Redmi 9, bootloop after "reboot to recovery" in custom ROM - Redmi 9 / Poco M2 Questions & Answers

Hello, I chose "reboot in recovery" on Pixel UI Plus A11 ROM and now ended up with bootloop on "Redmi" logo.
If I press power+down, the screen turns off and MediaTek USB Port appears in Windows Device Manager for a moment and then disappears and "Redmi" logo shows up again.
If I press Up+Down+Power at the same time, the screen turns off, after around 30 seconds the phone vibrates once and then screen is still blank. At this time, "MediaTek USB Port" device keeps reconnecting in Device Manager. I can't turn off the phone with these 3 buttons. Should I disassemble the phone and disconnect the battery?
How can I repair my phone? Please help.

Hello. I had a similar issue that I tried to solve, that happened after I flashed a recovery image. It took me several hours to figure out how to fix it, but after some search, I can provide a good solution for this issue.
First, you going to need some things. For this procedure you will need the SP Flash Tool (I suggest downloading and installing MiFlashPro if you want to mess with modifications, because it installs all the tools you may need), VD171's MTK bypass tool and a fastboot MIUI ROM for your device (you can choose your preferred version here). I also suggest using the 7zip file manager, because it will be needed as well (for example, you have to extract the fastboot images from the .tar.tgz file).
After getting the files and installing the programs I mentioned above, you should follow the instructions from the MTK bypass tool thread I linked and run the batch file. In case that you get any error from the Python script and it doesn't actually run, you can try installing VSCode/VSCodium, open the main.py file, click on "Run and Debug" (you may have to install a Python debugger first) and then click on the "Run and Debug" button and it should work just fine. Connect your device while it still works, it will be detected by the script. Don't disconnect your device.
If you got the "Protection disabled" output from the MTK bypass tool, you're ready to flash the ROM. Extract the fastboot ROM files (if you haven't already extracted them) and launch the SP Flash Tool. Go to Options>Option>Connections and choose UART, the COM port that appears in the choices and choose "921600" as the baud rate. For the Download Agent, click on "Choose" and use the "DA_6765_6785_6768_6873_6885_6853.bin" file. For the Scatter-loading file, go to "Choose", go to the directory you extracted the files of the fastboot ROM > images > "MT6768_Android_scatter.txt" (or similar). Then, a list of image files will appear. Check all of them. You don't need an authentication file.
Then choose "Download Only" from the dropdown options and click on Download. If you get a warning after seeing the bottom bar loading, change the dropdown from "Download Only" to "Firmware Upgrade" and click on download. Then you have to wait for a few minutes. After that, your device will be able to boot properly. The only downside is that it locks the device and you have to unlock it again.
That's how I fixed my device. I hope my instructions to be useful to you.

getimiskon said:
Hello. I had a similar issue that I tried to solve, that happened after I flashed a recovery image. It took me several hours to figure out how to fix it, but after some search, I can provide a good solution for this issue.
First, you going to need some things. For this procedure you will need the SP Flash Tool (I suggest downloading and installing MiFlashPro if you want to mess with modifications, because it installs all the tools you may need), VD171's MTK bypass tool and a fastboot MIUI ROM for your device (you can choose your preferred version here). I also suggest using the 7zip file manager, because it will be needed as well (for example, you have to extract the fastboot images from the .tar.tgz file).
After getting the files and installing the programs I mentioned above, you should follow the instructions from the MTK bypass tool thread I linked and run the batch file. In case that you get any error from the Python script and it doesn't actually run, you can try installing VSCode/VSCodium, open the main.py file, click on "Run and Debug" (you may have to install a Python debugger first) and then click on the "Run and Debug" button and it should work just fine. Connect your device while it still works, it will be detected by the script. Don't disconnect your device.
If you got the "Protection disabled" output from the MTK bypass tool, you're ready to flash the ROM. Extract the fastboot ROM files (if you haven't already extracted them) and launch the SP Flash Tool. Go to Options>Option>Connections and choose UART, the COM port that appears in the choices and choose "921600" as the baud rate. For the Download Agent, click on "Choose" and use the "DA_6765_6785_6768_6873_6885_6853.bin" file. For the Scatter-loading file, go to "Choose", go to the directory you extracted the files of the fastboot ROM > images > "MT6768_Android_scatter.txt" (or similar). Then, a list of image files will appear. Check all of them. You don't need an authentication file.
Then choose "Download Only" from the dropdown options and click on Download. If you get a warning after seeing the bottom bar loading, change the dropdown from "Download Only" to "Firmware Upgrade" and click on download. Then you have to wait for a few minutes. After that, your device will be able to boot properly. The only downside is that it locks the device and you have to unlock it again.
That's how I fixed my device. I hope my instructions to be useful to you.
Click to expand...
Click to collapse
my phone not recognized as mediatek usb port any solution??

Related

[Q] Tough time going back to stock

I've been running CM 11 for a little more than a month and have been really enjoying it. So, I have no idea why I decided to download the MythTools and revert back to stock At&t. Doing so, I messed something up on my phone.
To start, I'm using Windows 7 64bit and when selecting option 1 (install ADB-fastboot-apkTools) I get the new cmd window that states "please select install button after new window is opened press any key to continue...." when I press any key the cmd window would just close. Hoping it would help, I then chose option 6 to update my Motorola drivers. When my browser window opened I got the ADB installer window and clicked install. It seemed to have installed fine. I then updated my moto drivers. Thinking I was all set I went for option 2 to flash the stock firmware which I had put in the firmware folder. With my phone in fastboot I started the process and it failed. Reading through the cmd prompts I had noticed it said something like 'you selected 2- instal cwm.img cannot load cwm.img' . I unplugged my phone and tried to restart it and it was stuck on the bootloader screen. I then restarted into recovery and my PhilZ recovery did start up. However it displays "E: could not mount /data to setup /data/media path!" . I was still able to go through the process of a clean re-install of CM 11 but am stuck on the startup splash screen for CM.
I definitely got myself in way too deep and am clueless on how to fix this. Would someone mind instructing me on what to try next? Many thanks in advance.
I am not sure if it would make a difference in your situation but I do everything for my phone on an x86 system. I have had issues with LG and Samsung phones in the past when trying things on an x64 computer.
ifixgse said:
I've been running CM 11 for a little more than a month and have been really enjoying it. So, I have no idea why I decided to download the MythTools and revert back to stock At&t. Doing so, I messed something up on my phone.
To start, I'm using Windows 7 64bit and when selecting option 1 (install ADB-fastboot-apkTools) I get the new cmd window that states "please select install button after new window is opened press any key to continue...." when I press any key the cmd window would just close. Hoping it would help, I then chose option 6 to update my Motorola drivers. When my browser window opened I got the ADB installer window and clicked install. It seemed to have installed fine. I then updated my moto drivers. Thinking I was all set I went for option 2 to flash the stock firmware which I had put in the firmware folder. With my phone in fastboot I started the process and it failed. Reading through the cmd prompts I had noticed it said something like 'you selected 2- instal cwm.img cannot load cwm.img' . I unplugged my phone and tried to restart it and it was stuck on the bootloader screen. I then restarted into recovery and my PhilZ recovery did start up. However it displays "E: could not mount /data to setup /data/media path!" . I was still able to go through the process of a clean re-install of CM 11 but am stuck on the startup splash screen for CM.
I definitely got myself in way too deep and am clueless on how to fix this. Would someone mind instructing me on what to try next? Many thanks in advance.
Click to expand...
Click to collapse
you said you are stuck on startup splash meaning bootloop? if it is you should try again with rsd lite.
else you may lose all your data in the memory but do a format media/data and sdcard, so that it can mount /data, it worked for me. then format system mount everyting and do a fresh install of any rom you can sideload or just have it in the sdcard.
I'm pretty sure I am doing something wrong with MythTools. When I select option 2 in the tool to install stock firmware the following happens,
- asks for fimware folder example and I select "N"
- asks if firmware files are finished copying.. I press enter and continue
-then it says "the system cannot find the path specified
the system cannot find the path specified
the system cannot find the path specified
'7z' is not recognized as an internal or external command
operable program or batch file
Are you ready to flash stock fimware...
at this point i stupidly hit enter and that was it with my phone. I'm guessing the tool could not locate the firmware .xml file for extracting and I have no idea why. The compressed folder is IN the firmware folder.
One other question with Mythtools, when installing the tools what path do you want them installed in? I did them in the same file the Myth tools are in.
ifixgse said:
I'm pretty sure I am doing something wrong with MythTools. When I select option 2 in the tool to install stock firmware the following happens,
- asks for fimware folder example and I select "N"
- asks if firmware files are finished copying.. I press enter and continue
-then it says "the system cannot find the path specified
the system cannot find the path specified
the system cannot find the path specified
'7z' is not recognized as an internal or external command
operable program or batch file
Are you ready to flash stock fimware...
at this point i stupidly hit enter and that was it with my phone. I'm guessing the tool could not locate the firmware .xml file for extracting and I have no idea why. The compressed folder is IN the firmware folder.
One other question with Mythtools, when installing the tools what path do you want them installed in? I did them in the same file the Myth tools are in.
Click to expand...
Click to collapse
Disclaimer: Even though this worked for me I am not responsible if you brick your phone, I am simply sharing my experience
Okay, this is not for the faint of heart and is going to sound a little backward but it just worked for me 5mins ago. I am running Windows 8.1 Pro 64bit, so there shouldn't be a problem with your setup. I was having the same problem until I just double clicked on flashing.bat or main.bat instead of running as admin. After all I AM the admin of my PC. Then, it worked perfect...until flashing the tz.mbn file and froze up while writing the file. I thought mmm...it shouldn't take that long to write such a small file, and writing happens on the phone side (I believe) so I hit the phone's power button while leaving the Myth Tools window open, which disconnected the phone obviously. I booted back into fastboot and it continued from where it left off. (Note: I did this a few weeks ago when I lost my radios and manually flashed the modem file, which froze, but I followed the same procedure and it successfully flashed it) Then when it got to the last system.img chunk (it writes it in small chunks of 30mb and the last one is smaller, that's how I knew it was the last one) it froze again. I let it sit for about 5mins just to make sure it was written to the phone the repeated the sequence to reboot manually into fastboot and bang, once again it continued right where it left off. one or two more freezes and voila...it rebooted right back to stock. Any questions don't hesitate to ask.
If this helps you hit that thanks button!

[GUIDE] How to return to Stock/Flash Images with QFIL

Here is a step by step guide on how to flash the stock rom with QFIL and by extension any image.
Download and install the Qualcomm drivers from here
Download either of the firmware from here
Download the support files (Firehose/rawprogram0.xml/patch0.xml) here
Extract the firmware and support files to the same folder so you can easily access them like your desktop
Download and install QPST from here
Open the QFIL application (Find it in your start menu)
In the "Select Build Type" field select Flat Build
In the "Select Programmer" field navigate to the folder you extracted the firmware and support files to and select the prog_emmc_firehose_8909.mbn file
Select the "Load XML" button and navigate to the folder you extracted the firmware and support files to and select the rawprogram0.xml and then the patch0.xml when prompted.
Plug in your tablet
Run the following adb command "adb reboot edl" (Now the screen should be blank but the led light should be red)
If the text at the top of the QFIL application says "No Port Available" click the "Select Port..." option and pick your device. If your device isn't showing up there you didn't install the drivers properly.
Click the Download Button to begin flashing your device
So the above explains how to flash everything if you want to flash individual partitions you can edit your rawprogram0.xml to only include the ones you want. (patch0.xml stays the same) I have linked below 2 examples, one of them flashes just a boot.img and one that just flashes the recovery.img. But you aren't limited to those.
Recovery
Boot
Mine just in case
Awesome, thanks for this post! it will really help us in upcoming projects!
Managed to revive my phone using the B12 files but it crashes after completing system.img, I think the problem is userdata.img, my phone boots but I lost the imei and I don't know how to get it back, I'm still trying.
ZTE 971 not recognized by either QPST or QFIL
Thanks for all the detailed instructions. But my ZTE 971 is not visible to either qpst or qfil eventhough the phone shows in windows 8.1. In the Developer Options menu, I noticed Select USB Configuration, RNDIS (USB ethernet) option cannot be enabled. I wonder if this has anything to do with it. OEM unlocking, USB debbugging are already selected. Any suggestions, please? Thanks.
ps. I live in Turkey. I got this phone last year from AT&T and have unlocked the sim.
My PC is not detecting my ZTE MAVEN 3
I have installed all drives but still facing the issue. I am using it on Windows 10.
I flashed the B13 (ZPST tool shows my device as B13) with the QFIL like your guide says and it says all completed successfully and finishes, but now my phone went from only being able to boot EDL + FTM + Recovery, to now booting directly to EDL mode, which obviously means this guide completely screwed up my phone... Thanks.
Mega says that link for the driver is invalid, but the driver is included in your QPST download anyway.
000Nick said:
I flashed the B13 (ZPST tool shows my device as B13) with the QFIL like your guide says and it says all completed successfully and finishes, but now my phone went from only being able to boot EDL + FTM + Recovery, to now booting directly to EDL mode, which obviously means this guide completely screwed up my phone... Thanks.
Click to expand...
Click to collapse
solucionaste hermano
Mod edit:
you solved brother
Click to expand...
Click to collapse
it says qhsusb_bulk when I connect the the software is not working in the mobile and it is stuck at bootloader screen but I used the press both buttons to go to edl mode method and it said in the device manager a device connected with name : qhsusb_bulk
help pls
Hello All.
I am not able to get the following files
rawprogram.xml and patch.xml for LG G8x​Please help me to get this files ASAP as i have hard bricked the mobile, all partitions deleted

Method for root - OnePlus Nord N100 (BE2011 unlocked)

I have successfully rooted my OnePlus Nord N100 (BE2011) using stock boot.img file patched with Magisk.
Here I will attempt to provide a detailed guide.
This is for OnePlus Nord N100 version BE2011 (Carrier unlocked) bought in the US at Best Buy. The build number is 10.5.8.BE81AA (As of today June 29, 2021)
Carrier locked versions will not work with this method because the bootloader is locked.
NOTE: Please follow the details as I had soft bricked the phone a few times by installing the wrong version of boot.img In which case the phone would not work for calls / txt
**MAKE SURE THE EXTRACTED boot.img FILE IS FROM THE EXACT OTA .zip file that is installed with the "Local Upgrade" method as described in STEP 3)***
Luckily I was able to get it to factory default by using the MSM method posted here:
[OPN100][OOS 81AA/83BA] Unbrick tool to restore your device to OxygenOS
Disclaimer: By attempting any of the processes listed in this thread you accept full responsibility for your actions. I will not be held responsible if your device stops working, catches fire, or turns into a hipster and claims to have been...
forum.xda-developers.com
STEP 1- On a new phone the user may have to use the automatic update either through wifi or mobile data BEFORE using "Local Upgrade" method as the 'settings' icon (gear wheel) under 'Settings' - 'system update', may not be displayed.
STEP 2- Install OnePlus Drivers on PC. USB setting should be set to file transfer.
STEP 3- Download and Update to latest firmware from OnePlus using "Local Upgrade Method"
This will be the full firmware (About 2GB file) not the smaller "update file"
This is from and email from support at OnePlus which includes the link to the latest firmware
(As of today June 6, 2021):
Check this link:
Software Upgrade - OnePlus.com
Get the latest OxygenOS updates for your device.OxygenOS is always evolving. Learn about the latest features and improvements, and get even more out of your device.
www.oneplus.com
Download the software build for your device from the above page. Please back up your data before flashing your device.
**KEEP A COPY of the .zip file on the PC as it will be needed to extract the bootloader boot.img file**
Plug your phone into your computer and copy the downloaded .zip to your phone’s storage.
(At the root of Internal storage: BE2011>Internal shared storage) see below picture.
If you’re using a Mac, you can install Android File Transfer Android File Transfer for this operation.
After the .zip file is copied to your phone, go to 'Settings' - 'system update', click the 'settings' icon on the top right corner, choose 'Local upgrade', find the .zip file and click on 'Install' to confirm.
The update takes about a minute (depending upon the file size), once done reboot your device to boot into the latest Oxygen OS.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
STEP 4- Extract boot.img file from payload.bin
The firmware download is a .zip file. When unzipped on the PC there will be a large file called "payload.bin" In order to extract boot.img from payload.bin the user will need to use a python script called payload_dumper.py
In order to use the tools, there should be no proxy server and use "Administrator" account. (I had errors when using proxy server and my windows user account.)
4a - Install the latest Python from here: https://www.python.org/downloads/
On Python install select "Add Python 3.xx to PATH"
4b - Download payload dumper from here :
https://www.mediafire.com/file/pslxh616isribx6/payload_dumper.zip/file
4c Upon successful download, extract all the files inside the ZIP folder to the same location where you have installed Python.
4d Unzip the OnePlus firmware file .zip and copy payload.bin to the python folder ( This means that the folder will have Python, the Payload Dumper Tool, and the payload.bin file in the same place.)
4e- Open the folder in CMD and use command: python -m pip install protobuf
(this will download and install Protocol Buffers Google’s data interchange format)
4f- execute the following command: python payload_dumper.py payload.bin
The .img files should now be extracted to the "output" folder
STEP 5- Install Android SDK Platform-Tools on Your PC
5a - Enable developer options on phone in settings>about phone. tap on "build number" several times until it displays "you are now a developer"
5b - On phone go to settings>system>developer options and Enable USB debugging (in Windows Device manager there should show "ADB Interface" under USB devices. If not the OnePlus ADB drivers need to be installed)
5c - Install ADB on Windows
Download the platform-tools package for Windows from Google:
https://dl.google.com/android/repository/platform-tools-latest-windows.zip
We are going to need a location on the PC where the files could remain untouched, yet easily accessible. So extract the content of the downloaded “platform-tools-latest-windows.zip” file to C:\adb
5d- Connect phone with ADB
Go to the folder where the files are present (Example: C:\adb).
On an empty space inside this folder, press the SHIFT key and right-click. Select “Open command window here” or “Open PowerShell window here” from the menu that appears.
With the Android device connected to the PC using USB cable enter the following command to initiate the ADB connection:
adb devices
The phone will ask for permission. Select allow and click ok
enter the command again:
adb devices
This will show that the device is connected with ADB.
STEP 6- Unlock Bootloader ****THIS WILL WIPE ALL DATA FROM PHONE****
6a- On phone go to settings>system>developer options and enable "OEM unlocking"
NOTE OPTION WILL ONLY BE AVAILABLE WITH CARRIER UNLOCKED PHONE
6b- In CMD or Powershell use command : adb reboot bootloader
This will reboot the phone into fastboot mode
6c- enter command: fastboot devices
The phone should be displayed. This verifies the connection with fastboot driver
6d- enter command: fastboot oem unlock
The phone will now ask to confirm. Use the vol +/- numbers to navigate and power button to select "unlock bootloader"
6e- if the phone doesnt automatically reset use command : fastboot reboot
6f- on reboot the user will have to go through the factory "setup" again and enable developer options and USB debugging again (Steps 5a, 5b from above)
STEP 7- Install Magisk and patch boot.img file
7a- Download Magisk APK file from here: https://magiskmanager.com/go/download
7b- Copy the .apk file to phone and use file manager to run. (it will ask for permission)
7c- copy the file "boot.img" from the PC to the phone internal storage (output folder under Python Step 4f above)
7d- run Magisk app on phone
7e- Click "install" under the Magisk heading and check "select and patch a file"
7f- choose the boot.img file that was just copied to the phone
Magisk will now patch the boot.img file and show the file location. This may be in "Downloads" folder.
7g- Copy the patched magisk boot.img file back to the PC in the \adb folder. File name should be something like "magisk_patched-23000_XXXXX.img"
STEP 8 - Boot with magisk patched boot.img file
8a - use command prompt and enter command: adb devices
the device should be displayed
8b - enter command: adb reboot bootloader
phone will reboot in fastboot mode
8c - ensure connnetion with command : fastboot devices
device should be displayed
8d - Test boot image by executing command:
fastboot boot magisk_patched-XXXXXXX.img
This will only boot the image once! Make sure everything is working (e.g. WiFi, PHone Messaging doesn't work on wrong image)
Call your phone and txt and use WIFI to make sure all the communication features are working
Open the Magisk APP. It should show Magisk installed.
The device is now temporarily rooted.
STEP 9 - Flash Bootloader
9a - use command prompt and enter command: adb devices
the device should be displayed
9b - enter command: adb reboot bootloader
phone will reboot in fastboot mode
9c - ensure connnetion with command : fastboot devices
device should be displayed
9d - Flash boot image by entering command:
fastboot flash boot magisk_patched-XXXXXX.img
Did you have an issue with the phone updating itself recently? Mine auto installed without any prompts this morning, so I went through the process again of unbricking to 10.5.5, manually updating to 10.5.8, patching, rooting, and tried blocking all oneplus domains to prevent any updates. Then a couple hours later it randomly rebooted and installed an update again without any prompt. I check OnePlus's website and the most recent update is from June.
If only someone would post the OTA zip file! Please! My n100 updated overnight without warning and I lost root. I'd really like to get a hold of it so I could patch boot.img and get root back.
Does anyone know how to get the OTA zip file after the update has run? Any other ways to re-obtain root without flashing back to android 10? Any advice would be greatly appreciated!
I contacted one plus support and they asked me for IMEI number and proof of purchase. Then they sent me the link for the current firmware download (the complete zip not the update this file should be about 2GB).
I have posted the link that they sent me in the instructions above.
For this to work you have to let the unrooted stock phone download the OTA update the normal way in systemm settings.
Once it does that you will be able to flash it with the firmware from the zip file manually.
I have disabled all automatic updates and ever since i rooted it the update option in system settings is greyed out.
Hope this helps
alexspecht said:
I have successfully rooted my OnePlus Nord N100 (BE2011) using stock boot.img file patched with Magisk.
Here I will attempt to provide a detailed guide.
This is for OnePlus Nord N100 version BE2011 (Carrier unlocked) bought in the US at Best Buy. The build number is 10.5.8.BE81AA (As of today June 29, 2021)
Carrier locked versions will not work with this method because the bootloader is locked.
NOTE: Please follow the details as I had soft bricked the phone a few times by installing the wrong version of boot.img In which case the phone would not work for calls / txt
**MAKE SURE THE EXTRACTED boot.img FILE IS FROM THE EXACT OTA .zip file that is installed with the "Local Upgrade" method as described in STEP 3)***
Luckily I was able to get it to factory default by using the MSM method posted here:
[OPN100][OOS 81AA/83BA] Unbrick tool to restore your device to OxygenOS
Disclaimer: By attempting any of the processes listed in this thread you accept full responsibility for your actions. I will not be held responsible if your device stops working, catches fire, or turns into a hipster and claims to have been...
forum.xda-developers.com
STEP 1- On a new phone the user may have to use the automatic update either through wifi or mobile data BEFORE using "Local Upgrade" method as the 'settings' icon (gear wheel) under 'Settings' - 'system update', may not be displayed.
STEP 2- Install OnePlus Drivers on PC. USB setting should be set to file transfer.
STEP 3- Download and Update to latest firmware from OnePlus using "Local Upgrade Method"
This will be the full firmware (About 2GB file) not the smaller "update file"
This is from and email from support at OnePlus which includes the link to the latest firmware
(As of today June 6, 2021):
Check this link:
Software Upgrade - OnePlus.com
Get the latest OxygenOS updates for your device.OxygenOS is always evolving. Learn about the latest features and improvements, and get even more out of your device.
www.oneplus.com
Download the software build for your device from the above page. Please back up your data before flashing your device.
**KEEP A COPY of the .zip file on the PC as it will be needed to extract the bootloader boot.img file**
Plug your phone into your computer and copy the downloaded .zip to your phone’s storage.
(At the root of Internal storage: BE2011>Internal shared storage) see below picture.
If you’re using a Mac, you can install Android File Transfer Android File Transfer for this operation.
After the .zip file is copied to your phone, go to 'Settings' - 'system update', click the 'settings' icon on the top right corner, choose 'Local upgrade', find the .zip file and click on 'Install' to confirm.
The update takes about a minute (depending upon the file size), once done reboot your device to boot into the latest Oxygen OS.
View attachment 5351013
STEP 4- Extract boot.img file from payload.bin
The firmware download is a .zip file. When unzipped on the PC there will be a large file called "payload.bin" In order to extract boot.img from payload.bin the user will need to use a python script called payload_dumper.py
In order to use the tools, there should be no proxy server and use "Administrator" account. (I had errors when using proxy server and my windows user account.)
4a - Install the latest Python from here: https://www.python.org/downloads/
On Python install select "Add Python 3.xx to PATH"
4b - Download payload dumper from here :
https://www.mediafire.com/file/pslxh616isribx6/payload_dumper.zip/file
4c Upon successful download, extract all the files inside the ZIP folder to the same location where you have installed Python.
4d Unzip the OnePlus firmware file .zip and copy payload.bin to the python folder ( This means that the folder will have Python, the Payload Dumper Tool, and the payload.bin file in the same place.)
4e- Open the folder in CMD and use command: python -m pip install protobuf
(this will download and install Protocol Buffers Google’s data interchange format)
4f- execute the following command: python payload_dumper.py payload.bin
The .img files should now be extracted to the "output" folder
View attachment 5351027
STEP 5- Install Android SDK Platform-Tools on Your PC
5a - Enable developer options on phone in settings>about phone. tap on "build number" several times until it displays "you are now a developer"
5b - On phone go to settings>system>developer options and Enable USB debugging (in Windows Device manager there should show "ADB Interface" under USB devices. If not the OnePlus ADB drivers need to be installed)
5c - Install ADB on Windows
Download the platform-tools package for Windows from Google:
https://dl.google.com/android/repository/platform-tools-latest-windows.zip
We are going to need a location on the PC where the files could remain untouched, yet easily accessible. So extract the content of the downloaded “platform-tools-latest-windows.zip” file to C:\adb
5d- Connect phone with ADB
Go to the folder where the files are present (Example: C:\adb).
On an empty space inside this folder, press the SHIFT key and right-click. Select “Open command window here” or “Open PowerShell window here” from the menu that appears.
With the Android device connected to the PC using USB cable enter the following command to initiate the ADB connection:
adb devices
The phone will ask for permission. Select allow and click ok
enter the command again:
adb devices
This will show that the device is connected with ADB.
STEP 6- Unlock Bootloader ****THIS WILL WIPE ALL DATA FROM PHONE****
6a- On phone go to settings>system>developer options and enable "OEM unlocking"
NOTE OPTION WILL ONLY BE AVAILABLE WITH CARRIER UNLOCKED PHONE
6b- In CMD or Powershell use command : adb reboot bootloader
This will reboot the phone into fastboot mode
6c- enter command: fastboot devices
The phone should be displayed. This verifies the connection with fastboot driver
6d- enter command: fastboot oem unlock
The phone will now ask to confirm. Use the vol +/- numbers to navigate and power button to select "unlock bootloader"
6e- if the phone doesnt automatically reset use command : fastboot reboot
6f- on reboot the user will have to go through the factory "setup" again and enable developer options and USB debugging again (Steps 5a, 5b from above)
STEP 7- Install Magisk and patch boot.img file
7a- Download Magisk APK file from here: https://magiskmanager.com/go/download
7b- Copy the .apk file to phone and use file manager to run. (it will ask for permission)
7c- copy the file "boot.img" from the PC to the phone internal storage (output folder under Python Step 4f above)
7d- run Magisk app on phone
7e- Click "install" under the Magisk heading and check "select and patch a file"
7f- choose the boot.img file that was just copied to the phone
Magisk will now patch the boot.img file and show the file location. This may be in "Downloads" folder.
7g- Copy the patched magisk boot.img file back to the PC in the \adb folder. File name should be something like "magisk_patched-23000_XXXXX.img"
STEP 8 - Boot with magisk patched boot.img file
8a - use command prompt and enter command: adb devices
the device should be displayed
8b - enter command: adb reboot bootloader
phone will reboot in fastboot mode
8c - ensure connnetion with command : fastboot devices
device should be displayed
8d - Test boot image by executing command:
fastboot boot magisk_patched-XXXXXXX.img
This will only boot the image once! Make sure everything is working (e.g. WiFi, PHone Messaging doesn't work on wrong image)
Call your phone and txt and use WIFI to make sure all the communication features are working
Open the Magisk APP. It should show Magisk installed.
The device is now temporarily rooted.
STEP 9 - Flash Bootloader
9a - use command prompt and enter command: adb devices
the device should be displayed
9b - enter command: adb reboot bootloader
phone will reboot in fastboot mode
9c - ensure connnetion with command : fastboot devices
device should be displayed
9d - Flash boot image by entering command:
fastboot flash boot magisk_patched-XXXXXX.img
Click to expand...
Click to collapse
Bro ..This is too much am lost,why don't they have this phone listed on Twrp sites?Can't i install twrp recovery on this N100
alexspecht said:
I have successfully rooted my OnePlus Nord N100 (BE2011) using stock boot.img file patched with Magisk.
Here I will attempt to provide a detailed guide.
This is for OnePlus Nord N100 version BE2011 (Carrier unlocked) bought in the US at Best Buy. The build number is 10.5.8.BE81AA (As of today June 29, 2021)
Carrier locked versions will not work with this method because the bootloader is locked.
NOTE: Please follow the details as I had soft bricked the phone a few times by installing the wrong version of boot.img In which case the phone would not work for calls / txt
**MAKE SURE THE EXTRACTED boot.img FILE IS FROM THE EXACT OTA .zip file that is installed with the "Local Upgrade" method as described in STEP 3)***
Luckily I was able to get it to factory default by using the MSM method posted here:
[OPN100][OOS 81AA/83BA] Unbrick tool to restore your device to OxygenOS
Disclaimer: By attempting any of the processes listed in this thread you accept full responsibility for your actions. I will not be held responsible if your device stops working, catches fire, or turns into a hipster and claims to have been...
forum.xda-developers.com
STEP 1- On a new phone the user may have to use the automatic update either through wifi or mobile data BEFORE using "Local Upgrade" method as the 'settings' icon (gear wheel) under 'Settings' - 'system update', may not be displayed.
STEP 2- Install OnePlus Drivers on PC. USB setting should be set to file transfer.
STEP 3- Download and Update to latest firmware from OnePlus using "Local Upgrade Method"
This will be the full firmware (About 2GB file) not the smaller "update file"
This is from and email from support at OnePlus which includes the link to the latest firmware
(As of today June 6, 2021):
Check this link:
Software Upgrade - OnePlus.com
Get the latest OxygenOS updates for your device.OxygenOS is always evolving. Learn about the latest features and improvements, and get even more out of your device.
www.oneplus.com
Download the software build for your device from the above page. Please back up your data before flashing your device.
**KEEP A COPY of the .zip file on the PC as it will be needed to extract the bootloader boot.img file**
Plug your phone into your computer and copy the downloaded .zip to your phone’s storage.
(At the root of Internal storage: BE2011>Internal shared storage) see below picture.
If you’re using a Mac, you can install Android File Transfer Android File Transfer for this operation.
After the .zip file is copied to your phone, go to 'Settings' - 'system update', click the 'settings' icon on the top right corner, choose 'Local upgrade', find the .zip file and click on 'Install' to confirm.
The update takes about a minute (depending upon the file size), once done reboot your device to boot into the latest Oxygen OS.
View attachment 5351013
STEP 4- Extract boot.img file from payload.bin
The firmware download is a .zip file. When unzipped on the PC there will be a large file called "payload.bin" In order to extract boot.img from payload.bin the user will need to use a python script called payload_dumper.py
In order to use the tools, there should be no proxy server and use "Administrator" account. (I had errors when using proxy server and my windows user account.)
4a - Install the latest Python from here: https://www.python.org/downloads/
On Python install select "Add Python 3.xx to PATH"
4b - Download payload dumper from here :
https://www.mediafire.com/file/pslxh616isribx6/payload_dumper.zip/file
4c Upon successful download, extract all the files inside the ZIP folder to the same location where you have installed Python.
4d Unzip the OnePlus firmware file .zip and copy payload.bin to the python folder ( This means that the folder will have Python, the Payload Dumper Tool, and the payload.bin file in the same place.)
4e- Open the folder in CMD and use command: python -m pip install protobuf
(this will download and install Protocol Buffers Google’s data interchange format)
4f- execute the following command: python payload_dumper.py payload.bin
The .img files should now be extracted to the "output" folder
View attachment 5351027
STEP 5- Install Android SDK Platform-Tools on Your PC
5a - Enable developer options on phone in settings>about phone. tap on "build number" several times until it displays "you are now a developer"
5b - On phone go to settings>system>developer options and Enable USB debugging (in Windows Device manager there should show "ADB Interface" under USB devices. If not the OnePlus ADB drivers need to be installed)
5c - Install ADB on Windows
Download the platform-tools package for Windows from Google:
https://dl.google.com/android/repository/platform-tools-latest-windows.zip
We are going to need a location on the PC where the files could remain untouched, yet easily accessible. So extract the content of the downloaded “platform-tools-latest-windows.zip” file to C:\adb
5d- Connect phone with ADB
Go to the folder where the files are present (Example: C:\adb).
On an empty space inside this folder, press the SHIFT key and right-click. Select “Open command window here” or “Open PowerShell window here” from the menu that appears.
With the Android device connected to the PC using USB cable enter the following command to initiate the ADB connection:
adb devices
The phone will ask for permission. Select allow and click ok
enter the command again:
adb devices
This will show that the device is connected with ADB.
STEP 6- Unlock Bootloader ****THIS WILL WIPE ALL DATA FROM PHONE****
6a- On phone go to settings>system>developer options and enable "OEM unlocking"
NOTE OPTION WILL ONLY BE AVAILABLE WITH CARRIER UNLOCKED PHONE
6b- In CMD or Powershell use command : adb reboot bootloader
This will reboot the phone into fastboot mode
6c- enter command: fastboot devices
The phone should be displayed. This verifies the connection with fastboot driver
6d- enter command: fastboot oem unlock
The phone will now ask to confirm. Use the vol +/- numbers to navigate and power button to select "unlock bootloader"
6e- if the phone doesnt automatically reset use command : fastboot reboot
6f- on reboot the user will have to go through the factory "setup" again and enable developer options and USB debugging again (Steps 5a, 5b from above)
STEP 7- Install Magisk and patch boot.img file
7a- Download Magisk APK file from here: https://magiskmanager.com/go/download
7b- Copy the .apk file to phone and use file manager to run. (it will ask for permission)
7c- copy the file "boot.img" from the PC to the phone internal storage (output folder under Python Step 4f above)
7d- run Magisk app on phone
7e- Click "install" under the Magisk heading and check "select and patch a file"
7f- choose the boot.img file that was just copied to the phone
Magisk will now patch the boot.img file and show the file location. This may be in "Downloads" folder.
7g- Copy the patched magisk boot.img file back to the PC in the \adb folder. File name should be something like "magisk_patched-23000_XXXXX.img"
STEP 8 - Boot with magisk patched boot.img file
8a - use command prompt and enter command: adb devices
the device should be displayed
8b - enter command: adb reboot bootloader
phone will reboot in fastboot mode
8c - ensure connnetion with command : fastboot devices
device should be displayed
8d - Test boot image by executing command:
fastboot boot magisk_patched-XXXXXXX.img
This will only boot the image once! Make sure everything is working (e.g. WiFi, PHone Messaging doesn't work on wrong image)
Call your phone and txt and use WIFI to make sure all the communication features are working
Open the Magisk APP. It should show Magisk installed.
The device is now temporarily rooted.
STEP 9 - Flash Bootloader
9a - use command prompt and enter command: adb devices
the device should be displayed
9b - enter command: adb reboot bootloader
phone will reboot in fastboot mode
9c - ensure connnetion with command : fastboot devices
device should be displayed
9d - Flash boot image by entering command:
fastboot flash boot magisk_patched-XXXXXX.img
Click to expand...
Click to collapse
My N100 build no. is Oxygen Os 10.5.10.BE83BA can i update and root my phone with the same firmware?
Wanted to drop in and thank the OP for this. The steps worked like a charm. I even powered off the phone and booted back up to insure Root was successfully implemented.
I installed Package Manager and successfully removed all the bloatware and tracking apps phone manufacturers love to refuse to allow to you remove. I'm not a power user like alot of root people, I just want a clean and private experience on my phone. I don't even sign into a Google account with my phones, that's how privacy conscious I am.
My last few phones were HTC because they made is very easy to unlock the bootloader and play around. It's sad they're not making phones anymore, but when I heard OnePlus was bootloader friendly, I decided to check them out and I'm glad I did.
So, thank you again!
So for anyone like me who had a mini panic attack when they got the notice to update to build 11.0.1.BE81AA, it did not break root, deactivate developer options, or lock the bootloader. The update was successful, and as far as I can tell, I still have root.
Though, I wouldn't mind re-locking the bootloader now that I'm rooted. The option is greyed out in Developer options. It's not a big deal, except for the annoying warning message and a few seconds delay when rebooting.
jtl2dotnet said:
So for anyone like me who had a mini panic attack when they got the notice to update to build 11.0.1.BE81AA, it did not break root, deactivate developer options, or lock the bootloader. The update was successful, and as far as I can tell, I still have root.
Though, I wouldn't mind re-locking the bootloader now that I'm rooted. The option is greyed out in Developer options. It's not a big deal, except for the annoying warning message and a few seconds delay when rebooting.
Click to expand...
Click to collapse
Amigo,como le hiciste?
Yo tengo la misma actualización pero no logro sacar el boot.img
Okay, time for an update. I can officially confirm that upgrading to 11.0.1.BE81AA does break root. One of the apps I used appeared to be working in fact, but it really wasn't. It didn't give any error messages that I could see, the app appeared to work as normal but actually wasn't doing anything. Thinking it must be broken root, I downloaded a root checker and that confirmed it.
Again: upgrading to 11.0.1.BE81AA breaks root.
I checked OnePlus' website and they not released the zip file for this release yet. I am hoping that once they do, these steps will work by simply using the boot.img from the 11.0.1.BE81AA zip, but until it's officially released I don't know of way to test it.
If anyone has gotten 11.0.1.BE81AA rooted, I would be interested to know.
My device automatically upgraded to 11.0.1.BE81AA. It is in android 11. Please help me. I want to Root.
OK, for those of you that had a problem with One Plus pushing the 11.0.1.BE81AA android 11 update to your phone and are still struggling, I will post what I did. Just follow the instructions from the previous several messages above, and use the boot.img file you can find at link to repo . I used the file named "OnePlusN100Oxygen_14.O.21_GLO_0210_2107241056" (AKA "f0ca210dff1c162c3c4a68f2560ef50898ac1797.zip" and the tool "payload_dumper-win64.zip". ISInce I already had Magisk on my phone and just just lost root, I followed the instructions posted in post #1 in this thread (thanks, alexspecht for the detailed instructions!) starting with step 7.
To summarize: WARNING, I BEAR NO RESPONSIBILITY IF YOU DAMAGE OR RENDER YOUR DEVICE UNUSABLE:
1. I unpacked the boot.img, and copied it to my phone.
2. I used Magisk to patch it
3. I copied the patched boot.img file to my platform tools folder on my windows PC.
4. I skipped step 8 and jumped right to step 9
5. I used a command window to send "adb devices" to my phone to verify connection
5. I then issued the "adb boot bootloader" command, and authorized my device when asked.
6. Next, i entered "fastboot devices"
7. And finally I issued the "fastboot flash boot magisk_patched-XXXXXX.img" command
8. and rebooted by selecting "Start" on my phone screen.
I knew it was working when I saw the live boot screen I use instead of the standard oneplus boot sequence.
Once again, thank you, @alexspecht !
Glad to see people found this useful. They dont make it easy anymore.
As far as the OTA push thats been breaking peoples phone:
If you disable google play services the update will not come through.
The update uses wifi to download, so luckily I was not connected to wifi when the update came in.
so if you need google play services make sure your not on wifi. So far they havent broken my phone, sorry thats the best I could do.
I can confirm that repeating the steps in the OP with the EU 11.0.0.0 ROM (OnePlusN100Oxygen_14.E.20_GLO_0200_2106222205) successfully resulted in root.
I was able to successfully root my oneplus N100 BE2011 i checked my text messages and they work but my calls dont come in, when i try to make a phone call the phone freezes up, i completed the root process and disabled auto updates. Sucks the phone does not work i cant make any calls but atleast im rooted ?
Is there a way to update to 10.5.8.BE81AA using the downloaded payload with an MSM tool?
This would save all the time of updating via auto-downlaod update, then moving the file to the phone, then doing manual local update.
alexspecht said:
STEP 1- On a new phone the user may have to use the automatic update either through wifi or mobile data BEFORE using "Local Upgrade" method as the 'settings' icon (gear wheel) under 'Settings' - 'system update', may not be displayed.
Click to expand...
Click to collapse
This is correct, there's no `settings` icon unless you do the update. BUT when you do the update, now you're in android 11 and they won't let you downgrade: "The version of your selected package is lower than that of the current system. To avoid booting up failure, downgrading is not allowed."
So I'm not sure how to make your guide work, given this.
.
Wish the n200 had this much development
I did this and have root access verified. But now everytime I try to get SU in adb it automatically denies access. Any ideas?

Samsung Galaxy Tab A 10.1" - SM-T515 / SM-T510 - Root + TWRP - Android 11 - September 8th 2021 Security Update

/*** BEGIN DISCLAIMER ***/
If you follow this procedure and lose every bit of content on your device / end up with a fancy paperweight, I, nor anyone involved with the referenced open source or otherwise licensed projects is responsible. It's all on you, and this will void your warranty. Do not proceed if you don't understand something. Chances are you will have a bad time.
/*** END DISCLAIMER ***/
Hey everyone - my Samsung Galaxy Tab A 10.1" (2019) - SM-T515 - recently applied a security update without my consent (The Samsung Android 11R September 8th 2021 Security update - side note, make sure that you turn off Samsung's push service ), which canned my previous root access. I use server software and internal port forwarding to do... Things on my device, so I needed my root access back.
Here's how I retrieved it, and how I put TWRP in place as my recovery partition in the process.
The Tools
Make sure you have these before you start. Because this is a Samsung device, you'll have to do some things under Windows, like using Frija and Odin (unfortunately).
1.) Frija - Available here - https://forum.xda-developers.com/t/tool-frija-samsung-firmware-downloader-checker.3910594/
2.) The latest SM-T515 / SM-T510 firmware from Samsung for your device's CSC (if you use the firmware for the wrong CSC code the most common problem that I have seen as a result is typically incorrect partition sizes after flashing, which can be corrected with TWRP). Frija is listed first, because you'll use Frija to get this directly from Samsung.
3.) Some kind of generic tool that you're comfortable with for working with archives. Ideally whatever tool you choose should be able to work with .tar, .gz, and .zip archives for this process. Personally I like 7-Zip on *Nix and Windows, and ZArchiver on Android.
4.) Odin (firmware flash tool by Samsung) - attached.
5.) The latest Samsung device USB drivers for your environment (they're fine as long as they enable both ADB and MTP correctly) - available here https://developer.samsung.com/mobile/android-usb-driver.html
6.) The latest TWRP image for Samsung SM-T5xx devices - available here https://androidfilehost.com/?fid=14943124697586374577 (and attached)
7.) ADB - downloading / installing and using adb are outside the scope of this post. It is available here - https://forum.xda-developers.com/t/...vers-15-seconds-adb-installer-v1-4-3.2588979/
8.) The latest Magisk APK file - available here https://github.com/topjohnwu/Magisk/releases/download/v23.0/Magisk-v23.0.apk
The Process
0.) Back up your stuff, and remove your SD card if it makes you more comfortable - do whatever you need to do to be comfortable with "I might lose EVERYTHING on this device." If you plan on following this procedure, you should know how to do this, and I'm not going to try to explain it. If you can't get past this part, you should stop while you're ahead and still have a device that boots.
1.) Unlock your bootloader.
2.) Download the most recent firmware package for your device using Frija and extract all of the individual .md5 files which it contains.
2.) Use Odin to flash the most recent firmware to your device, and factory reset / wipe / format partitions and caches until you have a clean device that boots correctly. If your partitions aren't sized properly at this point it isn't something to be too concerned with, as you can correct them later using TWRP.
3.) Turn developer options back on, enable USB debugging, set the default USB configuration to "File Transfer", connect your device to your PC and copy the Magisk APK over to the internal storage of your device.
4.) Remove .md5 from the filename of the AP file that was included in your firmware package from Samsung and extract its contents into its own directory.
5.) Extract the contents of the latest TWRP package for these devices into the same directory where you extracted the individual partition image files contained in the AP file. Overwrite contents in the destination directory as necessary. The TWRP package should contain three files - param.bin.lz4, recovery.img.lz4, and vbmeta.img.lz4 - If there are uncompressed images (.img files) that correspond to the LZ4 compressed images from the TWRP package in the AP file of your firmware package, remove them first. Odin will (understandably) freak out if you try to flash two different images to the same partition in the same flash operation.
6.) Compress the contents of your modified AP directory which now contains the TWRP package's contents into a tar ball on your PC, and then copy it somewhere that Magisk will be able to access it on the Internal storage of your device (the Downloads directory - "/storage/emulated/0/Downloads/" is a good choice).
7.) Copy the latest Magisk APK to your device (again, the Downloads directory is a good choice), and then install it on your device.
8.) Launch Magisk on your device and choose "Install". Be sure to uncheck the "Recovery Mode" option. We don't want to use "Recovery mode" for Magisk's patching process. Even though this is a Samsung device and this would normally be how to proceed, in this case we're using our own custom TWRP recovery partition, and we don't want Magisk to mess with it. So make sure you aren't patching the bootloader or recovery images in unnecessary ways with Magisk.
9.) In Magisk on your device, choose "Select and patch a file" and then choose the AP file that you created and copied to the device which now contains TWRP as its recovery partition.
10). Let Magisk do its patching and when it has completed take note of where the patched file which it generated was written.
11.) Launch a command line / Powershell / Bash terminal where you can perform ADB commands, and issue the command "adb pull "/storage/emulated/0/Download/magisk_patched-23000_xYzXyZ.tar" (replace "XyZxYz" with whatever random sequence of characters that Magisk generated during its patching operations) to use ADB to download the patched AP file from your device.
12.) Power off your device.
13.) Reboot your device into FANCY download mode by holding the volume up and volume down keys simultaneously while inserting a USB cable that is connected to your PC into your device's USB C charger port. Your device should boot as you insert the USB cable and your bootloader should already be unlocked, so when prompted press the volume up button to continue.
14.) Launch Odin on your PC, and choose the BL, CP, CSC, and UserData images from the firmware package that you retrieved from Samsung to flash the corresponding slots in Odin. In the AP file slot, choose the Magisk patched AP file which contains TWRP as its recovery partition which you retrieved previously using ADB.
15.) Start the flash operation in Odin, and wait patiently for it to complete. Stay alert, because if you left "Auto reboot" checked in the Odin options, your device will reboot immediately upon completion, and there are actions that you need to take while the device is in its "off" state before it re-launches itself.
16.) Once the Odin flash operation has completed, boot to recovery mode. If you left "Auto reboot" checked in Odin, immediately as the flash operation completes, press and hold the power key and the volume up key and remove the USB cable from the device. Otherwise press and hold the power button and the volume down button until the device restarts, and while the device is in its "off" state remove the USB cable and press and hold the power button and the volume up button during device restart to enter recovery mode.
17.) Immediately upon entering recovery mode you should see TWRP do a couple of things that ensure that Samsung's device protection solutions don't remove it. Once those operations have completed, reboot into the system partition.
18.) Your device should be BASICALLY ready to go. Go through the steps to "complete" setup as you see fit. If you have not already done so, connect your device to a WiFi or to an LTE network and then launch the Magisk application.
19.) Magisk may want to download updates, if it does, let it do so.
20.) Once any necessary updates / downloads have completed, re-launch Magisk and it should present you with a prompt to the effect of "Magisk is installed, but additional configuration needs to be done on your device for it to work the right way. Do you want to reboot now?" If you've made it this far, the answer is "Yes, please do."
21.) After rebooting, your device will now be configured, and be running TWRP in its recovery partition, along with a properly Magisk rooted system partition.
22.) ????
23.) PROFIT!
I hope this helps some people out!
- The Scarecrow - 2021/09/22
Has anyone besides been successful?
mydjtl said:
Has anyone besides been successful?
Click to expand...
Click to collapse
I can provide screenshots from the device that I did this to if you would like.
It's pretty cool to see the TWRP logo on a Samsung Tab series device that's running Android 11.
I don't even get the little Samsung warning prompt during device bootup that says "This device's software can't be verified" or whatever Samsung's custom ROM message is. All I get is the "This device's bootloader is unlocked" message, no warning about the integrity of the software.
mydjtl said:
Has anyone besides been successful?
Click to expand...
Click to collapse
Follow this simple as he'll no need to read all these things
pankspoo said:
Follow this simple as he'll no need to read all these things
Click to expand...
Click to collapse
Yeah - pretty much exactly that, except I Magisk patched the system image, and then copied the TWRP package's vbmeta and recovery image into the AP file for the Odin flash, and then flashed every slot rather than just the AP.
is it systemless root?
Will this work on Galaxy Tab A sm-t595? on android 10?
or know of a root guide that will work with said device?
If you dont untick auto reboot, how do you fix any issues that happen because of it?
I rooted my t500 but I think it auto rebooted, which then caused a vbmeta error that stopped it booting. It worked again after flashing the stock rom, but now it gives a vbmeta error if I try to flash a modded rom to root it and I cant get oem unlock to appear in the stock os (download mode says its already unlocked tho)
Hello,
Code:
9.) In Magisk on your device, choose "Select and patch a file" and then choose the AP file that you created and copied to the device which now contains TWRP as its recovery partition
Step 9 yields an error on T515 : Unsupported/Unknown image format
I also tried to install AP patched file with Odin, same result.
Any idea ?
Damn this works so nicely, thanks mate! Cheers!

[GUIDE][ROOT] Unlocking and Improving Your Lenovo ThinkSmart View (CD-18781Y)

Improving Your Lenovo ThinkSmart View (Custom Recovery, Root, Play Store, Custom Webview)​Huge credit to @deadman96385 on how to flash your Lenovo Thinksmart View device and providing access to the firmware files! Credit to @WhyPartyPizza on reddit for the adb enable steps. And also, credit to @Xi07 on providing a way to install TWRP and demonstrating that it is possible to get the Play Store working. And also credit to @garnir4ik on showing us that we can root the device.
The point of this guide is to organize all the information we have on the device and provide a way to make the device more usable (especially since some of the software on the device is outdated).
The guide covers how to:
Install TWRP (optional) and Magisk (recommended) on the device
Install microG and the newest version of the Google Play Store (Magisk required)
Update Webview (needed for Home Assistant)
I'm still trying to figure out how exactly to do certain things on this device so feel free to leave any new information you find!
Installing TWRP (optional) and Magisk (required for Play Store)​Quick Blurb:​To install TWRP, you will need to flash new firmware onto your tablet. However, since there's currently no way to use the device with the bootloader unlocked, a lot of the features used in TWRP are unusable. It might still be good to install TWRP in case someone finds a way to modify the device to better utilize TWRP.​​To install Magisk, it will be much easier to do it by flashing new firmware. However, it is also possible to install Magisk without flashing new firmware. I will include the steps to do this below these.​Steps:​
Download and install the Qualcomm drivers from here
Download and install QPST from here
Download the firmware from this thread (Credit to @deadman96385). I used the 200628.084 version for reference.
Extract the firmware to a folder that you can easily access, like on your desktop.
If you want to install TWRP, download the recovery.img file attached to this post. (Credit to @Xi07)
Open the folder that you extracted the firmware to. In the image folder, replace the recovery.img file with the one you downloaded.
If you want to install Magisk, download the boot.img file attached to this post.
Open the folder that you extracted the firmware to. In the image folder replace the boot.img file with the one you downloaded.
Download the firehose/rawprogram file from @deadman96385's post and flash the package using the instructions provided by @deadman96385. I've included them here for your convenience:
Spoiler: Expand Here
Open the QFIL application (Find it in your start menu)
In the "Select Build Type" field select Flat Build
In the "Select Programmer" field navigate to the folder you extracted the firmware and support files to and select the prog_emmc_firehose_8953_ddr.mbn file
Select the "Load XML" button and navigate to the folder you extracted the firmware and support files to and select the rawprogram_unsparse.xml and then the patch0.xml when prompted.
Remove the cover on the USB-C port on the bottom right of your device
Plug the USB-C cable into your computer
Unplug the power from the device
Hold vol+ and Vol- and then plug the power into your device (Smart Plugs can make this easier)
If the text at the top of the QFIL application mentions qdloader move on to next step. If it says "No Port Available" click the "Select Port..." option and pick your device. If your device isn't showing up there you most likely didn't install the drivers properly.
Click the Download Button to begin flashing your device
Once complete it should automatically reboot but sometimes it doesn't so you need to replug your device.
If you get the dreaded "Sahara" error when flashing your device, you may be waiting too long to flash. The device must be flashed moments after it is booted into EDL mode (powering on with Vol + and Vol - held down). Once you plug in your device, hit download the moment the port is recognized at the top of QFIL.
You can also try disabling driver signing (I'm not sure if this makes a difference). To do so:
Spoiler: Expand Here
Open a command prompt as an Administrator.
Run
Code:
bcdedit /set testsigning on
and restart your device
Your computer should say it's in Test Mode (bottom right corner). To disable driver signing, follow the same steps but run
Code:
bcdedit /set testsigning off
instead.
Thanks to HowToGeek's article for the information.
From here, you can go ahead and follow the original method from @deadman96385 for breaking into the device.
Spoiler: Expand Here
When it boots up select Teams (Others seems to try and network boot/download files and fails)
Go through the setup wizard until you get to the Microsoft Teams (Language > Wifi > Bluetooth > Teams)
Select the Gear Icon in the top right of the teams page
Select the "About" settings option
Tap on "CD-18781Y.200628.084" under firmware version a bunch of times rapidly until a prompt comes up saying developer unlocked.
If your usb c cable is plugged, in unplug and replug it in.
You will now have ADB access.
Download your desired Launcher and use the following command to install it:
Code:
adb install APK_FILE_NAME.apk
You will then need to send this adb command to select a new default launcher:
Code:
adb shell am start -a android.intent.action.MAIN -c android.intent.category.HOME
I would recommend getting a navigation bar app. I've attached the one I used to this post.
You can also technically install Magisk without reflashing your device.
Spoiler: Expand Here
Install the Magisk app (use the Magisk APK)
Enable OEM unlocking in Developer Settings
Unplug the device. Hold Vol- and plug in the device to boot into fastboot mode.
In command prompt, execute
Code:
fastboot devices
to make sure the device is discovered. If a device is not listed, you may need to go into Device Manager > Other Devices > Android device with question mark. Right click > Update Drivers > Browse My Local Drivers > Let me pick from a list > Change to Fastboot Drivers.
Code:
fastboot oem unlock-go
This will unlock your bootloader.
Unplug the device. Hold Vol- and plug in the device to boot into fastboot mode.
In command prompt, navgiate to the directory where your Magisk boot.img is downloaded. Run
Code:
fastboot flash boot boot.img
After the boot.img is flashed, you need to lock your bootloader to be able to boot back into the device. If you're not in fastboot mode, you can once again unplug the device. Hold Vol- and plug in the device to boot into fastboot mode.
Run either of the 2 commands to lock the bootloader. You can restart the device and boot into the device once you are finished.
Code:
fastboot oem lockfastboot flashing lock
Steps for Google Play Store and Custom Webview will be in the next post (to reduce clutter).
Installing MicroG and the Newest Version of the Google Play Store (Magisk Required)​
Download and install the MicroG Services Core and Services Framework Proxy from the MicroG site.
Install the Magisk app (use the Magisk APK). When you open the app, it should say the version of Magisk installed next to "Installed."
On your Android Device go to Settings > Connected Devices > USB > File Transferring Mode.
Download the NanoDroid-patcher.zip file, BusyBox.zip, and terminal_systemizer.zip. Do not unzip these files. Drag and drop these devices onto your Android device.
In Magisk > Modules > Install from storage, find the .zip files and install all 3 Modules. The NanoDroid-patcher module in particular may take awhile so be patient.
Install the apk of Google Play Store of your choice.
Install Termux. In Termux, issue the command
Code:
su
A superuser popup should show up. Make sure to allow Termux Superuser access. If you miss clicking on it, you can allow access in the Magisk App > Superuser.
Code:
systemize
Follow the dialog prompts to systemize Google Play Store to /system/priv-app
Restart the device.
Open the microG settings app. Register the device in Google device registration. In Self-Check, click on each setting (the words, not the checkboxes) and enable them all. Pay particular attention to System spoofs signature being checked off.
Restart the device again if you want. Google Play Store should be working fine now (may need to clear it's App Data first if it's not working).
Installing Custom Webview (Magisk Required)​Some apps such as HomeAssistant won't function without an up to date System Webview. As this tablet is running a quite old version Webview version, this causes these apps to not work. Luckily, there's a Magisk Module to fix that.
Download the Webview_Manager zip file and drag and drop it onto your device. Install it using Magisk. You will need to watch it install as it requires some input on which Webviews you want to install.
After restarting the device, navigate into Settings > System > Developer options > Webview implementation. You should now be able to change your Webview to a updated version.
Note, you may need to unplug and replug in the device after the first restart of installing Webview.
Reserved 2
Chewie610 said:
Download the firehose/rawprogram file from @deadman96385's post and flash the package using the instructions provided by @deadman96385. I've included them here for your convenience:
Spoiler: Expand Here
Open the QFIL application (Find it in your start menu)
In the "Select Build Type" field select Flat Build
In the "Select Programmer" field navigate to the folder you extracted the firmware and support files to and select the prog_emmc_firehose_8953_ddr.mbn file
Select the "Load XML" button and navigate to the folder you extracted the firmware and support files to and select the rawprogram_unsparse.xml and then the patch0.xml when prompted.
Remove the cover on the USB-C port on the bottom right of your device
Plug the USB-C cable into your computer
Unplug the power from the device
Hold vol+ and Vol- and then plug the power into your device (Smart Plugs can make this easier)
If the text at the top of the QFIL application mentions qdloader move on to next step. If it says "No Port Available" click the "Select Port..." option and pick your device. If your device isn't showing up there you most likely didn't install the drivers properly.
Click the Download Button to begin flashing your device
Once complete it should automatically reboot but sometimes it doesn't so you need to replug your device.
Click to expand...
Click to collapse
A slightly easier way that may work I haven't validated on the thinksmart specifically is using qfil's partition manager tool. It allows you to dump, erase, flash individual partitions, that way you can flash just the one you want without having to deal with a full qfil flash. Finish all original steps up to 10. Instead of clicking download do the following instead:
Navigate to the top menu: Tools -> Partition Manager -> OK. If all goes well, you will be greeted with a dialog listing all partitions in ~5s. If this is not the case even after a full minute, try re-entering EDL/9008 mode.
Once the partition list is loaded, you can perform the following actions on partitions by right clicking a partition and then clicking 'Manage Partition Data'.
'Erase' (Clear the partition)
'Read Data...' (Dump the partition)
'Load Image...' (Flash the partition)
Click to expand...
Click to collapse
This is also a great way of backing up partitions from your device. The dumped partition can be found in C:\Users\%USERNAME%\AppData\Roaming\Qualcomm\QFIL\COMPORT_##. Note that the name of the file is the raw file locations so you will need to rename the imgs as you go.

Categories

Resources