Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[DEV][THE S-OFF CAMPAIGN] We need electrical engineers & experts in JTAG, OpenOCD!

OP *se-nsei.

3rd December 2011, 11:19 PM   |  #1  
*se-nsei.'s Avatar
OP Senior Member
Flag London
Thanks Meter: 499
 
921 posts
Join Date:Joined: Sep 2011
More


DEVELOPERS!


THIS CAMPAIGN IS STILL GOING!

Please try to read the latest posts in this thread if you would like to help!


---

S-OFF is still needed! Don't get happy with your HTC unlocked bootloaders, you have no more warranty! You still can't resizie your system partitions! You still can't flash the hboot, and many other things! You can get your warranty back, if we crack S-OFF!!

Progress so far:

Quote:
Originally Posted by no.human.being

Well I basically did a lot of of low-level (mostly hardware) stuff to the phone recently, not so much actual development. I found out how to configure OpenOCD (don't know whether the configuration is any good, since lots of values are more "good guesses" than actual knowledge but at least it's a starting point). I found how to get the board to boot without being attached to the Lithium cell which is not important for getting JTAG access (because this works as long as the board has power supply, being booted is not neccessary for JTAG to work) but will later be needed for tracing through the boot code, since the phone won't boot without what it thinks is a Lithium cell. However, I didn't get the debugger running yet. I suspect that the processor's logic level might be too low for the JTAG equipment. I don't really have an idea how to work around that yet, I might need to build a circuit that boosts the processor's JTAG signal to the appropriate voltage level (a so-called "level-shifter").

Apart from that munjeni and Antagonist42 also seem to make progress, but I must admit that I wasn't really able to keep track of all the things that they were doing recently. So basically we're now down at the actual physical layer and messing around with the electrical stuff that's going on on the phone's board and trying to find a way of actually talking to the processor to get the on-chip debugging working.

The far goal will be getting a patched HBOOT that has signature verification removed loaded into the device's memory via JTAG, then flash a patched HBOOT image via Fastboot. If this works it will be the first S-OFF GSM WFS that's neither shipped S-OFF nor turned S-OFF via xtc-clip, but this might still be a long long way.

Last edited by *se-nsei.; 16th June 2012 at 11:59 PM.
The Following 62 Users Say Thank You to *se-nsei. For This Useful Post: [ View ]
3rd December 2011, 11:35 PM   |  #2  
Member
Thanks Meter: 10
 
75 posts
Join Date:Joined: Nov 2011
Excellent OP. Can you add the A510a as well?
3rd December 2011, 11:49 PM   |  #3  
TrissyGE's Avatar
Senior Member
Flag Langenfeld
Thanks Meter: 48
 
225 posts
Join Date:Joined: Oct 2011
More
Quote:
Originally Posted by nadmail

Excellent OP. Can you add the A510a as well?

What´s the difference between A510e and A510a? I know the A510c is the cdma version
4th December 2011, 12:17 AM   |  #4  
Wolf Pup's Avatar
Senior Member
Flag I live in the TARDIS
Thanks Meter: 290
 
3,731 posts
Join Date:Joined: Jan 2011
More
Quote:
Originally Posted by *se-nsei.


There are two Wildfire S's:

1. CDMA - A510c
2. the neglected device most of us own - A510e

The CDMA version has been cracked and so has the Virgin model (hasn't got a SIM card slot). People have come very close but always fail and no one knows why.


Hmmmmm. So CDMA and Virgin (Slotless). This concludes that S-OFF is related to your phones network functionality. Perhaps, changing the network mode to CDMA might give us the ability to S-OFF our phones. Perhaps someone with an XTC-Clip could reverse-engineer it. Maybe JTAG.
Last edited by Wolf Pup; 23rd December 2011 at 05:51 PM. Reason: BECAUSE I LIKE DUCKS!
The Following 3 Users Say Thank You to Wolf Pup For This Useful Post: [ View ]
4th December 2011, 02:25 AM   |  #5  
Member
Thanks Meter: 6
 
47 posts
Join Date:Joined: Dec 2011
More
Quote:
Originally Posted by nadmail

Excellent OP. Can you add the A510a as well?

And the A510b also (the same as the A510e but has HSDPA 850 instead of HSDPA 900)
The Following User Says Thank You to breaky9973 For This Useful Post: [ View ]
4th December 2011, 07:28 AM   |  #6  
Junior Member
Flag mumbai
Thanks Meter: 2
 
22 posts
Join Date:Joined: Jul 2011
Can one of the moderators(or if someone who knows any moderator ask them to)PLEASE PLEASE PLEASE post this on Xda-Portal.
Hopefully that will attract more experienced developers and a faster development time.
And while we are at it we can also ask or BEG Team Revolutionary to start their WFS project again to help us out.
4th December 2011, 09:23 AM   |  #7  
aparici's Avatar
Senior Member
Flag Castellon
Thanks Meter: 9
 
152 posts
Join Date:Joined: Oct 2010
More
Quote:
Originally Posted by ash_01

Can one of the moderators(or if someone who knows any moderator ask them to)PLEASE PLEASE PLEASE post this on Xda-Portal.
Hopefully that will attract more experienced developers and a faster development time.
And while we are at it we can also ask or BEG Team Revolutionary to start their WFS project again to help us out.

Yes, someone has to send this post to revolutionary, but please don't spam him or they with leave our wildfire s without s-off.
4th December 2011, 10:52 AM   |  #8  
qiuness's Avatar
Senior Member
Flag Brasov
Thanks Meter: 3
 
280 posts
Join Date:Joined: Jul 2007
Donate to Me
More
good idea!
4th December 2011, 04:15 PM   |  #9  
*se-nsei.'s Avatar
OP Senior Member
Flag London
Thanks Meter: 499
 
921 posts
Join Date:Joined: Sep 2011
More
Remember to submit this to the portal! Contacting revolutionary is also a good idea.

Quote:
Originally Posted by nadmail

Excellent OP. Can you add the A510a as well?

Quote:
Originally Posted by breaky9973

And the A510b also (the same as the A510e but has HSDPA 850 instead of HSDPA 900)

Done. Hope more devs will see this.
4th December 2011, 05:43 PM   |  #10  
Senior Member
Flag Skopje
Thanks Meter: 35
 
112 posts
Join Date:Joined: Jul 2011
Done. I hope they will put it on the portal and that this will help us get more attention from the devs and revolutionary.

Post Reply Subscribe to Thread

Tags
bootloader, campaign, dev, exploit, hboot, htc, kernel, radio, s-off, secu-flag, wildfire s
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes