Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,784,443 Members 48,431 Now Online
XDA Developers Android and Mobile Development Forum

Goal: S-off HOX (TEGRA3)

Tip us?
 
Lloir
Old
(Last edited by Lloir; 22nd February 2013 at 06:47 PM.)
#191  
Recognized Contributor / Recognized Developer - OP
Thanks Meter 6,600
Posts: 5,133
Join Date: Mar 2009

 
DONATE TO ME
KEEP ON TOPIC


This is getting stupid guys!! I would think people who use this forum can read! SO READ THE SECTION RULES, my patience is wearing very thin now!!
The Following 11 Users Say Thank You to Lloir For This Useful Post: [ Click to Expand ]
 
Ghost
Old
(Last edited by Ghost; 22nd February 2013 at 06:54 PM.)
#192  
Ghost's Avatar
Forum Moderator / Retired Recognized Developer
Thanks Meter 3,910
Posts: 5,725
Join Date: Jul 2010
Location: XDA MODERATOR
Moderator Warning

This is the last time we will clean up this thread. If we have to clean up this thread again INFRACTIONS WILL BE GIVEN. You have been warned.
The Following 13 Users Say Thank You to Ghost For This Useful Post: [ Click to Expand ]
 
backXslash
Old
#193  
Member
Thanks Meter 48
Posts: 30
Join Date: Jun 2009
Is there any reason we wouldn't be able to use AT commands to directly force the radio to set itself S-OFF?

I've found these, and they apply to most any phone I suppose, but specifically to the X-GOLD XMM6260 in the international One X+.

This is documentation of the chip itself.
This is a guide on how to talk to the chip.
And this is just a run down of the HBOOT analysis of the HTC G2 aka Vision. However, it does have a few gems, like the AT command to set the radio S-OFF, "AT@SIMLOCK=7,0".

I'm going to look at this further, but does anyone know if the S-OFF flag is controlled by the Tegra 3 chipset (i.e. the processor) or the radio?

I remember the gfree S-OFF exploit for the Desire Z, where in it sent the commands to the radio to reboot itself without rebooting the phone, and it would come back up without write protection enabled, so you could force it to set itself S-OFF. My point being, the exploit we're looking for should have very little to do with the Tegra chipset, and much more to do with the radio chipset. (Assuming I'm right, and please tell me if I'm not.)
The Following 24 Users Say Thank You to backXslash For This Useful Post: [ Click to Expand ]
 
TripNRaVeR
Old
#194  
TripNRaVeR's Avatar
Senior Member
Thanks Meter 12,582
Posts: 2,379
Join Date: Jun 2010
Location: Stevensweert

 
DONATE TO ME
Update on fuse protection:

https://github.com/TripNRaVeR/tripnd...a697c8c5eaa82a

If you like my work.. you may always buy me a ice cold beer
join #TripNDroid on IRC server: freenode
The Following 43 Users Say Thank You to TripNRaVeR For This Useful Post: [ Click to Expand ]
 
sieempi
Old
#195  
Senior Member
Thanks Meter 399
Posts: 287
Join Date: Jul 2010

 
DONATE TO ME
Default apxer

Tool to reboot into APX. I've tested it on 2 alive devices and got out by pressing power button for ~15 seconds. Although I haven't had any issues, this is still an unexplored app - risky!
I recommend testing it on faulty devices.
(it's useless, though, as we don't have the SBK..)

Download
The Following 11 Users Say Thank You to sieempi For This Useful Post: [ Click to Expand ]
 
HEshghi
Old
#196  
Junior Member
Thanks Meter 7
Posts: 22
Join Date: Jan 2012
Quote:
Originally Posted by sieempi View Post
Tool to reboot into APX. I've tested it on 2 alive devices and got out by pressing power button for ~15 seconds. Although I haven't had any issues, this is still an unexplored app - risky!
I recommend testing it on faulty devices.
(it's useless, though, as we don't have the SBK..)

Download
ok all works to me
i go to apx mode by running your batch file
update apx driver with tripnraver apx driver and successfil installed
run nvflash.exe and then go to device by holding power key fo 15 s
but my device stay in read only mod
Note II N7100 >>recovery:PhilZ Touch 4 >>rooted >>rom: Omega v15
-----------------
HOX >> S-ON Unlocked-bootloader;
IN read-only Mod
Rom: tripndroid_endeavoru-ota-eng.noeri_003.zip
Kernel: 3.1.10-TripNDroid_jb_aosp-004+noeri@noeri-virtualbox #2
Can you solve it? go here http://forum.xda-developers.com/show....php?t=2166534
The Following 5 Users Say Thank You to HEshghi For This Useful Post: [ Click to Expand ]
 
backXslash
Old
(Last edited by backXslash; 25th March 2013 at 10:18 PM.)
#197  
Member
Thanks Meter 48
Posts: 30
Join Date: Jun 2009
The apxer app doesn't seem to like my International HOX+. It just reboots the phone, though I do get a message:

Kernel release: 3.1.10-BLADE
Module magic patched!

Then the phone just reboots as normal. However, there are a few programs out there that claim to be able to either pull down your SBK when the phone is in APX mode, OR at least tell you what version of SBK the phone is using.

Can / has anyone kicked a HOX+ into APX?
The Following 2 Users Say Thank You to backXslash For This Useful Post: [ Click to Expand ]
 
ereneren564
Old
#198  
ereneren564's Avatar
Senior Member
Thanks Meter 51
Posts: 119
Join Date: Oct 2010
Location: Istanbul
Quote:
Originally Posted by HEshghi View Post
ok all works to me
i go to apx mode by running your batch file
update apx driver with tripnraver apx driver and successfil installed
run nvflash.exe and then go to device by holding power key fo 15 s
but my device stay in read only mod
[UBUNTU]

if your usb driver is mounted onto /XXX, have you tried to change the permission of /XXX ?

you could change the permission by doing a :
sudo chmod a+rwx /XXX

maybe it can do something ^_^
Just a fella from Istanbul =)

Using: HTC One X (HTC__102)
Rom: Miui 4.2.22 (waiting for Ubuntu and miui 5)
The Following User Says Thank You to ereneren564 For This Useful Post: [ Click to Expand ]
 
HEshghi
Old
#199  
Junior Member
Thanks Meter 7
Posts: 22
Join Date: Jan 2012
Quote:
Originally Posted by ereneren564 View Post
[UBUNTU]

if your usb driver is mounted onto /XXX, have you tried to change the permission of /XXX ?

you could change the permission by doing a :
sudo chmod a+rwx /XXX

maybe it can do something ^_^
ok i do it;
Quote:
sudo chmod a+rwx /dev/sdb
and done, then go to sd card dir at linux(Partedmagic) and delete some data and copy a 200mb file(from a dir in sd card) and paste it in other directory in sd card and linux OS do it succesfully;
But when unplug/unmount the hox then plug/mount it see no operation done at sd card memory and all data stayed untouched
Note II N7100 >>recovery:PhilZ Touch 4 >>rooted >>rom: Omega v15
-----------------
HOX >> S-ON Unlocked-bootloader;
IN read-only Mod
Rom: tripndroid_endeavoru-ota-eng.noeri_003.zip
Kernel: 3.1.10-TripNDroid_jb_aosp-004+noeri@noeri-virtualbox #2
Can you solve it? go here http://forum.xda-developers.com/show....php?t=2166534
 
HEshghi
Old
#200  
Junior Member
Thanks Meter 7
Posts: 22
Join Date: Jan 2012
Default Re: Goal: S-off HOX+ and maybe the HOX (TEGRA3)

I tried it in recovery(twrp2.3.3) by mount option several times, so in android booted and mount usb storage from notification status bar and do it (chmod) several times and write operation several times and all for several times, nothing happens (don't write)

Sent from my GT-N7100 using Tapatalk 2
Note II N7100 >>recovery:PhilZ Touch 4 >>rooted >>rom: Omega v15
-----------------
HOX >> S-ON Unlocked-bootloader;
IN read-only Mod
Rom: tripndroid_endeavoru-ota-eng.noeri_003.zip
Kernel: 3.1.10-TripNDroid_jb_aosp-004+noeri@noeri-virtualbox #2
Can you solve it? go here http://forum.xda-developers.com/show....php?t=2166534

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes