Develop Bugs

[HOW TO] Root a bootloader-unlocked Xperia Pro MK16a

There is now a MUCH easier way to root ALL Sony Ericsson 2011 phones including the Xperia Pro, making these instructions obsolete. Please see DooMLorD's thread here: http://forum.xda-developers.com/showthread.php?t=1319653
Remember to say thanks to DooMLorD for his awesome work!
However, I'll sill keep the 2 sets of instructions here in case anyone needs them or wants to refer back to them. My ZIPs do have all the drivers needed with good instructions on how to install them after all
My original instructions based on alvaroag's work can be found below, and the instructions via my instructions the Xperia Pro CWM Recovery method can be found on post 50 of this thread.
It's important to note that DooMLorD's tool only works for Windows. You can still use our original method in this post if you're running Linux.
We finally have a method to root the Xperia Pro MK16a (and PROBABLY MK16i) thanks to XDA Member alvaroag!!
This is his method, with the instructions modified by myself for ease of use.
What you need before you begin:
1. A rock hard stomach, because should the very unlikely happen and this brick/damage your phone in some way, I’m not responsible
2. An Unlocked Bootloader
NOTE: Sony offers a totally free, official, and simple method to unlock your bootloader here: http://unlockbootloader.sonyericsson.com/
Should that not work for you, your phone is probably SIM locked from your carrier (FIDO for example does that). You'll need to get the bootloader unlocked remotely from someone who has SETool and the appropriate security USB dongle. THIS COSTS MONEY, as SETool requires that user to pay per use.
Please see this thread for further instructions as it's the method I used personally: http://forum.xda-developers.com/showthread.php?t=1232050
Alejandrissimo was awesome at helping me through it.
3. On the phone itself navigate to the following locations:
a. Settings - applications – Make sure Unknown Sources (first option) is checked
b. Settings – applications – development – Make sure USB Debugging is checked
4. Download this archive. It contains all the files and drivers you will need:
http://www.mediafire.com/?7cz7672da9cxkrd​
Instructions:
1. Extract the archive you downloaded to a folder on your computer. Where doesn’t matter as long as you remember where it is.
2. Navigate to the folder ADB For Dummies (thanks to VanillaTbone for his guide) and install ADB for Dummies.exe
a. This will create a new folder on your C: drive called “android-sdk-windows”
3. Take the file “xperia_pro_root.zip” from the archive you downloaded and extract the contents to C:\android-sdk-windows\platform-tools\
4. Power off the phone and make sure it’s not plugged into anything.
5. Hold down the MENU button and connect the USB cable. A blue light will appear. If a blue light does NOT appear, then your phone can't get into FastBoot, and probably still has the bootloader locked.
a. If Windows asks you to install the drivers, install the driver from the folder “Fastboot Driver” in the archive you downloaded. Should those drivers not work, try the drivers found in "C:\android-sdk-windows\google-usb_driver"
6. Open the “Fastboot” folder in windows explorer (its part of the archive you extracted in step 1. Hold down the shift key and right click on an empty space in the folder window, select Open Command Prompt Here.
7. Type:
fastboot boot recoveryNEO.img​
8. The blue light on the phone will turn off, the screen on the phone will be blank, and the phone will be disconnected from windows, but after a few seconds you will get a Mass Storage & ADB Interface Detected. Note that the phone’s screen will continue to be black for the rest of this process. THIS IS NORMAL, your phone has not been bricked. If you need to stop anywhere along the way, simply unplug the phone from the computer and take your battery out. The phone will return to normal operations, though UNROOTED.
a. Windows will PROBABLY say hardware failed to install. This is fine.
i. Open the start menu, right click on “Computer” and select “Manage”
ii. Select Device Manager on the left side of the Computer Management window that opens.
iii. Look for the unknown piece of hardware. Right click on it and select update/install driver.
iv. Browse your computer, and select the main folder you extracted the archive to way back in step 1 – the drivers are somewhere in there, don’t worry about where, as windows will find them just fine.
9. On your computer navigate to “C:\android-sdk-windows\platform-tools”. Hold down the shift button on your keyboard and Right click on an empty part of the windows, and select “Open Command Window Here”
10. Type "adb shell". If it says "device not found", disconnect the USB cable, remove the battery, and try again from step 6. Also, try changing the USb port on your CPU. I'm not really sure about this, but I had to do it twice.
Now you’ll have to run a bunch of commands inside the ADB Shell window (the one with the black background and looks like a DOS window). You can just copy and paste each one from here. Be sure that once you start this step, you continue until the end of these instructions.
mount -t yaffs2 -o rw,relatime /dev/block/mtdblock0 /system​
If it says “/system is not empty” then type:
"rmdir /system/bin" and then run the first mount command again
type "exit"
11. From the DOS window, Run these commands (again copy and paste each one is fine)
adb push Superuser.apk /system/app/Superuser.apk
adb push su /system/bin/su
adb shell​
12. From the adb shell, run:
chmod 0644 /system/app/Superuser.apk
chown 0 /system/bin/su
chgrp 0 /system/bin/su
chmod 6755 /system/bin/su
ln -s /system/bin/su /system/xbin/su
cd
umount /system
reboot​
13. The adb shell will terminate. Disconnect the phone from the USB cable, wait for about 15 sec, remove the battery, and then turn it on.
14. From the phone, Open the Market, search for "Busybox" by "Stephen (Stericson)". Install that
15. From the Market, go to My Apps, search for "Superuser" by "ChainsDD" and make sure you're running the latest edition
16. Run the App "Superuser" from your app tray.
- under the settings tab, scroll to the bottom and click SU Binary "tap to check for updates"
17. Run the "Busybox Installer" app. Follow the onscreen instructions - just leave everything at default.
Congratulations! Your device should now be rooted! I personally suggest downloading and installing Titanium Backup to make sure - it will run a root check on startup and notify you if anything is wrong.
Notes:
This may seem to be a complicated method, but, as we will have to wait some weeks for an automated or simpler method, I think making writing an automated tool for this method is not worth the effort. But maybe, if no automated method appears in some weeks, I write one myself as a comunity contribution. - alvaroag​Thanks to VanillaTbone of XDA Developers for his awesome ADB For Dummies guide and app.
http://forum.xda-developers.com/showthread.php?t=502010
And of course thanks to Bin4ry for his NEO recovery image.
And thanks to all the other contributors to this thread for their help, advice, and overall contribution.
And if this thread helped you in some way, Please click THANK YOU to show your appreciation
Hello
Since there is no Xperia Pro forum I decided to post this here. Hope you can help me.
I recently bought an Xperia Pro MK16a and I have already unlocked the bootloader with setool (thanks to alejandrissimo and his remote unlock abilities). Now I'm searching for a way to root the device.
He and I experimented with it a bit, and we've already tried the recovery hot-boot with recovery.img from Arc, Play, and Neo, but with no luck. Recovery just doesn't boot.
He's guessing it's related to something like a different ramdisk or something like that.
Any help would be greatly appreciated.
Thanks
Click to expand...
Click to collapse

rcummings100 said:
Hello
Since there is no Xperia Pro forum I decided to post this here. Hope you can help me.
I recently bought an Xperia Pro MK16a and I have already unlocked the bootloader with setool (thanks to alejandrissimo and his remote unlock abilities). Now I'm searching for a way to root the device.
He and I experimented with it a bit, and we've already tried the recovery hot-boot with recovery.img from Arc, Play, and Neo, but with no luck. Recovery just doesn't boot.
He's guessing it's related to something like a different ramdisk or something like that.
Any help would be greatly appreciated.
Thanks
Click to expand...
Click to collapse
If you bootloader is open you can flash directly "prerooted".img with fastboot? Arc and Neo have this option.
Regards!
Taavi
Sent from my MT15i using Tapatalk

Edit; ............
Sent from my LT15i using XDA App

taaviu said:
If you bootloader is open you can flash directly "prerooted".img with fastboot? Arc and Neo have this option.
Regards!
Taavi
Sent from my MT15i using Tapatalk
Click to expand...
Click to collapse
To be able to generate a pre-rooted system.img you need first a rooted phone and this is exactly the problem, how to root it if there is no recovery for MK16
For sure RootXperia.zip will work but for install it the proper recovery is needed first i guess

XperienceD said:
There is a Mini Pro forum. ;-)
Sent from my LT15i using XDA App
Click to expand...
Click to collapse
Totally different phone
This is just the "Xperia Pro" - it was released in August. It's the same phone as the Neo, but with a slide out QWERTY keyboard. Model is MK16a (or MK16i for the international one)

Gingerbreak??
Sent from my MT15i using Tapatalk

Alejandrissimo said:
To be able to generate a pre-rooted system.img you need first a rooted phone and this is exactly the problem, how to root it if there is no recovery for MK16
For sure RootXperia.zip will work but for install it the proper recovery is needed first i guess
Click to expand...
Click to collapse
How to do it? Generate prerooted system.img
Thanks!
Sent from my MT15i using Tapatalk

I think that NEO recovery should work:
http://forum.xda-developers.com/showthread.php?t=1183465
Maybe the keys are wrong mapped, you have to try a little. Just flash RootXperia.zip from Recovery and you are rooted.
Regards

Bin4ry said:
I think that NEO recovery should work:
http://forum.xda-developers.com/showthread.php?t=1183465
Maybe the keys are wrong mapped, you have to try a little. Just flash RootXperia.zip from Recovery and you are rooted.
Regards
Click to expand...
Click to collapse
That was the first thing I tried, since the Pro should just be a Neo with a keyboard. Unfortunately it doesn't work.
Here's the output:
C:\root-play>fastboot boot recoveryNEO.img
downloading 'boot.img'...
(bootloader) USB download speed was 9336kB/s
OKAY [ 0.517s]
booting...
(bootloader) Download buffer format: boot IMG
OKAY [ 0.002s]
finished. total time: 0.519s​
The phone is clearly still turned on, but no longer in fastboot mode, and the screen is totally blank, though the backlight is active.
I've tried the same thing with the Arc and Play recovery images and had the same results.
What do you mean by the keys are mapped wrong?
Is this what you're talking about?
http://www.knowyourcell.com/sony-er..._hard_reset_the_sony_ericsson_xperia_pro.html
The instructions on how to get into Recovery on that site are very similar to how to do it on the stock build of my previous phone, the Motorola Milestone. Unfortunately THEY DON'T WORK
I've tried substituting the volume down button with other keys, but with no success. Pretty difficult to guess the right key combination when there's a full qwerty keyboard on here
Is there a way to boot into the standard recovery from ADB or fastboot or something? Possibly from an on-board terminal emulator? A command like "Reboot Recovery" perhaps? Or is that too easy to be possible...
It's ironic that my old Motorola milestone with a totally locked down bootloader proved easier to hack than this phone with it's wide open bootloader

Well,
i wrote you already in PM. But now here too. The PRO is only released in Canada and some Asien Countrys. Until it is released in Europe i cannot help you, because i need the device for testing.
One thing you can try:
after you fastboot boot and the phone is in blackscreenmode please unplug and replug it to pc.
Now try to adb shell on it. Is this working? If yes please gimme a logcat
Regards

Bin4ry said:
Well,
i wrote you already in PM. But now here too. The PRO is only released in Canada and some Asien Countrys. Until it is released in Europe i cannot help you, because i need the device for testing.
One thing you can try:
after you fastboot boot and the phone is in blackscreenmode please unplug and replug it to pc.
Now try to adb shell on it. Is this working? If yes please gimme a logcat
Regards
Click to expand...
Click to collapse
Nope, adb shell doesn't work. Shows "error: device not found"
But because I'm new to this (I came from a motorola milestone), I want to make sure I did what you actually asked of me:
- I turned on the phone into fastboot mode (hold down menu, plug in usb cable, get blue light)
- from a command prompt window: fastboot boot recoveryARC.img
(replacing ARC with NEO and PLAY depending on the image I'm trying)
- phone now boots into black screen, no blue light, screen backlight is on
- unplug from computer, plug back in
- from command prompt: adb shell
Are those the instructions you wanted me to follow?
Fastboot works fine. Can I do anything from there? Getvar for example, or something? can I run the command Update and flash the RootXperia.zip file? Or will that not work because it's not signed properly or something similar?

Via fastboot you cannot flash the zip. Zip needs to be flashed via recovery, because this only contains some files and not whole system!
I'm sorry, you have to wait until i have the device! Only if the adb shell would work i could help you, if even this is not working it's hard to say what's goin wrong. All you can do is sending me the kernel.sin from you firmware. Maybe i can mix something up with this file
Regards

Bin4ry said:
Via fastboot you cannot flash the zip. Zip needs to be flashed via recovery, because this only contains some files and not whole system!
Click to expand...
Click to collapse
I figured as much. Just hoped I might be wrong.
Bin4ry said:
I'm sorry, you have to wait until i have the device! Only if the adb shell would work i could help you, if even this is not working it's hard to say what's goin wrong. All you can do is sending me the kernel.sin from you firmware. Maybe i can mix something up with this file
Regards
Click to expand...
Click to collapse
Can anyone give me instructions or pointers on how I extract the kernel.sin from my firmware?
Thanks for your continued patience with me. I really do appreciate it.

Its funny how all the phones without forum ends up here!
Sent from my LT15i using xda premium

datagubben said:
Its funny how all the phones without forum ends up here!
Sent from my LT15i using xda premium
Click to expand...
Click to collapse
It's because they're all so similar, and are based on the same hardware as the Arc.

Process is simple:
IF you NEVER used UpdateService or PCCompanion BEFORE you unlocked your bootloader then : You need to relock bootloader first (sorry :/)
Then have to use SonyEricsson UpdateService/PC-Companion and tell it to REINSTALL/REPAIR your firmware.
If you used one of the tools before just skip the relock and do this:
After that is done you copy out the two files named:
FILE_XXXXXXXXXXX
FILE_XXXXXXXXXXX
where XXXXXXXXXX are some numbers. This files are located in the subfolder blob_fs inside the UpdateService/PC-Companion directory.
Just copy it on a "safe" place.
After that is done you have to start flashtool go to the "Advanced" Tab -> Decrypt -> then just choose the folder where you copied the files and let flashtool do its work
Afterwards upload the Firmware which is now present as a FTF file, somewhere and post it here (others will be happy to to have the whole MK16a Firmware )
Regards

Bin4ry said:
Process is simple:
IF you NEVER used UpdateService or PCCompanion BEFORE you unlocked your bootloader then : You need to relock bootloader first (sorry :/)
Then have to use SonyEricsson UpdateService/PC-Companion and tell it to REINSTALL/REPAIR your firmware.
If you used one of the tools before just skip the relock and do this:
After that is done you copy out the two files named:
FILE_XXXXXXXXXXX
FILE_XXXXXXXXXXX
where XXXXXXXXXX are some numbers. This files are located in the subfolder blob_fs inside the UpdateService/PC-Companion directory.
Just copy it on a "safe" place.
After that is done you have to start flashtool go to the "Advanced" Tab -> Decrypt -> then just choose the folder where you copied the files and let flashtool do its work
Afterwards upload the Firmware which is now present as a FTF file, somewhere and post it here (others will be happy to to have the whole MK16a Firmware )
Regards
Click to expand...
Click to collapse
Unfortunately the very first thing I did with the phone was unlock the bootloader. 'Fido' is the only phone company selling the phone, but I'm with 'Rogers'...so I needed to unlock the bootloader in order to actually use the phone as a phone, which was and remains the most important thing to me.
That being said, I'll see if Alejandrissimo can give me a hand with re-locking the bootloader, then I can get the firmware as you instructed, then have him re-unlock the bootloader. I'll just stick my SIM Card back in my old motorola milestone while we work on this so I can still have a working phone.
You're awesome Bin4ry for helping like this

Maybe I could help with that since I am with Fido and I have a locked bootloader (I haven't touched the phone except adding an ssh key) with my Xperia Pro MK16a. Though I know my way with ssh, I am new with the rooting stuff and Android. If you need some files or something from a locked bootloader I can help with that, just need some simple instructions.
Bin4ry said that files FILE_XXXXXXXXXXX were located under UpdateService/PC-Companion, can I access those via ssh? I have used PCCompanion only once when I got on Windows, but I am always on Ubuntu so I was wondering if I could get those file via scp and if so, where are they?.

ratius said:
Maybe I could help with that since I am with Fido and I have a locked bootloader (I haven't touched the phone except adding an ssh key) with my Xperia Pro MK16a. Though I know my way with ssh, I am new with the rooting stuff and Android. If you need some files or something from a locked bootloader I can help with that, just need some simple instructions.
Bin4ry said that files FILE_XXXXXXXXXXX were located under UpdateService/PC-Companion, can I access those via ssh? I have used PCCompanion only once when I got on Windows, but I am always on Ubuntu so I was wondering if I could get those file via scp and if so, where are they?.
Click to expand...
Click to collapse
If you could, that'd be great. I don't especially want to lock my bootloader over again since you have to use SETool to unlock it, which costs money each time you use it (essentially). Not to mention it involves some acrobatics with a paperclip to connect a testpoint inside the phone to a ground!
Unless there's an easier way to lock/unlock now that I've done it once that is...if so, I'm happy to do it.
As for accessing the files Bin4ry is talking about, boot to windows if you can and do it that way. Just follow his instructions to repair your firmware, then go to that folder in windows (it's located in C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion). At least, that's my understanding.

Hi. Yesterday, I bought a Xperia Pro. Ive spent most of the afternoon and the nigh trying to root it, and I've finally got how to do it. It's a manual method, as there is not an automated one.
There's no need to say I'm not responsible for any damaged or bricked devices(but mine is working ok )
What you need:
1. The Xperia Neo Recovery, by Bin4ry, get it here
2. xperia_pro_root.zip I'm attaching. It contains the files from RootXperia.zip, but without the update.zip-related files, as they are not needed.
3. The Android SDK, with the Google USB Drivers Package.
4. If you've never used your device in fastboot mode, you may also need to follow steps 7 & 8 from SE bootloader unlocking tutorial.
5. [NOT REALLY SURE] Application Debugging & Unknown Sources enabled.
6. [NOT REALLY SURE] Unlocked Bootloader. This is because mine is unlocked, but I don't really know if that is required to boot the recovery image via fastboot.
I'm assuming that you are working on a Windows/Unix terminal, with a working directory where you have recoveryNeo.img, Superuser.apk and su /these two from the zip file I attach), and that fastboot & adb are on the PATH. If some file is not on the working directory, or fastboot/adb are not on the path, use full paths.
Instructions:
1. Disconnect & Power off the phone.
2. Hold down the menu button and connect the USB cable.
(If Windows asks you to install the drivers, install the driver from ANDROIDSDK\extras\google\usb_driver folder).
3. Run "fastboot boot recoveryNeo.img". The fastboot device will be disconnected, but after a few seconds you will get a Mass Storage & ADB Interface Detected.
4. Run "adb shell". If it says "device not found", disconnect, remove the battery, and try again from step 1. Also, try changing the USb port on your CPU. I'm not really sure about this, but I had to do it twice.
5. Run "mount -t yaffs2 -o rw,relatime /dev/block/mtdblock0 /system" from the adb terminal. If it says /system is not empty. run "rmdir /system/bin" and then run mount again.
6. type "exit"
7. Run :
adb push Superuser.apk /system/app/Superuser.apk
adb push su /system/bin/su
adb shell
8. From the adb shell, run:
chmod 0644 /system/app/Superuser.apk
chown 0 /system/bin/su
chgrp 0 /system/bin/su
chmod 6755 /system/bin/su
ln -s /system/bin/su /system/xbin/su
cd
umount /system
reboot
9. The adb shell will terminate. Disconnect the phone, wait for ~15 sec, remove the battery, and then turn it on.
10. Your device should now be rooted.
Notes:
1. When booting with recoveryNeo.img, the screen will keep blank. That's normal(I think).
2. This may seem to be a complicated method, but, as we will have to wait some weeks for an automated or simpler method, I think making writing an automated tool for this method is not worth the effort. But maybe, if no automated method appears in some weeks, I write one myself as a comunity contribution.
Hope this is usefull for you.

[GUIDE] Comprehensive S-OFF/Root Methods

Please do not PM me with questions about this guide! I don't have time to help everyone through it, create a thread in Q&A if you don't have 10 posts or post here, there are other people who have done this and can help you, and I will get to it if I can. PMs asking questions about this guide will be ignored. Thank you.
Fully stable root methods for all firmware versions (no bootloops on 6.01.605.05 firmware!)
Table of Contents
To quickly find a section, hit CTRL+F and type the letters in parentheses, then click "Next"
(IRO) Intro: Read first!
(HDV) HTCDEV Unlock
(TCR) Tacoroot
(DWG) Downgrade tool
(RVL) Revolutionary
(HSO) S-OFF with HTCDev unlock (second post)
(ASO) After S-OFF (second post)​
INTRO(IRO)​DISCLAIMER: I am not responsible for anything that happens to your device while following these instructions. I will try to help you through problems as much as I can, but I can't guarantee success, especially if you do not carefully read the instructions.
This is a comprehensive guide of all known and fully stable root/s-off methods, at this time, it covers just about all firmware versions out there. Most of these methods will require the Android SDK, so download that (Google it. A link for this really isn't necessary, and I'm sure many people could use practice googling things. ) and set it up (again, just google "android sdk," the download page even has tutorials). The downgrade methods no longer require the sdk, but it is still reccomended that you download it as it is a very useful tool. Don't forget to download the device drivers here (only neccessary on Windows) and set the PATH variable.
So, which downgrade method should you use? Most likely you will either have firmware version 5.x or 6.x, you can find out under Settings>About phone. If you are using 5.x, go to the Downgrade Tool section; if you have 6.x, go to the Tacoroot section. Both methods eventually lead to the Revolutionary section, HTCDev unlock is not reccomended and, honestly, completely pointless (read more below).
HTCDEV UNLOCK(HDV)​Versions: All
HTCDev is HTC's "official" unlock, it will unlock the bootloader but leave S-ON. Don't do it. Seriously. It's a guaranteed voided warranty and pretty much a huge PITA (you can't flash radios and need to extract and separately flash ROM kernels), and s-off methods are completely stable and even relockable. That said, if for whatever reason you do wish to do this, just go to http://htcdev.com/bootloader/. If you want to obtain S-OFF at any time after using HTCDev unlock, see the second post.
Note: to flash ROMs when HTCDev unlocked, flash the ROM normally, then extract the boot.img from the rom.zip and boot into fastboot, then use the command "fastboot flash boot boot.img."
TACOROOT(TCR)​Versions: 6.01.605.05 firmware
Tacoroot is a temp root method discovered by Justin Case that will allow those on the newer firmware to flash an older version and root with Revolutionary. Before you begin, download this zip containing all the files you'll need:
EDIT: Looking for the files? See this post.
Extract this zip to C:/Android. You can extract it somewhere else, just replace C:/Android with the path to the wherever you extracted it wherever it comes up. Now, connect your device to your computer with a USB cable, turn on USB Debugging under Settings>Apps>Development, and disable fastboot under Settings>Power. Make sure your phone is fully charged. Open a command prompt by opening the start menu, typing "cmd" and hitting enter. Type in everything that is in black text. Notes and extra instructions will be written in blue. It is reccomended that you copy/paste the code to avoid typos, to do this, copy by highlighting the line and hitting Ctrl+C as usual; to paste, go to your command prompt and click the small black icon in the upper left corner. A menu will pop up, go to Edit>Paste. Make sure you have not highlighted any spaces before or after the line or any of the blue text. Now, begin copying the code:
cd C:/Android
md5sums RUU_Vivo_W_Gingerbread_S_VERIZON_WWE_2.18.605.3_Radio_1.09.01.0622_NV_VZW1.92_release_199487_si.zip Remove the space in the middle of the word radio before hitting enter, I don't know why it won't let me remove it. Result should be cea499f51b40055ffd118960e1e73255, if it isn't, redownload the miniadb zip.
md5sums 1.09.01.0312_vivow_Radio_PG32IMG.zip Result should be ea6b98be48210d7797e62362f49ff751
md5sums tacoroot.sh Result should be 6ec06d776feb212d8b2a55817eddf76d
md5sums misc_version Result should be 050f55d34ddbcc860efa5982491437de
adb devices Result should be your phone's serial number. If it isn't make sure drivers are properly installed and USB Debugging is enabled.
adb push tacoroot.sh /data/local/
adb shell chmod 755 /data/local/tacoroot.sh
adb shell /data/local/tacoroot.sh --setup This will reboot your phone. When you get to a screen with a red exclamation mark, press VolUp+Power until you get to a menu, then press VolUp+VolDown+Power until the phone turns off. Once it is rebooted, continue.
adb shell /data/local/tacoroot.sh --root
adb wait-for-device Running the step before this will reboot your phone again, this time it will be bootlooping, meaning it will not boot fully and get stuck on the boot animation. Once your prompt comes back after this step, you're good to continue even though the phone isn't fully booted.
adb push misc_version /data/local/tmp/misc_version
adb shell chmod 777 /data/local/tmp/misc_version
adb shell /data/local/tmp/misc_version -s 2.18.605.3
adb shell /data/local/tacoroot.sh --undo This will reboot your phone one more time, this time fully stable and will boot completely. Continue once fully booted.
adb reboot bootloader This will reboot your phone to a white screen with a few options. Once you are at this screen, continue with the instructions.
fastboot devices Result should be your phone's serial number, again.
fastboot getvar mainver The result should be 2.18.605.3. If it is not, something was not done correctly, you'll need to restart from the beginning.
fastboot erase cache
fastboot oem rebootRUU
fastboot flash zip RUU_Vivo_W_Gingerbread_S_VERIZON_WWE_2.18.605.3_Radio_1.09.01.0622_NV_VZW1.92_release_199487_si.zip This will take a bit of time without giving any indication as to when it will be done, be patient and do not interrupt it.
fastboot erase cache
fastboot oem rebootRUU
fastboot flash zip 1.09.01.0312_vivow_Radio_PG32IMG.zip Same as the above, do not interrupt under any circumstances (unless you really wanted a phone-shaped paperweight )
fastboot reboot
That's the end of the codes, you should be fully booted into the now downgraded version. Re-enable USB debugging, then continue to the Revolutionary section and follow instructions there.
DOWNGRADE TOOL
Versions: HBOOT .98, firmware below 6.01.605.05
This will not work with firmware version 6.01.605.05! Use the tacoroot method!
This tool will downgrade you to 2.3.3, which will allow you to use Revolutionary to gain S-OFF.
Download the tool here, and extract it to a folder where you can easily get to it in a command prompt/terminal.
Now, connect your device to your computer with a USB cable, and turn on USB Debugging in settings. To ensure you are connected, open a command prompt/terminal and type "adb devices". If you see a bunch of letters and numbers followed by "device," you're good to go.
Navigate to the files you extracted in a command prompt/terminal ("cd /path/to/folder," replacing /path/to/folder with the actual filepath), type "hack-vivow.cmd" and let it run. It may take a while and seem to get stuck on some commands, just leave it alone. After it's done, continue to the Revolutionary section. Yep, it really is that easy.
REVOLUTIONARY
Versions: GB 2.3.3, any others after downgrade methods
This is the final step that will actually get you S-OFF.
Go to the revolutionary website, click on the download link for your OS, you'll get a download right away. While it's downloading, fill out the form that pops up (if you don't know your serial number and have the sdk installed, open up a command prompt/terminal and type "adb devices," the letters/numbers before "device" is your serial. Extract the files and run either revolutionary or revolutionary.exe depending on your OS, enter your beta key and say yes when it asks to install CWM recovery. Let it run, and you'll be S-OFF and ready to go!
If you have any questions/comments or found something that isn't right, go ahead and post, I would greatly appreciate any positive or negative feedback, as long as it's constructive.
Credits:
attn1 for Downgrade tool
Revolutionary team
Guhl for misc_version
jcase for Tacoroot
PalmerCurling for Tacoroot downgrade guide
MIVLives for bootloop fix
scotty85 for better Tacoroot downgrade and HTCDev S-OFF method
If you find anything I didn't give credits for and should have, let me know and I'll add it.

Get S-OFF after using HTCDev Unlock
(HSO)​If you used HTCDev unlock and want to get S-OFF, follow this guide. What you get from going from HTCDev unlocked to full S-OFF is a full unlock instead of HTC's restricted unlock. This way, you can flash custom radios and flash ROMs without needing to extract and separately flash the boot.img. (Note: If you already installed a custom recovery and a custom ROM, flash this ROM and start at "adb push misc_version /data/local/tmp/misc_version" in the code.) To do this, first download this zip and extract it to C:/Android. You can extract it somewhere else, just replace C:/Android with the path to where you extracted it wherever it comes up. Next, download this zip and extract it to C:/Android. Download this zip as well and put it in your C:/Android folder, but do not extract it. Now, connect your device to your computer with a USB cable, turn on USB Debugging under Settings>Apps>Development, and disable fastboot under Settings>Power. Make sure your phone is fully charged. Open a command prompt by opening the start menu, typing "cmd" and hitting enter. Type in everything that is in black text. Notes and extra instructions will be written in blue. It is recommended that you copy/paste the code to avoid typos, to do this, copy by highlighting the line and hitting Ctrl+C as usual; to paste, go to your command prompt and click the small black icon in the upper left corner. A menu will pop up, go to Edit>Paste. Make sure you have not highlighted any spaces before or after the line or any of the blue text. Now, begin copying the code:
cd C:/Android
md5sums RUU_Vivo_W_Gingerbread_S_VERIZON_WWE_2.18.605.3_Ra dio_1.09.01.0622_NV_VZW1.92_release_199487_si.zip Result should be cea499f51b40055ffd118960e1e73255, if it isn't, redownload the miniadb zip.
md5sums 1.09.01.0312_vivow_Radio_PG32IMG.zip Result should be ea6b98be48210d7797e62362f49ff751
md5sums misc_version Result should be 050f55d34ddbcc860efa5982491437de
adb devicesResult should be your phone's serial number.
adb push CWM-SuperSU-v0.94.zip /sdcard This might take a minute or so. If it gives an error, try "adb push CWM-SuperSU-v0.94.zip /mnt/sdcard"
adb reboot bootloader This should reboot your phone to a white menu, once it is there, continue.
fastboot devices This should return your phone's serial number.
fastboot flash recovery recovery.img This might take a while, be patient and do not interrupt it. Once it is done, use the volume buttons on your phone to navigate through the menu until RECOVERY is highlighted, then press Power to select it. Your phone will reboot into another menu, once it shows up, select "install from sdcard" then "choose zip from sdcard," then scroll down and select CWM-SuperSU-v0.94.zip, and accept it. Once it is finished, press power then select reboot. Once you are fully booted, continue with the instructions.
adb push misc_version /data/local/tmp/misc_version
adb shell chmod 777 /data/local/tmp/misc_version
adb shell /data/local/tmp/misc_version -s 2.18.605.3
adb reboot bootloader This will reboot you to the white menu again.
fastboot devices Result should be your phone's serial number.
fastboot getvar mainver Result should be 2.18.605.3. If it isn't, make sure you didn't get any errors in the above code and everything was copied correctly.
fastboot oem lock
fastboot erase cache
fastboot oem rebootRUU
fastboot flash zip RUU_Vivo_W_Gingerbread_S_VERIZON_WWE_2.18.605.3_Ra dio_1.09.01.0622_NV_VZW1.92_release_199487_si.zip This will take a while, be patient and do not under any circumstances interrupt it.
fastboot erase cache
fastboot oem rebootRUU
fastboot flash zip 1.09.01.0312_vivow_Radio_PG32IMG.zip This will also take a bit, again, do not interrupt it.
fastboot reboot
That's the end of the code, you should be downgraded and can now get S-OFF by following the Revolutionary guide in the first post.
After S-OFF(ASO)​So, now you have S-OFF. Congratulations! The next step would be to flash a custom recovery, then either an su zip or a custom, rooted ROM. For recoveries, the choices are ClockworkMod, 4EXT or TWRP. I personally prefer 4EXT, but TWRP is also great and has many great features. ClockworkMod is a little slower, but still stable. All ROMs and recoveries for the Dinc2 can be found in the development forums (where you found this guide), and there are many different ROMs to choose from, so check them out! If you want something rock solid and completely stable, try out CondemnedSoul's CM7 or one of the Gingerbread Sense ROMs, or if you want something newer, a bit faster, but maybe has a few minor bugs, check out one of the many ICS ROMs. If you want the latest and greatest, with a few slight bugs, go Jelly Bean with aeroevan's CM10. If you were looking to just root, download and flash the zip found here: http://forum.xda-developers.com/showthread.php?t=1538053, however, I would recommend that you try one of the Gingerbread Sense ROMs such as Skyraider Zeus if you wanted something a bit different with extra features, or andybonestock for a faster, debloated ROM that looks and feels exactly like what you're used to, but rooted.

Nice guide. I have to use the tacoroot method for a buddy of mine.

Awesome post!

This should be stickied...

sk842018 said:
This should be stickied...
Click to expand...
Click to collapse
+1 ^^
Sent from my Kang Banged Dinc2

Consider it done, excellent resource :good:
Also added to roll-up.

Bad links for Tacoroot.sh and .0312 radio. Great wright up though and cant wait to get my replacement unlocked.
Edit: Ok so I am almost there but have run into some issues. I cant get the 2.3.3 RUU to flash. It will get so far and stop saying bad signature verification. The one thing I noticed is that at the end of the file name it has si and not signed. I tried to change it but kinda knew that would not work and it didn't. Hope this can be fixed soon.
Edit of the edit. Ok so I followed dets34's wright up as I could not get the commands posted here to work. I put the files in the proper SDK folders and went through the commands and when I got to the RUU I hit tab after starting the name to make sure the end was si.zip. Flashed went into boot loop, boot recovery, flash newest radio, and bam no more loop with S off. Thanks to everyone who keeps us sorted out and flashing strong.

zackspeed said:
Bad links for Tacoroot.sh and .0312 radio. Great wright up though and cant wait to get my replacement unlocked.
Edit: Ok so I am almost there but have run into some issues. I cant get the 2.3.3 RUU to flash. It will get so far and stop saying bad signature verification. The one thing I noticed is that at the end of the file name it has si and not signed. I tried to change it but kinda knew that would not work and it didn't. Hope this can be fixed soon.
Edit of the edit. Ok so I followed dets34's wright up as I could not get the commands posted here to work. I put the files in the proper SDK folders and went through the commands and when I got to the RUU I hit tab after starting the name to make sure the end was si.zip. Flashed went into boot loop, boot recovery, flash newest radio, and bam no more loop with S off. Thanks to everyone who keeps us sorted out and flashing strong.
Click to expand...
Click to collapse
Links work fine for me. What did you do differently with dets34's tutorial?

The only thing that was different was I put misc and taco files in AndroidSDK\platforms. Then I put the RUU in the tools folder. Ran the commands and it went through first try. For the first part I cd c:\ to my platforms folder and ran the first part then cd c:\ to my tools folder and installed the RUU. Once it booted as soon as I messed with it boot loop. So flashed the radio and all seems to be fine.

zackspeed said:
The only thing that was different was I put misc and taco files in AndroidSDK\platforms. Then I put the RUU in the tools folder. Ran the commands and it went through first try. For the first part I cd c:\ to my platforms folder and ran the first part then cd c:\ to my tools folder and installed the RUU. Once it booted as soon as I messed with it boot loop. So flashed the radio and all seems to be fine.
Click to expand...
Click to collapse
Shouldn't make a difference if you added those folders to your PATH variable, that way you can use adb/fastboot commands without having to cd in.

Yea that's kinda what I thought but some how I messed it up or something because it never would flash the RUU. I am no expert at this by any means. Either way you helped out and its nice to see we don't have to worry about loops any more. :good:

Great guide, thanks! My couple of things I had to add in to make everything work:
Code:
fastboot flash zip RUU_Vivo_W_Gingerbread_S_VERIZON_WWE_2.18.605.3_Radio_1.09.01.0622_NV_VZW1.92_release_199487_si.zip
I had to add the path to this file for it to work and then afterward do a
Code:
adb reboot
to get ready for the Revolutionary process. At first Revolutionary wouldn't recognize the device when it booted. I quickly realized I needed to re-enable USB Debug.
Then I used adb to do the rebooting necessary to flash the .0312 radio.
Thanks again! Great stuff.

techspecs said:
Great guide, thanks! My couple of things I had to add in to make everything work:
Code:
fastboot flash zip RUU_Vivo_W_Gingerbread_S_VERIZON_WWE_2.18.605.3_Radio_1.09.01.0622_NV_VZW1.92_release_199487_si.zip
I had to add the path to this file for it to work and then afterward do a
Code:
adb reboot
to get ready for the Revolutionary process. At first Revolutionary wouldn't recognize the device when it booted. I quickly realized I needed to re-enable USB Debug.
Then I used adb to do the rebooting necessary to flash the .0312 radio.
Thanks again! Great stuff.
Click to expand...
Click to collapse
Updated, thanks.

Thanks for your guide. Will this guide work with the newest firmware 5.10.605.9? Just use TACOROOT?

leshan said:
Thanks for your guide. Will this guide work with the newest firmware 5.10.605.9? Just use TACOROOT?
Click to expand...
Click to collapse
Use the downgrade tool.
Sent from my vivow using Tapatalk 2 Beta-5

leshan said:
Thanks for your guide. Will this guide work with the newest firmware 5.10.605.9? Just use TACOROOT?
Click to expand...
Click to collapse
The latest firmware is 6.01.605.05. You don't have to use tacoroot.

Thanks. worked perfectly.
prototype7 said:
Use the downgrade tool.
Sent from my vivow using Tapatalk 2 Beta-5
Click to expand...
Click to collapse

unroot to re-root correctly
Does anyone know a method to go back to stock on one of refurbed phones in order to re root correctly and not get the Sense bootloop? I found a few methods but they are all four hboot .97 and I have a feeling won't fix the problem.

mccarrel said:
Does anyone know a method to go back to stock on one of refurbed phones in order to re root correctly and not get the Sense bootloop? I found a few methods but they are all four hboot .97 and I have a feeling won't fix the problem.
Click to expand...
Click to collapse
Flash the latest firmware, or just flash whatever RUU then the .0312 radio, then follow the guide to go back to s-on.
Sent from my Incredible 2 using Tapatalk 2 Beta-5

[how to] lock/unlock your bootloader without htcdev(s-off required)

this thread will let you unlock your bootloader without htcdev,or let you change your hboot watermark from relocked or locked back to stock.
originally,we used a zip file flashable in recovery. i have found it to work on gsm devices with 1.44 hboot and CW recovery. it did not work with twrp. if the following is too scary,feel free to test the zip files. that thread,info,and downloads can be found here. since not all recoverys are working,these values can be changed with simple adb commands.
advantages
-no hassle with htcdev,tokens,or unlock codes
-no submitting your phones personal info to htc
-the ability to get back to 100% stock without any visual traces or records of having been s off or unlocking your bootloader.
you do NOT need to downgrade your hboot. this simple adb command works without any scary hboot downgrades.
*you must be s off.
*you must have superuser installed(see this thread if you need help installing superuser. use the keep bootloader locked directions)
read this:
this will not work if your s on. its not a way to magically unlock
the usual disclaimers:
use this info at your own risk. if it melts your phone into a little pile of aluminum goo,its not my fault.
credits
-beaups for giving me the echo comand,so yall didnt need to dump,edit with a hex editor,and copy back
-strace for originally discovering the location of the lock status flag(check out this thread for more info)
-kdj67f for fearlessly testing and putting up some screenshots in post 5. thanks!
IF you are an advanced user with adb/fastboot set up and some basic knowlede of the cmd window,you can skip to #2
1)set up adb
-download this file
-install drivers: if you have htc sync installed,you should allready have drivers. if not,you can install htc sync,or install these modified htc drivers from revolutionary (driver mirror)
-unzip your miniadb_v1031.zip file. this is native funtionality in windows 7. you otherwise may need a utility such as "7-zip" to extract,or unzip it. place the unzipped folder onto the root of your C drive on your PC. root means the top level,not inside any folders. so just copy and paste,or drag and drop the folder onto C with everything else that is there. you may want to rename it to "miniadb_m7" since youll be putting some device specific files in here.
-open a command window. on windows 7,click the start bubble in the lower left and type "command" in the search box. xp i believe is similar or the same. doing this should open a small black command window.
-change to your miniadb_m7 directory. type the following at the prompt in your cmd window:
cd c:\miniadb_m7
your command promt should change to "c:miniadb_m7>" provided you: 1)unzipped the miniadb_v1031 zip file,and 2)put the folder on your c drive,and 3)entered the name of the folder correctly ("miniadb_m7" in this case)
-now make sure usb debugging is checked in developer options(you will need to turn it on first),and plug your phone into your PC with a usb cable
-make sure your phone is being recognized- type:
adb devices
if your drivers are installed correctly,this should return your phones serial number. you should hear the "found device" noises when you plug your phone in. if it starts installing drivers,wait for it to finish before typing the adb devices command.
if you get your serial number back,then enter this command:
adb reboot bootloader
this should take your phone to the "fastboot" screen,wich is white with colored letters. this is one mode of your bootloaders interactive modes. at the top youll see fastboot devices as confirmation youre in fastboot.
now enter:
fastboot devices
again,this should return your phones serial number. you should hear the "found device" noises when you plug your phone in. if it starts installing drivers,wait for it to finish before typing the adb devices command.
if you get your serial number back,you can enter the following to boot back to the phones OS:
fastboot reboot
and now,youve installed adb/fastboot and tested youre phones drivers. if at either spot,you have trouble and dont get your serial number back,there is some sort of connection issue. use these steps to troubleshoot:
troubleshooting connectivity issues:
-try a reboot of the PC
-try different usb cables and ports
-dont use a usb hub
-dont use usb 3.0
-make sure nothing capable of comunicating with the phone is enabled and running. htc sync,pdanet,easy tether,and even itunes have all been known to cause issues.
-windows 8 has been known to have issues. try a windows 7 or older machine
failing the above,
-i use these drivers for fastboot and adb(donwload and run as admin): http://downloads.unrevoked.com/HTCDriver3.0.0.007.exe (mirror)
failing that,try manually updating the drivers in the following manner:
-put the phone in fastboot mode(select fastboot from the hboot menu)
-open device manager on the PC
-plug in phone,watch for it to pop up in device manager.
-update drivers with device manager,pointing the wizard to the extracted
driver download folder from above
note that you can check the connectivity of the phone,and make sure drivers are working by in the following manner:
-open cmd window. change to directory containing adb/fastboot utilities
-adb with the phone in the booted OS,usb debug enabled,enter:
adb devices in a cmd window
-fastboot with phone in fastboot,enter:
fastboot devices in cmd window
in either case,a properly connected phone with working drivers installed should report back the phones serial number.
Click to expand...
Click to collapse
this process,in your cmd window,should look something like this:
Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Scott>[COLOR="red"]cd c:\miniadb_m7[/COLOR]
c:\miniadb_m7>adb devices
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
List of devices attached
FAxxxxxxxxxx device
c:\miniadb_m7>[COLOR="red"]adb reboot bootloader[/COLOR]
c:\miniadb_m7>[COLOR="red"]fastboot devices[/COLOR]
FAxxxxxxxxxx fastboot
c:\miniadb_m7>[COLOR="red"]fastboot reboot[/COLOR]
rebooting...
finished. total time: 0.037s
c:\miniadb_m7>
2)reset your "lock status flag"
to LOCK your bootloader,enter the following:
adb devices
adb shell
su (if needed to get a # prompt)
echo -ne '\x00\x00\x00\x00' | dd of=/dev/block/mmcblk0p3 bs=1 seek=33796
(i would very strongly recomend you copy/paste this)
exit
(exit a second time if you need to to get back to a normal > prompt)
adb reboot bootloader
verify you are now locked
_____________________________________________________________________________________________
to UNLOCK your bootloader,enter the following:
adb devices
adb shell
su (if needed to get a # prompt)
echo -ne "HTCU" | dd of=/dev/block/mmcblk0p3 bs=1 seek=33796
(i would very strongly recomend you copy/paste this)
exit
(exit a second time if you need to to get back to a normal > prompt)
adb reboot bootloader
verify you are now unlocked
*i have tested this on my gsm htc one. if someone wants to test on vzw,ill add you to the credits

mine!

So, this will work with hboot 1.54? And are you sure the memory blocks are correct for Verizon? I will test...
I'm s-off, stock Rom, cwm recovery and rooted.
Sent from my HTC6500LVW using XDA Premium 4 mobile app

kdj67f said:
So, this will work with hboot 1.54? And are you sure the memory blocks are correct for Verizon? I will test...
I'm s-off, stock Rom, cwm recovery and rooted.
Sent from my HTC6500LVW using XDA Premium 4 mobile app
Click to expand...
Click to collapse
99% sure we can certainly dump p3 and have a look-see first,if you'd like. We woukd need a dump from someone whose unlocked or relocked
Sent from my HTC One using Tapatalk 2

99% is good enough for me haha! Phone just hut 50% charged, give me a minute. Will post back with pictures.
Sent from my HTC6500LVW using XDA Premium 4 mobile app
---------- Post added at 08:56 PM ---------- Previous post was at 08:41 PM ----------
Confirmed, code working. Flags set/reset. Phone even reboots and works will upload pics/screenshots.
Thanks!
Starting out unlocked:
Locking:
Locked:
Unlocking:
Re-unlocked:
Very good work!

Awesome! Thanks for confirming
Sent from my HTC One using Tapatalk 2

That was super easy... great write up! This will save so much time getting an unlocktoken and running through HTCdev. Many thanks!

scotty1223 said:
99% sure we can certainly dump p3 and have a look-see first,if you'd like. We woukd need a dump from someone whose unlocked or relocked
Click to expand...
Click to collapse
Verizon HTC One here, S-Off with SuperSU but otherwise stock, locked bootloader, hboot 1.54. I just did
Code:
dd if=/dev/block/mmcblk0p3 of=orig bs=1 seek=33796 count=4
and looked at the resulting dump and it has "PGFS" not nulls at that offset. I'm wondering if we should write "PGFS" back on Verizon/hboot 1.54 and not nulls?

bjorheden said:
Verizon HTC One here, S-Off with SuperSU but otherwise stock, locked bootloader, hboot 1.54. I just did
Code:
dd if=/dev/block/mmcblk0p3 of=orig bs=1 seek=33796 count=4
and looked at the resulting dump and it has "PGFS" not nulls at that offset. I'm wondering if we should write "PGFS" back on Verizon/hboot 1.54 and not nulls?
Click to expand...
Click to collapse
sounds like youre looking at offsets 00 01 02 03. every device ive looked at so far has the PGFS at that location. i havent looked ata vzw p3,but t mobile follows that. youll find the HTCU,HTCL,or nulls at 8404 8505 8406 8407.
im not sure your command is showing you the correct location. id dump and look at the whole thing.
dd if=/dev/block/mmcblk0p3 of=/sdcard/mmcblk0p3

Hey Scotty,
I can't thank you enough for this info. I really didn't want to unlock via htcdev and it's been getting tiring making zips for everything I want to flash. This solved my problem and is reversible without record. You are the man and thanks for putting in the time.

isdnmatt said:
Hey Scotty,
I can't thank you enough for this info. I really didn't want to unlock via htcdev and it's been getting tiring making zips for everything I want to flash. This solved my problem and is reversible without record. You are the man and thanks for putting in the time.
Click to expand...
Click to collapse
glad to help

Can someone explain the benefits to me of being able to change between locked/unlocked? If not.... That's cool.
Sent from my HTC6500LVW using Tapatalk now Free

BaBnkr said:
Can someone explain the benefits to me of being able to change between locked/unlocked? If not.... That's cool.
Sent from my HTC6500LVW using Tapatalk now Free
Click to expand...
Click to collapse
For this thread and most people's needs, unlocking this way after s-off saves time. Re-locking just proved it was reversible in case someone did want to be locked again. Another way to get back to stock for warranty purposes, etc...
Most importantly, to prove it can be done!
Sent from my HTC6500LVW using XDA Premium 4 mobile app

Fantastic, can this work for HTC One S too?
maybe needs finding correct blocks?
what it is unclear to me is that:
your method to unlock bootloader needs S-OFF, but S-OFF needs Unlocked bootloader and SuperCID, so maybe for HTC One S it's different
thanks for clarification

icest0rm said:
Fantastic, can this work for HTC One S too?
maybe needs finding correct blocks?
what it is unclear to me is that:
your method to unlock bootloader needs S-OFF, but S-OFF needs Unlocked bootloader and SuperCID, so maybe for HTC One S it's different
thanks for clarification
Click to expand...
Click to collapse
blocks are the same for one s.
method does indeed need s off. most common way to achieve s off for devices on the unlock program is via intial unlock thru htcdev to install root and recovery. at this point the commands are useful to get back to locked,and if one needs unlock after being locked for some reason. vzw is a bit different in that they cannot use htcdev,so a hack is needed to temproot,then s off. this does give them the luxury of being able to unlock without htcdev alltogether.
its also possible to s off via a java card,or be lucky enuff to find a user trial device that came that way. in this situation htcdev can be left out of the picture entirely.
hope that clarifes it

scotty1223 said:
blocks are the same for one s.
Click to expand...
Click to collapse
ok!
scotty1223 said:
method does indeed need s off. most common way to achieve s off for devices on the unlock program is via intial unlock thru htcdev to install root and recovery. at this point the commands are useful to get back to locked,and if one needs unlock after being locked for some reason.
Click to expand...
Click to collapse
ok...clear
scotty1223 said:
vzw is a bit different in that they cannot use htcdev,so a hack is needed to temproot,then s off. this does give them the luxury of being able to unlock without htcdev alltogether.
Click to expand...
Click to collapse
ehm...sorry...what is vzw?
its also possible to s off via a java card,or be lucky enuff to find a user trial device that came that way. in this situation htcdev can be left out of the picture entirely.
hope that clarifes it
Click to expand...
Click to collapse
thanks :good:

vzw=Verizon wireless
Sent from my HTC One VX using Tapatalk

scotty1223 said:
vzw=Verizon wireless
Sent from my HTC One VX using Tapatalk
Click to expand...
Click to collapse
ah ok...
but since they need a temproot to get unlock without htcdev, wouldn't this be possible for all htc one (s)?
why is it limited to vzw?

icest0rm said:
ah ok...
but since they need a temproot to get unlock without htcdev, wouldn't this be possible for all htc one (s)?
why is it limited to vzw?
Click to expand...
Click to collapse
technically,yes. you could use a temp root and make a tool for any other carriers device so you would not have to unlock.
however, temp root exploits are typically patched quickly. htcdev is a reliable means of root to make other tools/exploits work. its much,much easier to simply unlock and install root and recovery than to keep looking for softwate temp root exploits.
with verizon you have no choice,since they do not allow official unlock.

Hello, can you please tell me why do i get this error ?

adb reboot bootloader (Unlocking the Bootloader)

on the box my hpone came it it says H815, Made In Korea, I talked to LG they say it's registered in Hong Kong but it shows it's a LG-H815, No T or anything after the 8. So I have a H815. Not sure what the Hong Kong thing means...but I need to unlock the boot loader.
Following this: http://developer.lge.com/resource/mobile/RetrieveBootloader.dev?categoryTypeCode=ANRS
On the 'adb reboot bootloader' command it says in CMD, 'error: device 'null' not found'.
I've tried it many times. I can clearly see it as G4 in My Computer, I can go into it and see the folders on the internal memory.
http://i.imgur.com/fZ4t6Rj.png
http://imgur.com/5UBg6dB
I downloaded installer_r24.3.4-windows.exe from here: http://developer.android.com/sdk/index.html#Other
I installed the SDK Manger and installed the Google USB Drive and the Platform Tools, got the 3 files, did the cmd as you see in my image...
I never had to installed the G4 drivers or anything, it just installed it when I plugged it in and always worked.
So...?
Wish someone could help via Team Viewer..

Sounds like you need to install the drivers.... it is not so it just works for you to see the files... it is so that the computer will see the phone as an ADB and fastboot device
Install the drivers like it says to do, and test it by hooking the phone up to the computer and in a DOS box type "adb devices" without quotes, it should give you a device id.

Milimbar said:
Sounds like you need to install the drivers.... it is not so it just works for you to see the files... it is so that the computer will see the phone as an ADB and fastboot device
Install the drivers like it says to do, and test it by hooking the phone up to the computer and in a DOS box type "adb devices" without quotes, it should give you a device id.
Click to expand...
Click to collapse
tried that, got this:
C:\>adb devices
'adb' is not recognized as an internal or external command,
operable program or batch file.
Click to expand...
Click to collapse
So tried the other thing (adb reboot bootloader):
C:\Users\Owner\Desktop\tools>adb reboot bootloader
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
error: device '(null)' not found
Click to expand...
Click to collapse
Just to make sure I got the right drivers, can you link me to the latest drivers for the H815?
I tried: http://www.lg.com/uk/support-mobile/lg-H815 - makes me install that support program first, but once it starts up it tells me to select my carrier, which mine isn't there and lists models, which mine isn't there.. So that didn't help. The daemon thing is new though...
EDIT: It works now and I get this... doesn't list it... someone link me good drivers or?
C:\Users\Owner\Desktop\tools>adb devices
List of devices attached
Click to expand...
Click to collapse
EDIT 2: Now it's back to the original null message only. I need some good drivers...

Broth3rz said:
C:\>adb devices
'adb' is not recognized as an internal or external command,
operable program or batch file.
Click to expand...
Click to collapse
Start your DOS box from the directory you installed ADB to. If you do not know where that is, just search for adb.exe on your computer.
When you find where it is installed, just go to that folder and shift+right click and select "open command window here"
Run your commands there and it should work.

Milimbar said:
Start your DOS box from the directory you installed ADB to. If you do not know where that is, just search for adb.exe on your computer.
When you find where it is installed, just go to that folder and shift+right click and select "open command window here"
Run your commands there and it should work.
Click to expand...
Click to collapse
Just shows 2 empty lines, I need some real drivers or something. I don't know where to get them.

Read the thread about unlocking your boot loader. Everything you have asked is in it. Your phone needs to be in the right mode, adb, fastboot, download.

Don't know what thread your talking about and I've installed the best drivers I could find. It's not seeing the phone.

I opened CMD and did"
adb kill-server
adb start-server
Plugged it in and did the adb devices and got this:
C:\Users\Owner>adb devices
List of devices attached
LGH81567593392 device
Guess I'll try the next step in unlocked when I wake up. Any reason it has all those numbers after H815?

On the 'adb reboot bootloader' command it says in CMD, 'error: device 'null' not found'.
Normally, when it says "null" not found, you haven't accepted the connection on your phone, you wont see it if the screen has blanked.
Try again and accept connection from computer on your phone.
Oh, and if you;'re having problems getting the adb.exe etc to work, try downloading minimal drivers here ( http://forum.xda-developers.com/showthread.php?t=2317790 )and install to desktop with shortcut as well. When you click the shortcut, it will create a dosbox and most commands will work from there.

Sounds like it is working. The numbers are your device id. Just proceed with your unlocking or rooting now and it should be fine.

What should be my next step in rooting after unlocked BL?
In the end I want to update my firmware and install stock Android, that is if it's just the OS, no installed apps or anything, apart form Camera, Play Store, etc.

Broth3rz said:
What should be my next step in rooting after unlocked BL?
In the end I want to update my firmware and install stock Android, that is if it's just the OS, no installed apps or anything, apart form Camera, Play Store, etc.
Click to expand...
Click to collapse
IF you have the H815 EU version, and were able to unlock the bootloader from the LG site....
http://forum.xda-developers.com/g4/general/unlock-bootloader-install-twrp-root-t3128241
Finish up on that page what you have not already done......
Install TWRP (recovery) and Root.
After that, its up to you, there are a few RoMs out that are stock and or debloated, pick the one you like.
Remember to check that it is for the H815 not a carrier version.

How to get Verizon pixel xl back to stock so I can install TWRP.

Noob again. So I am rooted and I'm currently on build NDE63X on my Verizon 128 gb XL. If i understood the instructions correctly, I have to go back to stock before I can put TWRP on the phone. I know I get the factory images here.
https://developers.google.com/android/images
Do I get the NDE63P image for the phone since that was what was on the phone before I sideloaded the OTA for my current version which is NDE63X or do I just need to download the full image for NDE63X?
Can someone also list the steps needed to accomplish getting phone back to stock? I read Google's instructions and I was a little confused. I understand that I will lose root but should be able to root after installing TWRP since it looks like Chainfire updated the root method for those using TWRP.
Thanks.

It's easy bro. For starters, grab the factory image for the X build. No need to go back to P.
Next, extract the zip. Depending on which OS your computer runs, you'll be running one of the flash-all scripts. the one with the ".bat" extension is for Windows and the one ending with the ".sh" extension is for macOS and Linux. If you don't want it to wipe your device, before running one of those two files I just mentioned, your gonna wanna edit the script file using an application like Notepad++ (on Windows) or Text Wrangler (on macOS.) What you want to do in the script file is remove the wipe command. To do so, delete the following piece from the script: (it's towards the bottom.)
Code:
-w
Save the changes.
Next, copy everything from the factory image folder to where you have adb/fastboot stored. (I suppose you could copy your adb/fastboot files to this folder if you wanted to.)
Assuming that your device is plugged in and USB debugging is enabled, start command prompt (or Terminal.) and type the following commands:
Code:
adb devices (it should return with your devices serial number and say online, if not check your device for a prompt asking to allow or deny.)
adb reboot bootloader
fastboot devices
flash-all.bat (or flash-all.sh)
That should do it. ?
Sent from my Pixel XL

Rydah805 said:
It's easy bro. For starters, grab the factory image for the X build. No need to go back to P.
Next, extract the zip. Depending on which OS your computer runs, you'll be running one of the flash-all scripts. the one with the ".bat" extension is for Windows and the one ending with the ".sh" extension is for macOS and Linux. If you don't want it to wipe your device, before running one of those two files I just mentioned, your gonna wanna edit the script file using an application like Notepad++ (on Windows) or Text Wrangler (on macOS.) What you want to do in the script file is remove the wipe command. To do so, delete the following piece from the script: (it's towards the bottom.)
Code:
-w
Save the changes.
Next, copy everything from the factory image folder to where you have adb/fastboot stored. (I suppose you could copy your adb/fastboot files to this folder if you wanted to.)
Assuming that your device is plugged in and USB debugging is enabled, start command prompt (or Terminal.) and type the following commands:
Code:
adb devices (it should return with your devices serial number and say online, if not check your device for a prompt asking to allow or deny.)
adb reboot bootloader
fastboot devices
flash-all.bat (or flash-all.sh)
That should do it.
Sent from my Pixel XL
Click to expand...
Click to collapse
Thank you. Gonna attempt it this weekend.

Deleted

Rydah805 said:
It's easy bro. For starters, grab the factory image for the X build. No need to go back to P.
Next, extract the zip. Depending on which OS your computer runs, you'll be running one of the flash-all scripts. the one with the ".bat" extension is for Windows and the one ending with the ".sh" extension is for macOS and Linux. If you don't want it to wipe your device, before running one of those two files I just mentioned, your gonna wanna edit the script file using an application like Notepad++ (on Windows) or Text Wrangler (on macOS.) What you want to do in the script file is remove the wipe command. To do so, delete the following piece from the script: (it's towards the bottom.)
Code:
-w
Save the changes.
Next, copy everything from the factory image folder to where you have adb/fastboot stored. (I suppose you could copy your adb/fastboot files to this folder if you wanted to.)
Assuming that your device is plugged in and USB debugging is enabled, start command prompt (or Terminal.) and type the following commands:
Code:
adb devices (it should return with your devices serial number and say online, if not check your device for a prompt asking to allow or deny.)
adb reboot bootloader
fastboot devices
flash-all.bat (or flash-all.sh)
That should do it.
Sent from my Pixel XL
Click to expand...
Click to collapse
im trying to do the same thing but i cant find somewhere to download the factory img from i have a 32 gb xl

Veid71 said:
im trying to do the same thing but i cant find somewhere to download the factory img from i have a 32 gb xl
Click to expand...
Click to collapse
https://developers.google.com/android/images
Sent from my Pixel XL

My command prompt hangs when I try to execute the .bat file
Says "Waiting for any device"
And yes the device is listed when I do ADB devices
Any ideas?
THANKS!!

chipslate said:
My command prompt hangs when I try to execute the .bat file
Says "Waiting for any device"
And yes the device is listed when I do ADB devices
Any ideas?
THANKS!!
Click to expand...
Click to collapse
if you are executing the commands, you are in fastboot, not adb.
try fastboot devices
if it doesnt return anything, your computer is not seeing the device.
you will need the computer to see the device in fastboot before you can proceed.

OK so ADB Devices finds my cellphone but fastboot devices yields nothing.
Any ideas?

chipslate said:
OK so ADB Devices finds my cellphone but fastboot devices yields nothing.
Any ideas?
Click to expand...
Click to collapse
first thing to try is to go into fastboot, then unplug the cable, and then plug it back in.
if it is still not recognized, then its either an outdated adb/fastboot issue, or a driver issue (if you are using windows, if not there may be other possibilities).

chipslate said:
OK so ADB Devices finds my cellphone but fastboot devices yields nothing.
Any ideas?
Click to expand...
Click to collapse
When it finds your phone does it say unauthorized or authorized?

See attached. That is what I get every time. I have had the same thing happen on 2 different Windows 10 boxes. Makes me think it is something on the phone?

chipslate said:
See attached. That is what I get every time. I have had the same thing happen on 2 different Windows 10 boxes. Makes me think it is something on the phone?
Click to expand...
Click to collapse
What happens now when you attempt the next command?
Edit: So after running adb devices, you should be running adb reboot bootloader command next I believe.

Yes, ADB reboot bootloader brings up the fastboot screen on the Pixel XL with the green android thingy.
Also, I have the phone in MTP File Transfer mode and USB Debugging enabled.

chipslate said:
Yes, ADB reboot bootloader brings up the fastboot screen on the Pixel XL with the green android thingy.
Click to expand...
Click to collapse
You should now use the flash-all command but this is going wipe all of your data.

I am fine wiping all my data but running flash-all.bat hangs the CMD window saying "Waiting for any device"
That's my problem.

chipslate said:
I am fine wiping all my data but running flash-all.bat hangs the CMD window saying "Waiting for any device"
That's my problem.
Click to expand...
Click to collapse
Post a picture of when you have that and of your phone at the time you type flash all if you can. Also hit the reply button on my post and itll give my notifications when you reply.

magestic1995 said:
Post a picture of when you have that and of your phone at the time you type flash all if you can. Also hit the reply button on my post and itll give my notifications when you reply.
Click to expand...
Click to collapse
It finally worked!!! Thanks again for your help and going back and forth. I finally installed Android Studio and it inserted the ADB drivers at the top of Device manager. Worked like a charm then. Finally, Android 7.1.1 and unlocked bootloader... Bring it on, world!

Congrats! I've only used Android Studio for all this stuff since Im a developer. Congrats on getting it all figured out!

i have been trying to take my pixel xl back to stock but the flash-all.bat script hangs on the part where it should flash the system img zip. it says the file size is to large