Develop Bugs

[INFO] Xperia ACRO S Re-listed for Unlocking Bootloader

Recently, Xperia Acro S was been removed from the Unlocking Bootloader list on the Official Sony site.
As maintaining a thread on Acro S section, some of my friends were unable to unlock their bootloader due to missing device in the list.
So, I Emailed Sony few weeks ago requesting them to re-list Acro S, and they said, they'll look at this. Now its been Re-listed.
I have even attached three screenshots for your conformation. So see it, Just check out below three links,
SS-01 || SS-02 || SS-03
For those who were waiting to unlock their phone, here's a good news for you all. Go ahead and get the unlock code from official Sony site providing them your IMEI.
1. To Get Unlock Code just click HERE!
2. Unlocking Bootloader step-by-step Guide, just click HERE!
Regards,
hitman-xda

As I said, I'll notify you after Acro S is re-listed, I'll mention you here; @bluvn || @sky202_how89 || @els_sand

Wow, Thanks for the surprise! U make my days!

sky202_how89 said:
Wow, Thanks for the surprise! U make my days!
Click to expand...
Click to collapse
That sounds good

Hey but too bad is I totally brick my phone. Almost all of the solution found by google seems no used.
Out of surprise, it happened for most of the Xperia Phones who are heavy flashing with custom ROM.
Check out the thread here: http://forum.xda-developers.com/xperia-s/help/xperia-acro-s-sim-card-service-detect-t3200650
Now my XAS is becoming a powerful MP4 Player. What a desperate. ;( ;(

sky202_how89 said:
Hey but too bad is I totally brick my phone. Almost all of the solution found by google seems no used.
Out of surprise, it happened for most of the Xperia Phones who are heavy flashing with custom ROM.
Check out the thread here: http://forum.xda-developers.com/xperia-s/help/xperia-acro-s-sim-card-service-detect-t3200650
Now my XAS is becoming a powerful MP4 Player. What a desperate. ;( ;(
Click to expand...
Click to collapse
Did you checked weather your Bootloader is unlocked? If not then check it.
Also try to repair your phone through PC companion.
Its a strange problem. Hearing it first time.
Did you followed exact procedure of the Guide that I linked?
I don't think it occurs due to heavy flashing of ROMs, because I have used every ROM available for the phone for almost 100 times. I usually change my ROM after a month.

hitman-xda said:
Did you checked weather your Bootloader is unlocked? If not then check it.
Also try to repair your phone through PC companion.
Its a strange problem. Hearing it first time.
Did you followed exact procedure of the Guide that I linked?
I don't think it occurs due to heavy flashing of ROMs, because I have used every ROM available for the phone for almost 100 times. I usually change my ROM after a month.
Click to expand...
Click to collapse
The problem occurred when the user try to flash back to stock ROM from Custom ROM.
The Bootloader is unlocked.
Now the BL appear to be like this: Bootloader Unlock Allowed = No (*#*#7378423#*#*)
Enter fastboot fail (No fastboot detected), Only Flash is allowed.
To install CWM or TWRP required fastboot, so I can't do anything besides keep trying to flash wiith different version of stock FTF.
Solution I tried but failed:
- Fix using Sony PC Companion (PCC)
- Flash any version of stock ROM, inclusive of just flashed the "Baseband" only.
- Flash Acro-HD S0-03D ROM then flash back to stock ROM.
- *#*#4636#*#* -> Phone information -> Set preferred network type (any of the option & reboot)
- Settings -> More -> Mobile Networks -> Network Mode(any option & reboot)
- Settings -> More -> Mobile Networks -> Select providers (automatic or manual), it manage to detects the service providers but registered on the network failed.
- Insert other active SIM Card
I try to locate the Antenna Board but it seems like it was attached with the mainboard. Unlike Xperia Z, the Antenna Board is seperated.
I assume this problem occurred when the partition accidentally bricked by Flashtool? I did try to flash different version of Baseband, nothing seems work.
I need someone favors. Create a Pre-rooted Stock ROM(.ftf) with Recovery Accessed (CWM or TWRP).
I found somewhere from this forum stated that tried to install back any of the Custom ROM to fix the No Signal Issue which it appeared to be my last hope. Without Recovery(Required Fastboot to install), I couldn't install any custom ROM.

sky202_how89 said:
The problem occurred when the user try to flash back to stock ROM from Custom ROM.
The Bootloader is unlocked.
Now the BL appear to be like this: Bootloader Unlock Allowed = No (*#*#7378423#*#*)
Enter fastboot fail (No fastboot detected), Only Flash is allowed.
To install CWM or TWRP required fastboot, so I can't do anything besides keep trying to flash wiith different version of stock FTF.
Solution I tried but failed:
- Fix using Sony PC Companion (PCC)
- Flash any version of stock ROM, inclusive of just flashed the "Baseband" only.
- Flash Acro-HD S0-03D ROM then flash back to stock ROM.
- *#*#4636#*#* -> Phone information -> Set preferred network type (any of the option & reboot)
- Settings -> More -> Mobile Networks -> Network Mode(any option & reboot)
- Settings -> More -> Mobile Networks -> Select providers (automatic or manual), it manage to detects the service providers but registered on the network failed.
- Insert other active SIM Card
I try to locate the Antenna Board but it seems like it was attached with the mainboard. Unlike Xperia Z, the Antenna Board is seperated.
I assume this problem occurred when the partition accidentally bricked by Flashtool? I did try to flash different version of Baseband, nothing seems work.
I need someone favors. Create a Pre-rooted Stock ROM(.ftf) with Recovery Accessed (CWM or TWRP).
I found somewhere from this forum stated that tried to install back any of the Custom ROM to fix the No Signal Issue which it appeared to be my last hope. Without Recovery(Required Fastboot to install), I couldn't install any custom ROM.
Click to expand...
Click to collapse
First of all let me clear that 'Unlocking Bootloader Allowed = No'
That means you cannot unlock it unless your coming to stock from other ROM.
Also Bootloader can be unlocked only once. So if your coming back to stock from custom, why did you tried to unlock your BL again?
Even if you flash stock ftf, you no need to unlock your BL again.
Secondly, don't try to flash other ROMs into your phone, you could mess up everything, even hard brick.
Your Fastboot mode isn't working, right? If so, then try to install fastboot drivers from flashtool driver pack. Maybe it could work.

hitman-xda said:
First of all let me clear that 'Unlocking Bootloader Allowed = No'
That means you cannot unlock it unless your coming to stock from other ROM.
Also Bootloader can be unlocked only once. So if your coming back to stock from custom, why did you tried to unlock your BL again?
Even if you flash stock ftf, you no need to unlock your BL again.
Click to expand...
Click to collapse
I did not lock my BL, it just lock back by themselves. I still remember I unlock my BL with Sony Official way in 2013. After that, I did not touch that BL again. It's just after the recent flash which I did the same way like before(Custom to stock ROM), everything mess up.
Secondly, don't try to flash other ROMs into your phone, you could mess up everything, even hard brick.
Your Fastboot mode isn't working, right? If so, then try to install fastboot drivers from flashtool driver pack. Maybe it could work.
Click to expand...
Click to collapse
I even format my pc which I thought it was my pc issue earlier. But ends up I realize it was something regarding to my BL. With BL Unlock Allowed: No, you cannot enter to your bootloader or fastboot.
This video is showing exactly my problem now:
Other thread that I discovered with same issue as I am:
http://forum.xda-developers.com/showthread.php?t=2432566
http://forum.xda-developers.com/xperia-z/help/xperia-z-signal-drops-unable-to-connect-t2183045
My very last but not recommended solution is to change the motherboard. However, looking at the posting not only me having the issue and it mostly happened when users are flashing back from Custom ROMS to Stock ROMS.
Changing motherboard is like changing another phone, your feeling towards the phone changed.

sky202_how89 said:
I did not lock my BL, it just lock back by themselves. I still remember I unlock my BL with Sony Official way in 2013. After that, I did not touch that BL again. It's just after the recent flash which I did the same way like before(Custom to stock ROM), everything mess up.
I even format my pc which I thought it was my pc issue earlier. But ends up I realize it was something regarding to my BL. With BL Unlock Allowed: No, you cannot enter to your bootloader or fastboot.
This video is showing exactly my problem now:
Other thread that I discovered with same issue as I am:
http://forum.xda-developers.com/showthread.php?t=2432566
http://forum.xda-developers.com/xperia-z/help/xperia-z-signal-drops-unable-to-connect-t2183045
My very last but not recommended solution is to change the motherboard. However, looking at the posting not only me having the issue and it mostly happened when users are flashing back from Custom ROMS to Stock ROMS.
Changing motherboard is like changing another phone, your feeling towards the phone changed.
Click to expand...
Click to collapse
After flashing stock ftf, the BL status always shows 'Bootloader Unlock Allowed = No' but it is actually unlocked. So it does not get relock after flashing stock ftf.
It seems like a serious problem.
Maybe, flashing other ROM will help you a bit. For that Obviously your phone must enter into fastboot mode (which is not happening). In this case did you use 'dd' command for installing recovery? If not then you could try it. And I think you'll be succeeded to install recovery and further you can flash ROM.zip through recovery.
You just need to copy recovery.img into your internal memory and enter some command's using adb shell.

sky202_how89 said:
I did not lock my BL, it just lock back by themselves. I still remember I unlock my BL with Sony Official way in 2013. After that, I did not touch that BL again. It's just after the recent flash which I did the same way like before(Custom to stock ROM), everything mess up.
I even format my pc which I thought it was my pc issue earlier. But ends up I realize it was something regarding to my BL. With BL Unlock Allowed: No, you cannot enter to your bootloader or fastboot.
This video is showing exactly my problem now:
Other thread that I discovered with same issue as I am:
http://forum.xda-developers.com/showthread.php?t=2432566
http://forum.xda-developers.com/xperia-z/help/xperia-z-signal-drops-unable-to-connect-t2183045
My very last but not recommended solution is to change the motherboard. However, looking at the posting not only me having the issue and it mostly happened when users are flashing back from Custom ROMS to Stock ROMS.
Changing motherboard is like changing another phone, your feeling towards the phone changed.
Click to expand...
Click to collapse
You must have used a newer version of flashtool. This is causing similar issues for many people. The only solution for now seems going to Sony service center. There is another method too, flashing the TA backup, but I don''t know if it works or not.

hitman-xda said:
After flashing stock ftf, the BL status always shows 'Bootloader Unlock Allowed = No' but it is actually unlocked. So it does not get relock after flashing stock ftf.
It seems like a serious problem.
Maybe, flashing other ROM will help you a bit. For that Obviously your phone must enter into fastboot mode (which is not happening). In this case did you use 'dd' command for installing recovery? If not then you could try it. And I think you'll be succeeded to install recovery and further you can flash ROM.zip through recovery.
You just need to copy recovery.img into your internal memory and enter some command's using adb shell.
Click to expand...
Click to collapse
I will try & let you know soonest. Kinda busy this few days.
---------- Post added at 05:35 PM ---------- Previous post was at 05:32 PM ----------
Mirhawk said:
You must have used a newer version of flashtool. This is causing similar issues for many people. The only solution for now seems going to Sony service center. There is another method too, flashing the TA backup, but I don''t know if it works or not.
Click to expand...
Click to collapse
YES, I am flashing with NEWEST VERSION of Flashtool. After that, the result turned nagative.
Do you mean TA Partition? Do you have a backup copy of it?
---------- Post added at 05:41 PM ---------- Previous post was at 05:35 PM ----------
Latest UPDATE about the issue, PLEASE TAKE NOTE BECAUSE YOU'RE ABOUT TO BRICK YOUR PHONE JUST LIKE ME. THIS IS IMPORTANT!
@hitman-xda , Please pass this message around. Btw, How to quote the name?
If everyone here in this post flashed their phones with Flashtool 0.9.19.x version, then congrats my friends, we're all become owners of bricked phones with no network signal. Flashtool 0.9.19.x versions have sript error which replaces original Ta partition leading to unlocked bootloader to become locked and loss of network signal. If you're guys haven't backuped your Ta partition prior to bootloader unlocking then that's all.
Check here http://forum.xda-developers.com/show...68&postcount=4 and here http://forum.xda-developers.com/show...postcount=2758
Click to expand...
Click to collapse
http://forum.xda-developers.com/xpe...ice-detect-t3200650/post62904161#post62904161

sky202_how89 said:
YES, I am flashing with NEWEST VERSION of Flashtool. After that, the result turned nagative.
Do you mean TA Partition? Do you have a backup copy of it?
Click to expand...
Click to collapse
Flashing with latest flashtool flashes a partition which renders modem of the phone useless. Yes, I mean the TA partition. Each phone's TA partition is unique, so if You flash mine or other person's TA partition, Your phone would not even boot.

This is toooooooooooooooooooooooooooo OVER! It means my phone is bricked forever.
It's their mistake but we have to bear it on our owns.

sky202_how89 said:
This is toooooooooooooooooooooooooooo OVER! It means my phone is bricked forever.
It's their mistake but we have to bear it on our owns.
Click to expand...
Click to collapse
Did nothing worked?

hitman-xda said:
Did nothing worked?
Click to expand...
Click to collapse
Yes, nothing worked because Flashtool just accidentally bricked our Sony in the whole world. A careless mistake destroy the phone.
In 0.9.18.X, simlock.ta is always excluded by default but a careless mistake on the version 0.9.19.(1234) (at that time), The Simlock.ta is included while flashing. Each phone TA has their own unique number. Besides changing the mianboard (the only solution right now), no ones manage to solve this issue.
I wonder how many Sony phone in the world has already been bricked by this Flashtool update.
Androxyde said:
On 0.9.18.X, even if simlock is included, it is excluded from flashing
On 0.9.19.5 I did this way :
- simlock is excluded by default with a warning when including it (unticking button)
- When simlock is included, when flashing, a YES/NO box appears asking if you are absolutely sure you want to flash this unit.
- When creating bundles, simlock can be included (no risk with 0.9.18 as it is always ignored)
So if you have a TA backup, with 0.9.19.5 you can restore the 07DA unit (then reactivating the phone). Thing you cannot do with any previous release as 07DA unit is hardcoded_excluded.
I will publish another patch that will backup any TA unit that is about to be flashed. That way there will always be a solution to come back to the previous state.
simlock, if present, is always ignored in 0.9.18 release
simlock, if present is excluded by default with the ability to include it with a warning and a user query before flashing the unit
people who had issues are ones using ftf bundles created prior to 0.9.18 with simlock included. Never had issues on 0.9.18 as it is excluded by default, I forget to keep this exclusion on 0.9.19.[1234] and added a defautl exclusion on .5 with the ability to include it anyway.
But maybe it is not the right way ... I was asking myself when I did it. I want to give the ability to restore 07DA unit if ever a backup exists
The only way to recover from locked phones is to reactivate them in a service center or to restore the 07DA unit.
Click to expand...
Click to collapse

sky202_how89 said:
Yes, nothing worked because Flashtool just accidentally bricked our Sony in the whole world. A careless mistake destroy the phone.
In 0.9.18.X, simlock.ta is always excluded by default but a careless mistake on the version 0.9.19.(1234) (at that time), The Simlock.ta is included while flashing. Each phone TA has their own unique number. Besides changing the mianboard (the only solution right now), no ones manage to solve this issue.
I wonder how many Sony phone in the world has already been bricked by this Flashtool update.
Click to expand...
Click to collapse
Well, that is disappointing
Hard to believe, that Sony really did that serious change in its software.

hitman-xda said:
Well, that is disappointing
Hard to believe, that Sony really did that serious change in its software.
Click to expand...
Click to collapse
At least you're out of trouble. I suggest you need to backup your TA Partition just in case.
Each TA is unique and cannot be transferred.
If your TA is used by 3rd party, they may face a Hard Brick & cannot be recovered anymore.
Well, this is an added Security by Sony. They are not stupid to "share" openly for free.
Now I'm realize.

sky202_how89 said:
At least you're out of trouble. I suggest you need to backup your TA Partition just in case.
Each TA is unique and cannot be transferred.
If your TA is used by 3rd party, they may face a Hard Brick & cannot be recovered anymore.
Well, this is an added Security by Sony. They are not stupid to "share" openly for free.
Now I'm realize.
Click to expand...
Click to collapse
I can't do that. Coz I have already unlocked my bootloader months ago

hitman-xda said:
I can't do that. Coz I have already unlocked my bootloader months ago
Click to expand...
Click to collapse
That's bad but still not too late. Your next Sony in future will be secured
I'm already ordered the replacement mainboard.
What kind of mainboard-Lock BL or Unlock BL, I do not know because it's not a new one.
Waiting for shipment.

Increasing security in custom roms by re-locking bootloader

Hello, I am completely new so I apologize if this is the wrong place.
I wanted to be able to lock my bootloader but still use cyanogenmod, specifically, only allow roms that I have compiled myself and signed with my cert to work on my phone. I unpacked the stock recovery.img, and made the necessary changes to the ramdisk to replace the stock OnePlus key with my own. I then was then able to confirm that only my signed zips could be sideloaded, both official CM and OxygenOS zips failed - just as I wanted.
The issue is then that this only worked with an unlocked bootloader. When I locked it, the OP3 entered a boot cycle, with a strange graphical glitch appearing then the screen going black, again and again. I could then no longer boot to either recovery or cyanogenmod, nor could I unlock fastboot. This amazing guide got my phone working again.
I now have three questions. What prevented my phone booting after I locked it, how does the unbrick tool work, and is there anything I can alter, like certifications or hashes, lower down in the boot sequence to allow only my signed images to work (using the previous tool. I am unsure what QLoader is, some form of serial interface to the 820 to write to the storage chip?).
Thanks for any advice you can offer!

Update: I have unpacked boot.img provided in the unbrick tool. I cannot find any keys to modify in /res but I have found a file called "verify_keys". Does anyone know what I need to change in boot.img to allow my self-signed recovery and os to boot? Thanks

UPDATE 2:
From reading some Android notes it appears that instead of replacing the OEM key, you can also just use fastboot to flash keystores for self-signed recovery and roms. This still allows OEM signed images to run, but is certainly a step in the right direction. I have run into an issue with building a correct keystore. I can use keytool and import my previous certs, but "fastboot flash keystore examplename.keystore" fails. I saw "fastboot flash ssd keystore.dat" used, and it works with my current dot keystore file, but then after locking it fails to boot. I'm going to see how I can convert my .keystore to a .dat.

I've been meaning to ask this same question for a while now also, so I'm eager to see the response. I suspect the official OnePlus forums might be a good place to ask as well, since they are visited by engineers from OnePlus. For anyone else who's curious as to what's being discussed and better the understand the risks of an unlocked bootloader (and how to mitigate them), there's a brief article here as well as a paper.

It is always suggested that never re-lock the bootloader until there is valid reason to do it

JumboMan said:
It is always suggested that never re-lock the bootloader until there is valid reason to do it
Click to expand...
Click to collapse
Have you read any of the attached links in my last post? There are valid reasons for doing so.
Just to pose an oversimplified hypothetical, imagine going through immigration/customs in Saudi Arabia (or maybe even the U.S.) with a Android device that has an unlocked bootloader. The officer examines your possesions, then takes your laptop and phone into a back room. Your phone is powered down and encrypted so it's not like they can do anything, right? Wrong. They plug it into a forensics device and flash a surreptitious malware app onto /system before returning it back to you. Then, the next time you turn on your phone your encryption keys and all your data, all your communications are secretly transmitted. You never have a clue... With a locked bootloader and appropriate precautions, that would never be possible.

Update 3:
I am now following the official Android guide for creating a keystore. They show how to create a "keystore.img" not .dat, bu the error I got when trying "fastboot flash keystore ..." said something along the lines of the keystore not being a valid image. Hopefully this will work. After I get this working, I will move on to removing or damaging the OEM key, hence not even allowing OnePlus images to be sideloaded.

JumboMan said:
It is always suggested that never re-lock the bootloader until there is valid reason to do it
Click to expand...
Click to collapse
I do have a valid reason - security. An unlocked bootloader means any code can be flashed to my device. Even with encryption it is vulnerable to cold boot attacks, it makes it easier to bruteforce, and pulling encryption keys from memory.

chocol4te said:
I do have a valid reason - security. An unlocked bootloader means any code can be flashed to my device. Even with encryption it is vulnerable to cold boot attacks, it makes it easier to bruteforce, and pulling encryption keys from memory.
Click to expand...
Click to collapse
sir prefer not rooting and staying on stock ROM with locked bootloader.

emptyragnarok said:
sir prefer not rooting and staying on stock ROM with locked bootloader.
Click to expand...
Click to collapse
Look, I'm sorry, I don't need any more useless comments saying the solution to my problem is to not do anything like on every other forum I've tried. I am perfectly aware of how to lock the bootloader with a stock rom, but I don't want to use the stock rom. I want to use custom roms. From what I have done so far it appears to be possible, so don't tell me it's not, at least without a good reason.
In addition, the stock method isn't even the most secure the phone can be. OnePlus can still sign any code and run it on my device and hence requires my trust in a third party that I am unwilling to give. I only want my own code to run.

Update 4:
Using the unbrick utility, I have updated the MD5 partition with the checksums of my modified boot and recovery partitions. Unfortunately, I am now getting a checksum failed error, with both the MD5 and recovery partitions highlighted in red. So I was wrong about the checksum being compared with hashes in the MD5 partition. Does anyone know where the lowest level checksums are stored? Hopefully if I can change that, then locking the bootloader will be no issue.

chocol4te said:
Update 4:
Using the unbrick utility, I have updated the MD5 partition with the checksums of my modified boot and recovery partitions. Unfortunately, I am now getting a checksum failed error, with both the MD5 and recovery partitions highlighted in red. So I was wrong about the checksum being compared with hashes in the MD5 partition. Does anyone know where the lowest level checksums are stored? Hopefully if I can change that, then locking the bootloader will be no issue.
Click to expand...
Click to collapse
Bro I am not a prolike you but I understand your vision now,... and I am with you in that.... Open Source stuff and ANdroid as an Open source impify that only... We should have our custom code for locking and unlocking our bootloader so we can have the full control over our device.... If not and the guy that said that you can lock the bootloader with the stock rom didn't get that .. even with stock rom and recovery anyone can have the access of the phone by just unlocking the boot loader and that is simple. SO I GOT YOUR VISION AND I AM WITH YOU I WILL TRY TO UNDERSTAND THE LOCKING SYSTEM OF THE BOOT-LOADER AND I WILL TRY TO FIND THE LOCATION OF LOWER LEVEL CHECKSLUMS... WE will try and try untill we succeed.... I AM WITH YOU BRO!!!!!

indroider said:
Bro I am not a prolike you but I understand your vision now,... and I am with you in that.... Open Source stuff and ANdroid as an Open source impify that only... We should have our custom code for locking and unlocking our bootloader so we can have the full control over our device.... If not and the guy that said that you can lock the bootloader with the stock rom didn't get that .. even with stock rom and recovery anyone can have the access of the phone by just unlocking the boot loader and that is simple. SO I GOT YOUR VISION AND I AM WITH YOU I WILL TRY TO UNDERSTAND THE LOCKING SYSTEM OF THE BOOT-LOADER AND I WILL TRY TO FIND THE LOCATION OF LOWER LEVEL CHECKSLUMS... WE will try and try untill we succeed.... I AM WITH YOU BRO!!!!!
Click to expand...
Click to collapse
Thanks! I'm glad to hear it!

chocol4te said:
Thanks! I'm glad to hear it!
Click to expand...
Click to collapse
You're most welcome bro.

Did I just witness a major bro-down?

Awsome thread, I'd also like to put my OP3 in a state where only ROMs I signed my self will run...

Any further development??
Sent from my Pixel XL using XDA-Developers mobile app
---------- Post added at 05:42 PM ---------- Previous post was at 05:41 PM ----------
indieross said:
Did I just witness a major bro-down?
Click to expand...
Click to collapse
Whats a bro down?
Sent from my Pixel XL using XDA-Developers mobile app

indroider said:
Any further development??
Sent from my Pixel XL using XDA-Developers mobile app
---------- Post added at 05:42 PM ---------- Previous post was at 05:41 PM ----------
Whats a bro down?
Sent from my Pixel XL using XDA-Developers mobile app
Click to expand...
Click to collapse
Sorry, other stuff came up. I am still very interested in getting this to work, but I am really stuck if I can't understand why the MD5 verification error occurs when I use Loader to flash the modified images. I looked at CopperheadOS, and in their documentation they show how to re-lock the bootloader with a custom ROM. Here is the shell script they use to upload the OS.
Code:
fastboot flash bootloader bootloader-bullhead-bhz11f.img
fastboot reboot-bootloader
sleep 5
fastboot flash radio radio-bullhead-m8994f-2.6.33.2.14.img
fastboot reboot-bootloader
sleep 5
fastboot -w update image-bullhead-nbd90z.zip
As you can see they flash two images, boot loader and radio, then update the main ROM. Then apparently it boots fine and the bootloader is OEM locked inside the OS. This was for the Nexus 5X, but I want to find out if a similar process is possible on the OP3.
I may also begin work on porting CopperheadOS to the OnePlus 3. I know it sounds unrealistic, but since OnePlus released the binaries and kernels it should make it slightly easier.

chocol4te said:
Sorry, other stuff came up. I am still very interested in getting this to work, but I am really stuck if I can't understand why the MD5 verification error occurs when I use Loader to flash the modified images. I looked at CopperheadOS, and in their documentation they show how to re-lock the bootloader with a custom ROM. Here is the shell script they use to upload the OS.
As you can see they flash two images, boot loader and radio, then update the main ROM. Then apparently it boots fine and the bootloader is OEM locked inside the OS. This was for the Nexus 5X, but I want to find out if a similar process is possible on the OP3.
I may also begin work on porting CopperheadOS to the OnePlus 3. I know it sounds unrealistic, but since OnePlus released the binaries and kernels it should make it slightly easier.
Click to expand...
Click to collapse
Ok.. Great to hear... Let me if you need any help.. I m here

chocol4te said:
Sorry, other stuff came up. I am still very interested in getting this to work ... ...
I may also begin work on porting CopperheadOS to the OnePlus 3. I know it sounds unrealistic, but since OnePlus released the binaries and kernels it should make it slightly easier.
Click to expand...
Click to collapse
This sounds exactly like what I was looking for. Have you been able to progress? Do you think that the bootloader and the radio are somehow linked in the boot verification sequence?
---------- Post added at 05:51 AM ---------- Previous post was at 05:43 AM ----------
chocol4te said:
UPDATE 2:
From reading some Android notes it appears that instead of replacing the OEM key, you can also just use fastboot to flash keystores for self-signed recovery and roms. This still allows OEM signed images to run, but is certainly a step in the right direction. I have run into an issue with building a correct keystore. I can use keytool and import my previous certs, but "fastboot flash keystore examplename.keystore" fails. I saw "fastboot flash ssd keystore.dat" used, and it works with my current dot keystore file, but then after locking it fails to boot. I'm going to see how I can convert my .keystore to a .dat.
Click to expand...
Click to collapse
Have you read this: https://mjg59.dreamwidth.org/31765.html

Real OFFICIAL STOCK ROM for XT1625/XT1642 (Moto G4/G4 Plus)

Hi,
Everybody is looking for official stock roms for Moto G4/G4 Plus *AWAY* from Motorola support, which looked to me like kind of weird but I now know why: people are looking for stock roms that will allow them over the air upgrades. If you have a developer edition or a moto with unlocked bootloader, Moto's own roms are flashable and *COMPLETELY WORKING*
motorola-global-portal.custhelp.com/app/standalone/bootloader/recovery-images
Go to above URL, quick login using G+, follow instructions to get to the download list. The listed download for XT1625 will also work just fine for XT1642.
Or, you can just use this direct link: motorola-global-portal.custhelp.com/cc/ajaxCustom/getBootFile/fileName/ib65qpz53y
may also require login.
******** VERY IMPORTANT ************
Everybody lists fastboot utility commands with which you restore a Moto stock rom. They do not tell these severe warnings:
- Never flash a gpt.bin file unless you really absolutely ultimately intentionally and knowingly NEED TO. Why? in 99.9% of the cases it is useless to your phone and your needs and all it will do is deprive you the ability to downgrade to an earlier version or flash an older boot file, system file, ...etc. You get the picture. BTW, gpt.bin is only a partition image containing Moto's partition table scheme, with versioning for downgrade prevention. Keep away from it. It is pure EVIL.
IF YOU SEE gpt.bin FILE, DELETE IT WITHOUT HESITATION.
- Our second vanity: bootloader.img or bootloader.bin or anything that spells BOOTLOADER. EVIL. DELETE IT. It will 99.9% only mess up your cellular capability and render your phone without voice calls, with out SMS and without 2G/3G/4G; no data whatsoever. It will convert your phone into a 5.5 inch SIM-less tablet. It will KILL YOUR SIM SLOTS.
Instruction are on the first link, but anyway, here we go:
To flash, put the phone in fastboot mode:
1. Power OFF your device
2. Then Power ON + Volume Down Alternatively, you can reboot into fastboot mode if you have adb...
adb reboot bootloader.
Next flash the images using fastboot:
Code:
"DELETED COMMAND HERE WAS SUPPOSED TO FLASH THE GPT.BIN. NEVER DO IT"
"DELETED COMMAND HERE WAS SUPPOSED TO FLASH THE BOOTLOADER. NEVER DO IT"
fastboot flash logo logo.bin
fastboot flash boot boot.img
fastboot flash recovery recovery.img
fastboot flash system system.img
fastboot flash modem NON-HLOS.bin
fastboot erase modemst1
fastboot erase modemst2
fastboot flash fsg fsg.mbn
fastboot erase userdata
fastboot erase cache
fastboot reboot
enjoy

****removed****

MK+2017 said:
****removed****
Click to expand...
Click to collapse
I would like back to MM from Nougat on XT1642. This firmware comes from a trusted source, but have you tried this firmware, no problems after flashing? Do I have to have an unlocked bootloader ?

kkamelot said:
I would like back to MM from Nougat on XT1642. This firmware comes from a trusted source, but have you tried this firmware, no problems after flashing? Do I have to have an unlocked bootloader ?
Click to expand...
Click to collapse
if you have not unlocked boot-loader you are covered by warranty and I advise you keep it that way. Motorola is a BI***.
if you really can't live without older stock, go to moto service and ask them to do it for you. should not cost you much, if any.
if what you hate is stock firmware, you can unlock bootloader, get warranty off, and flash LinageOS. Stable enough although still in nightly builds (successor of CyanogenMod)
hope that helps.
PS1: what you would fear the most is lose your SIM slot, happens a lot. Be safe!
PS2: asking if I tried it yes, I did. it worked. but I was on 6.0.1 at the time. do not take risk.
PS3: Motorola is a *****. DON'T MESS WITH IT.

MK+2017 said:
if you have not unlocked boot-loader you are covered by warranty and I advise you keep it that way. Motorola is a BI***.
if you really can't live without older stock, go to moto service and ask them to do it for you. should not cost you much, if any.
if what you hate is stock firmware, you can unlock bootloader, get warranty off, and flash LinageOS. Stable enough although still in nightly builds (successor of CyanogenMod)
hope that helps.
PS1: what you would fear the most is lose your SIM slot, happens a lot. Be safe!
PS2: asking if I tried it yes, I did. it worked. but I was on 6.0.1 at the time. do not take risk.
PS3: Motorola is a *****. DON'T MESS WITH IT.
Click to expand...
Click to collapse
Thank you for your answer !
I have one more question, is there way (like in nexus) to back to original software (Nougat can be) after changing OS or make a modifications?

kkamelot said:
Thank you for your answer !
I have one more question, is there way (like in nexus) to back to original software (Nougat can be) after changing OS or make a modifications?
Click to expand...
Click to collapse
There is, but if you are not good with command line, think twice. Check here: https://forum.xda-developers.com/moto-g4-plus/help/complete-partition-backup-script-xt1644-t3608408
you would typically use that alongside full TWRP backup.
I can assure you nothing will go wrong if you jump straight to LineageOS, it might only go wrong if you take the bad decision of going back to stock. The dd images would give you solid backup, though.
In case you lose your sim slot, you can use help from here: https://forum.xda-developers.com/showpost.php?p=72343095&postcount=101
I intuitively contributed to that solution Giving is taking!
Thank you @m.sawastik and @givitago

MK+2017 said:
There is, but if you are not good with command line, think twice. Check here: https://forum.xda-developers.com/moto-g4-plus/help/complete-partition-backup-script-xt1644-t3608408
you would typically use that alongside full TWRP backup.
I can assure you nothing will go wrong if you jump straight to LineageOS, it might only go wrong if you take the bad decision of going back to stock. The dd images would give you solid backup, though.
In case you lose your sim slot, you can use help from here: https://forum.xda-developers.com/showpost.php?p=72343095&postcount=101
I intuitively contributed to that solution 😊Giving is taking!
Thank you @m.sawastik and @givitago
Click to expand...
Click to collapse
I would also be happy to assist you if you want to jump to LineageOS. I won't assist you with dd backup, just because you need to take that responsibility on your own

My XT1625 is already on Lineage OS Andriod N. However, I feel like the cellular reception and thus battery life has been worse versus stock.
I wanted to flash only the latest baseband from the latest stock Andriod N but your Moto link only has 6.0.1 for XT1625.
What gives- I thought Motorola already updated the G4 to 7.0?

Will OTAs work with this?
Will OTAs work with these?

If I just want to upgrade my modem/baseband and then go back to LOS, do I just need to type "fastboot flash modem NON-HLOS.bin" or do I need to make a full install?

it works for moto g4 t1625 amazon version?? compilation number npj25.93-14.5 ?????? i answer this because in the web site motorola its appear the moto g4 rom xt1625 build MPJ24.139-64

Works!
I just want to say that I had a Moto G4 Plus (XT1642) that had no SIM recognition, no IMEI, no Wifi, and thanks to the instructions at the top of this thread, I now have it all.
I spent the whole day trying all sorts of things. Now it finally works!
Thanks!

How do I flash?
Hi friend, sorry but my English is not good.
My phone will receive nougat via OTA?

Something has broken my sound notifications
When I try this procedure I get a lot of these errors against some of the commands
(bootloader) Image aboot failed validation
(bootloader) Preflash validation failed
(bootloader) will fail: flash:aboot
FAILED (remote failure)
And now sounds that accompany any notifications from any applications fail to make any sound. Vibrate does initiate.

I am trying to find a way to enable hotspot on my ATT Moto G4 plus, if I flash this rom can anyone confirm it will unlock this feature? Torn between flashing or just going in to kernel and make change for this feature, any advice appreciated..

how to restore the sim slot after flash( i have no service)
i had frp, and after remove it with 3rd party tool i flash new rom.
now i have no service(but it detect the sim), there is any way to restore the sim slot?
i flashed the original rom from motorola site and it didnt help.
i flash the lineage OS and it didnt helped.
thanks

ggc201 said:
there is any way to restore the sim slot?
Click to expand...
Click to collapse
I've been searching for a fix for a few months now, whenever I get free time. Most threads about the subject die and aren't revisited. Someone will inevitably come to this page on a Google search wondering like us. I haven't found anything that will help and so I'm calling it quits. This phone is so outdated it would be better suited to find a deal somewhere else.

Thanks... can't find the button.
I have the xt1625 amz channel version and the: XT1625-XT1644_ATHENE-RETUS_6.0.1_MPJ24.139-48_cid50_subsidy-DEFAULT_CFC.xml.zip > provided enhanced LTE whereas the official OS did not support. I can actually do sh** on my phone without hanging up.
I want you and yours to be blessed forever and great post.
Bootloader is unlocked but somehow it is stuck between root and no root. Will figure it out....
Again... thanks... this is a big deal for me. :good:

non-developer edition?
If you have a developer edition or a moto with unlocked bootloader, Moto's own roms are flashable and *COMPLETELY WORKING*
Click to expand...
Click to collapse
Can anyone attest to having successfully flashed an unlocked non-developer edition G4 with this ROM? Motorola clearly warns against doing this:
IMPORTANT! Do not use these images/packages on non-developer edition devices or on devices with a locked bootloader.
Click to expand...
Click to collapse
(sorry, I'm a new member so I'm not allowed to include a link)

Bricked or not bricked, that is the question

Weird screen behavior, it seem to me that it isn't a hardware fault, cause when plugging in a charger the phone is able to show the MI logo, but not the charging icon
The phone is able to boot and i can hear the phone locking and unlocking, can see that the screen is on because of the backlight, but there is no image, SO FRUSTRATING!!
If you have any idea of what's going on and can give me a tip, i would thank you so much, the phone has been on this state for a long time
Don't know how to upload videos, if you think that can help diagnose it i can upload it and share a link or something

Hugask said:
Weird screen behavior, it seem to me that it isn't a hardware fault, cause when plugging in a charger the phone is able to show the MI logo, but not the charging icon
The phone is able to boot and i can hear the phone locking and unlocking, can see that the screen is on because of the backlight, but there is no image, SO FRUSTRATING!!
If you have any idea of what's going on and can give me a tip, i would thank you so much, the phone has been on this state for a long time
Don't know how to upload videos, if you think that can help diagnose it i can upload it and share a link or something
Click to expand...
Click to collapse
What did you do before?
Did you flash something?
Is it device unlocked?
This happen also in fastboot/recovery mode?

SubwayChamp said:
What did you do before?
Did you flash something?
Is it device unlocked?
This happen also in fastboot/recovery mode?
Click to expand...
Click to collapse
I hadnt updated my Rom, Pixel experience, in a while, so i took the opportunity and flashed an (at the time) beta Pixel Experience Android 10, i reverted and everything was fine for about one day i think, then some artifacting wich would come and go until the display gived up completly (about an hour between the two)
Yes, it is unlocked, and when in fastboot/recovery the screen is lighted up but not showing anything
My guess is that i have a low level firmware issue, as i had problem with those before (was running a custom ROM from day 1, so i had to manually update firware to use newer versions of PE (still pie version) and almost bricked my device

Hugask said:
I hadnt updated my Rom, Pixel experience, in a while, so i took the opportunity and flashed an (at the time) beta Pixel Experience Android 10, i reverted and everything was fine for about one day i think, then some artifacting wich would come and go until the display gived up completly (about an hour between the two)
Yes, it is unlocked, and when in fastboot/recovery the screen is lighted up but not showing anything
My guess is that i have a low level firmware issue, as i had problem with those before (was running a custom ROM from day 1, so i had to manually update firware to use newer versions of PE (still pie version) and almost bricked my device
Click to expand...
Click to collapse
Then try the next:
- Flash a different vendor.
- Flash a different kernel.
- Revert to stock ROM, no need to lock or nothing, just flash first the recovery ROM but if it doesn't result then flash the fastboot ROM through EDL, so that you know you can boot to EDL mode without need to open the back cover, this will restore all the original images.

SubwayChamp said:
Then try the next:
- Flash a different vendor.
- Flash a different kernel.
- Revert to stock ROM, no need to lock or nothing, just flash first the recovery ROM but if it doesn't result then flash the fastboot ROM through EDL, so that you know you can boot to EDL mode without need to open the back cover, this will restore all the original images.
Click to expand...
Click to collapse
Ok, so... i think i have all the files, but i'm really lost, how am i supposed to flash the vendor, firmware and stock ROM via fastboot?
Also, i put the device in fastboot, so... thats a win i guess (screen working surprisingtly)
I'm just not finding how to do this, it's been a while that i havent messed with this side of android, if you could help me it would mean the world for me

Hugask said:
Ok, so... i think i have all the files, but i'm really lost, how am i supposed to flash the vendor, firmware and stock ROM via fastboot?
Also, i put the device in fastboot, so... thats a win i guess (screen working surprisingtly)
I'm just not finding how to do this, it's been a while that i havent messed with this side of android, if you could help me it would mean the world for me
Click to expand...
Click to collapse
You can flash some images invoking the right partition, I mean, you can flash vendor image onto the vendor partition using
Code:
fastboot flash vendor vendor.img
, and in case you need to flash all the ROM you should use MiFlash tool

SubwayChamp said:
You can flash some images invoking the right partition, I mean, you can flash vendor image onto the vendor partition using
Code:
fastboot flash vendor vendor.img
, and in case you need to flash all the ROM you should use MiFlash tool
Click to expand...
Click to collapse
Ok, so... i am NOT keeping up with what i need to do, i found a vendor update in a site but it is not an image, i am so confused, i don't how was i able to mess around with this i am basically a noob, i feel so dumb, this should have been so easy and here i am having trouble
If you could make a step by step instruction or send a link where i can get a vendor .img it would be perfect thanks in advance

Hugask said:
Ok, so... i am NOT keeping up with what i need to do, i found a vendor update in a site but it is not an image, i am so confused, i don't how was i able to mess around with this i am basically a noob, i feel so dumb, this should have been so easy and here i am having trouble
If you could make a step by step instruction or send a link where i can get a vendor .img it would be perfect thanks in advance
Click to expand...
Click to collapse
Ok, update what is the current status of your device, you said screen now displaying, Did you refer only to fastboot mode? Could you see the bunny in fastboot? But booted up on system screen is displaying nothing?

SubwayChamp said:
Ok, update what is the current status of your device, you said screen now displaying, Did you refer only to fastboot mode? Could you see the bunny in fastboot? But booted up on system screen is displaying nothing?
Click to expand...
Click to collapse
Yes, that is correct, i can see the fastboot screen 100%, no artifacts, just plain working, still no recovery (if i remember right i have orange fox) or ROM screen

Hugask said:
Yes, that is correct, i can see the fastboot screen 100%, no artifacts, just plain working, still no recovery (if i remember right i have orange fox) or ROM screen
Click to expand...
Click to collapse
And what do you want to do now? Did you unlock bootloader?

SubwayChamp said:
And what do you want to do now? Did you unlock bootloader?
Click to expand...
Click to collapse
I actually want to check that, i took the phone to a tecnitician and he may have locked the bootloader
I think the next step would be flashing the vendor, firmwares and stock rom again, right?

Hugask said:
I actually want to check that, i took the phone to a tecnitician and he may have locked the bootloader
I think the next step would be flashing the vendor, firmwares and stock rom again, right?
Click to expand...
Click to collapse
if your bootloader is locked, you can't flash through fastboot mode either vendor or stock ROM, you should need to use EDL method or you can re-unlock bootloader and this way will work. Anyway i don't understand what actually your issue is.

SubwayChamp said:
if your bootloader is locked, you can't flash through fastboot mode either vendor or stock ROM, you should need to use EDL method or you can re-unlock bootloader and this way will work. Anyway i don't understand what actually your issue is.
Click to expand...
Click to collapse
The issue is the display not working, and it's gotta be a firmware issue as it's on my desk right now showing a bunny, also i am not used to fastboot flash anything, i just was used to recoveries and what not
Just runned some code and it's locked, this is getting better and better oh boy
How am i gonna unlock this if i can't even unlock the phone? last time with screen working it was already a nightmare, having to wait for miui account, do i have any method of doing this without using EDL?

Hugask said:
The issue is the display not working, and it's gotta be a firmware issue as it's on my desk right now showing a bunny, also i am not used to fastboot flash anything, i just was used to recoveries and what not
Just runned some code and it's locked, this is getting better and better oh boy
How am i gonna unlock this if i can't even unlock the phone? last time with screen working it was already a nightmare, having to wait for miui account, do i have any method of doing this without using EDL?
Click to expand...
Click to collapse
Well, this make sense although it's not clear if you did unlock it previously and after that at some time you did lock it again.
If you didn't unlock it previously you would need to bind your Mi account to the device and enable USB debugging and OEM unlock options but if you didn't before without a screen working you have a more difficult way, confirm me if that is the case.
Anyway I got happily surprised when I bought this device some months ago at the first attempt I could unlock it without have to wait time, try it and see what happen.

SubwayChamp said:
Well, this make sense although it's not clear if you did unlock it previously and after that at some time you did lock it again.
If you didn't unlock it previously you would need to bind your Mi account to the device and enable USB debugging and OEM unlock options but if you didn't before without a screen working you have a more difficult way, confirm me if that is the case.
Anyway I got happily surprised when I bought this device some months ago at the first attempt I could unlock it without have to wait time, try it and see what happen.
Click to expand...
Click to collapse
It was unloked and i locked again, don't know if this helps my case or if i am royally screwed up
And yeah, Xioami does make difficult to do the process of unlocking but only to recently released devices, aparently to stop re-sellers to buy the cheaper chinese rom and put the global version on them, i think that when a device doenst get made anymore makes sense that they would make it more easy (i bought the device 2 weeks after launch)

Hugask said:
It was unloked and i locked again, don't know if this helps my case or if i am royally screwed up
And yeah, Xioami does make difficult to do the process of unlocking but only to recently released devices, aparently to stop re-sellers to buy the cheaper chinese rom and put the global version on them, i think that when a device doenst get made anymore makes sense that they would make it more easy (i bought the device 2 weeks after launch)
Click to expand...
Click to collapse
Ok, of course this makes a huge difference, if you did unlock it previously then you couldn't receive any wait time, I wonder why you didn't try it if you didn 't. Check if MiUnlock tool unlock your device instantly.

SubwayChamp said:
Ok, of course this makes a huge difference, if you did unlock it previously then you couldn't receive any wait time, I wonder why you didn't try it if you didn 't. Check if MiUnlock tool unlock your device instantly.
Click to expand...
Click to collapse
OMG THIS WORKED
It's been sucessfully unlocked

Hugask said:
OMG THIS WORKED
It's been sucessfully unlocked
Click to expand...
Click to collapse
Hmm, OK, now you have your way sorted out, you can try with a custom ROM (all of them contain a vendor) or in case a custom ROM doesn't solve it you have to try a stock ROM through Mi Flash tool.

SubwayChamp said:
Hmm, OK, now you have your way sorted out, you can try with a custom ROM (all of them contain a vendor) or in case a custom ROM doesn't solve it you have to try a stock ROM through Mi Flash tool.
Click to expand...
Click to collapse
Ok, but how am i gonna flash a rom with fastboot? Is that a thing?
Also, i don't think the vendor is gonna be my only problem, but also the firmware, is there a way to flash firmware without the recovery and trough fastboot?

Hugask said:
Ok, but how am i gonna flash a rom with fastboot? Is that a thing?
Also, i don't think the vendor is gonna be my only problem, but also the firmware, is there a way to flash firmware without the recovery and trough fastboot?
Click to expand...
Click to collapse
You can't be sure of that, sometimes the vendor correct the issue, sometimes the firmware.
Firmware it is in the stock ROM that can be flashed either through fastboot or EDL mode (be careful to not relock bootloader or you couldn't enable this time OEM unlock option). Now that you have the way more clear just do a search "how to flash stock ROM on Xiaomi devices either through fastboot or EDL mode", just keep in mind that you don't need to open the back cover of the device, usually from a device off (only on unlocked ones) you could send it to EDL by pressing both volume buttons at same time that it is connected to PC, I gave you the main tips, for the rest you will find a lot of tutorials.

Need help getting back to stock from weird FW

Hello,
I bought a Fire HD 8 (2018) from ebay, but it gives me some headaches. There is almost nothing on it, no playstore (neither amazon nor google), no browser, only six basic apps like a calculator. And there is something called WebView Browser Tester. When I enter Recovery and do a factory reset it reverts to this exact stage. I was able to use adb to install VLC Player but it acts a little strange. But when I install Google Playstore (+ Framework, Account Manager, Services) it will crash. Rebooting after that will end in a bootloop, that can only be broken by several attempts trying to get into recovery and do a reset.
So, I think this device once belonged to a developer. It also identifies itself as "kayak" in recovery menu. So I assumed it was unlocked at some point. But when I try to use fastboot to flash it, it states "locked hw". ADB sideload is not available.
I don't know what to do right now. I spend last night doing research without much success. Pretty much all Unlock-Tutorials assume that you are on stock firmware, and the ones for getting back to stock assume you have twrp installed which is also not the case here.
Hope somebody can help me getting this thing working again.
Thanks in advance,
Scoop

Can you unlock the BL

Well, I'm not quite sure how to do that. I only started to dive into the topic by yesterday. Do I have to setup a linux system to do that or is there another way?

Bro…. What are you trying to do if you did not unlock the BootLoader. Just follow a normal guide. Google.

Google brought me here ^^ I wanted to aks if there is en easier way to unlock it then opening it up and setting up a linux boot drive, given that the device has clearly been tinkered with before. I thought, it might be a "known" custom rom that has been to it flashed before. Just trying not to brick it...
But thanks for your answer.

I meant using fast boot….

Now you got me confused. I'm really sorry, but could you be a bit more specific? When I try to use the unlock command I'm always getting the error "the command you input is restricted on locked hw".

scoop111 said:
Now you got me confused. I'm really sorry, but could you be a bit more specific? When I try to use the unlock command I'm always getting the error "the command you input is restricted on locked hw".
Click to expand...
Click to collapse
do these (not at the same time, wait to boot into bootloader then do second and third cmd)
Code:
adb reboot bootloader
fastboot flashing unlock
fastboot reboot

That's exactly what I did. I also tried fastboot oem unlock instead of fast flashing unlock. But I'm always getting the same error "command restricted on locked hw".
I read on some site that "OEM unlock" must be enabled in developer options to have this working, but there is no such option.

ohhhhhh. Then your device is not unlockable.

I managed to unlock it via the hardware mod, but I'm stuck after that. It won't boot into recovery. Is there a way to flash the firmware just with fastboot access?

scoop111 said:
I managed to unlock it via the hardware mod, but I'm stuck after that. It won't boot into recovery. Is there a way to flash the firmware just with fastboot access?
Click to expand...
Click to collapse
If you did the hardware unlock all the way through, you should have TWRP recovery. From that you can flash anything.

scoop111 said:
I managed to unlock it via the hardware mod, but I'm stuck after that. It won't boot into recovery. Is there a way to flash the firmware just with fastboot access?
Click to expand...
Click to collapse
Can you message me in Telegram?

Have you had any success?
I have the exact same issue, and this is pretty much the only topic that shows up when searching "Kayak".
Fire Toolbox v30.3 doesn't like it either
'Codename "kayak" isn't supported/recognized by the Toolbox. Please plug in a supported Fire tablet and try again.'

What model is on the back there are hardware revisions of the 8 2018 L5S83A: Normal OG revision K29A5E: Pre production model for patching CLK Exploit