Related
I decided to do some digging since I just purchased one of these devices.
fastboot binary is emmc_appsboot.mbn from an update zip.
fastboot oem commands in the CN ROM: unlock, unlock-go, lock, device-info, enable-charger-screen, disable-charger-screen, off-mode-charge, select-display-panel, run-tests
fastboot oem commands in the US ROM: unlock, unlock-go, lock, device-info. US rom is older, which is probably why some commands are missing.
You may be able to find more using a disassembler or with abootool https://github.com/alephsecurity/abootool
First step to getting more research done would probably be to get EDL working for the US variant. Or someone seeing what "unlock-go" does (probably nothing).
After getting EDL working, getting Firehorse functional would be beneficial. However I don't know how the rawprogram.xml is generated. I believe it has to be generated using the partition table somehow, but I do not know how to find the partition table.
I don't know how the bootloader images are signed, but my guess is that flashing CN over US will just leave your phone permanently bricked if they are signed differently. Downgrading the bootloader will also not work if qfuses are implemented correctly (although sometimes they aren't). Checking 16C7 in emmc_appsboot.mbn, US bootloader has the same string across versions and CN has a different one so I'm guessing they are in fact signed differently.
Hello! I have US variant and EDL is working, you can type in adb: reboot edl
So I didn't find out "adb reboot fastboot" doesn't work until now.
Since EDL can read/write partitions, it might be possible to
1. Unlock the bootloader by dumping devinfo, writing unlock bit, then writing it back to the device
2. Upload a su binary to the system partition after the bootloader has been unlocked. (It's not that simple these days, unfortunately)
Additionally there is a flag in build.prop that seems to enable download mode but in reality it does nothing at all. the prop is "persist.sys.dlctrl" with setting of 1. But maybe it's for development devices only.
Unsurprisingly, Factory Test Mode does not give you a root shell. It's the same privilege level as normal boot.
Using the firehose elf from the TWRP thread, I was able to dump the devinfo partition, but the partition is all zeroes. I'm not sure what's missing.
Recently discovered zero-day exploit in Android could possibly help us with an alternative way to achieve root? Anyone with the skills to use this knowledge to get us "no bootloader" owners any closer to our goal?
https://www.helpnetsecurity.com/2019/10/17/android-root-cve-2019-2215/
ZeroTheSavior said:
So I didn't find out "adb reboot fastboot" doesn't work until now.
Since EDL can read/write partitions, it might be possible to
1. Unlock the bootloader by dumping devinfo, writing unlock bit, then writing it back to the device
2. Upload a su binary to the system partition after the bootloader has been unlocked. (It's not that simple these days, unfortunately)
Additionally there is a flag in build.prop that seems to enable download mode but in reality it does nothing at all. the prop is "persist.sys.dlctrl" with setting of 1. But maybe it's for development devices only.
Unsurprisingly, Factory Test Mode does not give you a root shell. It's the same privilege level as normal boot.
Using the firehose elf from the TWRP thread, I was able to dump the devinfo partition, but the partition is all zeroes. I'm not sure what's missing.
Click to expand...
Click to collapse
It doesn't use devinfo to store bootloader bit it's stored in the rpm partition and cannot be modified. As you can see the bootloader does not have to be unlocked to boot non zte signed images, but if it could be unlocked we would be able to run newer devices firmware. Zte played it smart and signed every variant different so aboot from a another variant will brick you.
Sent from my ZTE A2020U Pro using Tapatalk
I see.
Unfortunately I think most of this is beyond my ability and knowledge, this is my first time trying to "exploit" a device (if you can honestly call it that, I don't even know what I'm doing half the time).
But since bootloader does not need to be unlocked to run unsigned images, is it possible to run a custom kernel?
ZeroTheSavior said:
I see.
Unfortunately I think most of this is beyond my ability and knowledge, this is my first time trying to "exploit" a device (if you can honestly call it that, I don't even know what I'm doing half the time).
But since bootloader does not need to be unlocked to run unsigned images, is it possible to run a custom kernel?
Click to expand...
Click to collapse
Yes, I ported Lineage to the device. But trying to modify stock and change the kernel or flash magisk I had no luck. Not sure what the f**k ,is all I can say is, stopping it. I'm doing a lot of security studying and programming I'm sure I'll figure it out sooner or later my goal is to get a custom lk running with fastboot and run oem unlock then switch to CN updated firmware.
Sent from my ZTE A2020U Pro using Tapatalk
Hello together,
after many tries to get my nokia 3.2 rooted, i end up now with a black screen.
Only the Qulacomm mode is working.
Get anyone managed to flash the stock firmware with QFIL provided from the rooting thread?
I always end up with "sahara fails".
Every help is welcome!
Thanks!!!!
After many tries I have finally put my phone back to life.
My instructions how to do it will come soon!
page1875 said:
After many tries I have finally put my phone back to life.
My instructions how to do it will come soon!
Click to expand...
Click to collapse
please do, i encountered a similar problem.
HowTo Flash STOCK 00WW
1. Trigger nokia 3.2 to edl-mode (https://forum.xda-developers.com/nokia-3-2/how-to/guide-how-to-trigger-nokia-3-2-to-edl-t3962841)
2. Flash the given image from this thread (https://forum.xda-developers.com/nokia-3-2/how-to/rooted-nokia-3-2-t3945206)
- This was the main problem. I never managed it to flash the image with the Windows Programmer QFIL. After more research in Internet, i found finally a Linux application called QDL that work directly without any problems. This application can be found here https://www.96boards.org/documentation/consumer/guides/qdl.md.html .
- Flashing the software ends up into a bootloop. Also i got a message on startup that the bootloader could not be trusted anymore. After a software-update, this message disappears.
3. Flash all the user images again manually with fastboot.
fastboot flash boot boot.img
fastboot flash dtbo dtbo.img
fastboot flash system system.img
fastboot flash vendor vendor.img
flastboot flash vbmeta vbmeta.img
Whyever you have to flash this partitions only to the active partitions without the suffix _a or _b.
Then the bootloop is finished.
The phone boots normally to Android ONE.
The next problem which occurs on my phone is now that it is not able to connect to GSM network. I guess this happens because i deleted all the necessary partitions for the modem (modemst1, modemst2, fsg).
I get it managed to restore the imei, but still no service available.
In original my phone had the software 00EEA. Perhaps they use different drivers. My luck is that i got a cheap damaged phone from ebay with that firmware.
My next step is to modify the code from QDL that it can read the partitions from the damaged phone and save the software to computer.
Then i will flash this software to my phone and look if this software will run on my phone!
page1875 said:
1. Trigger nokia 3.2 to edl-mode (https://forum.xda-developers.com/nokia-3-2/how-to/guide-how-to-trigger-nokia-3-2-to-edl-t3962841)
2. Flash the given image from this thread (https://forum.xda-developers.com/nokia-3-2/how-to/rooted-nokia-3-2-t3945206)
- This was the main problem. I never managed it to flash the image with the Windows Programmer QFIL. After more research in Internet, i found finally a Linux application called QDL that work directly without any problems. This application can be found here https://www.96boards.org/documentation/consumer/guides/qdl.md.html .
- Flashing the software ends up into a bootloop. Also i got a message on startup that the bootloader could not be trusted anymore. After a software-update, this message disappears.
3. Flash all the user images again manually with fastboot.
fastboot flash boot boot.img
fastboot flash dtbo dtbo.img
fastboot flash system system.img
fastboot flash vendor vendor.img
flastboot flash vbmeta vbmeta.img
Whyever you have to flash this partitions only to the active partitions without the suffix _a or _b.
Then the bootloop is finished.
The phone boots normally to Android ONE.
The next problem which occurs on my phone is now that it is not able to connect to GSM network. I guess this happens because i deleted all the necessary partitions for the modem (modemst1, modemst2, fsg).
I get it managed to restore the imei, but still no service available.
In original my phone had the software 00EEA. Perhaps they use different drivers. My luck is that i got a cheap damaged phone from ebay with that firmware.
My next step is to modify the code from QDL that it can read the partitions from the damaged phone and save the software to computer.
Then i will flash this software to my phone and look if this software will run on my phone!
Click to expand...
Click to collapse
Thank you for your reply, it seems that your problem is more complicated than mine.
I have a global variant with 00WW software and i attempt to root the phone. I successfully flash the patched boot.img and had root access. However wi-fi didn't work after that.
Since before flashing the patched boot.img my phone was running on a different firmware from the one that boot.img was extracted from, so i think that was the problem.
I attempted to use QFIL to flash my phone back to 00WW_15 and it failed half way, bricked my phone.
Normally you can use the EDL Mode every time.
My phone only showed black screen and it was always possible to connect in EDL Mode and flash again.
Did you try to flash again? What happens then?
Flash the given image from this thread (https://forum.xda-developers.com/nokia-3-2/how-to/rooted-nokia-3-2-t3945206)
Click to expand...
Click to collapse
What did you mean by Flash the given image ? Was it flash the firmware package with QFIL ?
My main problem is flashing, it always failed half-way and the error log reported that needed files were missing from the package.
Okay. I used the linux program QDL for flashing.
But i saw, that in the xml file rawprogram0.xml a few files are missing.
The linux programm jump over these files but perhaps QFIL do not.
For example is there a picture.img listed which is not available..
Try to remove them manually from the rawfile and test again.
page1875 said:
Okay. I used the linux program QDL for flashing.
But i saw, that in the xml file rawprogram0.xml a few files are missing.
The linux programm jump over these files but perhaps QFIL do not.
For example is there a picture.img listed which is not available..
Try to remove them manually from the rawfile and test again.
Click to expand...
Click to collapse
@update:
Also the files "demoapp.img", "dp_AP_signed.mbn" and "dp_MSA_signed.mbn" are missing.
Remove them from the XML file and try again!
@update
Okay QFIL still failed half-way but i manually flash the user images and my phone boots normally now
Hello,
my nokia 3.2 europe variant wont boot up its stuck in fastboot mode. What can i do to bring it back?
I get this: FAILED (remote: partition table doesn't exist)
P.S. if i do a fastboot reboot it boots back into bootloader
I also had this problems for many many times and don't know what went wrong when this happens.
The only thing that helped was flashing the complete firmware again in EDL-mode.
You can try first to flash only the 5 user-images with fastboot, which i mentioned before in this thread.
I uploaded this files for you, because you don't will find the europe files in internet yet.
Here is the link:
https://transfernow.net/81iti7q21s0s
Good luck!
Hi,
Thank you very much. Is this the complete Firmware? (All Images from Device) Another question: I couldnt Access the recovery System. Did you have the same Problem when your Nokia didnt boot up and was stuck in Bootloader? So is this normal that the recovery is unaccessible?
Yes, that also happens sometimes with my phone.
No, that are not all firmware files, which you need to do a full EDL-Flash.
But with this files you can first try a fastboot flash!
If it does not work, you can take all the other files from the Global-Stock-Firmware, given in the thread https://forum.xda-developers.com/nokia-3-2/how-to/rooted-nokia-3-2-t3945206.
Delete the 5 files with the same names, flash the Global-Stock-Firmware in EDL-Mode, with QFIL or QDL, (without the 5 files) and in the following flash the 5 europe-image files with fastboot.
Thanks, ive sent it in and got Friday a 00WW Variant of the device back. I will upload those User images for 00EEA to my Google drive so that anyone who needs those files can download them
hello
i wanted to install custom rom and i bricked my phone. i lost recovery mode and i have only fastboot mode .but can not write any img file for example twrp.img beacuse show this error : FAILED (remote: partition table doesn't exist). can please anyone help me.
thank you very much
thanks so much i was able to put my phone back to life. i had almost given up.
smure said:
thanks so much i was able to put my phone back to life. i had almost given up.
Click to expand...
Click to collapse
Hello to ervery one
how you flashed your phone. can you please guide?
i am also stucked in fastboot mode after rooting.
damn... I've been finding on how to restore the wifi and sound because I uninstalled magisk and it failed. I don't think I can thank you enough for this post.
This thread is for those who have troubles but have no idea what to try. If you're new in playing with Android Roms, you'd better read this. No exact operation would be introduced here, because only directions are provided and further work should be searched by yourself as I'm not Mr. Knowall.
Here, trouble means problems except the cases you can boot to system (they're issues) or hardware damage. Make sure your phone has been charged or any battery related problem is considered to hardware side.
Besides, if you are holding a T-Mobile H932, you should be extremely careful with anything below, because any mistake may push your phone into hell. Especially, there is currently no usable 9008 firehose file for it even you ask a professional repairman.
First, backup everything important regularly to a secure place instead of phone storage, especially private files and EFS partition which contains IMEI, MEID, etc. If possible, write down the IMEI, MEID, S/N, WiFi MAC address, Bluetooth MAC address of your phone for potential future need of restoration.
Then I assume you have unlocked bootloader. If not, go to (WTF...!) LG V30/V30+/V30S Bootloader Unlock & Root Method (With Clear Instructions) when you can still boot to system. If you cannot boot to system already with bootloader locked and cannot perform unlocking introduced there, maybe you can jump to the section of download mode or 9008 mode and give it a trial, BUT I CANNOT ensure your phone would return normal.
There are four important modes related to our topic: Recovery, Fastboot, Download and Qualcomm 9008 (Preload for MTK). Risky and inconvenience is increasing in order. Read this: Collection of mode entries with hardware key combination (maybe for most LG models) to learn how to enter them without booting to system.
Recovery is stored in the partition with the same name. You need custom builds like TWRP or OrangeFOX to flash in, or you only have a stock one with the single function of master reset. For most cases, if you can enter all the four modes, use this first. Make a backup before flashing anything with Rec, and if the thing you flashed in leads to bootloop or anything abnormal, you can easily get the original partitions back. But if you performed incorrect operations and such a restoration doesn't work, you should consider wipe cache, dalvik cache and data (backup if not yet). If not work still, try to flash in fresh rom packages. If not work again, go to the section of download mode.
Fastboot is mainly used to flash in some partitions like recovery, boot and unlock. There is some limitations that many partitions cannot be flashed in here. If you have never used this mode before, you may need to manually update the corresponding driver on your computer (caution that if you're facing the problem of "waiting for device", it's usually driver issue). Some firmwares miss this function, so it's often recommended to switch firmware for custom rec installing.
Download mode is mostly used to deal with kdz files. You need LG phone driver and dev patched LGUP (or some other tools with similar functions). If LGUP cannot recognize a phone already in download mode, it's usually the problem of driver or LGUP patcher. Be careful when using LGUP. If any interrupt during the process of downloading firmware, you need go to 9008 mode. Do not use chiperase unless you know what to do after that. Here again dump can backup partitions. Refurbish and partition dl are most widely used. This mode can solve most troubles unless you cannot enter here. If that really happens, move on to the ultimate mode, 9008.
9008 is the last chance before sending your phone to repair. Only recommend to recover other modes, but if you're familiar with it, you can do almost everything in this mode as in other modes. Again driver and tool are needed. Recommend QPST since it's made by Qualcomm, but it's not released publicly. Search and download from some reliable sources. The driver needed should be contained in the package with the tool. Somebody may tell to use QFIL, but if you have not installed it please install QPST and use the built-in QFIL instead of a standalone one, or problems would probably find you. To use this mode, you need the corresponding firehose file. See this: LG V30 Unbrick guide (Qualcomm EDL 9008 Mode, Hardbirck, with no download mode) for file download (none for H932 yet). You do not need XML file if the partition table is not broken. To verify it, open QFIL built in QPST, set configuration to UFS mode, open Tools -> Partition Manage and see if it's correctly displayed. If yes, only flash in partitions related to bootloader and recovery to get other modes back. The partitions can be found in twrp flashable stock firmware or early backups, or you can extract from kdz using LG firmware extractor. Only the worst damage to storage needs full download with XML generated from kdz using extracting tools.
If all modes above cannot save your phone, you may consider hardware damage and that needs professional knowledge, so our forum cannot help.
Good luck.
Hello XDA Forum
I have a little problem with my Red Magic 5G
I accidentally deleted the parameter files and also other important files out of stupidity and wanted to ask whether someone has a red magic 5g and can make a backup via twrp and send it to me? < I really don't know what to do anymore >
I have flashed new software with edl on it and installed all 3 rom versions but I still have the same problem non of them worked i can't even install custom rom anymore.
Best Regards
Akizuma
Has really no one a backup for me left for the red magic 5g ?
Hello, what parameters are missing in your red magic5g, can I help you? I use red magic5s
(I think everthing)
I need a twrp backup from a red magic 5g where everthing still works i destroyed to much,
Not even touch working anymore in twrp.
Edit ( I think not that 5s works on 5g or ? )
you don't need anything from someone else's device.
if you ****ed something up. then you need to use the unbrick tools. and set them up correctly and follow the directions to unbrick.
they will erase all your data. but form what I've read, you lost all that already.
there are unbrick tools for both devices. 5S or 5G on either forum for those devices make sure you're using the correct unbrick tool. 5g does not work correctly with 5S devices, and vice versa.
the unbrick tools will format and restore every single parition on the phone. restoring it to factory settings.
its very possible though if you were messing with partitions that you erased your IMEI.
if thats gone, its beyond the scope of the unbrick tools. you'll have to contact warranty services.
the unnofficial unbrick tools by Johnny in my opinion better.
just make sure your drivers are correctly installed, and up to date. .. this includes windows updates.
(recently there has been a google ADB driver that needs updating thats available through winodws update)
so make sure thats installed too.
set your phone to EDL mode and follow the direction on Johnny's thread.
it will restore your phone as long as you can get to Fastboot mode. (vol down and power)
PM me if you need more help. but that should be enough to get your back to stock.
Problem Fixed ! #closed
@Akizuma it would be kind to post what you did to fix the issue, so others in the future who are faced with the same issue can use your solution.
We are a community here to help others.
If we mention that our problems are sorted, without posting how, it only helps the direct user and other searching for solutions to fix their issues will continue.
Please post what it was you did to fix your issue. It would be very appreciated.
If you're having any of these issues, this option may be able to fix it.
Problem: black screen after boot up, touch not working (TWRP) or automatic booting in EDL mode
First download the Unbrick EDL Tool
(I chose EU)
Download here:
[Tool] Nubia Red Magic 5G Unbirck Tool
So.......It's finally here, the unbrick tool for RedMagic 5G. This tool can help you to unbrick the phone. It will restore the phone to the oldest version, you need to update the system software by yourself. This tool is based on Qualcomm...
forum.xda-developers.com
Then follow the instructions in the folder and install an operating system on it through edl mode
Then you start the installation again but this time you don't run it because I noticed that the tool doesn't flash important image files but skips them (you can even find it in the log)
First go to \ AppData \ Local \ Temp \ is-K4OSH.tmp \ NubiaEmergencyDownload \ software
(name can be different)
And copy
persist.img
boot.img
odm.img
recovery.img
system.img
vendor.img
And put it in a new folder
After that go to the bootloader again and unlock the oem via
(fastboot oem nubia_unlock NUBIA_NX659J)
Then execute following commands for the files like
(Command (Fastboot flash persist [file.img])
(Command (Fastboot flash boot [file.img])
(Command (Fastboot flash odm [file.img])
(Command (Fastboot flash recovery [file.img])
(Command (Fastboot flash system [file.img])
(Command (Fastboot flash vendor [file.img])
It can be that most of them give out an error, execute them anyway in case the folder still exists
Then the cell phone should start again normally.
P.s ( Sorry for my poor english ^^ )
System, Vendor, and odm, are all partitions flashed during the "super" partition.
this is why you didn't see them exactly written in the log they all go under "super" and get assigned a dynamic partition when flashed.
you cna see here how they changed the partitions and how they're written now.
Implementing Dynamic Partitions | Android Open Source Project
either way. thank you for your effort to your solution.
If you accidentally formatted your device , then how to restore imei
How to deal with: Download not complete error
Sn writer
Elaborate more with Download part
Download Not Complete: something blah blah blah after 10s, 0*92655 something something...
Sn writer / Maui Meta doesn't work for null imei for realme3.
Thanx
The device on which I am flashing the firmware is REALME 3, I used SP Flash tool for flashing, while flashing with SP Flash flash tool, the tool show EMMC unknown,but the flashing completes successfully,
then after pressing power ON, this message appears at the bottom ,
Download Not Complete! Please press Volume+ and power key for 10s to power off. Then download again. Otherwise will block here 60s until shutdown automatically. error code : 0*9925669( I can't see the last digit bcoz of the glass cover).
PLS GUIDE.THNX
Give possible solution for imei
@yas8say , has provided possible solution, I will try that next time I'll get this error. In thread brick repair by @ATDteam .
If you can use SP flash tools, SN writer DOES work on your fone, but it's figuring out a certain timing and sequence of events. that prove my point. Your at the point you need to be, it's waiting on you doing what I'm trying to say... your too demanding wanting the quick fix...
Everytime you post pauses me in case I need to change what I write to you, so slow down, your distracting me lol
Sn Writer is actually a pain to use, and there are many versions. But I learnt a sneaky fast path with it's appearing to not work. It does work, but kind of in reverse of what you think it does.
Sn Writer, strange but true, calls 'serial' as in serial number, 'barcode' in some versions, so some think because they cant see 'serial' that it wont work. I know because at first, I did. Took me a while to learn this.
Load up Sn Writer, it'll ask to load a file, the window that opens should be where you see MTK DA ALL IN bin, select it. Then choose scatterfile from stock firmware.
Now set correct attestation keys found in stock rom, your aftersales stock, with your attestation keys /google keys blah blah...
You then have to choose what you want to flash. If you see serial, that is NOT what you want to flash, you have to flash BARCODE! (your fones serial number) I know you said IMEI, but in order, SN writer flashes BARCODE before IMEI 1, so you MUST flash serial and mac PACKAGE given in stock rom?
So what I do is open the window to type in BARCODE box, my serial number.
Imei 1 is obvious, but you MUST do imei 2 as well, or it will add a few digits to imei 1's mac, put it in imei 2 that may not corespond to your attestation key.
Over to fone.
I turn my fone OFF, hit start in SNWriter, and plug phone into pc, and wait. You can tie your hands to your chair for a min, because if you interupt this TIMING...
Just when you think it wont work, folks give up. Wait that wee bit longer... it will show pass or fail. If its all genuine stock, it cant fail, only impatience caused by not knowing this sequence, and SN's bug-inesss
I'm too tired right now, and I see you posting again lol, my eyes are dry and its sleep time, and since you think it wont work, I'll catch up later today on this post, beacuse I'm gettin ratty with myself lol
Patience.. I'll be back...
Ank Sak said:
@yas8say , has provided possible solution, I will try that next time I'll get this error. In thread brick repair by @ATDteam[/USE
[/QUOTE]
Click to expand...
Click to collapse
HI
If you have successful in booting up your device try rooting it with magisk and find the .bin file in /data/nvram and edit it !
yas8say said:
HI
If you have successful in booting up your device try rooting it with magisk and find the .bin file in /data/nvram and edit it !
Click to expand...
Click to collapse
Ank Sak said:
Give possible solution for imei
Click to expand...
Click to collapse
I have faced this too, but luckily i had already taken a backup from recovery of nvram ,nvcfg, nvdata partitions .After flashing the recovery i just restored the partitions.
SO, GUYS IF YOU CAN BOOT INTO RECOVERY FIRST THING YOU HAVE TO DO BEFORE FLASHING ANY PARTITION IS TO MAKE A BACKUP OF THEM
yas8say said:
HI
If you have successful in booting up your device try rooting it with magisk and find the .bin file in /data/nvram and edit it !
Click to expand...
Click to collapse
The unique problem I am facing is that I was able to flash the firmware, but I couldn't do anything after that because I did format which resulted in """ null imei """ without it the in-depth test app doesn't work, so the after process of bootloader unlocking and then rooting is unachievable, I can't downgrade with official ozip file given in realme website, I did that and it resulted in hard brick( basically without unlocking bootloader I can't do sh*t) , my device is up & running but without imei the further processes are stalled, I will try the method of using sn writer mentioned here..the repair guy even mentioned something about bin fine not found so he couldn't write imei, I have successfully used Maui Meta & SN Writer to write imei of my other mediatek chip containing device , but it didn't worked on realme3, yes you may have solved my problem of "" Download not Complete"" I have posted two pictures in the brick repair thread by @ATDteam . Thanx.
I will try to repair imei and post the outcome here.
2 years ago I formatted by other mediatek chip device lenevo and it did show NVRam error in wifi, after repairing imei it didn't show , & now this mediatek chip device realme does show NVRam error in wifi :: -- NVRAM WARNING: Err =0*10
Ank Sak said:
The unique problem I am facing is that I was able to flash the firmware, but I couldn't do anything after that because I did format which resulted in """ null imei """ without it the in-depth test app doesn't work, so the after process of bootloader unlocking and then rooting is unachievable, I can't downgrade with official ozip file given in realme website, I did that and it resulted in hard brick( basically without unlocking bootloader I can't do sh*t) , my device is up & running but without imei the further processes are stalled, I will try the method of using sn writer mentioned here..the repair guy even mentioned something about bin fine not found so he couldn't write imei, I have successfully used Maui Meta & SN Writer to write imei of my other mediatek chip containing device , but it didn't worked on realme3, yes you may have solved my problem of "" Download not Complete"" I have posted two pictures in the brick repair thread by @ATDteam . Thanx.
I will try to repair imei and post the outcome here.
Click to expand...
Click to collapse
If you want to unlock bootloader just use mtkclient ,its very simple.
And if you want my imei files i can provide you but you got to have twrp installed.BTW where are you from?
Tried mtkclient & mtksu app , didn't work, first I will write imei, then use in-depth test, then unlock bootloader, then downgrade, then root using mtksu.. fingers crossed
Ank Sak said:
Tried mtkclient & mtksu app , didn't work, first I will write imei, then use in-depth test, then unlock bootloader, then downgrade, then root using mtksu.. fingers crossed
Click to expand...
Click to collapse
What error did you faced when using mtkclient?
yas8say said:
What error did you faced when using mtkclient?
Click to expand...
Click to collapse
I cannot boot in fastboot mode ( I forgot to tell , in realme )
Mtk client:: shows this...
Daxflash - uploading stage 1 from mtkallinone_ da_5.2136.bin
Preloader
Preloader- [lib] : ?[ 31mError on DA_send cmd?[0m
Daxflash
Daxflash- [lib] : ?[31mError on sending DA.?[0m
Main
Main - [lib] : ?[31mError uploading da?[0m
Device formats,
First time some error
Now I ran second time python mtk xflash seccfg unlock
And now bootloader is unlocked !!! Cheers
I don't want to brick and I want to root , what must I do , pls give in steps.. Thnx
Should I directly install twrp img then magisk zip??
Orange state
Device is unlocked blah blah blah( same as lenevo)
But no fastboot mode
When use adb reboot bootloader
This comes up
The serial is not match
Fastboot_unlock_verify fail
Should I try using in-depth test app??
Ank Sak said:
Should I directly install twrp img then magisk zip??
Orange state
Device is unlocked blah blah blah( same as lenevo)
But no fastboot mode
When use adb reboot bootloader
This comes up
The serial is not match
Fastboot_unlock_verify fail
Should I try using in-depth test app??
Click to expand...
Click to collapse
TRY this:
python mtk w recovery recovery_name.img
then boot into recovery.
yas8say said:
TRY this:
python mtk w recovery recovery_name.img
then boot into recovery.
Click to expand...
Click to collapse
My device is realme3, it's on Android10 c.17, will I will be able to root with magisk ? Ok I will try.
No straight business,
Ok i tried, gave same error preloader dax main. .., so I switched off , as soon as the device turns off n pressed all three buttons to go into brom mode, the other cmd with python command ran and wrote twrp Spartan recovery,, then switched on, key combo didn't work, bcoz it was showing ' the serial is not match......' so I typed adb reboot recovery, it booted to realme UI recovery.
Surely have to downgrade to Android 9 to root & install recovery