched.img
pls support; trying to flash that image from PC with adb not work:
fastboot flash partition_a magisk_patched.img
Click to expand...
Click to collapse

@daphix
Whatver you're trying to do, is nowhere in the procedure I used. If you already booted with my boot image why are you making another boot image with Magisk and why are you trying to flash that? I never wrote anything of the sort.
if you booted with my patched image you already have temporary root and can use Magisk Manager to Direct install Magisk itself.

DLS123 said:
@daphix
Whatver you're trying to do, is nowhere in the procedure I used. If you already booted with my boot image why are you making another boot image with Magisk and why are you trying to flash that? I never wrote anything of the sort.
if you booted with my patched image you already have temporary root and can use Magisk Manager to Direct install Magisk itself.
Click to expand...
Click to collapse
Hi , thank you for reply;
I tried many combinations of your commands;
maybe due that am noob, but succesion below simply is not working:
First install Magisk Manager 7 on the phone then connect the phone to the PC and run:
adb reboot bootloader
fastboot boot patched_boot_a.img

miflash error: not catch checkpoint (\$fastboot -s .*lock), flash not done -> HELP?!

miflash error: not catch checkpoint (\$fastboot -s .*lock), flash not done -> HELP?!
Hello,
I unlocked my Mi8 and successfully installed Lineage on it.
After trying to install Magisk, my phone only boots into fastboot (and mi recovery, but that's not very helpful).
fastboot boot twrp.img results in error :
FAILED (remote: Failed to load/authenticate boot image: 00000050)
I tried MIFLASH by
1) downloading, dezipping and starting newest miflash (2020.3.14.0)
2) installing drivers
3) downloading and dezipping MIUI-fastboot-ROM
4) entering path* into miflash, refresh and flash (already tried all options "clean all" to "clean all and lock")
*) path to the folder that includes among others flash_all.bat
all this results in error:
not catch checkpoint (\$fastboot -s .*lock), flash not done
Nothing changed with the phone, still the same error.
While wanting to review the logs, I clicked in miflash on log/flash log. The log did not say anything helpful, but the error code of fastboot boot twrp.img changed to command write failed (Unknown error). Nothing else changed.
UPDATE: changed back to previous error (remote: Failed to load/authenticate boot image: 00000050)
If you have any idea or need any more information, please tell me!
I need that phone and cannot afford to terminally brink it!!
I did not find much online, did no one else had this problem??
THANK YOU!
PS: Using lenovo-laptop with quite vanilla win10 (and not so vanilla kubuntu dualboot, but miflash only supports windows)
MIFLASH-log says:
Code:
[14:37:14]:lsusb path:"C:\Users\<>\Downloads\MiFlash20200314\MiFlash20200314\Source\ThirdParty\Qualcomm\fh_loader\lsusb.exe"
[14:37:14]:Specified cast is not valid.: at XiaoMiFlash.code.Utility.TreeViewUsbItem.AddPortNode(String HubPath, Int32 NumberOfPorts)
[14:37:14]:Specified cast is not valid.: at XiaoMiFlash.code.Utility.TreeViewUsbItem.AddPortNode(String HubPath, Int32 NumberOfPorts)
[14:37:14]:Specified cast is not valid.: at XiaoMiFlash.code.Utility.TreeViewUsbItem.AddPortNode(String HubPath, Int32 NumberOfPorts)
[14:37:14]:GetScriptDevices
[14:37:15]:FlashingDevice.flashDeviceList.Remove ab6ee6a0
[14:37:15]:add device ab6ee6a0 index 1
[14:37:15]:Thread start,thread id 5,thread name ab6ee6a0
[14:37:15]:start process id 2524 name cmd
[14:37:15]:Thread stopped, thread id 5, thread name ab6ee6a0
UPDATE:
what would the world be without mysteries. Though I cannot really accept them in the IT sector, I cannot really explain, why "everything" works now.
The error of miflash still exists, but fastboot works.
I tried booting and flashing the lineage boot.img instead of twrp.img as well as miflash about every five minutes. I do not think it was the latter, though.
I am still curious on that matter, but having everything working is more important.
Thank you anyway.

Never encountered that error however, if you have Lineage installed i have to wonder how or why your phone is able to boot into mi recovery ? You should have a custom recovery installed (twrp, orangefox .. something)
If you have a ryzen laptop - see the thread about ryzen cpu - they have some issues with recognising properly devices via usb - solved by using a hub.
There is no need to use miflash to flash the fastboot miui rom - you can do it from command line in both windows and linux. Once you decompress the fastboot tar.gz, you have .bat and .sh files in the folder - miflash runs those exact files. Just install adb and fastboot on kubuntu and run your choice of script (flash_all, flash_all_lock, etc.) this has the added benefit of not needing odd drivers in windows (last time i used miflash it complained about some .net stuff that i had to manually install).
Since normally you would install twrp i have to wonder if by any chance mi-recovery is not checking the boot image before flashing it ... not sure, or maybe it had something to do with the FBE of lineage since there was no recovery in place to decrypt the partitions, if i remember correctly, the boot image needs to be signed with the verity key. The log snippet you provided doesn't tell anything as it has no error messages or anything.
Either way, not sure how what you brutforced to get it working but glad it solved itself, however, if you still have mi-recovery instead of a custom one, i would suggest you backup the device, flash MIUI without locking the bootloader, installing twrp (not just booting it) and reinstalling lineage from there. (all this can be done from your kubuntu install so you avoid driver and other windows shenanigans)
to install adb and fastboot it's just a question of sudo apt install adb fastboot
either tar -xvzf the archive of the fastboot image or just extract it from the file manager
open a terminal in the extracted folder (where the bat and sh files are)
put the phone in fastboot mode, connect via usb and do a "fastboot devices" just to make sure the device shows up
./flash_all.sh (this does the exact same thing as the clean option in miflash - just open the script and take a look through it)
Once the flash is done and the phone reboots, skip through all the setup steps just so miui loads up then reboot to fastboot
get twrp from their website, open terminal where it is downloaded and "fastboot flash recovery <name_of_file>.img"
once the command finishes do a "fastboot boot <name_of_file>.img" and once you are in twrp, go yo wipe, do a factory reset, back, advanced wipe and select the caches, back, format data, type yes, back to the main menu of twrp and reboot recovery, this should boot you back into twrp but this time the one that is flashed on the device.
from here on install rom of choice and magisk as usual (use the install option in twrp tho, don't unpack the zip)
Had the phone for 2 years and i flashed different roms on it almost weekly since the wait time to unlock the bootloader expired and never had an issue with this workflow and it saves you from having to use windows. Even for unlocking the bootloader, in case you ever lock it back up, you can use https://xiaomitool.com/V2/download (worked like a charm on linux)

sorfat said:
Never encountered that error however, if you have Lineage installed i have to wonder how or why your phone is able to boot into mi recovery ? You should have a custom recovery installed (twrp, orangefox .. something)
If you have a ryzen laptop - see the thread about ryzen cpu - they have some issues with recognising properly devices via usb - solved by using a hub....
Click to expand...
Click to collapse
Thank you for your detailed reply!
Of cause, in order to install lineage, I used TWRP. But I somehow did not install it, but used fastboot boot twrp.img in order to manually temporary boot twrp every time I need it. It was not intentionally at first (did do
"fastboot flash recovery <name_of_file>.img"
Click to expand...
Click to collapse
) but I learned to like the mi recovery for it's wiping and being able to use with the keys (not touch, since I managed to disable touch once before that). Mi recovery does not allow flashing at all, so no worries there^^
I have read the ryzen thread before posting, that's why I included my hardware. Not sure, if Lenovo has ryzen, mine does not.
Why I did not think of just running the script in kubuntu instead of hassling with windows, I do not know. Guess it does have something to do with the wood in front of all the trees.
I have the phone for about one and a half week and flashed it at least once a day :laugh:
But I hope to neither lock it again (twice is sweaty enough) nor have to flash it every week.
Thank you very much, if I ever lock myself out again or get another phone to set up, I will defintely reread this post!
btw: is there no way in xda to close a thread?

Stock firmware clean flash

Hi. I have recently bought a ROG 3 Tencent version from AliExpress (865+, 12 GB ram, 128 gb storage). The phone came with the pre-installed WW version. I presume it was converted from the CN version by the seller. He did a really good job since there are no problems whatsoever, no "incompatible firmware" error, refresh rates working fine. However I'm a bit paranoid about buying electronics from CN, so i wanted to perform a totally clean firmware flash.
My knowledge of Android is limited so I'm asking for help. To my understanding what i should do is:
- install adb and drivers, fastboot binaries or tool all in one (does it download all the necessary files and drivers automatically?)
- unlock bootloader with asus tool or command line in adb, (is it necessary to format internal storage?)
- put the phone into recovery mode by turning it off and then pressing volume+ and power and connect it to pc
- run the command prompt from the adb folder
- type "adb reboot bootloader" to get into fastboot mode
And that's where im getting confused.
What i want to do is fully format internal storage (don't know the fastboot command for that) and perform a clean flash of the newest stock firmware (it comes in a zip file on the official ROG3 support page). From my understanding, since ROG3 doesn't support sd card i need to put the firmware file in the adb folder and run "adb sideload firmware file name.zip" than "adb reboot bootloader" again and sideload the same file again to flash it to the second partition. Do I need to wipe cache after that? If so what is the command for that? Than i would like to relock the bootloader (fastboot oem asus-lock). I'm sure I'm wrong at some point and probably missing some steps so please guide me through the process.

Also, can someone explain to me what is the difference between RAW, UL, and "normal" WW firmware available at Asus support page? As I can recall UL firmware and Asus unlock tool were also available for download at Asus support page but now they are gone.

How To Guide How To root Redmi Note 10S without TWRP (Text Guide in English)

By Following this guide, you will lose your warranty so keep that in mind before you begin. (Although you have probably already lost your warranty by unlocking the bootloader)
So, if like me, you ended up buying the Redmi Note 10S because it was very cheap (it's something like 200$ for a really good phone) and then just hopped on to xda forums for the latest roms and stuff, you'll find that not much development is going on regarding this phone, understandably because of "better" alternatives within the same line-up.
As a consequence, we don't yet have TWRP or CWM or any such custom recoveries built for this specific device (Redmi Note 10S) nor do I think they're coming any time soon, which is unfortunate since that would have made the process a tad bit more convenient. We don't have any custom roms built specifically for our device either (although we can probably use GSI roms)
So we'll now try to do the process ourselves.
Now, for the disclaimer:
DISCLAIMER: I'm an amateur in terms of tinkering with android stuff and phones in general. The process mentioned below has worked on my phone but I would still recommend waiting for someone more....knowledgeable to weigh in his/her opinions. If you end up bricking your phone or if things go wrong, I'm not responsible, that's on you.
Also, please read the entire guide first and then begin.
Alright, with the appetizers out of the way, let's just crack on to the main course:
STEP-0: Requirements:
Redmi Note 10S
Install OEM fastboot drivers
Obtain android platform-tools along with knowledge about how to use it
Your Bootloader should be unlocked (wait for 1 week after first attempt at unlocking after which you'll receive your "permission")
Fastboot rom from here
Magisk apk
Being ready to lose your data (in short, don't personalize your phone just yet (....and also take a backup of everything)) and accept that you'll have SafetyNet related issues until you do some other special stuff
Enable Developer mode and USB debugging
STEP-1: Obtain boot.img (and vbmeta.img)
What we need is a boot.img that we can patch using magisk. We can do some code-fu to pull it from the phone but we don't need to do that. We can instead obtain the fastboot rom from here (I don't think region matters but take accordingly just to stay safe). While downloading, you'll see that what you're downloading a zip. This is intended because the boot.img (and the vbmeta.img) is within this zip file.
Anyways, once you download it, unzip all of the contents into a folder and move on to the next step.
STEP-2: Patch the obtained boot.img:
Take the boot.img from the zip file you obtained earlier and move it into the internal storage of your phone. Install the Magisk Manager apk from here. Install the apk and then after opening, go straight to installing Magisk, then select "Select and Patch a File" and then select the boot.img that you moved into the internal storage. It will then start patching the boot.img after which it will generate a patched boot.img, the directory of which is mentioned at the end of the patching process.
Move the patched boot.img back into your computer and move on to the next step.
STEP-3: Flash the patched boot.img:
Alright, this is the final leg of the journey (or should I say, desserts?).
Keep the vbmeta.img and the patched boot.img handy as you will be needing them here. You can find the vbmeta.img in the zip file you extracted earlier in the guide.
NOTE: The vbmeta.img is especially important because if you don't flash this while disabling verity and verification, you'll be stuck in a bootloop until you flash the stock boot.img (the boot.img before you patched it) back because this.
Alright, with all of that at hand, boot your phone into fastboot mode.
Now disable what is equivalent to the windows version of secure boot:
Code:
fastboot.exe --disable-verity --disable-verification flash vbmeta vbmeta.img
And then the following command that will finish it off:
Code:
fastboot.exe flash boot patched_boot.img
If you get stuck in a bootloop (perhaps because incorrectly flashing vbmeta.img or anything else), flash the stock boot.img with the same command and try the process again
And then finally for the cherry on top:
Code:
fastboot.exe reboot
After all that is done, hopefully you will see the setup for MIUI. Complete it as you normally would, and after the setup, you will find the magisk manager preinstalled but it will have the placeholder android app logo. Open that and it will prompt you to complete the download and installation of magisk manager. Do that and then open magisk manager (at this point it will have the familiar logo), go straight to installing Magisk and then select Direct Install (Recommended) and then let it do its thing.
After that, it will prompt you to restart your device to complete some stuff at which point you have successfully rooted your phone.
Aftermath:
I would like to remind you that SafetyNet will fail, even if you enable MagiskHide. You will have to do some other stuff to fix that if you want to use stuff like Google Pay so if that is a deal breaker, I suggest you don't follow this guide yet until some recommendations regarding SafetyNet pop up in this thread (or if you find some stuff elsewhere (please do let me know)).
Weirdly the Widevine rating is still at L1 according to DRM Info so I guess Netflix and other stuff will work fine(?). I don't use netflix or prime video so I can't help you there.
Concluding:
If there is anything step I have missed out or some issues you're facing, please let me know within this thread. I'll be happy to resolve the issue. If there are any recommendations regarding SafetyNet or any recommendations in general, I'll be happy to listen.
EDIT 1: You can't use Netflix because you won't be able to find it in Google Play Store.
EDIT 2: You can use Netflix and other DRM protected applications by installing the following Magisk Modules:
Riru (This is required by the next one)
Universal SafetyNet Fix (To pass SafetyNet ctsProfile evaluation)
MagiskHide Props Config (!!MOST IMPORTANT!!) (To get fingerprint certificates and pass other authentication related stuff)
Of course, as is with software, this stuff may eventually be patched by google or netflix so you should still refrain from using this guide (or rooting in general) if you don't want to deal with the hiccups down the road.
Certification is still L1 (weirdly) after installation of the modules and you will now be able to find Netflix in the store.
EDIT 3: Edited the guide after @murigny64 's reply (Thanks!)

Hello
No need to flash both A and B,
you can use "fastboot flash boot patched_boot.img", it will flash active system branch
because "boot" is a "partition_by_name" and symlinked to active partition (boot_a or boot_b)

I can flash Boot & VBmeta without issues but "--disable-verity --disable-verification flash vbmeta vbmeta.img" command just does not work. I got vbmeta.img from original device image & i have tried all kind of versions of command "fastboot.exe --disable-verity --disable-verification flash vbmeta vbmeta.img". Flasching VBmeta vorks but then i guess i would need spesific modified image file where it is disabled already. Any advice?

flashing vbmeta does result in an error and boot loop.
Error: unknown option -- diable-verity

Okay it seems like my phone has been sort of rooted but not completely. When I tried to edit my build.prop (to disable MiraVision), it resulted in the entire build.prop being wiped completely.

Thanks for sharing
Anyone got Google Pay working after installing Magisk and Universal Safety Net Fix ?

Exb22 said:
I can flash Boot & VBmeta without issues but "--disable-verity --disable-verification flash vbmeta vbmeta.img" command just does not work. I got vbmeta.img from original device image & i have tried all kind of versions of command "fastboot.exe --disable-verity --disable-verification flash vbmeta vbmeta.img". Flasching VBmeta vorks but then i guess i would need spesific modified image file where it is disabled already. Any advice?
Click to expand...
Click to collapse
sengottuvel said:
flashing vbmeta does result in an error and boot loop.
Error: unknown option -- diable-verity
Click to expand...
Click to collapse
Use a command prompt, not windows powershell.

stuntdouble said:
Use a command prompt, not windows powershell.
Click to expand...
Click to collapse
I shall try what you said. And get back to you.

sengottuvel said:
I shall try what you said. And get back to you.
Click to expand...
Click to collapse
same issue. Even cmd did not work. what am I doing wrong?
Can you please outline the steps? perhaps I am missing something by mistake.

You haven't followed the guide above, you've sent the commands in the wrong order. If you have done it in the right order previously then your adb version is maybe out of date so follow this guide and try again:
How to install ADB on Windows, macOS, and Linux
A step-by-step guide to get you started with the Android Debug Bridge tool.
www.xda-developers.com

stuntdouble said:
You haven't followed the guide above, you've sent the commands in the wrong order. If you have done it in the right order previously then your adb version is maybe out of date so follow this guide and try again:
How to install ADB on Windows, macOS, and Linux
A step-by-step guide to get you started with the Android Debug Bridge tool.
www.xda-developers.com
Click to expand...
Click to collapse
Could you please tell me the right order in which the two command lines have to be entered?
I was able to successfully entered the two lines in the below order,
fastboot flash boot path to patched boot image
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
fastboot reboot
I am now seeing MIUI logo for more than 10 minutes. I am not sure if this waiting time is normal?
Could I try replacing the second line with fastboot flash vbmeta path to vbmeta image?
Your help will be highly appreciated.

In the exact same order as RandomAccessVemuri has kindly posted for us all in their guide above. The vbmeta file first then the boot.img. If everything is done to the letter then there's no reason it shouldn't work on your device.
It looks like you're trying to format one of the partitions after modifying the boot.img, that's the wrong way around, so yeah that's going to stop it from booting. And when the commands take it should take seconds, then on rebooting using the fastboot command it should load up in a normal time.

RandomAccessVemuri said:
By Following this guide, you will lose your warranty so keep that in mind before you begin. (Although you have probably already lost your warranty by unlocking the bootloader)
So, if like me, you ended up buying the Redmi Note 10S because it was very cheap (it's something like 200$ for a really good phone) and then just hopped on to xda forums for the latest roms and stuff, you'll find that not much development is going on regarding this phone, understandably because of "better" alternatives within the same line-up.
As a consequence, we don't yet have TWRP or CWM or any such custom recoveries built for this specific device (Redmi Note 10S) nor do I think they're coming any time soon, which is unfortunate since that would have made the process a tad bit more convenient. We don't have any custom roms built specifically for our device either (although we can probably use GSI roms)
So we'll now try to do the process ourselves.
Now, for the disclaimer:
DISCLAIMER: I'm an amateur in terms of tinkering with android stuff and phones in general. The process mentioned below has worked on my phone but I would still recommend waiting for someone more....knowledgeable to weigh in his/her opinions. If you end up bricking your phone or if things go wrong, I'm not responsible, that's on you.
Also, please read the entire guide first and then begin.
Alright, with the appetizers out of the way, let's just crack on to the main course:
STEP-0: Requirements:
Redmi Note 10S
Install OEM fastboot drivers
Obtain android platform-tools along with knowledge about how to use it
Your Bootloader should be unlocked (wait for 1 week after first attempt at unlocking after which you'll receive your "permission")
Fastboot rom from here
Magisk apk
Being ready to lose your data (in short, don't personalize your phone just yet (....and also take a backup of everything)) and accept that you'll have SafetyNet related issues until you do some other special stuff
Enable Developer mode and USB debugging
STEP-1: Obtain boot.img (and vbmeta.img)
What we need is a boot.img that we can patch using magisk. We can do some code-fu to pull it from the phone but we don't need to do that. We can instead obtain the fastboot rom from here (I don't think region matters but take accordingly just to stay safe). While downloading, you'll see that what you're downloading a zip. This is intended because the boot.img (and the vbmeta.img) is within this zip file.
Anyways, once you download it, unzip all of the contents into a folder and move on to the next step.
STEP-2: Patch the obtained boot.img:
Take the boot.img from the zip file you obtained earlier and move it into the internal storage of your phone. Install the Magisk Manager apk from here. Install the apk and then after opening, go straight to installing Magisk, then select "Select and Patch a File" and then select the boot.img that you moved into the internal storage. It will then start patching the boot.img after which it will generate a patched boot.img, the directory of which is mentioned at the end of the patching process.
Move the patched boot.img back into your computer and move on to the next step.
STEP-3: Flash the patched boot.img:
Alright, this is the final leg of the journey (or should I say, desserts?).
Keep the vbmeta.img and the patched boot.img handy as you will be needing them here. You can find the vbmeta.img in the zip file you extracted earlier in the guide.
NOTE: The vbmeta.img is especially important because if you don't flash this while disabling verity and verification, you'll be stuck in a bootloop until you flash the stock boot.img (the boot.img before you patched it) back because this.
Alright, with all of that at hand, boot your phone into fastboot mode.
Now disable what is equivalent to the windows version of secure boot:
Code:
fastboot.exe --disable-verity --disable-verification flash vbmeta vbmeta.img
And then the following command that will finish it off:
Code:
fastboot.exe flash boot patched_boot.img
If you get stuck in a bootloop (perhaps because incorrectly flashing vbmeta.img or anything else), flash the stock boot.img with the same command and try the process again
And then finally for the cherry on top:
Code:
fastboot.exe reboot
After all that is done, hopefully you will see the setup for MIUI. Complete it as you normally would, and after the setup, you will find the magisk manager preinstalled but it will have the placeholder android app logo. Open that and it will prompt you to complete the download and installation of magisk manager. Do that and then open magisk manager (at this point it will have the familiar logo), go straight to installing Magisk and then select Direct Install (Recommended) and then let it do its thing.
After that, it will prompt you to restart your device to complete some stuff at which point you have successfully rooted your phone.
Aftermath:
I would like to remind you that SafetyNet will fail, even if you enable MagiskHide. You will have to do some other stuff to fix that if you want to use stuff like Google Pay so if that is a deal breaker, I suggest you don't follow this guide yet until some recommendations regarding SafetyNet pop up in this thread (or if you find some stuff elsewhere (please do let me know)).
Weirdly the Widevine rating is still at L1 according to DRM Info so I guess Netflix and other stuff will work fine(?). I don't use netflix or prime video so I can't help you there.
Concluding:
If there is anything step I have missed out or some issues you're facing, please let me know within this thread. I'll be happy to resolve the issue. If there are any recommendations regarding SafetyNet or any recommendations in general, I'll be happy to listen.
EDIT 1: You can't use Netflix because you won't be able to find it in Google Play Store.
EDIT 2: You can use Netflix and other DRM protected applications by installing the following Magisk Modules:
Riru (This is required by the next one)
Universal SafetyNet Fix (To pass SafetyNet ctsProfile evaluation)
MagiskHide Props Config (!!MOST IMPORTANT!!) (To get fingerprint certificates and pass other authentication related stuff)
Of course, as is with software, this stuff may eventually be patched by google or netflix so you should still refrain from using this guide (or rooting in general) if you don't want to deal with the hiccups down the road.
Certification is still L1 (weirdly) after installation of the modules and you will now be able to find Netflix in the store.
EDIT 3: Edited the guide after @murigny64 's reply (Thanks!)
Click to expand...
Click to collapse
Hello,
I have done a factory reset to my phone and I lost something very important so is it possible to get back to the previous version of the phone before the reset or should I give up
And thanks for your answer

Hello, I have the same phone as u. I wanted to unlock my bootloader and I tried like every tutorial on Youtube and other websites i could found but none of them worked out for me. this ****ty outdatet program of xiaomi just dont recognize my phone. Pleaaase tell me how u did it

Is it possible to don't wipe userdata ? Maybe using flash_all_except_data_storage.bat ?

There is some options to set before root ? On some other tutorials they tell to turn off MIUI optimization for example

Gg

I want to root my phone but I am scared I hard brick it because I did it before but I was still under warranty and I somehow locked the bootloader so should I give it another shot or just forget it?

Flameagle2021 said:
I want to root my phone but I am scared I hard brick it because I did it before but I was still under warranty and I somehow locked the bootloader so should I give it another shot or just forget it?
Click to expand...
Click to collapse
if you read all the instrucctions you wont hard brick your device

Does it work using an different android version than the boot.img file i extracted it from, since i often switch android versions with gsis and so on. (e.g android 11 boot.img with android 13 gsi?)

How To Guide Bricked device

If you have a bricked device from trying to install a custom ROM first try these. 1. If device isn't being detected by mi flash try a later version. You should use one from 2021 or higher. 2. Rename the stock FASTBOOT ROM folder to something else and put it inside the mi flash folder. 3. Select the stock FASTBOOT ROM folder in mi flash and plug in your phone and it should be able to flash. Now for the other step if you cannot boot into fastboot etc use the guide down below to install mtk tools. Get latest stock ROM folder too and extract the stock boot file and put it in mtk folder. Once you have it setup open mtkclient in cmd and use the command "mtk w boot boot.img" and then it will flash boot file then you should be able to flash stock in fastboot. If you need further assistance, you should first try to search it up. If that doesnt work open a thread on the redmi note 10 5g forums. If you need help installing a custom rom. I suggest wetito's guide: https://forum.xda-developers.com/t/...id-12-13-based-gsi-without-bootloops.4509833/

My suggestion: install an arch linux distro, set up android tools and download adbxiaomifastboot tool. You can install stock rom without problem
Also mtk client is available for download, and installation is automatic, easiest than window version
Also the installation of adb and fastbiot is easiest
Linux is the best for modding. garuda linux by default have a store where you can find all app you need and install like all app stores