Develop Bugs

Script to write (not change) IMEI to a file on an M2000

I am currently working through moving a set of M1000s and M2000s from a pilot stage project to production within my organisation.
Part of the process requires us to use our existing asset management software (using typical Pocket PC config settings) to get information on the device. This works for a lot of the settings but does not include details on the device IMEI. This I guess because the asset management software was designed for plain vanilla Pocket PC devices and not GSM-enabled Pocket PCs such as the M2000.
Does anyone know of a script that when run from the device will store the IMEI number in a text file on the device that can then be interrogated by the asset management software remotely?
Any contributions gratefully received.
Sean

You could write a custom app in EVC I guess to gather and output the info to a file.
Don't know of any scripts though.
V

Thanks for the reply.
With a quick search on EVC I came across this post:
http://forum.xda-developers.com/viewtopic.php?t=13455&highlight=evc

I never managed to compile the embedded c++ code to get the IMEI number.
I don't suppose anyone has a compiled script or application that can gather the IMEI number and write to a file?
TIA,
Sean

Issues upgrading (searched and searched)

Hi there
I am trying to upgrade my Xda Exec (O2 - corporate mode) and have read the posts and guides and downloaded all that I have to. Anyway on running the wizard service tool I get the following info:
Wizard Service Tool v4.2.2
21/04/09 07:11:41
CPU Manuf. FAILED
IMEI:
=> Bootloaders:
IPL: (G3 device)
SPL date unknown
=> Firmware:
OS: 5.1.xxx (Build 14847.2.0.0)
ROM: 0.0
Registry AKU: .2.0.0
Radio values FAILED
=>Extended_ROM:
Version: 1.30.162 WWE
Name: Extended_ROM
Status: hidden
=> Drives and partitions:
|--Handle--|---Size---|
d3d93c3a - 9.99M (0x9fd800)
73e71ed2 - 44.21M (0x2c35800)
f3e71212 - 56.75M (0x38c0000)
73e71026 - 3.19M (0x330000)
33e71002 - 3.06M (0x30fc00)
=> DOC chip unique ID:
00000000b13a02040103085518040584
Key Index: 86
So logic says I need to follow the G3 guide. So when I try and run the button rom I get error code 222. Having searched this I have tried bootloader mode but in that mode activesync doesn't recognise the device. I'm lost. If you are able to help I would appreciate it very much. Thank you

forgot to add this (don't know if it helps)
on running sim unlock (even tho I know my phone works on any network) and also CID (read block)
Decrypted stored sum: 2020202020202020
Decrypted calcd sum: CB2C31FAACFE5801
Checksums did NOT match!!
Could not determine a key index to decrypt it.
Your CID block must be corrupted or file isn't
from a valid CID dump!!
Aborting operation.
and there was me thinking that after reading the guides it seemed pretty easy....lol

upgrade
Hello ...... mine is a G3
i done one of those yesterday as well, and it was as easy as it was explained here http://wiki.xda-developers.com/index.php?pagename=Uni_ROM_Upgrade
chech it out hope you find it workable too....

Abdn_Exec_Al said:
Hi there
I am trying to upgrade my Xda Exec (O2 - corporate mode) and have read the posts and guides and downloaded all that I have to. Anyway on running the wizard service tool I get the following info:
Wizard Service Tool v4.2.2
21/04/09 07:11:41
Thank you
Click to expand...
Click to collapse
If you've read a lot I may be barking up the wrong tree but....can this tool (wizard service tool) be use for the Universal (Xda Exec)? Me thinks not all Wizard development tools (made for the HTC Wizard) work on Universal....

Wizard Service Tool?
Not sure what it is and why you used it at all, sorry. I think your case is a clear illustration of too much knowledge corrupts the mind.
Your best bet is probably to disable USB connection settings in AS, remove SD and SIM and try again.

Since XXKK5 Update over the Air aka FOTA for S8500/S8530 AND S8600

S8500XXKK5 is able to update Firmware over the Air... See here:
http://forum.xda-developers.com/showpost.php?p=19663390&postcount=17
This is DELTA files stuff... Header:
BPDZ
Seen in several Firmware packages...
Main file is in:
User\Mass\SyncML\Fota\*.cfg
5 MB
Additional files are in
User\SyncML\*.cfg
You can choose later with Reminder to Backup files.
Handset creates now NEW files like apps_compressed.bin.
Around 5 Minutes... See Video:
http://www.youtube.com/watch?v=jhKquCccyD8&feature=player_embedded
Now I have dump via JTAG KKV...
I will upload soon apps_compressed.bin for study...
Best Regards
Edit 1.
CONFIRMED devices:
Code:
S8500 DBT
S8530 XEF
S8600 XEF

KKV is FOTA Demo... internal test maybe...
In apps_compressed only 1 Byte change...
http://www.megaupload.com/?d=6UKRP1YY
Attention! This is not for Multiloader, as it is decrypted allready...
Taken from JTAG dump...
Decompress possible with TriX for instance.
RC1 seems also changed...
Will check also QMD part of CSC...
Visible is Samsung Logo from RC2... it is reverse during Boot.
Best Regards

In CSC QMD part...
14 times Flight Mode into FLIGHT MODE...
RC1... not exactly sure about changes...
Both files included... maybe RC1 dump not exact cutted at end...
http://www.megaupload.com/?d=Q1L5P3BV
If Bootloader is also affected, I'll test sooooon.
Again, NOT for Multiloader, only for Research.
Best Regards
P.S.:
Yes, it is possible to make valid file for Multiloader... but...

Major changes in Boot... dbl not checked... toooo lazy now...
I have removed the 128 KB from JTAG dump for better comparing.
NOT use in Multiloader!!!
You can brick your handset.
So I think this is evidence once more, that FOTA is very powerfull...
Best Regards

Thank you Adfree for your hardwork
I think it is time for someone to continue this from that point
Of course if you can do more you are more than welcome
So compression Algorithm is in the phone FW now somewhere .....
Apps_compressed.bin or FOTA ?!!!!
this Algorithm is wanted dead or alive
Best Regards

adfree said:
Major changes in Boot... dbl not checked... toooo lazy now...
I have removed the 128 KB from JTAG dump for better comparing.
NOT use in Multiloader!!!
You can brick your handset.
So I think this is evidence once more, that FOTA is very powerfull...
Best Regards
Click to expand...
Click to collapse
Nice news there's differente boot and ive found source il be post later
They use Nucleus for crypto source, embeddedXen 3.1.3 its an virtual machine
https://rapidshare.com/files/239917171/crypto.7z
All file on your boot file adfree is in. There's complete kernel source i can upload of course now i upload just partial source. The's is 2002 revision 1.3 but i see 3.1.3 exist and some compile it need search more
Last version its 4 you can find source her :
http://embeddedxen.git.sourceforge....9c15b5bd0ccc08732577063836662835c3dc5;hb=HEAD
but our version of boot its compiled with 3.1.3 version

Tigrouzen said:
Nice news there's differente boot and ive found source il be post later
They use Nucleus for crypto source, embeddedXen 3.1.3 its an virtual machine
https://rapidshare.com/files/239917171/crypto.7z
All file on your boot file adfree is in. There's complete kernel source i can upload of course now i upload just partial source. The's is 2002 revision 1.3 but i see 3.1.3 exist and some compile it need search more
Last version its 4 you can find source her :
http://embeddedxen.git.sourceforge....9c15b5bd0ccc08732577063836662835c3dc5;hb=HEAD
but our version of boot its compiled with 3.1.3 version
Click to expand...
Click to collapse
so are u saying source code or something like on android

prok**** said:
so are u saying source code or something like on android
Click to expand...
Click to collapse
non this some source code about crypto on boot in virtual machine

Tigrouzen said:
non this some source code about crypto on boot in virtual machine
Click to expand...
Click to collapse
... tell me what all we can do by this new discovery ..

prok**** said:
... tell me what all we can do by this new discovery ..
Click to expand...
Click to collapse
Ho1od or Rebellios can take a look at and maybe find some trick its not for us but for training also for decrypting some boot system, all its important

On KK5 S8530 I was not able to download something...
DMSetup.ini
Code:
#Settings
FirmwareMaxSize=98304
I think this means maximum 98 MB for Delta... in KK5.
From bada 1.0 JE7...
Code:
FirmwareMaxSize=10485760
Btw...
In Internal Menu you can access few Settings...
http://forum.xda-developers.com/showthread.php?t=906966
Best Regards

Code:
HttpReqInternal: Proxy address is 0, so conver to NULL
HttpReqInternal : HTTP[ 0 ] - https://www.ospserver.net/device/fumo/agreement/IMEI:[B][COLOR="Red"]YOURS ! Caution[/COLOR][/B] (smlCommonHttp.c : 373)
With WinComm you can log few things...
http://forum.xda-developers.com/showthread.php?t=928170
For connection to Server your IMEI is sent...
Best Regards

those who pass me the update that does not come out more 'on Fota?
thanks

It seems nearly all files affected by this "update" to KKV...
amss.bin also few Bytes in Name changed...
Code:
Q6270B-KPUBL-9.9.99999
dbl.mbn seems only untouched file.
Except that FFS, CSC, APP is nearly impossible to compare...
Maybe in 1 of cfg are details about changes... and files involved....
@ DevilM
Not exact understand... sorry. BUT...
"We" not sure how and who is able to Download KKV...
Maybe you need luck, or maybe access limitation by:
- time... maybe only from 5 - 7 morning
- maybe only 100 "user" can access at same time Server...
I don't know. Sorry.
Best Regards

FirmwareMaxSize=98304
It's probably max 96KB for delta file.
FirmwareMaxSize=10485760
is 10MB
I found Quram compression routine in XPKJ1 FOTA module. But it's partial and very, very huge. Probably does support only one type of compression, likely for Rsrc or some libraries. Do you think it's possible for you to dump S8500XXKKV delta and send to me?
Probably FOTA updates does support following commands:
ROM:473277CC DCD aDelta_op_image_updat ; "DELTA_OP_IMAGE_UPDATE"
ROM:473277D0 DCD aDelta_op_image_upd_0 ; "DELTA_OP_IMAGE_UPDATE_COMP"
ROM:473277D4 DCD aDelta_op_image_upd_1 ; "DELTA_OP_IMAGE_UPDATE_ENGINE"
ROM:473277D8 DCD aDelta_op_file_create ; "DELTA_OP_FILE_CREATE"
ROM:473277DC DCD aDelta_op_file_overwr ; "DELTA_OP_FILE_OVERWRITE"
ROM:473277E0 DCD aDelta_op_file_modify ; "DELTA_OP_FILE_MODIFY"
ROM:473277E4 DCD aDelta_op_file_remove ; "DELTA_OP_FILE_REMOVE"
ROM:473277E8 DCD aDelta_op_symlink_cre ; "DELTA_OP_SYMLINK_CREATE"
ROM:473277EC DCD aDelta_op_symlink_ove ; "DELTA_OP_SYMLINK_OVERWRITE"
ROM:473277F0 DCD aDelta_op_symlink_mod ; "DELTA_OP_SYMLINK_MODIFY"
ROM:473277F4 DCD aDelta_op_symlink_rem ; "DELTA_OP_SYMLINK_REMOVE"
ROM:473277F8 DCD aDelta_op_dir_create ; "DELTA_OP_DIR_CREATE"
ROM:473277FC DCD aDelta_op_dir_remove ; "DELTA_OP_DIR_REMOVE"
Click to expand...
Click to collapse
guess it's enumerated from OP_IMAGE_UPDATE = 0
IMAGE_UPDATE_COMP = 1
and so on.
Also a question, have you ever met "GCE" or "GLS" magic string in some files related to compression? Looks like compression method or what.
//edit:
Some about FOTA origin probably:
http://www.ospserver.net/terms/terms.html
That server is probably defined somewhere in SystemFS.

Oh, found this in Debug folder... Logfile
Code:
FOTAMGR > QuramMduceBEraseBlock: startBlk(1), blk_num(1), idx(0), physical addr(0x01140000), size(0x00040000)
FOTAMGR > QuramMduceBWriteData: addr(0x00040000), size(0x00004000), idx(0), physical addr(0x01140000)
FOTAMGR > QuramMduceBWriteData: addr(0x00044000), size(0x0003c000), idx(0), physical addr(0x01144000)
Do you think it's possible for you to dump S8500XXKKV delta and send to me?
Click to expand...
Click to collapse
I'll sleep about.... tooo paranoid...
Only 3 user have KKV update... 2 in Germany...
IP + IMEI + I don't know what else is stored in these files...
Ah, forgotten my phonenumber...
Best Regards

From KK5 its possible to update to KK6...
And KK7 also updateable... to KKV...
XXKK5
Code:
Type : Unofficial Version
Number : 1127
Builder : superuser
Host : S1-AGENT08
Date : 2011/11/[B]22[/B]
Time : 21:04:33
Size : 42730876 bytes
CheckSum : 0xf4ff0762
XXKK6
Code:
Type : Unofficial Version
Number : 1155
Builder : superuser
Host : S1-AGENT08
Date : 2011/11/[B]25[/B]
Time : 22:35:35
Size : 42730876 bytes
CheckSum : 0xf4f72020
It seems you need exact procedure and/or its only 1 time possible after complete Flash with Multiloader... then you can download FOTA...
My steps:
1.
Firmwareupdate via Multiloader!
2.
During first initial Steps... Choose ENGLISH as language
3.
Timezone seems irrelevant... I choose Bermuda...
4.
Ok... Ok...
Now you are able to navigate in menu...
5.
WLAN/Wi-Fi ... no need of active SIM... enter your Password to establish connection to Wi-Fi
6.
Go to Settings->Accounts
Config your Samsung Account
Now you could test if ... but I think no connection... only
You need to RESTART your handset... OFF... ON
After finish of Boot, maybe wait short... then:
Settings->General->Software update
Don't forget to choose Wi-Fi
Please. I need someone to compare files.
Please after Download choose LATER... to backup folder:
Code:
User\Mass\SyncML\Fota\*.cfg
5 MB +
Additional files are in
User\SyncML\*.cfg
NOT upload public, please contact me in private via PM.
Thanx in advance.
Best Regards

After my KK5 Multiloader update... now received 3 packages...
KK5->KK6->KK7->KKV
Last one not installed yet... maybe I'll wait little bit to get KK8 or something like this.
Hmmm. Not sure how final FOTA will work... but it seems you can only jump in minor steps...
As fantasy example:
If your device has "KK1" and latest Firmware is KK9... then maybe you have to download and install first:
KK2
KK3
.
.KK8
Each package a 5 MB...
Best Regards

OTA updates are available for Germany,Italy,UK and another 2 countries i forgot only.....also OTA install of the apps
so i got 0 chance to get such updates
Best Regards

so i got 0 chance to get such updates
Click to expand...
Click to collapse
Not tested yet... if SIM card is mandatory in device... (maybe I'll remove it for test)
BUT my SIM card is not more active... all actions over Wi-Fi...
Also not many users from Europe (or Germany) reports success...
I can only count 3 user from Germany... 1 from Romania...
We will see...
I hope more user can confirm working FOTA.
Thanx.
Best Regards

[Source][Dll][XAP] The HtcRoot project - Testers needed

The result of probably more than 100 hours of solo hackery: a working COM DLL for allowing any application to elevate itself to SYSTEM (root) permissions.
What you need:
An interop-unlocked HTC phone. Sorry second-gen and Arrive users.
A working HtcUtility driver. It's possible some HTC update at some point crippled this. It works for me; if it doesn't work for you let me know what updates you have.
What it does:
Allows changing the security token of any application to give that app unrestricted permissions. At this point, you can call any user-mode API, perform any operation, with full access.
It also allows you to read or write any value from memory, even kernel memory (this is how it modifes the security token).
What it can be used for:
Darn near anything. If it can be done while the phone is booted, you can do it.
What it can't be used for:
Modifying the ROM - the R and O stand for "read only" and they mean it.
Interop-unlocking a phone - it requires interop-unlock to get root in the first place.
How to use it:
In your app, include the HtcRoot.dll library.
Include the code from DriverAccessTest.cs in the test app (defines the COM API and enables using it).
Call the OpenHtcUtility function (will throw an exception if your device is incompatible).
Call the MakeMeRoot function (can also throw exceptions).
(OPTIONAL) Call the ReturnZeroIfRoot function to make sure your app is elevated (does not throw exceptions, will return an error code if you get one).
Do stuff with SYSTEM permissions (probably using another COM DLL, such as for registry or filesystem access).
Call the RestoreToken function (failure to do this *might* cause a kernel memory leak).
Call the CloseHtcUtility function (OS will probably handle this if program just exits).
What you can do right now:
Try the test app. It should pop up a series of messge boxes. Hopefully none of them say anything like "FAILURE".
Report any bugs or failures you discover.
Build things with this library, and publish them!
Breakdown of the download:
There are two folders in the ZIP, one for the Visual Studio 2010 C#/Silverlight XAP project, and one for the Visual Studio 2008 C++/COM DLL project.
The test XAP is in the HtcUtilityTest\bin\Debug folder.
The native (COM) DLL is also available in that folder, or under its own project.
If you want to mess with this, I'm going to assume you are already familiar with hybrid native/managed development for WP7. If not, Heathcliff74 has posted an excellent tutorial on this forum.
Special thanks to:
Heathcliff74 for the hybrid app tutorial and interop unlock info.
Paul_Hammons for the links and info about HtcUtility, the driver that makes this possible. Thread: http://forum.xda-developers.com/showthread.php?t=1434793

Supported devices / firmware versions / ROMs
All HTC devices (if interop-unlocked and with the right firmware numbers) should be compatible.
Some custom ROMs work, some do not. This will depend on the version of the firmware that the ROM's HtcUtility driver is taken from.
I believe I compiled the test app as Mango-only, but the native library doesn't care at all.
Compatible:
Stock ROMs with compatible firmware for HD7, Trophy, Mozart
HD2 (BttF [XBmod-Yuki] v2 SP1)
Not compatible:
Firmware version 2250.21.51004.401 or newer
Verizon Trophy firmware version 2305.13.20104.605 or newer
DFT ROM with build 8107, Firmware 5.10.401
Arrive (except on pre-Mango), Titan, Radar, Titan 2 (no interop-unlock)
Others are untested or results are incomplete.
Goals and future work:
Support more devices:
* Try and add support for newer firmware.
* Help ROM cookers ensure the library is supported.
* Look for similar openings in other OEM libraries.
Future-proofing:
* Allow installation of a mod to support this capability after known updates.
* Resilience against possible future updates.
* Allow users with incompatible devices to downgrade (possibly to NoDo), install the mod, and be able to use the phone after upgrading.
Improve the library:
* Fix some memory leaks.
* Clean up the code - remove dead code and improve comments.
* Allow reading/writing more than 4 bytes at a time from managed code.
* Add APIs to elevate other processes (by name or ID) to SYSTEM.
Develop homebrew around the library:
* Support accessing common APIs (filesystem, etc.).
* Resurrect the Advanced Explorer app, perhaps (registry and filesystem).
* Support native app launching on stock ROMs.

Also reserved
Reserved for OP #2

It does not work on HTC 7 Mozart (HTC Europe):
Error to Write the value 1337 to test address - System.Runtime.InteropServices.COMException (0x8007001F): A device attached to the system is not functioning
Click to expand...
Click to collapse
OS: 7.10.7740.16
Firmware: 2250.21.51101.401
Radio: 5.71.09.02a_22.51.50.21U
Boot: 5.11.2250.1(133487)

Please include the full error message or a description of what went wrong.
Failure on fully updated devices is unfortunately possible - my phone is (intentionally) a few updates behind. I'm looking into ways to make it work anyhow (either sending an older CAB update to roll back, or using the root acess to create an unlocker/root-enabler that survives subsequent updates). I'm going to look into how the full-unlock ROMs differ from standard ROMs, and see if I can do the same thing in running software.

Does it works with custom roms?

If the custom ROM has a working HtcUtility driver, then yes. My goal is to unlock the kind of capabilities normally restricted to custom ROMs on stock firmware, though.
@bleh815: Thanks for the report. That's frustrating; it looks like it is capable of doing read but not write. Write might just be restricted in what addresses is allowed, or it might be disabled entirely (the driver gives the same error code for every problem that I've encountered so far). Time to figure out
A) what update causes the problem (I'm on 2250.21.30102.531, HD7, stock ROM)
B) what restrictions that update introduces
C) how to work around those resrtictions (possibly by downgrading and then using root access to add something that will still work after upgrade).

GoodDayToDie said:
A) what update causes the problem (I'm on 2250.21.30102.531, HD7, stock ROM)
Click to expand...
Click to collapse
I've just downgraded a mozart of mine back to stock NoDo (TMOB-DE) to find out which OEM update breaks (actually fixes) it.

Cool, thanks! It's one of the post-Mango HTC updates; a Microsoft update wouldn't have modified an HTC driver, and my phone has all the pre-Mango HTC updates but it still works.

.
..........

Hi, at first it says "SUCCESS!", then it says "Trying to open a file gives error 1260" and then it says "Now opening a file gives error 0" and finally "Finally, opening a file gives error 1260".
System informations:
OS=7.10.7720.68
Firmwareversion=2250.21.12200.162
Radio=5.68.09.05a_22.50.50.21U
Bootloader=4.6.2250.0(129185)
HTC 7 Trophy.

That is *exactly* the sequence of messages it is supposed to give!!
In particular, the messages I need to see are the "SUCCESS" (the rest is potentially interesting info, but not very important) and then the "Now opening a file gives error 0".
The "SUCCESS" means that a sequence of read/write tests succeeded.
The "Now... error 0" means that the process has been elevated to full permissions.
The "Finally... error 1260" means that the security token was successfully restored at the end, so it was unable to open the file again. This is the expected and correct behavior.
I don't recognize your Firmware Version number; I'm guessing it's specific to your phone. What method did you use to upgrade to Mango?

how do i install it?

Tried on interop-unlocked HTC Surround, not working Tested any call in VS debug mode - no luck at all.

I can confirm that it works with any OS version, from 7004 to 8107.79
On a HTC 7 Mozart (TMOB-DE) it works with firmware 2250.21.13201.111 (Stock NoDo ROM) but the hole gets fixed with 2250.21.51101.111 (1st Post-Mango HTC Update).

You guys are gods taking programming to a hole new level!
I wish to see ms take you all more serious and not let wp7 fail like minmo6.5 did!
I wish I could get on your level!
I realy need some help lerning basic silverlight my self!
But I have read how hybrid working ant this is just fantastic!
conradulations on all your developments so far you guys are truly amazing!

Oh, that code, beautiful reading that!
Thanks for sharing this learnfull code!

I'd like to try it on my Verizon HTC Trophy, I would love to get file access back....
I downloaded the package and I even have VS 2010 installed but beyond that I have no idea as I am not a programmer.
Can someone post a compiled XAP for us to try to see if our phone works with it or not ?
Or some step by step VS 201 directions to try would also be helpful.

@Ttblondey: *FACEPALM* The path to the test XAP is given in the opening post. You install the XAP on your phone using any XAP deployment tool. It requires that your phone be interop-unlocked; Heathcliff74 has a nice long thread about that. The app is called called HtcUtilityTest. Run it, and report the results. If you want to actually *use* the DLL, the instructions for doing that are given too but you need to write some code.
@sensboston: PLEASE give a more complete report! Success and error messages, at the least. Also, your phone version info. Thanks!
@bleh815: THANK YOU! I mean, it's a little annoying to know how far back this was fixed ("First post-Mango HTC update" means the one that was included *with* Mango for most people, or the one after that?) but good to know. Now, to look at exactly what they changed...
@jackrabbit72380: Thanks man! As for working with it yourself, like I mention below, I'm planning to provide a universal homebrew library that people can easily use to do whatever they want.
@fiinix: You're welcome! Honestly, I didn't expect anybody to call my mess of debug-commented and mildly hacky C++ "beautiful" but that hack itself *is* pretty awesome. My only concern with using it is the risk of a context switch causing the wrong app's token to get overwritten, and I should probably look into that, but I think it's OK for the moment. There are bigger fish to fry.
In the meantime, it should open up a huge list of capabilities for tools like your DllImport project. I'm currently considering reviving Advanced Explorer (like TouchXplorer + Registry Editor, but open source; was never ported to Mango though) using the root access instead of using ComFileRW and the provxml driver. Let me know what you want to do with it!
One other thing I'd like to add is the ability to easily elevate *another* process; it's not hard to do but I haven't written it yet. This could be handy for apps where we don't have the source code (for example, elevate Schaps registry editor, which uses low-privilege native code for browsing, so it can read *all* registry locations instead of just some of them).
@DavidinCT: Well, running the test app is easy, just install the XAP. It just runs a battery of tests though, it doesn't actually *do* anything useful. To get filesystem access, you'll need to write some native code (which means using Visual Studio 2008 and the CE/Smart Device plug-in, see Heathcliff74's toturial on the subject). Basically, you would first use this DLL (accessed via COM, you can look at my own C# code for how to do that) to opent he driver handle and elevate the process to root. You could then write your own COM DLL that uses the standard Win32 filesystem APIs (CreateFile, etc. - all are documented on MSDN) and exposes those APIs, or the results of them, to managed code via COM. Then, back in your phone app (the one that called into my HtcRoot DLL) you can call into your own DLL to access the file system.
If that's too big a leap, don't worry. I plan to release a general-purpose high-privilege homebrew DLL that exposes some of the most-used functionality (filesystem, registry, provxml, and other things by request), is easily extensible (possibly using something like the DllImport project, where you just specify the function you want to call and the DLL it's located in right from C#), and that will be a lot easier to hack with. You'll still need to know C# and basic Silverlight, but it'll be a lot easier (and hopefully useful without knowing any C++ or COM).

GoodDayToDie, you are amazing, always keeping me interested!
When starting the test xap, I get the below, it then goes into the "Page Name" and that's it.
Device Info here, running a FullUnlock DFT Rom by a Chinese dev from the DFT Forum.
Nonetheless, top work on getting this started and can't wait to keep reading about the progress!
XeKToReX

Rooting and installing Lineage OS on AGM X1

Update: The instructions below are for the AGM X1 eu version, for the AGM X1 International version follow this thread, it's a work in progress and not available yet.
As you might be aware the AGM X1 is a fantastic rugged android, aside from the great hardware, the source code of the phone is available to devs. The combination of excellent ruggedness, hardware and open source makes the AGM X1 "the best choice in phones" at the moment for me period.
Unfortunately the information on how to root and install the available Lineage OS port is not very clear
I spent a few hours trying to find the best place to start and it's quite difficult to find
https://w3bsit3-dns.com/forum/index.php?showtopic=814951
This page contains a post below the main top section of the page.
https://w3bsit3-dns.com/forum/index.php?showtopic=814951
Here's the start of the important stuff with some additional information that I added
"The jist of the thread
TWRP 3.1.0 for AGM X1
---------------------
AGM-X1-flash-TWRP-root.zip ( 21,66 ?? )
https://w3bsit3-dns.com/forum/dl/post/10034644/AGM-X1-flash-TWRP-root.zip
OR
Download TWRP + ROOT from Google
https://drive.google.com/open?id=0B871Z4mt2B7Qb0RLMVlSemR4Szg
sha256sum
AGM-X1-flash-TWRP-root.zip b34b19f6666f0456f68e3a452c97aacf2fd3f1b06819ef7a633d95259d22a25f
SR3-SuperSU-v2.79-SR3-20170114223742.zip e147970ca377a184a177092f4c4a8022420cc30785fdaf95e16703da8312426d
Now here comes the difficult part, trying to decipher the following text
Text from thread (bad english)
Installation takes place in a similar way as inthis post, Except that you need to choose the same name! The fifth! The item and the installation of the root rights occurs automatically when you exit TWRP.
Can anyone help me with this, I cannot decipher the above paragraph. Also note that this forum is broken and not working correctly as a site (many issues including: no registration available and also the important link in the paragraph above does not work)https://forum-lw-1.xda-cdn.com/images/smilies/rolleyes.gif
P.s not interested in king root method (too many mentions of malware), will use twrp.
Update: (thanks to Skill3r)
clearer guide - also note that this zip contains twrp 3.0 instead of 3.1 due to backups not working with 3.1 (important)
https://forum.xda-developers.com/an...m-snapdragon-617-4gb-64-t3533020/post71877054
The steps :
First You need to download this package and extract it : http://www53.zippyshare.com/v/3sgYq5cu/file.html
sha256sum
AGM-X1-flash-TWRP - Skill3r MOD.rar a0e755dc513b716e5a5369481f0761a4c6a9ec60401bd9c0c060579da87f3668
Contents with sha256 hash
adb.exe f05ff055b2ce9213d0b349da7ef713664d66a13134be76820cd072cd1e44211a same as twrp 3.1 version
AdbWinApi.dll 14a51482aa003db79a400f4b15c158397fe6d57ee6606b3d633fa431a7bfdf4b same as twrp 3.1 version
AdbWinUsbApi.dll 041c6859bb4fc78d3a903dd901298cd1ecfb75b6be0646b74954cd722280a407 same as twrp 3.1 version
fastboot.exe 632f4f2039b76082f2c090f6aec43893e93e8b32d0aae6b7cfa03f9b71d5d897 same as twrp 3.1 version
One-key-flash-twrp.bat f3e5a611166e970cb41a0040979da305b9d91abc44537cab9af94110381fbf54 different from 3.1 version
recovery_AMG-X1_es_by_MDSdev.img 3eb8df185afaacaae4a754ba3c18e5e86ea140f0b115ab73d28fe2ba64088fae different from 3.1 version
SR3-SuperSU-v2.79-SR3-20170114223742.zip e147970ca377a184a177092f4c4a8022420cc30785fdaf95e16703da8312426d same as twrp 3.1 version
1) Enable the developper settings
Go to Settings>About phone and hit "kernel version" 7 times to unlock
2) Enable the OEM bootloader unlock
Find in settings>dev options
3) Enable the USB debugging
Also in settings>dev options
4) Plug an usb cable and when the windows ask for the RSA identity of the computer, allow it and check to always allow the computer.
5) Shutdown your phone
6) Press VOL down + power and after long press the power button
7) Now in recovery mode, go to reboot to bootloader, a green message is shown with fastboot.
8) Now launch the One-key-flash-twrp.bat in package and plug your phone
9) Press any key and follow the instructions in the script.
10) TWRP should launch, you need to swipe to allow modifications in system
11) Press a key in the script, TWRP should reload, TWRP is now installed in the phone, you need to allow modifications in system again.
12) To root the phone, you just need to exit TWRP, he gonna ask to root the phone, you just need to swipe to root the phone.
Now you have TWRP installed and the phone is rooted.
If something goes wrong and bootloop the phone, please just follow the AGM instructions with the original package and the procedure to reflash the rom (on the external SD card and with VOL UP + VOL Down + Power)

I've made progress, but I'm stuck on finding a suitable driver for the adb interface on windows XP for the AGM X1.
For drivers I've tried
NOT WORKING! Google USB drivers
https://developer.android.com/studio/run/win-usb.html
sha256sum
latest_usb_driver_windows.zip 1ee1d023a99ffac962af4454eb9b9900f6858c687b4d5311e8fb361548d6c078
NOT WORKING!
https://forum.hovatek.com/thread-16965.html
which should bring you here
https://drive.google.com/file/d/0B4S-Z726VJ2SLW9zNXdqWDBQQkE/view
sha256sum
a3312727a77c3ab89e0d7463cd252cffec554a182f78195f6908f62132c5c174
The important file in the zip archive is
SHA-256 08e5e7e5f30801b363f08a6106425faa1c505bd048a18c846a5b3e5959a4998e
Called
Setup.exe
Qualcomm_USB_Driver_V1.0.exe
among others.......
MD5
906c4effd6a20be22ea026a43a3cb7b3
SHA-1
89df6ca0d893d9355741d8ca11cdebea1fbbb095
NOT WORKING!
Univeral drivers
https://github.com/koush/UniversalAdbDriver
https://adb.clockworkmod.com/
sha256sum
UniversalAdbDriverSetup.msi 4e77e303bba6cf84588bdb6da91f7a875d406f7930cbe9f4d2aae0b643c0c928
NOTE: Problem installing: universal adb driver, there was a problem with this windows installer
Does any one have any advise please. Obviously I've checked the Manufacturers site they have not provided a driver. The chipset is Qualcomm MSM8952.
Thanks in advance.

Hello, for the drivers, simply plug the phone on USB and select CD in options (where you can check 'simply reload' mtp etc ...)
On the computer you can install the drivers now

Hi Skill3r,
Recommended (MAYBE THE DRIVERS WORK ON OTHER VERSIONS OF WINDOWS, BUT LINUX IS SO MUCH EASIER/BETTER)
I gave up on Windows XP. Now I'm using Xubuntu 16.04 LTS and EVERYTHING IS CONNECTING TO THE COMPUTER with this guide (without going to qtadb installation)
http://bernaerts.dyndns.org/linux/74-ubuntu/354-ubuntu-xenial-android-adb-fastboot-qtadb
p.s the vendor ID is "Qualcomm, Inc": with the code: 05c6 (it's in that github download in the link above, no need to add it specially just follow the guide)
The phone is recognized no special drivers required IT ALL THERE ALREADY! I took the commands from the bat file, changed (take away .exe e.g fastboot.exe to fastboot)
So the problem I'm getting now just after loading twrp with this command
fastboot boot recovery_AGM-X1_es_by_MD5dev.img
And this problem is............
That the touchscreen is unresponsive and I'm unable to check the box and swipe to allow TWRP to modify the system.
I have the AGM X1 International edition.

For me also:
Wenn I´m in the TWRP menu, i´m nt able to click on a button or swipe the last button, because the Touchscreen doesn´t work.
How can I solve this problem, install twrp and root the phone? because i would install LINAGEOS...or what is the best Rom/Custom Rom for the agm x1?
Please help me.
thanks

Both twrp image files below (twrp 3 and 3.1) have the touchscreen problem
sha256
AGM-X1-TWRP-3.1.0.img 22b7d529511b0b191c09e850c14b0d4ed6e32cdddc6defd688bcd78d40be2528
recovery_AMG-X1_es_by_MDSdev.img 3eb8df185afaacaae4a754ba3c18e5e86ea140f0b115ab73d28fe2ba64088fae
motsch_, what version of AGM X1 do you have, international?
Have you found any references to this problem in the main discussion pages.
We need to look for any references to this problem, or special img's for this version of phone.
Here's the older xda thread on the agm x1
https://forum.xda-developers.com/ge...ualcomm-snapdragon-617-4gb-64-t3533005/page12

Hi,
how can I see which version does i have?
For the moment i havent found any solution for installing twrp.
I have rooted the phone with Kingroot.
Doesnt exist a solution for us?

We can go to "settings" > "about phone" > scroll to bottom and let me know the
hardware version
software version
kernel version
I know mine is X1 international not EU as I just bought it and the EU version is discontinued, it has the following
hardware version: V1.00
software version: L1253.6.03.01.BYD
kernel version: 3.10.73
Also is there any awesome developers out there that would be interested in making a TWRP version - forked from the original TWRP and put on github.
And maybe then make your own port of Lineage, again with all changes to original Lineage forked on github.
Open Source and transparency of course is the reason for this.
Any one else with a AGM X1, please chime in because if we can get just a few dollars together we can get this done very quickly.
I pledge $25 for round one

Here's a reference to the touchscreen issue
https://translate.google.com/transl.../index.php?showtopic=814951&st=460&edit-text=
08/01/17, 18:45
"Am11go,
I downloaded AGM X1 TWRP Supersu from the caps, it helped, booted TWRP, but the screen did not react at all, like all buttons except on / off, it extinguishes the screen and does not include anymore ... Apparently the hands are crooked, although with bv5000 It was. How to determine which TWRP, under which version?"

if you can find a solution, can you let me please know that?

Found on 4PDA :
Demanda Sam, dit - il. TWRP assemblé avec le noyau et DTB de L1253.6.02.01.BYD. Maintenant , l'écran tactile fonctionne très bien.
hxxps://4pda.ru/forum/dl/post/10490628/twrp_3.0_L1253.6.02.01.BYD.zip
hxxps://4pda.ru/forum/dl/post/10490629/twrp_3.1_L1253.6.02.01.BYD.zip

AGM X1
HARDWARE & VERSIONS
International version
screen: Edo rm67191 fhd Amoled non-oleofobic non-sunlight readable
HW: Qualcomm MSM8952 hs8952qc
Hw other: RAM 4 Gb LPDDR3 933 mhz
fingerprint reader – FPC1020
notification led – aw2013
camera – Omnivision OV13850 13MP ??
SW: Android 5.1.1 LMY47V
L1253.6.02.01.BYD
EU version
screen: Samsung s6e3fa3 fhd super amoled oleofobic?? non-sunlight readable??
HW: Qualcomm MSM8952 hs8952qc
SW: Android 5.1.1 LMY47V
L1253.6.02.01.EU
Gold version
screen: like international?
HW: same?
SW: like international?
reference discussions: https://4pda.ru/forum/index.php?showtopic=793964
https://forum.xda-developers.com/ge...gm-x1-qualcomm-snapdragon-617-4gb-64-t3533005
https://www.movilesdualsim.com/foros/agm-x1-sd617.1152/
about screen: https://www.devicespecifications.com/en/editor-review/993738/3
http://gearopen.com/phones/agm-x1-review-rugged-smartphone-not-drown-but-froze-53924/
KERNEL SOURCE
https://github.com/zhaochengw/android_kernel_agm_agma3eu
KERNEL CONFIGS EU vs INTERNATIONAL MAIN DIFFERENCE
EU
CONFIG_TOUCHSCREEN_GT1XX=y
CONFIG_TOUCHSCREEN_GT1X_GESTURE=y
CONFIG_TOUCHSCREEN_GT1X_FH=y
# CONFIG_TOUCHSCREEN_SYNAPTICS_DSX_V20 is not set
INTERNATIONAL
# CONFIG_TOUCHSCREEN_GT1XX is not set
CONFIG_TOUCHSCREEN_SYNAPTICS_DSX_V20=y
CONFIG_TOUCHSCREEN_SYNAPTICS_DSX_I2C_V20=y
CONFIG_TOUCHSCREEN_SYNAPTICS_DSX_RMI_DEV_V20=y
CONFIG_TOUCHSCREEN_SYNAPTICS_DSX_TEST_REPORTING_V20=y
CONFIG_TOUCHSCREEN_SYNAPTICS_DSX_FW_UPDATE_V20=y
# CONFIG_TOUCHSCREEN_SYNAPTICS_GLOVE is not set
I compared the kernel configs from latest international lollipop rom with the one from Flyme OS 5 (compatible with x1 EU). I have not a boot.img from latest EU firmware, but should not matter.
This should explain the black screen when trying to install EU rom on International X1.
I found these options are not enabled in standard kernels, they may be of interest:
CONFIG_MSM_VPU CONFIG_POWER_AVS_MSM CONFIG_USB_MSM_ACA
reference: how extract kernel configs with extract-ikconfig (from kernel_dir/scripts)
https://github.com/MotorolaMobilityLLC/kernel-msm/issues/73
ROMS
EU: stock,lineage 13, flymeOs 5-6 https://4pda.ru/forum/index.php?showtopic=814951
INTERNATIONAL: only stock (latest is L1253.6.03.02.BYD)
lineage 13 (removed) https://4pda.ru/forum/index.php?showtopic=814951&st=300#entry62399105
PORTING ROMS AND KERNELS
From EU to International:
take EU roms and replace boot.img with one from International roms? (kernel and dtb table??)
From other Phones:
- Similar MSM8952 Phones: https://www.gizmotimes.com/lists/phones-qualcomm-snapdragon-617-processor/19660
- Guides: https://forum.xda-developers.com/android/general/how-to-port-roms-easy-100-t2804390
https://forum.xda-developers.com/showthread.php?t=2707438
http://ohheyitslou.blogspot.it/2011/09/ohheyitslou-custom-android-kernel-guide.html
- Interesting Kernels: https://forum.xda-developers.com/moto-g4-plus/development/kernel-elementalx-g4-0-01-t3424836
On Snapdragon 617 at the moment should be possible Overclock, but I have found no Voltage control patches from other phones kernels.
TWRP
EU: https://4pda.ru/forum/index.php?showtopic=814951
INTERNATIONAL: https://4pda.ru/forum/index.php?showtopic=814951&st=300#entry62309514
TWRP 3.0 for android 5, TWRP 3.1.0 should be for android 6 and it may have problems with restoring
TWRP reference info https://www.movilesdualsim.com/tema/twrp-by-mdsdev-para-el-x1.168070/

Hi liamotoub,
Thanks for the information. So Lineage OS is not available on the international version of the AGM X1 yet. I see.
Also Thank you skill3r for the links, I see they are 404 now unfortunately.
liamotoub, you seem to know what you're doing? would you consider taking on this as a project.
It's certainly worth keeping an eye on 4PDA, pitty I cannot read russian. If any members of 4PDA in the loop regarding the AGM X1 international are reading this please chime in. Thank you all

Hello, unfortunately I'm not a programmer, I just do "trial and error".
404 is a 4pda.ru error for not registered users, follow this guide to register
hxxps://doorsgeek.blogspot.it/2015/08/4pdaru-loginregister-captcha-tutorial.html
To read just use google translate
hxxps://translate.google.com/translate?hl=it&sl=ru&tl=en&u=https%3A%2F%2F4pda.ru%2Fforum%2Findex.php%3Fshowtopic%3D793964%26st%3D1300&sandbox=1
PS. another phone with a lot of ROMs (android 5 6 7) and similar hardware of X1 (msm8952) is ZTE Nubia Z11 mini
hxxps://translate.google.com/translate?hl=it&sl=ru&tl=en&u=https%3A%2F%2F4pda.ru%2Fforum%2Findex.php%3Fshowtopic%3D803370&sandbox=1

and what can i do with the "twrp_3.0_L1253.6.02.01.BYD.img" from the download from 4pda?
I would install twrp on my x1

motsch_ said:
and what can i do with the "twrp_3.0_L1253.6.02.01.BYD.img" from the download from 4pda?
I would install twrp on my x1
Click to expand...
Click to collapse
With TWRP you can flash another image (lineage OS for example, when we find or make a suitable version for the international version AGM X1)
TWRP will also give you the option to get root permissions, so you can use certain apps that require it. It's like the difference between user and administrator account in windows. It's called rooting because Android is based on Linux, the root account is the account with "super user" privileges, your phone will be open to allow more areas of the system to be used/wrote to/read. It allows your phone it's full potential.
With TWRP we can also do backups and restores of the entire existing ROM and phone contents
So TWRP is the first step before we get the ROM (lineage OS) on the phone https://forum-lw-1.xda-cdn.com/images/smilies/cowboy.gif
Another option for rooting is available called King Root however this comes with a lot of MALWARE AND ADWARE and it is advised not to use it. Besides it doesn't have all the flashing, backup and restore tools anyway. It just gets you root.
That is why we really need to find a working copy of TWRP for the AGM X1

INSTRUCTION TO COMPILE KERNEL (with android ndk on linux 64bit)
git clone hxxps://github.com/zhaochengw/android_kernel_agm_agma3eu
cd android_kernel_agm_agma3eu
export ARCH=arm64
export SUBARCH=arm64
export CROSS_COMPILE=/opt/android-ndk/toolchains/arm-linux-androideabi-4.9/prebuilt/linux-x86_64/bin/aarch64-linux-android-
[adapt commandline to your installation or use the one in the kernel sources (toolchains/aarch64-linux-android-4.9/bin)]
make xconfig
[load your agm X1 config file, EU version is in arch/arm64/configs/agma3eu_defconfig,and make your changes]
make -jX
[where X is number of your cpu cores]
bootimg/dtbTool -o dt.img -s 2048 -p ./scripts/dtc/ ./arch/arm/boot/dts
bootimg/mkbootimg --ramdisk bootimg/ramdisk_agma3eu.img --ramdisk_offset 0x01000000 --base 0x80000000 --tags_offset 0x00000100 --pagesize 2048 --kernel arch/arm64/boot/Image.gz --cmdline "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 androidboot.hardware=qcom msm_rtb.filter=0x237 ehci-hcd.park=3 androidboot.bootdevice=7824900.sdhci lpm_levels.sleep_disabled=1 earlyprintk" --dt dt.img --output boot.img
Image.gz ramdisk_agma3eu.img dt.img will be incapsulated in boot.img.
Test if kernel works:
#adb push boot.img boot
If not boot restore previous boot image.
notes:
1.if you load the international kernel config, and you got some errors related to VENDOR, enable
CONFIG_MACH_HIS_SMARTPHONE CONFIG_HIS_BOOT_INFO
and fill CONFIG_HIS_VENDOR_NAME: Android CONFIG_HIS_PRODUCT_NAME:agma3eu
2.if you got an error related to msm_dba_internal.h not found, edit
drivers/video/msm/msm_dba/msm_dba.c and replace #include <msm_dba_internal.h> with #include "msm_dba_internal.h"
PS. replacing my boot.img is not sufficient to make Lineage 13 and FlymeOS5 work, they go in bootloop.

I've uploaded the TWRP versions for the AGM X1 "International version" from the 4PDA links above, to save somebody the trouble of signing up. Version 3.1 is what you want I think (but maybe the backups/restores don't work on v3.1 as skill3r has pointed out or maybe the international version is different?)
SHA-256
72422060a34a995a6f29da1c0a6d5737f7df3ad426d0a7105267730f22e74b9c
File name twrp_3.0_L1253.6.02.01.BYD.zip
Download: https://mega.nz/#!0yZCyIaA!lUnmyeQNinQlzIcwfWZ8F5l6Pz2jlumxzhVx57U6G-M
SHA-256
96c92a52805c0db4fc84c652199887e93a30dae3fe3ead36e14715f7fc736d22
File name twrp_3.1_L1253.6.02.01.BYD.zip
Download: https://mega.nz/#!FmxmFKgK!cCfNsGj3gRMVkl_EI6ROI2-5RbFQsuyElFxRIvN76ug
Also, liamotoub, send me your PayPal address and I'll send a few dollars your way, that information is great thus far

These 2 files should be TWRP 3.0.3 and 3.1.0 right?
I want to point out that also the latest 3.1.1 ( relased for the gold X1 by a Spanish forum, movilesdualsim) works on international X1 mega:#!vB9g3Aab!_gyrr6rP_rJDheGgIseI2u2TglNw1vmv7dDjUnDYJb4 with not encrypted phone.
To try it without touching the recovery partition use:
#adb reboot bootloader
#fastboot boot recovery_name.img
EDIT: it give some problems when flashing new INTernational ROMs, because they think the phone is GOLD and refuse to install due to their updater-script; should be sufficient to modify the build.prop of this recovery or a similar file, with international version "signature".
TWRP 3.0.3 3.1.1, those that I tried, fail to recognize encrypted fylesistems, so backups of this kind will not work.
Another minor bug is the wrong date (1970) in automatic naming of backups folder, but that's common on most phones.
I managed to make FlymeOs 5.1 boot on international X1, but I don't recomend it, it's full of bloatwares and wifi and other things looks to be not working
https://mega.nz/#!djJ3jbbT!Kr6qMyTcggsrYyPeDnySHpp7EOgUZnG-tvTqewdqkmk
Make full working nandroid backup before trying it.
To port lineage 13 I think marshmallow kernel sources are needed, with present sources only lollipop roms could be ported AFAIK, like CM 12.1.
Question to X1 users: on stock rooted rom, do root requesting apps (afwall, kernel audiutor etc) start at boot time? On mine no, I have to start them manually.
On stock rom beware of these preinstalled apps, may be adware:
com.gangyun.beautysnap
com.oupeng.max.hisense

Is there any specific advantage using the TWRP movilesdualsim 3.1.1 version rather than the 4PDA versions other than a slightly higher version.
If I encrypt my phone would there be any other issues other than not being able to do twrp backups and restores? It would still work?