this one was more of a proof of concept but it works. you will get the red triangle but don't worry about it. BUUUUUT if you wanna run it. Here's how:
DISCLAMER: first and foremost, I take NO responsibilities for the possibility of a bricked phone(none whatsoever). if you brick it, it's YOUR fault, not mine.
ALWAYS BACKUP YOUR DATA BEFORE YOU DO ANYTHING
1.your phone has to be fully running ZV4. DO NOT DELETE YOUR DATA (but do back it up in case something does happen)
2. Make sure you have LGUP working. if not, refer to here
3. Download the edited ZV4.tot from here, and extract the zip.
4. Put phone in download mode ( Phone off, vol up while plugging in usb from PC).
5. Start LGUP
6. Make sure you see a com # and phone model
7. At the bottom where it says BIN, select it, at which point you should see 3 dot on the right, select it and choose the tot file that you downloaded from here
8. make sure you select "update" and none of the others. if you select any of the other options it will bootloop the phone.
If you bootloop your device:
1. Put phone in download mode ( Phone off, vol up while plugging in usb from PC).
2. Start LGUP
3. Make sure you see a com # and phone model
4. At the bottom where it says BIN, select it, at which point you should see 3 dot on the right, select it and choose the original ZV4 .tot file that you got from Honestly Annoying that he has listed here
5. select "refurbish", then "start" and wait for the magic.
I give creds to Honestly Annoying, and Tungkick for providing the original ZV4 tot file
schizoidd said:
this one was more of a proof of concept but it works. you will get the red triangle but don't worry about it. BUUUUUT if you wanna run it. Here's how:
DISCLAMER: first and foremost, I take NO responsibilities for the possibility of a bricked phone(none whatsoever). if you brick it, it's YOUR fault, not mine.
ALWAYS BACKUP YOUR DATA BEFORE YOU DO ANYTHING
1.your phone has to be fully running ZV4. DO NOT DELETE YOUR DATA (but do back it up in case something does happen)
2. Make sure you have LGUP working. if not, refer to here
3. Download the edited ZV4.tot from here
4. Put phone in download mode ( Phone off, vol up while plugging in usb from PC).
5. Start LGUP
6. Make sure you see a com # and phone model
7. At the bottom where it says BIN, select it, at which point you should see 3 dot on the right, select it and choose the tot file that you downloaded from here
8. make sure you select "update" and none of the others. if you select any of the other options it will bootloop the phone.
If you bootloop your device:
1. Put phone in download mode ( Phone off, vol up while plugging in usb from PC).
2. Start LGUP
3. Make sure you see a com # and phone model
4. At the bottom where it says BIN, select it, at which point you should see 3 dot on the right, select it and choose the original ZV4 .tot file that you got from Honestly Annoying that he has listed here
5. select "refurbish", then "start" and wait for the magic.
I give creds to Honestly Annoying, and Tungkick for providing the original ZV4 tot file
Click to expand...
Click to collapse
What exactly does this do? I'm very interested in this... It has some potential
Also, what is the red triangle? Does it not let you boot?
Honestly Annoying said:
What exactly does this do? I'm very interested in this... It has some potential
Also, what is the red triangle? Does it not let you boot?
Click to expand...
Click to collapse
it lets you boot fully. you just get a warning that your device can't be verified
schizoidd said:
it lets you boot fully. you just get a warning that your device can't be verified
Click to expand...
Click to collapse
Damn... great job with this! Can you please explain (with as much detail as you can) how you did this? This is extremely promising and I'm trying out some stuff now
Honestly Annoying said:
What exactly does this do? I'm very interested in this... It has some potential
Also, what is the red triangle? Does it not let you boot?
Click to expand...
Click to collapse
Honestly Annoying said:
Damn... great job with this! Can you please explain (with as much detail as you can) how you did this? This is extremely promising and I'm trying out some stuff now
Click to expand...
Click to collapse
well, simply I used a hex editor
schizoidd said:
well, simply I used a hex editor
Click to expand...
Click to collapse
But what parts did you edit? This could be very helpful
@autoprime Anything here?
Is this a pre-rooted tot file?
newbreedsoftware said:
Is this a pre-rooted tot file?
Click to expand...
Click to collapse
no. all it does is make your device show userdebug. nothing else is done, no root, no nothing. this one was a proof of concept to see if editing the .tot file would work.
What the crap @schizoidd. I live in Boise too.
I'd possibly be down to help out.
A thing about signatures, if it's a md5 type signature, you can make changes and not trigger failed verification if all characters are in there. Moved around but not changed. Like string "abcdef" can be changed to "fedcba" because it still evaluates the same. So maybe change a tot's security directory to the reverse and the phone won't be able to find it. I think I read that somewhere on these boards.
Would this work with the dirtysanta exploit from the LG v20?
i am not sure if this is an actual debug firmware.. it almost seems he took a stock zv4 tot and simply used a hex editor to say its a debug firmware?
eagleeyered said:
mostly. took a lot more than that. only used the hexeditor to extract the images for edit and to put them back in.
Click to expand...
Click to collapse
my point was, just because it was modded to "look" like a debug doesnt make it a debug.. if it was youd have fastboot enabled and you could simply unlock the bootloader..
---------- Post added at 01:24 AM ---------- Previous post was at 01:24 AM ----------
essentially that makes this thread misleading as you dont have sprint user debug
eagleeyered said:
who said it was me that created that file. that was all schizoidd. but i can tell you that there was a lot more than "just edited to look like userdebug". if it was edited to look like that, it wouldn't say that it was edited on boot, nor would it boot at all. it would just brick your device. now as he said, "this one was more of a proof of concept". in other words, it was made to see if the TOT for ZV4 (and others) could be picked apart and edited and put back together.
you do realize that the userdebug/eng ZV4 boot.img that tunkick released was used to make that even bootable. and it was schizoidd that realized that it was a userdebug boot, not an eng boot. if it wasn't for schizoidd, the userdebug on ZV4 would have never been released. it was only a proof of concept(i.e. bugs). fastboot is one and adb root is the other. but if you also look around, there was a ZV4 fastboot that was released. which kind of worked. and as we get close to releasing a good modded tot for the latest version of the software for our device, another one gets released. And as there are only 5 (yes 5) give-or-take people working diligently on attaining root for the LS992 with only 2 test devices, that stuff takes time, especially when one has to be replaced. for the record, 8 phones have been fried while attaining root (and that is out of pocket for the cost of those devices). so until we can get more people on the project, either as testers or as devs, it will take a while.
Click to expand...
Click to collapse
before you get panties in a bunch no one ever said you released anything.. was just going based off his posts and clearly saying all he did was use a hex editor and you guys not having any actual ddbug features it doesnt appear to be a debug firmware.. if it did youd have an unlocked BL already with fastboot
eagleeyered said:
just to give you a heads-up. ALL of the fastboot areas have been disabled and aren't in the aboot.img at all for the LS992. the only one that has fastboot that is close to what is needed is the tmobile version. and integrating 2 boot and 2 aboots and tring to get it to boot is hard. especially since an improper edited aboot results in bricked device.
And i was only pointing out the facts. i aint at all mad.
Click to expand...
Click to collapse
just a heads up, if you had debug firmware the aboot would have the necessary fastboot commands.. thats what im tryna tell you lol
we got a debug firmware on the lg v20 and debug aboot was already unlocked and had fastboot working
---------- Post added at 03:45 AM ---------- Previous post was at 03:44 AM ----------
not to mention the OPs account was disabled lol.. i wonder why
eagleeyered said:
as we dont have an actual userdebug device, we have to build the bootloader from the ground, up from source (kind of a pain).
although the QSEC_HASH key is the same from the LS992 and the V20. so might be able to pull some things from that, and they are based on the MSM board. i just want to make sure before saying the V20 root method will work, i wanna check to make sure that the aboot and boot is compatiblle
Click to expand...
Click to collapse
lol if you are making it from the ground up then it will never be a debug firmware.. debug firmwares come directly from the device manufacturer/carrier.. not something domeone just whips up..
youre not creating a debug anytjing, you guys are trying to find a way to unlock/root the device is all lol
eagleeyered said:
no one said it was easy.
Click to expand...
Click to collapse
i know.. but op sayin he got userdebug isnt true lol he has a slightly modified rom that if anything is only visually a userdebug
eagleeyered said:
oh, and do you wanna know why Schiziodd was banned? he was banned for the simple fact that him and one other person got into an arguement and due to that person using a technicallity in words and also trapping, he got banned. if he had known that what he had was what it was, he would have deleted it and added it for everyone and then left it at that.
Click to expand...
Click to collapse
lol sorry but this comment confuses me.. he was banned due to a technicality in words?? wht does that even mean lol.. he was trapped on xda??
and if he knew what he had was what it was he could have deleted it and add it for everyone then left? why would he delete and readd?
it sounds like he took someone elses work and got banned for it but who knows, im not a mod lol but doesnt seem to be a trustworthy fellow at all...
elliwigy said:
lol sorry but this comment confuses me.. he was banned due to a technicality in words?? wht does that even mean lol.. he was trapped on xda??
and if he knew what he had was what it was he could have deleted it and add it for everyone then left? why would he delete and readd?
it sounds like he took someone elses work and got banned for it but who knows, im not a mod lol but doesnt seem to be a trustworthy fellow at all...
Click to expand...
Click to collapse
Please check PMs, ignore eagleeyered...
Also you are very right about this only being hex edited. there is no official userdebug anything in this TOT, as I have tested this and flashed myself. Thread is misleading.
eagleeyered said:
[/COLOR]i have a ZV4 userdebug that boots and has the system set to RW. the only reason it's not released is due to the fact that not a lot of people are on ZV4.
Click to expand...
Click to collapse
So, less than a month ago, you're telling people on 4 not to update because IT'S COMING!! within a month. Now you're saying you've got it, it works, AND ON TIME, but you're not going to release it because, what, the "not a lot of people" who would want it, wouldn't want it now?
Hell, if I was actually able to deliver on something that big, ESPECIALLY within the time frame I set for it, I'd be paying Google to get my work to the top of search results. I'd be going door to door with it. I'd set up shop in front of Sprint stores until they stop selling the device, crowing about my ability to get RW to ANY build of this thing. But, that's just me, I guess.
You see how incredibly fishy that seems?
Related
So I haven't tried to use this yet, but it was dumped from a devkit atrix that supposedly has a bootloader that doesn't blow
http://www.mediafire.com/?d13i7uxrhw38y7o
SHA: FDA1FDBFD70628CBF1C79361525168847A00830B (motoboot.bin)
DO NOT FLASH THIS!
jimmydafish said:
this is P3Droid again,
I have all Dev phones with matching consumer phones, granted these are on VZW, but in the past placing a Dev phone bootloader on a consumer phone would result in a system that is inoperable (basically a soft bricked device). I would strongly urge you to not modify this file until you have a way to backup and restore this file.
This is just a word of caution from someone and a group that actually possesses both dev and consumer model phones and have already attempted what you are proposing here.
either way good luck, but do not return the device to ATT if you break it.
Click to expand...
Click to collapse
designgears said:
So I haven't tried to use this yet, but it was dumped from a devkit atrix that supposedly has a bootloader that doesn't blow
http://www.mediafire.com/?q053u356h5u52zd
It can be flashed with Qualcomm QPST
http://www.filecrop.com/QPST.html
Click to expand...
Click to collapse
the link is dead
Does "doesn't blow" mean unlocked/non-encrypted?
t0dbld said:
the link is dead
Click to expand...
Click to collapse
Which? I was able to get a copy of motoboot.bin (I think, anyway. designgears, could you post a md5/sha hash of the bin file for us?)
FYI, here's what I have for the file I was able to download:
Code:
$ shasum motoboot.bin
fda1fdbfd70628cbf1c79361525168847a00830b motoboot.bin
really i cant tells me file has been removed can you mirror or send ?
"Doesn't blow" should mean "lets us load our own kernels" in this context I think
now to figure out how to get the dev bootloader onto our phones..
sorry, was uploading a compressed version
designgears said:
sorry, was uploading a compressed version
Click to expand...
Click to collapse
ok now to test... this would be great esp considering they jsut anounced on twitter that zoom comes with locked/unlockable bootloader
t0dbld said:
ok now to test... this would be great esp considering they jsut anounced on twitter that zoom comes with locked/unlockable bootloader
Click to expand...
Click to collapse
damn, wish we would have gotten that.
designgears? post the SHA or MD5 checksum of the bin file please? I want to get cracking but want to ensure my downloaded file is intact first.
perdurabo2 said:
designgears? post the SHA or MD5 checksum of the bin file please? I want to get cracking but want to ensure my downloaded file is intact first.
Click to expand...
Click to collapse
already did
perdurabo2 said:
designgears? post the SHA or MD5 checksum of the bin file please? I want to get cracking but want to ensure my downloaded file is intact first.
Click to expand...
Click to collapse
LOOKS PROMISING!!! so far went through with hex editor and i see no signatures etc !!!
lol so excited cant spell or type
Slow Down Everyone...
this is P3Droid again,
I have all Dev phones with matching consumer phones, granted these are on VZW, but in the past placing a Dev phone bootloader on a consumer phone would result in a system that is inoperable (basically a soft bricked device). I would strongly urge you to not modify this file until you have a way to backup and restore this file.
This is just a word of caution from someone and a group that actually possesses both dev and consumer model phones and have already attempted what you are proposing here.
either way good luck, but do not return the device to ATT if you break it.
Not to be too dense here, but how would we make use of this? Wouldn't we still be at square one regaring not being able to get this onto the device?
Sent from my MB860 using XDA App
t0dbld said:
LOOKS PROMISING!!! so far went through with hex editor and i see no signatures etc !!!
lol so excited cant spell or type
Click to expand...
Click to collapse
You are not listening and I'm trying to help you not brick your device. DO NOT FLASH THAT BOOTLOADER or you phone will not work...there are a lot more signatures than just the bootloader, in fact if you don't hack/crack the mbr or change the signing keys and verification in the NVRAM you will just sit there with a brand new paperweight.
perdurabo2 said:
designgears? post the SHA or MD5 checksum of the bin file please? I want to get cracking but want to ensure my downloaded file is intact first.
Click to expand...
Click to collapse
smiths-MacBook-Pro:~ smith$ shasum /Users/smith/Downloads/motoboot.bin
fda1fdbfd70628cbf1c79361525168847a00830b
smiths-MacBook-Pro:~ smith$ md5 /Users/smith/Downloads/motoboot.bin
MD5 (/Users/smith/Downloads/motoboot.bin) = f3cb372a7498f175b53dc7881e4bd3c2
P3Droid, you have past experience with Dev phones and retail phones, what does this mean to the hacking efforts? Does an unsigned bootloader move us past any of the previous obstacles or is this just something to study?
t0dbld said:
LOOKS PROMISING!!! so far went through with hex editor and i see no signatures etc !!!
lol so excited cant spell or type
Click to expand...
Click to collapse
humancyborg said:
Not to be too dense here, but how would we make use of this? Wouldn't we still be at square one regaring not being able to get this onto the device?
Sent from my MB860 using XDA App
Click to expand...
Click to collapse
If you would like to brick your device I can teach you how to get it on, but it will require you to be rooted and running a custom recovery, the other method requires a fully released sbf file.
jimmydafish said:
You are not listening and I'm trying to help you not brick your device. DO NOT FLASH THAT BOOTLOADER or you phone will not work...there are a lot more signatures than just the bootloader, in fact if you don't hack/crack the mbr or change the signing keys and verification in the NVRAM you will just sit there with a brand new paperweight.
Click to expand...
Click to collapse
i am listening and i am not flashing anything yet .. .i heard ya before and i hear ya now
Could this bootloader work on Defy also?
I do have to say though with this Xoom news... gives us hope that maybe with GB release for atrix that was promised soon and to include 1080p it might also come with unlock/lock
I'm working on a (100% legit legal and 100% ORIGINAL works) way to flash to our /system partition for kitkat.
I've put my turbo through physical abuse. And it finally croaked weeks after "the drop".
I would need someone who has flashed a /system img via mofo to run USBlyzer on the correct port during the flashing process and then save and upload the log file. I will guide as needed. Remote desktop would allow me to quickly setup and start the process.
No longer having a phone that even turns on, I've resorted to using as USBlyzer as my debugging info by comparing my output to the known correct output. However, I have only logged the beginning of an upload. I need a complete, in order log.
I can help in about 12 hours
Why not apply yourself to figuring out how to root 5.1, maintain root upgrading to 5.1, or how to use mofo to flash 5.1? I think people care more about that then anything else.
Because I've spent countless days on 4.4, I know how it works. Its actually pretty simple, way less complicated than when I first started with it. And I rather help those that were smart enough to stay on the 4.4 bootloader and waited for the mofo flashable 5.1 rom. Because anyone who cared or even had the fainted idea about exploits knew better than to upgrade, when they could STILL get 5.1, but would have to wait... like what less than a week before the first flashable image appeared?
5.1:
How it works: Nobody has a clue because the 4.4 loophole is patched.
4.4
How it works: (I'm just making an example don't pick apart my math or partition sizes)
system.img = 3.5gb
cache partition = 1.5gb
So with a modified fastboot, you will write to the cache partition, but send more than 1.5gb of data, since the /system partition is next in order anything you send now will actually write to /system and not the /cache partition.
There are a few quirks I've seen, fastboot sends the "download" command 2x back to back, while the first "download" command hardly sends anything. This has something I assume to be "fake writing" Not quite sure. Its like it writes a tiny amount of data to /cache, sends the second "download" command to now write to /system. I've noticed that the data sent to /cache is actually a clone of a portion of the data sent to /system. Also there is 3gb of ram on the device, so after that gets filled up, the flash command is sent, then it goes back to download commands.
At the end it erases /cache because its full of garbage.
koftheworld said:
Why not apply yourself to figuring out how to root 5.1, maintain root upgrading to 5.1, or how to use mofo to flash 5.1? I think people care more about that then anything else.
Click to expand...
Click to collapse
SaschaElble said:
Because I've spent countless days on 4.4, I know how it works. Its actually pretty simple, way less complicated than when I first started with it. And I rather help those that were smart enough to stay on the 4.4 bootloader and waited for the mofo flashable 5.1 rom. Because anyone who cared or even had the fainted idea about exploits knew better than to upgrade, when they could STILL get 5.1, but would have to wait... like what less than a week before the first flashable image appeared?
Click to expand...
Click to collapse
Fair enough that is exactly why I stayed on kk.
I still have not had anyone help out. If done right, nothing will be wiped or corrupted. Just need someone who has flashed a modded /system using mofo and still have that .img file. Flashing the same file again wont harm anything and will get me the info needed.
Does anyone have any info on the lolipop .img s
SaschaElble said:
I still have not had anyone help out. If done right, nothing will be wiped or corrupted. Just need someone who has flashed a modded /system using mofo and still have that .img file. Flashing the same file again wont harm anything and will get me the info needed.
Click to expand...
Click to collapse
I'm interested in helping, but I'm not interested in giving you remote access to my computer. No offense, I just don't know you and really have no reason to trust you. If you give me instructions on how to generate the log file that you want, I'll be happy to do it. I'm tech savvy enough to modify system images, so you shouldn't have to dumb it down too much for me.
TheSt33v said:
I'm interested in helping, but I'm not interested in giving you remote access to my computer. No offense, I just don't know you and really have no reason to trust you. If you give me instructions on how to generate the log file that you want, I'll be happy to do it. I'm tech savvy enough to modify system images, so you shouldn't have to dumb it down too much for me.
Click to expand...
Click to collapse
just use a vm...
Michaelmansour1997 said:
just use a vm...
Click to expand...
Click to collapse
Good idea. I'd be willing to do that.
Okay,
Download USBlyzer
Turn on device in fastboot mode
Open USBlyzer
On the left hand side of USBlyzer, watch, while you plug in the device
checkmark the new device in USBlyzer in the left hand side (should say xt1254 or turbo or fastboot or anything that indicates the turbo)
click "start capture" in USBlyzer
Open mofo and flash your rom as usual.
When mofo is done, go back to USBlyzer and save the capture log where you will remember.
That log data contains your device serial and UID for your turbo... Thanks for helping the turbo community!
TheSt33v said:
I'm interested in helping, but I'm not interested in giving you remote access to my computer. No offense, I just don't know you and really have no reason to trust you. If you give me instructions on how to generate the log file that you want, I'll be happy to do it. I'm tech savvy enough to modify system images, so you shouldn't have to dumb it down too much for me.
Click to expand...
Click to collapse
That should work
Michaelmansour1997 said:
just use a vm...
Click to expand...
Click to collapse
SaschaElble said:
Okay,
Download USBlyzer
Turn on device in fastboot mode
Open USBlyzer
On the left hand side of USBlyzer, watch, while you plug in the device
checkmark the new device in USBlyzer in the left hand side (should say xt1254 or turbo or fastboot or anything that indicates the turbo)
click "start capture" in USBlyzer
Open mofo and flash your rom as usual.
When mofo is done, go back to USBlyzer and save the capture log where you will remember.
Enjoy uploading 5-8gb of log data since you don't trust me being on your computer. Oh and since we are talking trust, that log data contains your device serial and UID for your turbo... SO actually you might not even want to do that either. Thanks for helping the turbo community!
Click to expand...
Click to collapse
I think I can handle that. Unless you were planning on coming to my house with a flash drive, I'm pretty sure a large file transfer was inevitable, so I'm okay with uploading it somewhere. Thanks for the info about the sensitive information though. If I can figure out how to remove that from the log, I will do so before sending it to you. If I can't, I'll consider sending it to you anyway. If I can't do any of that (because, you know, apparently I'm a moron for not immediately realizing that I could use a VM to have you do this exact same thing), then sorry for bugging you.
TheSt33v said:
I think I can handle that. Unless you were planning on coming to my house with a flash drive, I'm pretty sure a large file transfer was inevitable, so I'm okay with uploading it somewhere. Thanks for the info about the sensitive information though. If I can figure out how to remove that from the log, I will do so before sending it to you. If I can't, I'll consider sending it to you anyway. If I can't do any of that (because, you know, apparently I'm a moron for not immediately realizing that I could use a VM to have you do this exact same thing), then sorry for bugging you.
Click to expand...
Click to collapse
Open the log (ends in .ulz) in a hex editor such as HxD, and you can zero out your serial and UID, I apologise for the rude response. I've surprisingly had lots of resistance getting everyone on the same page here on xda. I did screw up by posting a modded mofo package, but that needs to be water under the bridge. I'm working on making a legit version.
The part that was surprising is how a few people had the knowledge on how to make a clean and 100% original version but refused to share it or gave vague hints.
SaschaElble said:
Open the log (ends in .ulz) in a hex editor such as HxD, and you can zero out your serial and UID, I apologise for the rude response. I've surprisingly had lots of resistance getting everyone on the same page here on xda. I did screw up by posting a modded mofo package, but that needs to be water under the bridge. I'm working on making a legit version.
The part that was surprising is how a few people had the knowledge on how to make a clean and 100% original version but refused to share it or gave vague hints.
Click to expand...
Click to collapse
No worries. I've been following your posts. I don't really care about who you piss off. You seem to be knowledgeable/talented enough to recreate and improve upon mofo, and that's good enough for me. Just promise me that you'll send me a copy of whatever you come up with if you get yourself banned again .
I'll start the process as soon as I'm near my PC, and I'll pm you a link as soon as the upload is complete.
TheSt33v said:
No worries. I've been following your posts. I don't really care about who you piss off. You seem to be knowledgeable/talented enough to recreate and improve upon mofo, and that's good enough for me. Just promise me that you'll send me a copy of whatever you come up with if you get yourself banned again .
I'll start the process as soon as I'm near my PC, and I'll pm you a link as soon as the upload is complete.
Click to expand...
Click to collapse
lol. I will for sure! But I won't get banned again. Not if everyone plays by the same rules they expect me to.
Anyone is free to contact me at (Edit: I was such an idiot. 5 years later... wow. ) If you want an easy two click way to get onto my channel on IRC follow the link in my signature.
if i was rooted id help, but i have one turbo on lolipop and one bricked which is supposed to be on lolipop
Michaelmansour1997 said:
if i was rooted id help, but i have one turbo on lolipop and one bricked which is supposed to be on lolipop
Click to expand...
Click to collapse
I would buy the bricked one, or you can let me see if I can fix it remotely.
NEW:
My vouching thread for those who I request access to their device remotely or gain knowledge of sensitive information:
http://forum.xda-developers.com/general/off-topic/saschaelble-vouching-thread-want-help-t3150299
Do you have a hangouts
Well, the ZV6 should hit anytime now, Sprint & LG updated links. The changelog seems lacking though
LG Open Source LS991::
http://opensource.lge.com/osSch/list?types=ALL&search=ls991
Sprint Changelog LS991:
http://support.sprint.com/support/a...ServiceAdvisory_542_GKB86631-dvc8970002prd#!/
* If anyone receives the update and is rooted, please capture / copy the update file to your SDCARD and post for us to download
.
Agimax said:
Well, the ZV6 should hit anytime now, Sprint & LG updated links. The changelog seems lacking though
LG Open Source LS991::
http://opensource.lge.com/osSch/list?types=ALL&search=ls991
Sprint Changelog LS991:
http://support.sprint.com/support/a...ServiceAdvisory_542_GKB86631-dvc8970002prd#!/
* If anyone receives the update and is rooted, please capture / copy the update file to your SDCARD and post for us to download
.
Click to expand...
Click to collapse
Will the old root method still work?
SantinoInc said:
Will the old root method still work?
Click to expand...
Click to collapse
The factory reset protection has me curious. I think the better question is can then somehow block TOT flashing.
We won't know if the old root method will mess things up. I would just wait for a v6 image to be released. Someone did make a post as a how-to root the image yourself if you can get it off the phone. I would just wait.
someone needs to capture the OTA and get it to me so I can check it out.
I'd suggest holding off on actually applying the update until we know what's what.
Thx in advance.
Let me know when you have it
https://dl.dropboxusercontent.com/u/49870189/LS991_ZV6_OTA_Stock_update.zip
Much thanks to you guys! Work some magic for us!
mswlogo said:
Let me know when you have it
https://dl.dropboxusercontent.com/u/49870189/LS991_ZV6_OTA_Stock_update.zip
Click to expand...
Click to collapse
sent you a PM as well but I'll say it in here just in case you check here first. got it.. thanks again!
so.. after some poking around I can confirm...
ZV6 updates the anti-rollback version yet again, this time to "v2". If you flash this update or any part of the zv6 bootstack or zv6 modem it will update parts of your phone you will never be able to downgrade. This would also stop the ZV5 TOT from working... but to be specific.. ZV5 TOT will flash.. but your phone will be BRICKED after.
ZV6 does not seem to unlock the bootloader. I'm about 90% on this after initial code review. Perhaps some poor soul will take the OTA and be able to confirm this without a doubt... but it looks like the "Factory Reset Protection update" (related to oem unlock in development settings) has nothing to do with unlock status itself.
If a ZV6 TOT is somehow acquired in the future... the system and boot partitions could be extracted and used on the ZV5 bootstack... possibly ZV4 as well. Basically... boot.img and system.img would not blow any qfuses to permanently set a "version".
Bootloader/bootstack consists of aboot, sbl1, sec, rpm, tz, hyp, pmic, sdi... and then theres the modem. Flashing any ZV6 partition mentioned in the prior sentence will blow your fuse to "v2".
As for root... it's hard to tell without the device in hand to be honest... but I would assume it's still able to be rooted. So taking the OTA would not be the end of the world... you'd still have root. But you'd lose the ability to flash the ZV5 TOT without bricking... and it once again updates your bootloader version which may be blocking previous holes in a v0 or v1 bootloader we have not yet found.
I am not sure why LG and the US carriers have done this. I could understand the v1 update.. as that would separate USA from the rest of the world and make bootloader unlocking harder. To update it to v2 just doesn't add up... not yet anyway.
tl;dr
If you want to stay on a v0 (ZV4) or v1 (ZV5) bootloader version.. don't update.
If you couldnt care less about the bootloader and only want root... ZV6 should still allow that.. but the ZV5 TOT would no longer be able to be used.
mswlogo said:
Let me know when you have it
https://dl.dropboxusercontent.com/u/49870189/LS991_ZV6_OTA_Stock_update.zip
Click to expand...
Click to collapse
So I can install this in the stock recovery (I am not rooted) because there is an option?
(I am doing it now but it seems to be stuck on "patching system files", uh oh)
edit: I am fine now, it installed fine. Was a little un-patient
I notice now the icons at the top are more stock android like with the "!" point if there is no internet. Pictures
Also the phone "feels" faster, I hope we can uncover what is under this update.
I hope this doesn't fix my free hotspot trick.
So if the OTA pops up, I can download and install it and still have root? Or has that been undetermined to to this point?
autoprime said:
sent you a PM as well but I'll say it in here just in case you check here first. got it.. thanks again!
so.. after some poking around I can confirm...
ZV6 updates the anti-rollback version yet again, this time to "v2". If you flash this update or any part of the zv6 bootstack or zv6 modem it will update parts of your phone you will never be able to downgrade. This would also stop the ZV5 TOT from working... but to be specific.. ZV5 TOT will flash.. but your phone will be BRICKED after.
ZV6 does not seem to unlock the bootloader. I'm about 90% on this after initial code review. Perhaps some poor soul will take the OTA and be able to confirm this without a doubt... but it looks like the "Factory Reset Protection update" (related to oem unlock in development settings) has nothing to do with unlock status itself.
If a ZV6 TOT is somehow acquired in the future... the system and boot partitions could be extracted and used on the ZV5 bootstack... possibly ZV4 as well. Basically... boot.img and system.img would not blow any qfuses to permanently set a "version".
Bootloader/bootstack consists of aboot, sbl1, sec, rpm, tz, hyp, pmic, sdi... and then theres the modem. Flashing any ZV6 partition mentioned in the prior sentence will blow your fuse to "v2".
As for root... it's hard to tell without the device in hand to be honest... but I would assume it's still able to be rooted. So taking the OTA would not be the end of the world... you'd still have root. But you'd lose the ability to flash the ZV5 TOT without bricking... and it once again updates your bootloader version which may be blocking previous holes in a v0 or v1 bootloader we have not yet found.
I am not sure why LG and the US carriers have done this. I could understand the v1 update.. as that would separate USA from the rest of the world and make bootloader unlocking harder. To update it to v2 just doesn't add up... not yet anyway.
tl;dr
If you want to stay on a v0 (ZV4) or v1 (ZV5) bootloader version.. don't update.
If you couldnt care less about the bootloader and only want root... ZV6 should still allow that.. but the ZV5 TOT would no longer be able to be used.
Click to expand...
Click to collapse
Thanks for poking around and seeing what's what. If I were inclined to update my rooted ZV5 to ZV6 (understanding the current TOT restore would brick my phone) how exactly would I keep root?
SantinoInc said:
Thanks for poking around and seeing what's what. If I were inclined to update my rooted ZV5 to ZV6 (understanding the current TOT restore would brick my phone) how exactly would I keep root?
Click to expand...
Click to collapse
I dont think you'd be able to keep it. You'd most likely have to re-root with a ZV6 rooted system.img... same way you rooted ZV5.
How did you manually install the update? I've looked up guides online but they say you need to install the Android SDK and LGFlashTool and such, which I messed around with but I can't really grasp on how to install this. Putting my G4 into download mode and trying to detect it via CMD did nothing (USB Debugging is checked).
Sorry, maybe somebody can lead me in the right direction, as I really want to try out this update and I'm also very impatient lol
argh2000 said:
I est gues is that the game is not meant for VGA screen
Click to expand...
Click to collapse
How do you create a ZV6 rooted boot image?
KillerDisturbed said:
How did you manually install the update? I've looked up guides online but they say you need to install the Android SDK and LGFlashTool and such, which I messed around with but I can't really grasp on how to install this. Putting my G4 into download mode and trying to detect it via CMD did nothing (USB Debugging is checked).
Sorry, maybe you can lead me in the right direction, as I really want to try out this update and I'm also very impatient lol
I have Skype also if that's something that you could do, cause I'd really appreciate the help
Click to expand...
Click to collapse
It requires an sd card..copy the file to the root of the sd card then power off the phone. Hold down volume down then power till you see "recovery mode" then release. Once stock recovery loads use the volume down to the last option, something like install update and press power. This will bring up the directory from the sd card. Select your file with volume down and press power.
Sent from my LGLS991 using Tapatalk
Swetnes said:
It requires an sd card..copy the file to the root of the sd card then power off the phone. Hold down volume down then power till you see "recovery mode" then release. Once stock recovery loads use the volume down to the last option, something like install update and press power. This will bring up the directory from the sd card. Select your file with volume down and press power.
Sent from my LGLS991 using Tapatalk
Click to expand...
Click to collapse
OH MY GOD
Thank you.! I'm installing it right now.
It's funny too, cause I saw people go into their recoveries on the LG G4 and assumed it was the same for all carriers and the International Version (I saw the generic locked recovery that only said "Are you sure you wanna delete all data?" or something, basically your only option was a factory reset). I thought it was that locked down on our phone, so I didn't even bother going into the recovery.
Thank you very much dude, wow...I feel dumb. And I used to run a GS3 with CM12 and CWM, and the stock recovery has some pretty good features on it too. Not too bad lol
*facepalm*
SantinoInc said:
How do you create a ZV6 rooted boot image?
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?p=62369954
Sent from my LGLS991 using Tapatalk
---------- Post added at 11:36 PM ---------- Previous post was at 11:33 PM ----------
This update does include the Stagefright fix.
Sent from my LGLS991 using Tapatalk
KillerDisturbed said:
OH MY GOD
Thank you.! I'm installing it right now.
It's funny too, cause I saw people go into their recoveries on the LG G4 and assumed it was the same for all carriers and the International Version (I saw the generic locked recovery that only said "Are you sure you wanna delete all data?" or something, basically your only option was a factory reset). I thought it was that locked down on our phone, so I didn't even bother going into the recovery.
Thank you very much dude, wow...I feel dumb. And I used to run a GS3 with CM12 and CWM, and the stock recovery has some pretty good features on it too. Not too bad lol
*facepalm*
Click to expand...
Click to collapse
Can this be done even on rooted ZV5?
Probably. I installed the update and have noticed a few small touches in the UI, but notably a more responsive keyboard and overall faster phone. Knock code is also a bit more consistent and snappier for me as well, so I'll probably be using that from now on. Great update from the looks of it so far.
Sent from my LGLS991 using XDA Free mobile app
KillerDisturbed said:
OH MY GOD
Thank you.! I'm installing it right now.
It's funny too, cause I saw people go into their recoveries on the LG G4 and assumed it was the same for all carriers and the International Version (I saw the generic locked recovery that only said "Are you sure you wanna delete all data?" or something, basically your only option was a factory reset). I thought it was that locked down on our phone, so I didn't even bother going into the recovery.
Thank you very much dude, wow...I feel dumb. And I used to run a GS3 with CM12 and CWM, and the stock recovery has some pretty good features on it too. Not too bad lol
*facepalm*
Click to expand...
Click to collapse
Tried a few times to do this but it won't read my sd card..any ideas?
Sent from my LGLS991 using Tapatalk
stam27 said:
Tried a few times to do this but it won't read my sd card..any ideas?
Sent from my LGLS991 using Tapatalk
Click to expand...
Click to collapse
You may need to pull the card out and put it on a computer and format it using SD CARD FORMATER. If you Google it you will find it. I know with other phones I've had that solved recovery being able to read it. You are copying to the "external" sd card?
Sent from my LGLS991 using Tapatalk
Prerequisites:
Odin 3.11.1- http://forum.xda-developers.com/showthread.php?t=2711451
5.1.1- http://forum.xda-developers.com/showpost.php?p=53454972&postcount=1 (Use first link for OI5)
Kies- http://www.samsung.com/in/support/usefulsoftware/KIES/ (To backup data. Use Kies 3)
Samsung USB Driver- http://developer.samsung.com/technical-doc/view.do?v=T000000117
NOTICE: Do not use this guide to downgrade from OC4 and above to NCE, you will brick your device. Only use this guide to downgrade to compatible firmware's for example: PA3 to OI5, PA2 to PA1, etc..Do not attempt to downgrade back to OC4 as ATT blew a qfuse. You can only downgrade to OF2 and above. This may brick your device and I am not liable. This does not trip the KNOX flag. This will wipe all data so do keep a backup.
Download the firmware you want for example OI5 from the link above. Extract the file to a directory. Then launch Odin and go into the extracted file. Select CP,CSC, and AP(PDA on Odin 3.9 and below). Do not select the BL slot. I repeat do not select the BL slot, only use AP,CP, and CSC. Also in the options tab select only Auto Restart and F. Reset Time. Turn off your phone and hold power button, home button, and volume down button. Then once it says flashing a custom firmware may..., press the volume up button. Then plug in your phone and you should see blue, if you see yellow install the USB drivers. Once you have plugged it in and the correct files are selected, press Start. This process will take about 5-10 minutes depending on the speed of the USB. Do not unplug the cable while in this process. Once it says PASS at the top, the phone will boot into recovery mode and apply the update. Once the phone has applied the update, it will reboot and be stuck at the AT&T logo. Do not panic, this just means that it is working on the operating system. This will take about 5-6 minutes. Once this is done proceed to setup the phone as usual going through the entire setup. Once the setup, is finished you can then restore your data using Kies if you had a backup. You have now successfully downgraded your phone. This process could be used to root our devices because we are exposing security holes that have been patched.
I just want to go from PA3 to.... whichever one will allow root access. Warranty possibly needed. I need to make sure this will work because.. otherwise.. my sister's phone could blow a fuse (****ing boot loaders..) and go dead.. if i can get around the warranty flag then that would be awesome. Sorry.. just not sure how to handle it; can't find people who are reliable and say it can actually downgrade without bricking.
pr3dicament said:
I just want to go from PA3 to.... whichever one will allow root access. Warranty possibly needed. I need to make sure this will work because.. otherwise.. my sister's phone could blow a fuse (****ing boot loaders..) and go dead.. if i can get around the warranty flag then that would be awesome. Sorry.. just not sure how to handle it; can't find people who are reliable and say it can actually downgrade without bricking.
Click to expand...
Click to collapse
Your best option would be to downgrade to OI5, which the link is provided in the OP. Downgrade, and then try rooting with Kingroot. The vulnerability which works is CVE 2015-1805. Otherwise if Kingroot doesn't work for you you could try iovyroot, but that needs an absolute kernel address. Try searching on Github for CVE 2015-1805 . Sorry can't post links, I am a new user.
NavSad said:
Your best option would be to downgrade to OI5, which the link is provided in the OP. Downgrade, and then try rooting with Kingroot. The vulnerability which works is CVE 2015-1805. Otherwise if Kingroot doesn't work for you you could try iovyroot, but that needs an absolute kernel address. Try searching on Github for CVE 2015-1805 . Sorry can't post links, I am a new user.
Click to expand...
Click to collapse
Kingroot/KingOroot was what I was about to try. I'll grab OI5, maybe just the kernel, hopefully? .. I just hate removing it, and not with SuperSUme .. never worked for me. When it comes to Kingroot, I just would rather remove it manually, I guess.. plus SuperSUme didn't work on my tablet when I tried to use it heh. There's a post somewhere with instructions but all you do is just keep a daemon running while you uninstall and then install the other, while partially keeping root before it gets the binary and updates from SuperSU.
Will post results when I can. I dont want to downgrade the entire thing if i can quickly avoid it.
NavSad said:
Your best option would be to downgrade to OI5, which the link is provided in the OP. Downgrade, and then try rooting with Kingroot. The vulnerability which works is CVE 2015-1805. Otherwise if Kingroot doesn't work for you you could try iovyroot, but that needs an absolute kernel address. Try searching on Github for CVE 2015-1805 . Sorry can't post links, I am a new user.
Click to expand...
Click to collapse
http://forum.xda-developers.com/crossdevice-dev/sony/iovyroot-temp-root-tool-t3349597
^ You can say it; even a post on here has it. It looks very promising. I downloaded OI5 but didn't get a chance to flash, will tonight or tomorrow.
The following could not find a known exploit for the specific OS.. Failed with the following: Kingoroot, Kingroot, and vRoot (aka iRoot) .. then I checked here to give updates .. and upon re-reading your post.. I noticed you also put iovyroot, made from an exploit based on CVE-2015-1805, as the post says. It looks EXACTLY like saferoot lol.. I can deal with temporary root, I'll take care of the rest to make sure it stays.. I'll be giving more updates. Thank you for pointing me in the right direction.. I made sure all of my ADB drivers are installed correctly, as well as enabling USB debugging and doing a few things in ADB to make sure they are working and they are. RSA now saved.
My sister's phone still on PA3.. I'm glad she listened. If it doesn't work, then it doesn't work. I'm sure many others will appreciate this as well.
pr3dicament said:
http://forum.xda-developers.com/crossdevice-dev/sony/iovyroot-temp-root-tool-t3349597
^ You can say it; even a post on here has it. It looks very promising. I downloaded OI5 but didn't get a chance to flash, will tonight or tomorrow.
The following could not find a known exploit for the specific OS.. Failed with the following: Kingoroot, Kingroot, and vRoot (aka iRoot) .. then I checked here to give updates .. and upon re-reading your post.. I noticed you also put iovyroot, made from an exploit based on CVE-2015-1805, as the post says. It looks EXACTLY like saferoot lol.. I can deal with temporary root, I'll take care of the rest to make sure it stays.. I'll be giving more updates. Thank you for pointing me in the right direction.. I made sure all of my ADB drivers are installed correctly, as well as enabling USB debugging and doing a few things in ADB to make sure they are working and they are. RSA now saved.
My sister's phone still on PA3.. I'm glad she listened. If it doesn't work, then it doesn't work. I'm sure many others will appreciate this as well.
Click to expand...
Click to collapse
Did you make any progress on this? I just rolled back to OI5. Now I need to figure out how to get the correct address and compile that code.
So, I just got this 900a AT&T phone and it already has 5.1.1 installed, which already hasent the mega locked down bootloader, correct? Everywhere else I've looked for a root method has said you CAN'T downgrade. I don't know much about downgrading or what version I can downgrade to. Can I get a bit of help or explanation?
joshua_nope said:
So, I just got this 900a AT&T phone and it already has 5.1.1 installed, which already hasent the mega locked down bootloader, correct? Everywhere else I've looked for a root method has said you CAN'T downgrade. I don't know much about downgrading or what version I can downgrade to. Can I get a bit of help or explanation?
Click to expand...
Click to collapse
You can't downgrade back to 4.4.2 once you are above 5.0 . This method explained in the OP is to only downgrade back to OI5, and possibly OC4. Not NCE.
Do I go by baseband or build number?
because my baseband is OC4 but my build is OF3.
darrel12 said:
Do I go by baseband or build number?
because my baseband is OC4 but my build is OF3.
Click to expand...
Click to collapse
Go by build number. For you it would be upgrading not downgrading.
Greek2me said:
Did you make any progress on this? I just rolled back to OI5. Now I need to figure out how to get the correct address and compile that code.
Click to expand...
Click to collapse
Ugh it was forced through to PA4.... unbelievable. I don't know if I can roll back to OI5 with PA4. She always wants her phone back right away.. I'm sorry about the lack of time in between responses, but I have to back up her crap anyway one way or another if I'm rolling back. I wanted to try and just roll back the kernel and then give kingroot and shot. An RCA Tablet that I got about 8 months ago for $35 at Walmart wasn't able to be rooted for the longest time since it came with LP 5.0.1.. I finally was able to root that.
I think I'm the first to do it. Voyager Pro. I use FlashFire with recovery for it.. sorry, off topic.. but that exploit was very useful in that instant.
I will see what I can do to roll back.. my life is literally a mess. I don't want a bunch of people saying poor pr3dicament or some stupid ****. Oral cancer, early. Cutting it out... and then (more) awful pain after that. Second recurrence. Didn't spread. Procedure tomorrow. I'll just grab her phone and say I am fixing a bug for security or something to make sure she shuts the **** up about it. No guarantees. If I can roll back from PA3 or PA4 to OI5.. not sure if another went through.. I think it did. .. but if I can roll back to OI5 with no problems or even just the kernel to root it... even temporary root.. full root.. I have a few current binaries that it'll work with.
I temporarily rooted the RCA and now it's fully rooted with the binary I use in place... I am probably going to just write a script to make it easier if it works. Again, my apologies for the length between responses.
pr3dicament said:
Ugh it was forced through to PA4.... unbelievable. I don't know if I can roll back to OI5 with PA4. She always wants her phone back right away.. I'm sorry about the lack of time in between responses, but I have to back up her crap anyway one way or another if I'm rolling back. I wanted to try and just roll back the kernel and then give kingroot and shot. An RCA Tablet that I got about 8 months ago for $35 at Walmart wasn't able to be rooted for the longest time since it came with LP 5.0.1.. I finally was able to root that.
I think I'm the first to do it. Voyager Pro. I use FlashFire with recovery for it.. sorry, off topic.. but that exploit was very useful in that instant.
I will see what I can do to roll back.. my life is literally a mess. I don't want a bunch of people saying poor pr3dicament or some stupid ****. Oral cancer, early. Cutting it out... and then (more) awful pain after that. Second recurrence. Didn't spread. Procedure tomorrow. I'll just grab her phone and say I am fixing a bug for security or something to make sure she shuts the **** up about it. No guarantees. If I can roll back from PA3 or PA4 to OI5.. not sure if another went through.. I think it did. .. but if I can roll back to OI5 with no problems or even just the kernel to root it... even temporary root.. full root.. I have a few current binaries that it'll work with.
I temporarily rooted the RCA and now it's fully rooted with the binary I use in place... I am probably going to just write a script to make it easier if it works. Again, my apologies for the length between responses.
Click to expand...
Click to collapse
Well, all I can say is that if you're successful, then you'll be a hero.
Good luck.
Yes, I rolled back from PA4 to OI5 using this guide.
I can do the root if only I can figure out how to extract the kernel from the stock OI5. Any ideas?
Greek2me said:
Yes, I rolled back from PA4 to OI5 using this guide.
I can do the root if only I can figure out how to extract the kernel from the stock OI5. Any ideas?
Click to expand...
Click to collapse
Just PM'D zxz00 for help on this issue. He's developer of iovyroot.
pr3dicament said:
Ugh it was forced through to PA4.... unbelievable. I don't know if I can roll back to OI5 with PA4. She always wants her phone back right away.. I'm sorry about the lack of time in between responses, but I have to back up her crap anyway one way or another if I'm rolling back. I wanted to try and just roll back the kernel and then give kingroot and shot. An RCA Tablet that I got about 8 months ago for $35 at Walmart wasn't able to be rooted for the longest time since it came with LP 5.0.1.. I finally was able to root that.
I think I'm the first to do it. Voyager Pro. I use FlashFire with recovery for it.. sorry, off topic.. but that exploit was very useful in that instant.
I will see what I can do to roll back.. my life is literally a mess. I don't want a bunch of people saying poor pr3dicament or some stupid ****. Oral cancer, early. Cutting it out... and then (more) awful pain after that. Second recurrence. Didn't spread. Procedure tomorrow. I'll just grab her phone and say I am fixing a bug for security or something to make sure she shuts the **** up about it. No guarantees. If I can roll back from PA3 or PA4 to OI5.. not sure if another went through.. I think it did. .. but if I can roll back to OI5 with no problems or even just the kernel to root it... even temporary root.. full root.. I have a few current binaries that it'll work with.
I temporarily rooted the RCA and now it's fully rooted with the binary I use in place... I am probably going to just write a script to make it easier if it works. Again, my apologies for the length between responses.
Click to expand...
Click to collapse
You can use Package Disable Pro to block OTA updates without root.
Greek2me said:
Yes, I rolled back from PA4 to OI5 using this guide.
I can do the root if only I can figure out how to extract the kernel from the stock OI5. Any ideas?
Click to expand...
Click to collapse
Yeah... the kernel is all we need... after that, we can get in.. almost positive on that. Please remember that this isn't even my phone I'm talking about. My sister is a little stupid and just acts like she can't let me have it for a few minutes.. I will take your vouch and go for the kernel only.
I might be looking to do this very shortly, but here's how it was done with Odin.. not sure if it'll give the same result nowadays. It should.. it's an extraction. I didn't look through the entire process, I've been very busy, but from what I remember.. you download a stock rom and use 7zip or WinRAR and extract boot.img and convert to .tar for ODIN, place it in PDA/AP (Depends on version of Odin)
If this does NOT work, please do NOT be surprised and do NOT claim responsibility for the above. That is just what I remember doing not too long ago for S4 debugging. I know this is an S5.. so.. grab the OI5 zip/tar and extract it, then find boot.img and convert it to .tar. If you screw your phone up.. it's not my fault. That's all I can do at the moment.. Her phone is on her right now, so.. just trying to help. If this is incorrect or wrong, my apologies. There's some youtube video where it kind of shows you if you don't understand... the guy is hard to understand so turn up your volume:
https://www.youtube.com/watch?v=-3j7lyI_DuU
---------- Post added at 05:31 PM ---------- Previous post was at 05:21 PM ----------
NavSad said:
You can use Package Disable Pro to block OTA updates without root.
Click to expand...
Click to collapse
I completely forgot about that..
God I feel like an idiot now. Thank you for that. When she comes home I'll disable something for her so that she will come to me with the phone with her problem Again--thank you for reminding me, and the rest of the community, about this app. I was always just keeping cache full to the point where it couldn't force it but dumb little sister thought disabling automatic updates on the Play Store was the same thing as not letting AT&T force it.
lol.. either way, I'll just try to remotely install it via her google account.
---------- Post added at 05:37 PM ---------- Previous post was at 05:31 PM ----------
NavSad said:
Just PM'D zxz00 for help on this issue. He's developer of iovyroot.
Click to expand...
Click to collapse
Yeah... I thought maybe converting boot.img to boot.tar etc would work or something.. usually people mean boot when they say kernel, and kernel when they mean boot. There's many levels of booting, and that's why I just posted that youtube video in there. I did that a long time ago but this was before sbl1, 2, 3 (etc) ... so really i dont have an idea. I do know that you can roll back though.
If you get no response, I'll try asking. I hope I was correct.. I do not want to be seen as illiterate..
eh forget it lol if you get a response from him that is similar to mine than that'd be great. I actually want you to confirm that with him or any other developers before moving forward with a simple kernel downgrade because that could potentially cause trouble.
NavSad said:
Just PM'D zxz00 for help on this issue. He's developer of iovyroot.
Click to expand...
Click to collapse
Got a reply from him, going to copy and paste it.
"For 32bit you can use kallsyms and for 64bit see here https://github.com/dosomder/iovyroot/issues/1"- Reply from zxz00
NavSad said:
Got a reply from him, going to copy and paste it.
"For 32bit you can use kallsyms and for 64bit see here https://github.com/dosomder/iovyroot/issues/1"- Reply from zxz00
Click to expand...
Click to collapse
Yeah I've requested a pull from it before.. I got nothin'.. you could call me a halfassed developer but nothing like most of these guys.
I'll take another look.. I'll try another pull.
---------- Post added at 06:06 PM ---------- Previous post was at 05:59 PM ----------
pr3dicament said:
Yeah I've requested a pull from it before.. I got nothin'.. you could call me a halfassed developer but nothing like most of these guys.
I'll take another look.. I'll try another pull.
Click to expand...
Click to collapse
Oh wait a minute. Now I see why he pointed you to 1. You're looking for an *ASBOLUTE* kernel address..
Can't pull now.. ****. It's all closed. Either that or my brain had a mass that I do not know about. Alright well that exploit is already passed along.. we just need to roll back to OI5 or bust. That's basically the short answer.
---------- Post added at 06:09 PM ---------- Previous post was at 06:06 PM ----------
NavSad said:
Got a reply from him, going to copy and paste it.
"For 32bit you can use kallsyms and for 64bit see here https://github.com/dosomder/iovyroot/issues/1"- Reply from zxz00
Click to expand...
Click to collapse
For the record.. When I used iovyroot via adb the other night, before PA4... It wasn't happy that it was "64 bit" but I can't believe I missed that.. it was right in front of me and I just did not see it. I am so so pissed. She had to take the phone anyway, I didn't get a chance to enable ADB over TCP/IP... @#)%*@%$ God. I was one line away. One.. ****ing.. line.
I'll just go get broken S5 for a few bucks and replace the motherboard.
pr3dicament said:
Yeah I've requested a pull from it before.. I got nothin'.. you could call me a halfassed developer but nothing like most of these guys.
I'll take another look.. I'll try another pull.
---------- Post added at 06:06 PM ---------- Previous post was at 05:59 PM ----------
Oh wait a minute. Now I see why he pointed you to 1. You're looking for an *ASBOLUTE* kernel address..
Can't pull now.. ****. It's all closed. Either that or my brain had a mass that I do not know about. Alright well that exploit is already passed along.. we just need to roll back to OI5 or bust. That's basically the short answer.
---------- Post added at 06:09 PM ---------- Previous post was at 06:06 PM ----------
For the record.. When I used iovyroot via adb the other night, before PA4... It wasn't happy that it was "64 bit" but I can't believe I missed that.. it was right in front of me and I just did not see it. I am so so pissed..
Click to expand...
Click to collapse
I compiled for 32 bit using ndk but it won't work without absolute kernel adress.
NavSad said:
I compiled for 32 bit using ndk but it won't work without absolute kernel adress.
Click to expand...
Click to collapse
Hm. Did you try a rollback yet or kernel rollback? anything like that?
Maybe a thread like this has been created before, I don't really know, but I kinda feel like my case is a little bit different.
I wanted to try to root my phone, considering Sprint is literally doing no updates for the LG G3, which stinks but that's another thread for another day. Anyhow...
I've followed the instructions of trying to root this phone, making myself a developer on said phone, USB Debugging is on, plug the bad boy into the PC. I have the LG Drivers as well as the "One Click" root system. First issue is the one click installer doesn't find the LG ports ever, so I have to hold the Volume Up button to put it manually into download mode. I've done this multiple times now and not much has changed. When I do go into download mode, down in the gray box it usually shows the the SuperSU command in the box, but the numbers have changed multiple times. First time it said SuperSU27 on COM4 (can't remember the exact verbiage it used for the file name) the next attempt was 25 on COM3, 21 on COM3 and last time it was 79 on COM3.
While all of that is going on, I get the message that it is rebooting my phone through one click, which it isn't, it's still trying to supposedly download SuperSU, which, always sat at 0% and never progressed.
I've noticed that many people haven't been using ZVG to root their LG G3's. I would attempt reseting my entire phone completely scratch, but I don't really dig the sketchy sites that LG Flash is on, so I've never downloaded anything from them for that. Then again, I would like to avoid totally resetting my phone like that, because I'm not very fluent in phones like that to trust myself to do something that could potentially mess it up.
Does anyone have a work around for my issue or know what could be going on.
did you figure this out? I'm in the exact same predicament..
tri0xinn said:
did you figure this out? I'm in the exact same predicament..
Click to expand...
Click to collapse
No I haven't. I have absolutely no experience at rooting phones, so it's basically something I can't figure out.
I've seen people completely reset their phones manually but I don't feel competent enough to try it.
I had an incident while flashing a ROM and had to use LG flash tool. I let the phone update to ZVG, but cannot get Root. Realistically, all I want is to be able to use wifi tether for now. I'm running into the same problem, the one click root is not noticing my device after i manually put it into Download Mode. Maybe it has to do with using Wimdows 10? Which operating system are you using? Have you figured it out?
ZVG is rooted!!
runningbandit said:
I had an incident while flashing a ROM and had to use LG flash tool. I let the phone update to ZVG, but cannot get Root. Realistically, all I want is to be able to use wifi tether for now. I'm running into the same problem, the one click root is not noticing my device after i manually put it into Download Mode. Maybe it has to do with using Wimdows 10? Which operating system are you using? Have you figured it out?
Click to expand...
Click to collapse
Well, I figured it out... Go Here if you're still looking... Do Method B, download the zip and go manually through it... Worked fantastic!
https://forum.xda-developers.com/sp...-zvb-rooted-stock-t3211878/page8#post70645157
thanks runningbandit!
now to get twrp