Related
hi everyone,
i bought a 2nd-hand xz1c and it's been great but it had a custom rom installed and was rooted then reflashed with stock rom when i got it, that's what the seller said anyway but i can't get in touch with him anymore.
i haven't been able to update anything since i got it. the system downloads and fails to install the update over and over. i have no idea how to unroot the phone if that's possible or what programs to use to do it, is there a guide where i can just get it to stop downloading and trying to download the newer firmware? ideally i'd like to install the update, failing that just to get it to stop trying would be "ok"... probably not from a security point of view though.
i'm a complete noob sorry. ly
As the phone was rooted, the bootloader is unlocked and the OTA update will fail. It's impossible to relock the bootloader, so you'll have to manually flash the updates.
You can use a tool called xperifirm to download new firmware version and newflasher to flash them. Search the forum for guides.
To stop the updater from tryung, go to settings/apps, check show system apps, find the app called Software update and force stop it. It will restart on phone boot, so you'll have to close it again once in a while.
You can also use ADB to disable the updater for good - again, search the forum for a more specific guide...
If you really feel there is some sort of advantage to having the latest firmware on your phone, then upgrade it yourself, you won't damage the phone or change your warranty status.
Look on Xperiafirm and find a 47.2.A.10.62 customised build - CE1 would be a good option
Download Newflasher and put it in the same folder as the firmware you downloaded from Xperiafirm
Delete Userdataxxx.sin and files ending in .ta (but not in the boot folder) . This will ensure that you don't lose any personal data. Also delete persist*.sin to avoid losing android attest key.
Then start newflasher.exe and follow instrctions.
You might need a copy of the Sony driver
I would make a backup with Xperia transfer before you do anything, if the phone is glitchty after your rebuild, then factory reset it and then restore from the backup.
You'd probably need to read up on janjan's kernel fix to get you working without a green camera.
You'll also need TWRP
This thread is how I have managed to upgrade a Samsung S5 with Android 6.01 to LineageOS 16 with a Mac laptop running Sierra, in an attempt to keep on using it with my car infortaintment system.
First of all it's important to leave very clear 2 things:
ALL THIS INSTRUCTIONS APPLY TO A SAMSUNG S5 SM-G900F kltexx device. I don't know how it will work in any other device . This is what has worked for me and I'm sharing this with you all just hoping that will be useful for someone else.
YOU ARE THE SOLE RESPONSIBLE FOR ANYTHING THAT MIGHT HAPPEN TO YOUR DEVICE.
So let's get started.
Prepare your system:
You must have the Samsung USB drivers installed (I used the latest ones from Samsung - https://developer.samsung.com/mobile/android-usb-driver.html).
You need to allow your device to debug it using the USB. Instructions here: https://androidcure.com/enable-usb-debugging-samsung-galaxy-s5/
You need to install adb in your computer. The easiest way to do it is this one: https://www.cyanogenmods.org/minimal-adb-and-fastboot-windows/ although another option would be to install Android SDK platform tools, but thats much heavier (https://developer.android.com/studio/releases/platform-tools). Usually the first option is enough.
You need to ensure that your Samsung will always trust your computer. So connect your Samsung with your computer and when it asks if your computer can be trusted, make sure that you click on the checkbox with the option "Always".
ODIN:
You need to install a Recovery System in your device and for that you will need ODIN which is a tool created by Samsung to flash files to Samsung devices. It has a version for Mac which has worked for me. Go to this site to learn how to use it and to download it: https://macmetric.com/odin-for-mac/ or you can right jump to this site (https://forum.xda-developers.com/devdb/project/dl/?id=20803) to just download the version that worked for me.
ROOT : (Optional)
By default your device has the bootloader unlocked. This was something that drove me crazy as I couldn't find anywhere to show me if it was. I ended up rooting my device to confirm that it was unlocked and also to confirm the real name of my device. So it's almost 100% certain that your Samsung S5 has the bootloader unlocked, but in case you want to confirm it, as I did, follow the instructions from this thread https://forum.xda-developers.com/showthread.php?t=2696537.
Basically, I ended up on this page, CF-Auto-Root homepage
http://autoroot.chainfire.eu/ downloading the file to root my device from there and flashing it with JOdin. Keep in mind that you might think that your device is version klte and there are at least 5 klte: kltedx, kltexx, kltezh, klteduosxx and kltejv. Mine ended up being kltexx
In my case I followed the process described in that thread and tried to root my device with the file for kltedx and it didn't wok out. Then I tried again with the file for kltexx and it worked. That's how I discovered that mine was kltexx.
TWRP :
You need to install a custom recovery system to your Samsung S5 device to be able to flash the LineageOS ROM. This site has the instructions that I followed to install it: https://www.cyanogenmods.org/forums/topic/install-twrp-recovery-samsung-android-using-odin/
It is extremely important to highlight that the latest version of TWRP didn't work for me. I installed the latest one and everything seemed to be OK but it was not. I couldn't flash any ROM with it. I ended up discovering that for my case, the best option was to install an older version. To be more precise, version 3.0.2.2 (https://eu.dl.twrp.me/klte/twrp-3.0.2-2-klte.img.tar.html).
To make sure that you have been able to install TWRP do the following. There are 3 ways to boot your Samsung S5: Normal boot, Download mode (ODIN) and Recovery mode. We need to start up on recovery Mode and see a screen menu similar to the one we've seen in the previous thread (https://www.cyanogenmods.org/forums/topic/install-twrp-recovery-samsung-android-using-odin/).
To do so, start the device on Recovery mode:
For the Normal mode you just click the Power Up key and wait. No magic here.
For the Download mode you have to switch off your device and then click at the same time the Power Up key, the Volumen Down key and Home key. It comes with the standard installation, so no magic here either.
Home Key
For the Recovery mode, you have to switch off your device and then click at the same time Power Up key, Volumen Up key and Home key. After a couple of seconds, the screen will say at the top "Recovery option..." and you should be able to see the touch screen menu of TWRP.
Flashing LineageOS 16 :
This is suppose to be an easy step but it ended up being very complicated because my device name was not properly being exposed by my device. So I ended up modifying the installation script to ensure it didn't matter.
So, you have to download not only the LineageOS version but also some other packages like Google apps, that are not installed and that you will need, and also the rooting package, which is always handy.
So the instructions and the links to download the packages are here. You might go there, read them and download all the packages: https://wiki.lineageos.org/devices/klte/install under the section Installing from Recovery....
Once you have all the packages ready to install, before you follow their instructions, you will have to do some hacking that you will find here explained here: http://www.lineageosdownloads.com/fix-error-7-lineage-os/ under section METHOD 1: UPDATER SCRIPT HACK TO FIX ERROR 7.
Basically, what I did was to edit the zip file using vim editor from the command line. You type "vim lineage-16.0-20200726-nightly-klte-signed.zip" (being lineage-16.0-20200726-nightly-klte-signed.zipand the name of the lineageOS image) and then go to "META-INF/com/google/android/updater-script" and then edit the file removing all the lines where it has any reference to the device name which are usually the first lines of the script containing the getprop(...) lines of code. To remove them, just click "dd" and they will be removed. Once they are removed, click on "Esc". Then type ":wq", it will go back to the previous screen, and then click ":q" and taht will be it, you have the package ready to be installed.
Now follow the instructions that you read previously and you should be able to have your Samsung S5 updated to LineageOS 16.
And now comes the part that I haven't resolved yet. How to install Mirrorlink in this device. So far I have managed to get several version of the Driverlink APK from Samsung but I'm not able to install them because when I try to do it using adb in root mode, I get the following message: "Package com.sec.android.automotive.drivelink has no signatures that match those in shared user android.uid.phone; ignoring!".
I know it has something to do with the signatures of LineageOS and that I need to sign the APK file with the LineageOS ROM signatures, but so far I haven't been able to find how to do it.
So I'll keep on trying and posting my discoveries here. Anyway, if anyone is willing to help me, it will be very welcome!!
I really hope that this helps others to take back from the closet their forgotten Samsung S5 and put it back to work.
I dont think it would help even if u did manage to install mirrorlink as samsung did drop support for mirrorlink.
Mirrorlink needs a new security certificate from samsung every month, and last certificate works until 2020-07-31
guroth said:
I dont think it would help even if u did manage to install mirrorlink as samsung did drop support for mirrorlink.
Mirrorlink needs a new security certificate from samsung every month, and last certificate works until 2020-07-31
Click to expand...
Click to collapse
I'm still working on it. Anyway, the certificate is not a problem. Once I have mirrorlink working, I will install some applications that will install the certificate (like RockScout - "https://play.google.com/store/apps/details?id=com.carconnectivity.mlmediaplayer&hl=en_US") or LG Mirrorlink. And with them I will use other apps to take control of the screen like for example Full Mirror for Mirrorlink - "https://play.google.com/store/apps/details?id=full.mirrorlink&hl=en_US"
The main challenge is to be able to create the connection between the cellphone and the car.
There is a button "Translation" in notification bar in LOS, that is a mirrorlink by itself if I do understand this correctly. But klte SM-G900F on LOS 17.1 and lentislte SM-G906S on LOS 16.0 doesn't discover a mirrorlink device that is working properly with Samsung A50 on stock ROM (Anydata device, Windows 10 PC). One day I have managed to establish a mirrorlink connection between A50 (it was a transmittor) and SM-G900F (receiver) via some (can't recall it's name) app. But still I haven't managed to use S5 as a transmittor for mirrorlink...
Hi guys,
I have a sunmi v2 android PDA, and i want to remove blocked OS.
I can't find bootloader, or i dont know how to enter on it, also i want to install a recovery mode to flash a new ROM.
Someone can help me please with this problem?
Thank You.
Hi, I have the same problem. Did you find a way to do it?
Can you tell me please?
Thank you
I have V.1.. Firstly, are you guys able to allow installation of apps from "Unknown Sources"?
Just wondering if you ever managed to load android onto the V2 and remove the Sunmi OS? I have managed to enable dev mode and allow untrusted sources but on installing google play services and store all I get is crash reports and have to factory reset.
Thanks
J
Can you tell me what you did to install apps from untrusted sources? and what progress have you managed to make?
wesleybr90 said:
Can you tell me what you did to install apps from untrusted sources? and what progress have you managed to make?
Click to expand...
Click to collapse
To enable untrusted sources I had dev mode on but under security > device admin > unknown sources. I don't know if you need to enable dev mode to turn that on but if so go to about > build number > tap until it enables. I'm not really a software guy and was hoping someone on the internet would have a solution to rooting the device and maybe ADB it, I did ask a software engineer friend of mine and he did some research on them, these things talk to Sunmi's servers on boot with the current FW so they are heavily locked down, so progress wise for me is it's been in a drawer since January and I'm hoping someone will have a way to root the thing :S
So I have no idea about Android things but I bought secondhand Sunmi V2 that is locked on Glovo aplication.
For the last week I managed to do some research about that:
1. The thing runs custom OS with some kind of recovery-from-boot.p thing that prevents most of modifications, cause after reboot it reverts some system things.
2. I tried to use SP flash tool to do full backup, made mine scatter file and thing I have no idea about
3. Managed to download TWRP recovery to device recovery partition with use of SP flash tool, this did not do anything and the thing booted to Phoenix recovery as normal....
4. With the help of WWR 2.51 I managed to install applications on it...
5. Installed Kingroot, didnt do anything, installed, APKPure, works nice, Magisk, dont know how to root...
6. Tried installing google play, it says it is installed, cant uninstall it nor open it...
7. Can't and don't know how to enter fastboot...
8. I am afraid to flash complete ROM from some other same chipset device...
9. After powering up, Sunmi connects to its own server and does some kind of evil magic to preinstall software and settings.
10. I contacted Sunmi, they kinda don't want to help, cause I will resell device after unblocking it.
11. Fount "that guy" from youtube that does unlocking it, on the minus side he wants money for unlock... and from his videos he flashes complete EMMC_USER bin to device to unlock google play.
Do anyone know which steps can I take further to try to unlock it by myself?
I have some spare time at work to do this kind of playing around.
Update:
I managed to extract system.img from device and I am able to browse files on it, the plan is to see can i change some files and setting in it and reflash it back to device. This is all overwhelming to me as I have no experience in android development.
Noob Sailbot said:
So I have no idea about Android things but I bought secondhand Sunmi V2 that is locked on Glovo aplication.
For the last week I managed to do some research about that:
1. The thing runs custom OS with some kind of recovery-from-boot.p thing that prevents most of modifications, cause after reboot it reverts some system things.
2. I tried to use SP flash tool to do full backup, made mine scatter file and thing I have no idea about
3. Managed to download TWRP recovery to device recovery partition with use of SP flash tool, this did not do anything and the thing booted to Phoenix recovery as normal....
4. With the help of WWR 2.51 I managed to install applications on it...
5. Installed Kingroot, didnt do anything, installed, APKPure, works nice, Magisk, dont know how to root...
6. Tried installing google play, it says it is installed, cant uninstall it nor open it...
7. Can't and don't know how to enter fastboot...
8. I am afraid to flash complete ROM from some other same chipset device...
9. After powering up, Sunmi connects to its own server and does some kind of evil magic to preinstall software and settings.
10. I contacted Sunmi, they kinda don't want to help, cause I will resell device after unblocking it.
11. Fount "that guy" from youtube that does unlocking it, on the minus side he wants money for unlock... and from his videos he flashes complete EMMC_USER bin to device to unlock google play.
Do anyone know which steps can I take further to try to unlock it by myself?
I have some spare time at work to do this kind of playing around.
Update:
I managed to extract system.img from device and I am able to browse files on it, the plan is to see can i change some files and setting in it and reflash it back to device. This is all overwhelming to me as I have no experience in android development.
Click to expand...
Click to collapse
Thank you for the update, Im following this thread to see how this goes. Im trying to unlock my Sunmi V1 too
I managed to brick it, stuck at boot looping... Somehow I redownload boot and system from my backup with SP flash tool and got it working back again...
So I tried using ASSAYED Kitchen and remove some Bloatware, rebuild it, and upload it back to device, used two files: System.img and boot.img... This bricked my device.
What am I doing wrong? This must surely be my error. Do I need to do something to recovery partition?
UPDATE:
Managed to install custom recovery TWRP, made it myself using Carliv Image Kitchen
UPDATE 2:
Even thou TWRP seems working, It does not mount any partitions: /data, /system... Invalid argument...
Does anyone know how to fix it easy way? because I cant find too similar custom TWRP to Sunmi...
Any custom system.img that I flash with SP tool does not want to boot, never, and even if I only open ASSAYED Kitchen, do nothing and repack it. Is the only way to install it with TWRP?
BIG UPDATE:
I have done 99% of the job!
I could write full from zero to hero tutorial for this, but basically I used TWRP to recover /data/system/users/0/package-restrictions.xml and edit it as I pleased and unlock google play.
Noob Sailbot said:
BIG UPDATE:
I have done 99% of the job!
I could write full from zero to hero tutorial for this, but basically I used TWRP to recover /data/system/users/0/package-restrictions.xml and edit it as I pleased and unlock google play.
Click to expand...
Click to collapse
I am also looking forward to the results you have done
So amazing!!
I am slowly loosing interest in this. Whatever I do it is just endless loop...
When I modify package-restrictions.xml and settings_secure.xml files I got GooglePlay and Maps and stuff, but first time you connect the device to internet, SunmiBaseService overwrites them with options used for this DeviceID.
I renamed this SunmiBaseService to something else, got this working, but then since the whole thing runs on this sunmi backbone you can't install any apk's. I can normally install apks using USB and enabled BaseService.
It would be best if I could have just normal Android on this thing since it is unusable if you block BaseService, and if you would do any system upgrade on some point in time it would overwrite and install this service by itself. Like I said, it is endless loop. Even after contacting sunmi my region cant't have this for private use.
I can provide all files used in this process, my scatter files, my TWRP recovery and else...
The question is is it possible to port clean Android to this device, like we install new windows on a PC?
Hello guys, any news for Sunmi? I got one, but i wan't to remove the OS, or enable Play on it.
Velcis Ribeiro said:
Hello guys, any news for Sunmi? I got one, but i wan't to remove the OS, or enable Play on it.
Click to expand...
Click to collapse
No, I tried everything I know. Only thing that I did not do is replacing sunmibase service with some kind of android base service or paying some youtube guy 20$ for unlocking, but I doubt it would work correctly. Couse after you, in some point in time, update software or something I highly doubt it would work after that.
{Mod edit: Quoted post has been deleted}
I am going to upload files that I have, but I need few days to do so.
So here are the files:
Original image downloaded from device:
Code:
https://mega.nz/file/G6R0mJ4K#rWNDGzWyerP68Pp0o9KCKj92wx_yzLgoJ98vccPgXaQ
Modded boot.img and recovery.img with TWRP (only thing that I did not configure in TWRP is vendor partition, but most things work:
Code:
https://mega.nz/file/WvgECC5a#WiIWe00gsc-TcjvwMgfX6sQc9B5zElvuu34hbUVOR0E
Scatter File:
Code:
https://mega.nz/file/7npzTSLJ#pfK7G4aB5EDKuY17UrJdNrcwzeiVt3dJnegKqUIJRkc
All other files that I have are some moded that I have tried to get it to work but did not have luck in making it usable, if any more files some of you want I can also upload them but this is part that work.
Noob Sailbot said:
So here are the files:
Original image downloaded from device:
Code:
https://mega.nz/file/G6R0mJ4K#rWNDGzWyerP68Pp0o9KCKj92wx_yzLgoJ98vccPgXaQ
Modded boot.img and recovery.img with TWRP (only thing that I did not configure in TWRP is vendor partition, but most things work:
Code:
https://mega.nz/file/WvgECC5a#WiIWe00gsc-TcjvwMgfX6sQc9B5zElvuu34hbUVOR0E
Scatter File:
Code:
https://mega.nz/file/7npzTSLJ#pfK7G4aB5EDKuY17UrJdNrcwzeiVt3dJnegKqUIJRkc
All other files that I have are some moded that I have tried to get it to work but did not have luck in making it usable, if any more files some of you want I can also upload them but this is part that work.
Click to expand...
Click to collapse
Can you share the files again please, the links don't work anymore. Thank you
My buddy has toast loaded on an old device and was looking to replace the os so his kid can use the tablet. Sunmi t2
Noob Sailbot said:
So here are the files:
Original image downloaded from device:
Code:
https://mega.nz/file/G6R0mJ4K#rWNDGzWyerP68Pp0o9KCKj92wx_yzLgoJ98vccPgXaQ
Modded boot.img and recovery.img with TWRP (only thing that I did not configure in TWRP is vendor partition, but most things work:
Code:
https://mega.nz/file/WvgECC5a#WiIWe00gsc-TcjvwMgfX6sQc9B5zElvuu34hbUVOR0E
Scatter File:
Code:
https://mega.nz/file/7npzTSLJ#pfK7G4aB5EDKuY17UrJdNrcwzeiVt3dJnegKqUIJRkc
All other files that I have are some moded that I have tried to get it to work but did not have luck in making it usable, if any more files some of you want I can also upload them but this is part that work.
Click to expand...
Click to collapse
I am after these files also if you still have them
Would it be possible for you to re-upload the files?
If I root this device to use titanium backup and root for apps like gsm battery - if i were to upgrade using samsung services, would this undo my root or lock my phone from future updates in some way?
Is it advised against updating if one were to root in the future?
Lastly why can't I call record?
zetsui said:
If I root this device to use titanium backup and root for apps like gsm battery - if i were to upgrade using samsung services, would this undo my root or lock my phone from future updates in some way?
Is it advised against updating if one were to root in the future?
Lastly why can't I call record?
Click to expand...
Click to collapse
I will try to answer....
First, IF you Root, one is Not able to do the OTA updates! ( Meaning, you will not be able to update the phone from within the devise)
Second one- The Hard Q to address - Only due to the fact that Everyone is Different. Everyone uses their phone differently. Plus, add in the fact that Samsung has stated, that the S20 FE will receive regular security updates and a few OS updates as well!! (When Purchased in January I has Android 10. A couple of weeks later, it was February, Samsung updated to Android 11. (Knowing later this year, if not next, we will be on Android 12, says something, about the devise!))
Now all that said, knowing XDA People, in time, we should be able to have Our beloved Root, as well as, Updates that come from Google and Samsung.....
I had to check my phone (recent update, things have changed a bit...) in my case, I no longer have call recording (stock) on the phone! It has disappeared!!!
if you don't mind downloading and manually flashing the latest update via Odin, keeping root would mean taking the boot.img (I think) from the tar file and patching it via magisk and then putting it back into the tar file and flashing the whole thing.
3mel said:
if you don't mind downloading and manually flashing the latest update via Odin, keeping root would mean taking the boot.img (I think) from the tar file and patching it via magisk and then putting it back into the tar file and flashing the whole thing.
Click to expand...
Click to collapse
so the stock updated rom is available here? on this sub foruM? i'm fine with that for now. as long as i can keep my seetings and not hav et o resetup everything
zetsui said:
so the stock updated rom is available here? on this sub foruM? i'm fine with that for now. as long as i can keep my seetings and not hav et o resetup everything
Click to expand...
Click to collapse
not available from here yet, you'd have to download the firmware from one of the Samsung firmware sites / apps. don't quote me on these names, Samfirm, Sammobile and Frija. and again don't quote me, do your own searches here to confirm but if you use the HOME_CSC file instead of the regional one your data won't be wiped.
you'd lose root if you didn't also patch the boot.img file and copy that back to tar archive.
3mel said:
not available from here yet, you'd have to download the firmware from one of the Samsung firmware sites / apps. don't quote me on these names, Samfirm, Sammobile and Frija. and again don't quote me, do your own searches here to confirm but if you use the HOME_CSC file instead of the regional one your data won't be wiped.
you'd lose root if you didn't also patch the boot.img file and copy that back to tar archive.
Click to expand...
Click to collapse
you're confusing me now. so what's the order if I do want to update and keep root?
Root->magisk patch after its released for current upgrade (any eta on time after samsung releases)->upgrade?
my last Samsung was fully custom rom and I only ever flashed radio and bootloader, I got those from links in forums. I think firmware is pretty quick in being made available on these sites / apps but I've not used them myself.
so imagine your phone is already rooted (that first initial root is more involved as there's a data partition wipe), new firmware comes out.
* download that firmware
* open the archive tar of that firmware and copy boot.img file to your phone (I've only read this once so confirm I have the correct file name).
* from your phone install magisk v22
* open magisk and options for direct install will lead you to patching the boot.img
* when that's done, move the patched file back to your computer and replace the original version with the patched one. it might be handy to keep a copy of the unpatched file safe in case you need it one day.
* from your computer flash the contents of that tar archive, you'll need to read a proper guide for this, the correct files need to be assigned to the correct partitions in Odin (the flash app for Samsung) and the names aren't all obvious. also you need drivers for Odin too, and a good version that works for this phone.
* one of those files that needs to assigned is called the CSC file, that deals with the region your phone is going to be (put simply). if you use your phones correct CSC file for the region of firmware you downloaded the data partition will be wiped.
to avoid that you can use the HOME_CSC file and data will not be wiped. on your initial first root you will have to wipe though to make sure your storage is not encrypted.
* you really want to follow guides for everything you're doing for the first time, don't rely on previous experience. Samsung phones are different to Pixels etc. some guides are written as if you'll know half this stuff already, if you don't it doesn't hurt to ask someone.
lol, I haven't actually rooted my own phone yet. I'm waiting to borrow a laptop plus seeing how things develop with TWRP / mods / new procedures.
Disclaimer: By attempting this I accept no responsibility for any consequences or repercussions or perceived consequences or repercussions of using this guide or any of the files in it. I'm simply a n00b trying to make things easier for the next guy because this was quite a process and my phone was "bricked" for several days before i found the solution so this is more a "how i did it, maybe it will work for you" guide then most of these guides by guys with a lot more experience than me. If you run into something crazy I didn't run into, ill likely not be able to help you.
With that being said after 3-4 days of struggling, this is what was working TODAY, 6-3-2022
Now that the disclaimer is out of the way, here's a further warning... THIS WILL ONLY WORK FOR THE NORD N100 Metropcs Variant (BE2015) BE82CF. You WILL have issues if you try this on another N100! Furthermore, this will leave you stuck on OOS 10.5.8 (android 10) rooted with no way (that I could find) to update further. If that's not ok with you, well then this guide isn't for you.
PLEASE READ THE WHOLE GUIDE BEFORE BEGINNING TO AVOID MAKING MISTAKES OR MISSING STEPS/NOTES!
So normally we would unlock the bootloader and then install magisk and take our boot.img from the firmware we are on and patch it and flash the patched boot img and then we would be done.... HOWEVER there's not a lot of newer firmware floating around for this phones variant.... so first, a step backwards before we continue.
0) Before you start make sure you have everything you want to keep backed up one way or another because this will wipe your phone several times over and you will lose everything that you don't backup!
1) Flashing OOS 10.5.8 using MSMDownloadtool.exe so that our boot.img will match our current version
So the newest firmware I could find that I could VERIFY belonged to this exact variant was 10.5.8 (android 10). However i was on the newest firmware which was android 11. The boot.img wouldn't match so this could likely brick my device
So first i used the firmware i found to go back to an older firmware that i got from here [OPN100][OOS METRO BE82CF] Unbrick tool to restore your device to OxygenOS
and in case a newer version is posted in the future here's the direct link from this post OOS 10.5.8
I used the included MSMDownloadTool but had trouble connecting until i used my motherboard USB port AND uninstalled the qualcomm driver that was already installed and installed the one i got from this post: Qualcomm HS-USB QDLoader 9008 Drivers: Download & Install
After i finally connected it took me just about 4 minutes to flash the new firmware. Once again you have a fresh clean install. Setup everything really quickly in OFFLINE mode. This is for 2 reasons, one is speed but the other is to stop the auto update of the system firmware! Before enabling internet. enable developer mode and uncheck Automatic System Updates
NOTE: For some people it will make more sense to do this next part first so they aren't stuck on an old firmware for a week while waiting for an unlock token, but regardless if you do these steps first or not they still need to be done here as well since flashing firmware with MSMDownloadTool relocks the bootloader if it was unlocked already.
This is already going to be long so for sake of shortening it im putting these steps here instead
2) Switch the OEM UNLOCK toggle in dev options
We have to flip the OEM Unlocking option in developer options. But it's greyed out! I myself did this the time consuming way but theres two methods, ONLY CHOOSE ONE
2.1a) Its greyed out because you're carried locked. You can get this ungreyed by waiting 6 months and using the stock carrier unlock app named "unlock." You can do this quite easily using this app and following the prompts.
2.1b) There's a way to skip the carrier unlock, after all we dont want to switch carriers just unlock the bootloader. This was found the best way: by accident. Someone made a one plus debloat script and the people that were running it found out that the"unlock bootloader" came unlocked afterwards. It's a neat little script, i ended up running it myself. I found somewhere in my searches the exact command in the script that did it but i can't remember exactly and can't find the post that identified the one command.
I BELIEVE it's one of these three:
com.qualcomm.qti.remoteSimlockAuth
com.qualcomm.qti.uim
com.qualcomm.qti.uimGbaApp
The most obvious one seems to be the remoteSimlockAuth. TBH i only added that because it seemed so obvious. I believe it's actually one of the other two, but i'm just not sure. You could try removing those three only and see if it works. Worse come to worst, run the whole script from this post: One Plus Pure Debloat
NOTE: If you are going to run the whole debloat script make sure to install a keyboard FIRST or you will be stuck without one! Or remove com.google.android.inputmethod.latin from the list.
2.2) No matter which way you completed it (using step 2.1a or 2.1b), the OEM Unlocking toggle in developer option will be usable now. Enable it. While you're in developer options, make sure usb debugging is on because you will need it for the next part. Make sure to plug your phone in and when the rsa key fingerprint pops up, choose "always allow from this computer"
3) Unlocking the bootloader
This part is pretty standard with no serious deviations. I followed this guide from step number 3 on: How to unlock bootloader for OnePlus smart Phone
When you get to step 5 they don't mention it but it takes about a week to get the unlock token.
The only real thing i changed for all of this pretty straightforward guide was when they say the command is fastboot flash cust-unlock <unlock_token.bin> ... Well the bin is called unlock_code.bin so i ended up using fastboot flash cust-unlock unlock_code.bin instead.
Once you finish and your phone restarts, set up the phone quickly in offline mode just to get through it again. Before enabling internet. enable developer mode and uncheck Automatic System Updates. While you're in developer options, make sure usb debugging is on because you will need it further on. Make sure to plug your phone in and when the rsa key fingerprint pops up, choose "always allow from this computer"
4) Decrypt the .OPS firmware file from step 1 to get the boot.img
The next part seemed very complicated but really wasn't. We need to decrypt the .OPS firmware file to get the boot img out of it. I used Oppo Decrypt
There were some changes I needed to make in this section which ended up working, i don't know if the issue was a newer python version or what but if following the readme from the github doesn't work as-is for you, try this instead.
4.1) install python for windows from the official website Python Official Site
4.2) Navigate to the python install directory. C:\Users\%username%\AppData\Local\Programs\Python\PythonXXX\ is the default directory, with %username% being your account username, and XXX being the current python version without the .'s For me this was C:\Users\Kaladin\AppData\Local\Programs\Python\Python310\
Now launch a command prompt from this location.
4.3) Run the command pip3 install -r requirements.txt and if it complains about anything not being updated run that command next to update everything.
4.4) Move a copy of bengal_14_O.04_201221.ops from step 1 into the python310 folder and then run the command opscrypto.py decrypt bengal_14_O.04_201221.ops and wait for it to finish. You can now close the CMD window. You will find the boot.img we need in the "extract" folder in the same directory. Put your phone in file transfer/MTP and move just the boot.img over to your phone or however you want to get this done, do it.
5) Install magisk and root by patching the boot.img and then flashing the patched boot.img
Now we just follow these steps starting at step 2.3 from this guide How to Root OnePlus Nord N100 using Magisk [No TWRP Required]
The only thing that seemed wrong here is in step 3.4 they say to run the command fastboot devices and not only is this not needed but wont work here. If you want to make sure you're connected, use adb devices here instead or reboot to fastboot first before running fastboot devices (so after step 3.5 before step 3.6 instead of step 3.4).
Then, in step 3.6 we have an A/B partition systems, so we need to use the first command only, fastboot flash boot boot.img ... ignore the second part about non A/B Partition systems. Flashing the wrong command here could probably brick your device.
Follow the rest of the guide.
One additional thing i needed to do to obtain root after rebooting was to again open Magisk Manager and click install and choose "Direct Install (recommended)" this time (instead of select file and patch it). When the process is done, reboot your phone and then once it restarts you will be able to download a root checker app off the play store and verify root.
Yay! It was a long journey, but we are done!
NOTE: Magisk has a way to install OTA updates while keeping root by half uninstalling Magisk and reverting to the stock boot.img before allowing the OTA update, then you would reinstall Magisks patched boot.img to the other partition before restarting but i wasn't able to get this to work myself. I will give you the tutorial here though just in case but for me it auto restarted as soon as the OTA update finished installing and updated me to the newest firmware which removed my root and made it so that i had to start this whole process all over again from step 1 (minus the wait time for the carrier unlock and the unlock token of course). So up to you if you want to try this out.
For now i'm just happy to be rooted on a stock rom even if it is a little old. Hope this helps someone out =)
SPECIAL THANKS FOR ALL THE PEOPLE WHO WROTE THE GUIDES, TUTORIALS, AND PROGRAMS USED THAT I LINKED TO! I WOULD HAVE BEEN LOST WITHOUT THESE AND ALSO WITHOUT GOOGLE TO FIND THEM!
any chance you could upload the patched and unpatched boot.img?
dabman710 said:
any chance you could upload the patched and unpatched boot.img?
Click to expand...
Click to collapse
Sure, but i don't know enough to know if you should use the patched one or not. I think you should use magisk and patch yourself.... But ill include it anyways Boot.img from bengalm_14_O.04_201221 it may be totally safe im just not sure. but the boot.img is unaltered.
AesopRock127 said:
Sure, but i don't know enough to know if you should use the patched one or not. I think you should use magisk and patch yourself.... But ill include it anyways Boot.img from bengalm_14_O.04_201221 it may be totally safe im just not sure. but the boot.img is unaltered.
Click to expand...
Click to collapse
i didnt try using your patched boot.img, but the unpatched one worked perfect for me after patching myself. saves everyone a few steps too by having that available. thank you
So even though i debloated all one plus things i could find and kept autoupdate automatically in dev settings turned off , my phone still pushed an update and i lost root.... Unless someone knows how to fix this, CFW may be our only hope of keeping root, at least for this variant