[HBOOT, eMMC][11/14/2012] JET - The Jewel/Evita Toolkit

Search This thread
By:
Advanced…
yarrimapirate

yarrimapirate

Senior Member
May 29, 2009
178
614
Vancouver, WA
Disclaimer: This is BETA. It works well, but may still set fire to your house if you anger it.


UPDATE 11/14/12 - Updated OP with SLS's device detection code fixes.

Update 2: Fixed bug in device detection loop causing freeze at "Waking Device"


JET - The Jewel/Evita Tool "kit."

This all started as a downgrade script for the Jewel. You can follow the original JET thread in the EVO 4G LTE forums. I'm creating this thread to track/support issues from Evita users.

JET performs several useful functions, including:
  • Downgrading your HBOOT to 1.09 for easier radio flashing.
  • SuperCID (For HTCDev unlocking)
  • Partition/IMEI backup.
  • Detection of eMMC partitions on a phone stuck in Qualcomm download mode
  • Possible unbricking of your device (depending on circumstances)


JET is and always will be 100% open source and with full support given here on XDA.

Changelog
11/9/12 - Name change to better reflect the direction of this project. Ported to Evita. Rewrote device detection code.
11/1/2012 - Added SuperCID capability
10/24/2012 - Modified emmc_recover to catch stalls at "Wait device /dev/sdXXX......" and try to recover.
10/21/2012 - Added --recover and --unbrick command line options
10/19/2012 - Beta posted
Click to expand...
Click to collapse


Credits:
Credit for the original EVO downgrading idea belongs to Mac_Gyver as seen in this post:
http://xdaforums.com/showthread.php?t=1932914

This post refined that process and can still be referenced for manual downgrading:
http://xdaforums.com/showpost.php?p=32761598&postcount=107

Closeone for code submissions and a steady flow of awesome ideas.

SouL Shadow for some slick logging code

Initial Testers (AKA People willing to let a total stranger intentionally brick their phone for SCIENCE!)
AZ Fadeout
benny3
kjcmusic17
michael.stollaire
My lovely wife (distract with shiny object, snatch phone, cackle wildly, proceed to brick)
Some local folks not on XDA

absolutelygrimm and 18th.abn for consulting on the Evita side of things.

The XDA community for rallying behind this project and offering support to your fellow members
Click to expand...
Click to collapse



Requirements

  • Unlocked bootloader and a recent TWRP already flashed. (For most functions.)
  • A NATIVE Linux installation, or a LiveCD/Wubi install. Virtual Machines are NOT SUPPORTED.
    [*]A 32 bit Linux installation/CD, or install ia32-libs or ia32-libs-multiarch
  • Linux Kernel v3.0 or higher (Ubuntu 12.04 LiveCDs meet this requirement)
  • USB Debugging turned on
Click to expand...
Click to collapse



FAQ
Q: Help! The tool keeps saying "Failed to flash HBoot" repeatedly. What do I do?
A: This is a timing issue. If the tool can't get a good lock on your phone, it will give and error and then try again. It will keep trying until it locks onto the phone and can flash. In addition, it is safe to unplug and replug the USB cable during this step, even to another USB port.


Q: This thing is taking forever!! Is it supposed to?
A: The process usually takes about 10 minutes but can take 15 or longer depending. Unfortunately the process for flashing the bootloader is rather painful, and has to be done in very small pieces. Thank HTC for that one. Ubuntu is also partially to blame.


Q: Is this a bootable CD? Can I use this from Windows?
A: This is NOT a bootable LiveCD. A LiveCD version (with further enhancements) is in the works.


Q: Is there/Will there be a Windows version?
A: No. Nor are there plans to make a Windows native version. There are some inherent issues with the way Windows deals with USB devices that prohibits us from accessing QDL. If you're not comfortable trying/using Linux, I suggest you wait for the LiveCD to be finished.
Click to expand...
Click to collapse



Instructions:
  1. Boot Linux.
  2. Download attached package.
  3. Unzip to somewhere you have write access (/home/ubuntu for Ubuntu LiveCD users)
  4. Open terminal.
  5. cd to working directory.
  6. $ chmod +x jet
  7. $ sudo ./jet
  8. Follow the onscreen instructions.
  9. /happydance
Click to expand...
Click to collapse

Command Line Options
Code: 
-b or --backup  :  Backup mode only  (make bakp4 and fsp4, don't force QDL)
-c or  --cidpreserve : Don't SuperCID the backup P4 file
-d or  --detect   :  Find device (/dev/sd?)
-k or  --kill     :  Soft brick the phone by corrupting P4  (be careful with this)
-r  or  --recover  :  Load HBOOT 1.09 and existing backup P4 (for people who stalled after QDL force)
-s or  --supercid : SuperCID mod for nonbricked phones
-u or --unbrick  :  Load existing backup P4 file ONLY.  (Quit QDL without downgrade)
Click to expand...
Click to collapse

To do:
  • P4 file generation from user entered MEID.
  • Merge both HW versions of JET and detect device at load.
  • LiveCD
  • All requests for features considered!
Click to expand...
Click to collapse



Source:
You can follow code revisions for the shell script here:
https://github.com/yarrimapirate/JET

LiveCD Development is underway. You can follow the code here:
https://github.com/closeone/JET

I use a modified version of Fuses emmc_recover. I have forked his source here:
https://github.com/yarrimapirate/emmc_recover
Click to expand...
Click to collapse

A big Thank You to all who've sent donations! Caffeine and beer help generate code, and a few extra bucks convinces the wife it's worth the time I spend glued to my PC/phone. Your donation money is also being used to buy devices to further test/develop with. :good:
 

Attachments

  • jet-evita-0.3.3b.zip
    931.6 KB · Views: 5,205
Last edited:
  • Like
Reactions: mehdifirefox, raisage, xp314a and 71 others
D

Deleted member 3452239

Guest
yarrimapirate said:
Since I'm not entirely familiar with the problem, I'll ask grim to expalin it to me so I can properly document it in the OP. Thanks for the heads up!
Click to expand...
Click to collapse

----

Hboot protects itself, I thought sbl3 verified hboot, then it protected itself but that's not the case. Sbl3 is controlling emmc mode from my understanding...

p9 (sbl3) sets emmc mode before p12(hboot) sets protection...........p1,2,3 will never be vulnerable to the same exploit as they have already set their protection well before emmc mode. They are the first 3 partitions so you cannot brick anything earlier in the chain. So, just say, hboot was p7, it would protect itself before emmc mode, and would never be vulnerable. -18th.abn


----

However, if for any reason you cannot flash Kernels/Radios.. Just run the 1.85 RUU and your issues will be solved.

----

To RUU downgrade, you will need to pull mmcblk0p23 from your phone and hex edit it. To do so, open terminal emulator on your phone..

Code: 
$ su
# dd if=/dev/block/mmcblk0p23 of=/sdcard/mmcblk0p23

Open this in a hex editor of your choice.
at 0x0A0 you will see
ClearAutoImage..2.20.xxx.x...................... x being whatever number is listed..
change it to 1.00.000.0

Place back on your sdcard
open terminal emulator
Code: 
$ su
# dd if=/sdcard/mmcblk0p23 of=/dev/block/mmcblk0p23

reboot to fastboot and lock your bootloader. Boot into your ROM and RUU downgrade
 
Last edited by a moderator:
  • Like
Reactions: subarudroid, gaby04, benny3 and 3 others
Genetic517

Genetic517

Senior Member
Nov 2, 2011
1,093
297
ugh i wish i had linux. i want old hboot back! :( . awesome job though, this is great to see.
 
bpear96

bpear96

Senior Member
Sep 30, 2010
1,879
3,583
Genetic517 said:
ugh i wish i had linux. i want old hboot back! :( . awesome job though, this is great to see.
Click to expand...
Click to collapse

Just use the ubuntu live cd like suggested in the OP. Or dual boot it, ubuntu or other Linux distro is really great to have

EDIT: absolutelygrim beat me to it :D

Great job to all involved with this !. S-Off would be nice, but having Hboot 1.09 is pretty nice as well.
 
Last edited:
M

MyronJ906

Senior Member
Apr 22, 2008
732
182
I'm using this now, a bit concerned that the device seems like it doesn't want to wake right now (stuck at Waking Device...) ANyone have any ideas? Would it be safe to unplug this USB cable and try a different one? I'm using one other than the one that came with the One X
 
Genetic517

Genetic517

Senior Member
Nov 2, 2011
1,093
297
absolutelygrim said:
Go boot up a liveCD and do it.
I have done it 3 or 4 times, but with the manual process. These tools work. I endorse them.
Click to expand...
Click to collapse

bpear96 said:
Just use the ubuntu live cd like suggested in the OP. Or dual boot it, ubuntu or other Linux distro is really great to have

EDIT: absolutelygrim beat me to it :D
Click to expand...
Click to collapse

i did read i could use livecd but i also read this in the FAQ. livecd looks to be unfinished? please correct me if im wrong. im 100% a windows guy, have never even used linux

Q: Is there/Will there be a Windows version?
A: No. Nor are there plans to make a Windows native version. There are some inherent issues with the way Windows deals with USB devices that prohibits us from accessing QDL. If you're not comfortable trying/using Linux, I suggest you wait for the LiveCD to be finished.
 
D

Deleted member 3452239

Guest
MyronJ906 said:
I'm using this now, a bit concerned that the device seems like it doesn't want to wake right now (stuck at Waking Device...) ANyone have any ideas? Would it be safe to unplug this USB cable and try a different one? I'm using one other than the one that came with the One X
Click to expand...
Click to collapse

Hold power down for 10 seconds
open another terminal window and type

Code: 
watch -n.1 lsusb

let go of power when you see "Qualcomm, Inc. Gobi Wireless Modem (QDL mode)" disappear
 
bpear96

bpear96

Senior Member
Sep 30, 2010
1,879
3,583
Genetic517 said:
i did read i could use livecd but i also read this in the FAQ. livecd looks to be unfinished? please correct me if im wrong. im 100% a windows guy, have never even used linux

Q: Is there/Will there be a Windows version?
A: No. Nor are there plans to make a Windows native version. There are some inherent issues with the way Windows deals with USB devices that prohibits us from accessing QDL. If you're not comfortable trying/using Linux, I suggest you wait for the LiveCD to be finished.
Click to expand...
Click to collapse

He means a actual "jet" AIO live cd is what is a unfinished . Theres nothing stopping you from downloading the latest Ubuntu distro, burning it to a disc (or bootable usb) and running that on your computer. Ubuntu can be ran directly from the disc, no install needed (though it will be slower than install obviously ) Once your running the live cd/usb of ubuntu you can easily load up this toolkit.
 
M

MyronJ906

Senior Member
Apr 22, 2008
732
182
absolutelygrim said:
did you brick by flashing ICJ or are you trying to downgrade?
Click to expand...
Click to collapse

Downgrade. Haha just my luck for trying something I didn't need to do :D

If it's safe to actually unplug the USB and grab another cable, I'm definitely willing/able to do that

EDIT: and it does disappear and say Qualcom Inc for a few seconds, then nothing and then it flashes the full "Qualcomm, Inc. Gobi Wireless Modem (QDL mode)" for a split second and repeats the process
 
You must log in or register to reply here.

Similar threads

h8rift
[ROM][4.1.2] CyanogenMod 10 for HTC One XL
Replies
8K
Views
2M
exad
exad
h8rift
CyanogenMod 11.0 for AT&T HTC One XL - evita
Replies
2K
Views
447K
jrior001
jrior001
hasoon2000
  • Locked
[TOOL] HTC One X (Evita) All-In-One Toolkit V3.0.1 [7-7-2013] [PERM ROOT][Noob-Proof]
Replies
464
Views
283K
kinfauns
kinfauns
Turge
  • Poll
[ROM][SEP 22] Team Venom ViperXL 4.2.0 | Sense 5 | Venom Tweaks | OTA Updates
Replies
19K
Views
2M
T
Tmobilefan906
X
[DRIVER] HTC Driver 4.0.1.001 (2012-11-07)
Replies
25
Views
377K
D
Darkrapier11

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 74
    yarrimapirate
    yarrimapirate
    Disclaimer: This is BETA. It works well, but may still set fire to your house if you anger it.


    UPDATE 11/14/12 - Updated OP with SLS's device detection code fixes.

    Update 2: Fixed bug in device detection loop causing freeze at "Waking Device"


    JET - The Jewel/Evita Tool "kit."

    This all started as a downgrade script for the Jewel. You can follow the original JET thread in the EVO 4G LTE forums. I'm creating this thread to track/support issues from Evita users.

    JET performs several useful functions, including:
    • Downgrading your HBOOT to 1.09 for easier radio flashing.
    • SuperCID (For HTCDev unlocking)
    • Partition/IMEI backup.
    • Detection of eMMC partitions on a phone stuck in Qualcomm download mode
    • Possible unbricking of your device (depending on circumstances)


    JET is and always will be 100% open source and with full support given here on XDA.

    Changelog
    11/9/12 - Name change to better reflect the direction of this project. Ported to Evita. Rewrote device detection code.
    11/1/2012 - Added SuperCID capability
    10/24/2012 - Modified emmc_recover to catch stalls at "Wait device /dev/sdXXX......" and try to recover.
    10/21/2012 - Added --recover and --unbrick command line options
    10/19/2012 - Beta posted
    Click to expand...
    Click to collapse


    Credits:
    Credit for the original EVO downgrading idea belongs to Mac_Gyver as seen in this post:
    http://xdaforums.com/showthread.php?t=1932914

    This post refined that process and can still be referenced for manual downgrading:
    http://xdaforums.com/showpost.php?p=32761598&postcount=107

    Closeone for code submissions and a steady flow of awesome ideas.

    SouL Shadow for some slick logging code

    Initial Testers (AKA People willing to let a total stranger intentionally brick their phone for SCIENCE!)
    AZ Fadeout
    benny3
    kjcmusic17
    michael.stollaire
    My lovely wife (distract with shiny object, snatch phone, cackle wildly, proceed to brick)
    Some local folks not on XDA

    absolutelygrimm and 18th.abn for consulting on the Evita side of things.

    The XDA community for rallying behind this project and offering support to your fellow members
    Click to expand...
    Click to collapse



    Requirements

    • Unlocked bootloader and a recent TWRP already flashed. (For most functions.)
    • A NATIVE Linux installation, or a LiveCD/Wubi install. Virtual Machines are NOT SUPPORTED.
      [*]A 32 bit Linux installation/CD, or install ia32-libs or ia32-libs-multiarch
    • Linux Kernel v3.0 or higher (Ubuntu 12.04 LiveCDs meet this requirement)
    • USB Debugging turned on
    Click to expand...
    Click to collapse



    FAQ
    Q: Help! The tool keeps saying "Failed to flash HBoot" repeatedly. What do I do?
    A: This is a timing issue. If the tool can't get a good lock on your phone, it will give and error and then try again. It will keep trying until it locks onto the phone and can flash. In addition, it is safe to unplug and replug the USB cable during this step, even to another USB port.


    Q: This thing is taking forever!! Is it supposed to?
    A: The process usually takes about 10 minutes but can take 15 or longer depending. Unfortunately the process for flashing the bootloader is rather painful, and has to be done in very small pieces. Thank HTC for that one. Ubuntu is also partially to blame.


    Q: Is this a bootable CD? Can I use this from Windows?
    A: This is NOT a bootable LiveCD. A LiveCD version (with further enhancements) is in the works.


    Q: Is there/Will there be a Windows version?
    A: No. Nor are there plans to make a Windows native version. There are some inherent issues with the way Windows deals with USB devices that prohibits us from accessing QDL. If you're not comfortable trying/using Linux, I suggest you wait for the LiveCD to be finished.
    Click to expand...
    Click to collapse



    Instructions:
    1. Boot Linux.
    2. Download attached package.
    3. Unzip to somewhere you have write access (/home/ubuntu for Ubuntu LiveCD users)
    4. Open terminal.
    5. cd to working directory.
    6. $ chmod +x jet
    7. $ sudo ./jet
    8. Follow the onscreen instructions.
    9. /happydance
    Click to expand...
    Click to collapse

    Command Line Options
    Code: 
    -b or --backup  :  Backup mode only  (make bakp4 and fsp4, don't force QDL)
-c or  --cidpreserve : Don't SuperCID the backup P4 file
-d or  --detect   :  Find device (/dev/sd?)
-k or  --kill     :  Soft brick the phone by corrupting P4  (be careful with this)
-r  or  --recover  :  Load HBOOT 1.09 and existing backup P4 (for people who stalled after QDL force)
-s or  --supercid : SuperCID mod for nonbricked phones
-u or --unbrick  :  Load existing backup P4 file ONLY.  (Quit QDL without downgrade)
    Click to expand...
    Click to collapse

    To do:
    • P4 file generation from user entered MEID.
    • Merge both HW versions of JET and detect device at load.
    • LiveCD
    • All requests for features considered!
    Click to expand...
    Click to collapse



    Source:
    You can follow code revisions for the shell script here:
    https://github.com/yarrimapirate/JET

    LiveCD Development is underway. You can follow the code here:
    https://github.com/closeone/JET

    I use a modified version of Fuses emmc_recover. I have forked his source here:
    https://github.com/yarrimapirate/emmc_recover
    Click to expand...
    Click to collapse

    A big Thank You to all who've sent donations! Caffeine and beer help generate code, and a few extra bucks convinces the wife it's worth the time I spend glued to my PC/phone. Your donation money is also being used to buy devices to further test/develop with. :good:
    View
    9
    XsMagical
    XsMagical
    oh sweet, video coming right up!

    Just one step closer to S-Off!
    View
    7
    yarrimapirate
    yarrimapirate
    Reserved.
    View
    6
    D
    Deleted member 3452239
    yarrimapirate said:
    Since I'm not entirely familiar with the problem, I'll ask grim to expalin it to me so I can properly document it in the OP. Thanks for the heads up!
    Click to expand...
    Click to collapse

    ----

    Hboot protects itself, I thought sbl3 verified hboot, then it protected itself but that's not the case. Sbl3 is controlling emmc mode from my understanding...

    p9 (sbl3) sets emmc mode before p12(hboot) sets protection...........p1,2,3 will never be vulnerable to the same exploit as they have already set their protection well before emmc mode. They are the first 3 partitions so you cannot brick anything earlier in the chain. So, just say, hboot was p7, it would protect itself before emmc mode, and would never be vulnerable. -18th.abn


    ----

    However, if for any reason you cannot flash Kernels/Radios.. Just run the 1.85 RUU and your issues will be solved.

    ----

    To RUU downgrade, you will need to pull mmcblk0p23 from your phone and hex edit it. To do so, open terminal emulator on your phone..

    Code: 
    $ su
# dd if=/dev/block/mmcblk0p23 of=/sdcard/mmcblk0p23

    Open this in a hex editor of your choice.
    at 0x0A0 you will see
    ClearAutoImage..2.20.xxx.x...................... x being whatever number is listed..
    change it to 1.00.000.0

    Place back on your sdcard
    open terminal emulator
    Code: 
    $ su
# dd if=/sdcard/mmcblk0p23 of=/dev/block/mmcblk0p23

    reboot to fastboot and lock your bootloader. Boot into your ROM and RUU downgrade
    View
    5
    yarrimapirate
    yarrimapirate
    This one too...
    View

New posts