Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,772,106 Members 40,705 Now Online
XDA Developers Android and Mobile Development Forum

[Unlock] Bootloader unlock - Updated November 26th 2012

Tip us?
 
jcase
Old
(Last edited by jcase; 22nd January 2013 at 06:04 AM.)
#1  
jcase's Avatar
Forum Moderator / Senior Recognized Developer - Taco Vendor - OP
Thanks Meter 7165
Posts: 3,623
Join Date: Feb 2010
Location: Sequim WA

 
DONATE TO ME
Default [Unlock] Bootloader unlock - Updated November 26th 2012

Please see this safer/easier/faster method instead of using the one below http://forum.xda-developers.com/show...7#post36976137







Original guide provided below for historial purposesonly, seriously use hte one above:

Please refrain from repackaging, or rehosting my materials, ask prior to deciding to.

If this guide fails, or the auto script (which I will not recommend you use) fails, please do a factory reset before attempting again.

If you appreciate this, please make sure you check out my original article on the AndroidPolice. Without the support of AP, I wouldn't spend nearly as much time doing this. To the bloggers who will chose to link to a forum post, rather than the original post on a better blog, you suck.

http://www.androidpolice.com/2012/11...as-bootloader/

Donations for new test devices can be made at the paypal link to the left. I reserve the right to send leftover funds to whatever charities I feel like. Generally I choose Boys and Girls club of america, sometimes I choose seasonal charity, or a medical related one.

Known Problems:
Adb server is out of date
Uninstall HTC Sync, Samsung Kies, etc any software that talks to the phone.

If you get stuck, please immediately find someone in our chat that knows what they are doing. It is very easy to brick your phone if you follow these directions incorrectly, or if a problem arises!

Need faster help? or Want to help visit our chat
http://chat.andirc.net:8080/?channels=#droid-dna

Quote:
Credits:
Original development: jcase
Awesome saver of the day: Sean Beaupre
Crash test dummy: dsb9938 (I bricked his phone making this!)
Artem and all @AndroidPolice for putting up with my nonsense.
Special thanks to Fuses for recommending a better target, and the numerous testers that let me play with their new phones.
Warning: This is semi complicated, and is known to ruin phones if done incorrectly. Proceed at your own risk


Needed:
1gb free space on the phone.
Working adb, must support the adb restore feature (ICS and up!)

Downloads:
backup.ab (300mb) mirrors: http://d-h.st/tau - http://depositfiles.com/files/9c61r4lgo - http://www.filefactory.com/file/2va8...99/n/backup.ab

DNA_TeamAndIRC mirrors - http://d-h.st/D4r - http://www.putlocker.com/file/F357F205F5235B3D - http://rapidgator.net/file/59342799/...ndIRC.zip.html


Unzip DNA_TeamAndIRC, put runme.sh, CIDGen.apk and backup.ab into the directory where adb is (or anywhere if you have your paths setup right).

Please Check the readme.txt before continuing!

Code:
adb install CIDGen.apk
Run the CIDGen app on your phone, enter the last digit of your IMEI (NOT YOUR MEID) and press generate. Then confirm the generated file exists.

Code:
adb shell ls -l /sdcard/CIDBLOCK.img
If CIDBLOCK.img does not exist, run the app and try again. Do not proceed without generating a CIDBLOCK.img, it is needed to repair the phone and unlock.

Once you have CIDBLOCK.img on your sdcard, open two terminals (command prompts) and continue

In the first terminal/cmd prompt run these commands:

Code:
adb push runme.sh /data/local/tmp/
adb shell chmod 755 /data/local/tmp/runme.sh
adb shell /data/local/tmp/runme.sh
runme.sh will continue to loop and spit out No such file or link failed errors, just leave it running for now.

In the other terminal/cmd prompt run this commands:

Code:
adb restore backup.ab
Then allow the restore on your phone. Once the process is finished, you can go back to the looping terminal and stop it with control + c, or close the terminal

At this point, do not continue unless you are certain you can do this. Past this point, is where people can brick if they do not follow the directions correctly. If you run into a problem, find someone to help you. Do NOT power your phone off or reboot it. Leave it charging and find someone.

Code:
adb shell rm /data/data/com.htc.usage/files/exploit/*
adb shell mv /data/DxDrm /data/DxDrm_org
adb shell mkdir /data/DxDrm
adb shell ln -s /dev/block/mmcblk0p5 /data/DxDrm/DxSecureDB
adb reboot
Once the phone is rebooted, open two terminals and repeat the restore exploit:

In the first one:
Code:
adb shell /data/local/tmp/runme.sh
This process will also loop forever and give out lots of "No such file" or "link failed" errors - again, just leave it running.

In the second terminal, restore the backup again:

Code:
adb restore backup.ab
After the restore is done, we will undo the DxDrm symlink attack and write the new CIDBLOCK.img:

Code:
adb shell mv /data/DxDrm /data/DxDrm_trash
adb shell dd if=/sdcard/CIDBLOCK.img of=/dev/block/mmcblk0p5
If this returns an "out of space error" come to our chat, and find either jcase or beaups. Do not reboot. Do not continue.

Code:
adb reboot
After reboot, you can go to http://HTCDev.com, and unlock through their official process. Choose the "All other supported models" option when selecting your phone.


Cheers!
I'm taking a break of an undetermined length. Please don't contact me about exploits

Something important? jcase@cunninglogic.com
Like Android security topics? Join our G+ community -> https://plus.google.com/communities/...07618051049043
My Bitcoin address : 1Newifz6yETTmbziCsZZstmHHPH6ejNr75
The Following 82 Users Say Thank You to jcase For This Useful Post: [ Click to Expand ]
 
dsb9938
Old
(Last edited by dsb9938; 24th November 2012 at 08:20 PM.)
#2  
dsb9938's Avatar
Recognized Developer
Thanks Meter 3149
Posts: 1,722
Join Date: Sep 2010
Location: Edison, NJ

 
DONATE TO ME
Is there a one-click for this?

Sorry, I couldn't resist!

Support chat: http://chat.andirc.net:8080/?channels=#droid-dna


D

.
The Following 7 Users Say Thank You to dsb9938 For This Useful Post: [ Click to Expand ]
 
senfoo
Old
#3  
senfoo's Avatar
Member
Thanks Meter 15
Posts: 87
Join Date: Jun 2010
Location: NYC
no comment...

btw great job guys!!

Quote:
Originally Posted by dsb9938 View Post
Is there a one-click for this?













Sorry, I couldn't resist!

D

.
--
Google Nexus 5
 
zeeter82
Old
#4  
Member
Thanks Meter 1
Posts: 55
Join Date: Oct 2009
Awesome.....now I just need the actual phone.

UPS HURRY UP!!!
 
gramsey1911
Old
#5  
gramsey1911's Avatar
Senior Member
Thanks Meter 223
Posts: 423
Join Date: Jun 2008
Location: Raleigh, North Carolina

 
DONATE TO ME
Default awesome

Awesome work J and D...

Aight D where is the "cubed" lol
Verizon HTC ONE(M8)
Follow me on Twitter@Gramsey1911


 
dsb9938
Old
#6  
dsb9938's Avatar
Recognized Developer
Thanks Meter 3149
Posts: 1,722
Join Date: Sep 2010
Location: Edison, NJ

 
DONATE TO ME
Quote:
Originally Posted by gramsey1911 View Post
Awesome work J and D...

Aight D where is the "cubed" lol
Next week! Sheesh.

D

.
 
gramsey1911
Old
#7  
gramsey1911's Avatar
Senior Member
Thanks Meter 223
Posts: 423
Join Date: Jun 2008
Location: Raleigh, North Carolina

 
DONATE TO ME
Quote:
Originally Posted by dsb9938 View Post
Next week! Sheesh.

D

.
I'm feenin ova here for the cubed...lol
Verizon HTC ONE(M8)
Follow me on Twitter@Gramsey1911


 
typeriz
Old
#8  
typeriz's Avatar
Senior Member
Thanks Meter 160
Posts: 379
Join Date: Dec 2007
Quote:
Originally Posted by dsb9938 View Post
Is there a one-click for this?

Sorry, I couldn't resist!

Support chat: http://chat.andirc.net:8080/?channels=#droid-dna


D

.
Lol.... I'm going to wait for the one click, can't afford to brick my device while trying to unlock with 2 kids running around lol...

P.s. thank you j case and DSB for the unlock and root

Sent from my HTC6435LVW using xda premium
 
jcase
Old
#9  
jcase's Avatar
Forum Moderator / Senior Recognized Developer - Taco Vendor - OP
Thanks Meter 7165
Posts: 3,623
Join Date: Feb 2010
Location: Sequim WA

 
DONATE TO ME
Quote:
Originally Posted by typeriz View Post
Lol.... I'm going to wait for the one click, can't afford to brick my device while trying to unlock with 2 kids running around lol...

P.s. thank you j case and DSB for the unlock and root

Sent from my HTC6435LVW using xda premium
I wouldnt trust a one click, i automated the PITA part already with the CIDGEN app
I'm taking a break of an undetermined length. Please don't contact me about exploits

Something important? jcase@cunninglogic.com
Like Android security topics? Join our G+ community -> https://plus.google.com/communities/...07618051049043
My Bitcoin address : 1Newifz6yETTmbziCsZZstmHHPH6ejNr75
The Following 3 Users Say Thank You to jcase For This Useful Post: [ Click to Expand ]
 
jonah1234
Old
#10  
jonah1234's Avatar
Senior Member
Thanks Meter 1090
Posts: 1,761
Join Date: May 2012
This is for the new bootloader right. Just wanna make sure.

Sent from my HTC Droid DNA
Other TEAM 420 threads below
One S ICS Sense 4 | JB Sense 4+
EVO 4G LTE ICS Sense 4 | JB Sense 4+
EVO 3D ICS Sense 4 & 3.6 | ROM SHOP
One X JB Sense 4+
DNA JB Sense 4+
Sensation ICS Sense 4 & 3.6
One X+ JB Sense 4+ Keyboards

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes