anyone have original 2016 pilot exl non Nav factory_reset.sh file ?
I have the same issue. Running windows 10 and I have Java SE runtime installed. Anyone have any clues what I'm missing?
Thanks.
Another quick thought that I can add to the tutorial. In my situation, I was unable to get my car a steady connection to my home network. The router is at one end of the house and the cars are parked outside on the other. I could connect sporadically, but the last thing you want is to lose connection while the script is running and have a half uploaded file!
One solution is to take any old wireless router and plug it in near your Honda. As long as your PC of choice was a laptop, or it at least in range of this router, this will work. The router doesn't need to connect to the internet to work. All you need is the vehicle and computer to be on the same network. As long as the router is plugged into the wall and both devices can see it, they should be able to connect and communicate.
What will be the benefit of the reset files. What will it do to the system. Can any one tell me.
I own a 2017 Civic EX-t and thought I would share what I have learned.
First, it does have Android Auto and CarPlay.
The ADB port is not open.
Port 5000 is open.
It will connect to the Internet through my Android phone using Bluetooth.
There is a hidden menu that can be accessed with power-brightness-menu for two seconds and selecting the bottom box
From that hidden menu there is another menu accessed through holding Menu.
From that menu there is another hidden menu -- press and hold the home key. Ignore the three beeps. keep holding it until it beeps once more.
That menu seems to let you change the USB port functions between host and device modes.
I've not screwed with those yet, but it might be an attack vector.
Code:ewaller@turing ~ 1003 %nmap 192.168.1.87 -p1-65535 Starting Nmap 7.40 ( https://nmap.org ) at 2017-02-03 13:06 PST Nmap scan report for android-9500bed69ff35d8f (192.168.1.87) Host is up (0.0029s latency). Not shown: 65534 closed ports PORT STATE SERVICE 5000/tcp open upnp Nmap done: 1 IP address (1 host up) scanned in 199.43 seconds ewaller@turing ~ 1004 %
Edit, oh and if you tap a bunch of times on the build number in the version menu, it does not enable developer mode, it asks for the infamous "passcord"
Finally somebody found a way to enter the developer mode: https://xdaforums.com/android/general/guide-how-to-enter-developer-mode-2017-t3621582
Wow! this is the greatest forum i've ever found!
I will be attempting this over the weekend on a 2017 Honda Accord EX w/ HS.
I know some people may be looking for a factory image of this car? Prior to playing around and modifying it, i can take the factory image for you. Please tell me how and i'll do it and upload it here.
Thanks!
I don't believe that anyone has figured out how to get a complete factory image for any Hondas that this works on.
However, several people are looking for copies of the original factory_reset.sh files for various models. This file gets overwritten when you run the OneClickInstall batch file, so you need to copy it prior to that. If you are following Living Lejuhnd's guide in post #404 (which I'd recommend) then you can pull a copy of the reset file by executing the following commands right before you run OneClickInstall.bat:
adb connect 192.168.1.200
adb pull /system/etc/factory_reset.sh
This will create a copy of the factory_reset.sh file from your Honda and put it on your PC in the directory that you are in the command prompt (C:\hondahack\OneClick\).
-Tim
Thanks for the reply Tim!
So basically this factory_reset.sh file will restore the headunit if it gets bricked?
If it is truly bricked I don't think you'll be able to get back in to replace the factory_reset.sh file. Obviously someone may figure out a path in the future though or there may be other situations where it would be useful to have it.
To be honest, I haven't had a need for my original reset file. I was just leery of overwriting it without keeping a backup copy.
-Tim
cd c:\hondahack\OneClick
OneClickInstall.bat 192.168.1.200 waze.apk
Usage: ./OneClickInstall.sh ipaddress My.apk
Example: ./OneClickInstall.sh 192.168.1.200 waze.apk
Disconnecting other adb devices\n
Connecting to 192.168.1.200\n
connected to 192.168.1.200:5555
Checking for root...
Rooted successfully!
Already rooted!
Okay, getting signature of Waze.apk
Signature: 30820314308202d2a003020102020449806de1300b06072a86 48ce3804030500306c310f300d060355040613064973726165 6c310f300d0603550408130649737261656c3110300e060355 040713075261616e616e61310d300b060355040a130457617a 65310d300b060355040b130457617a65311830160603550403 130f416c657820416772616e6f766963683020170d30393031 32383134333832355a180f3230363331313031313433383235 5a306c310f300d0603550406130649737261656c310f300d06 03550408130649737261656c3110300e060355040713075261 616e616e61310d300b060355040a130457617a65310d300b06 0355040b130457617a65311830160603550403130f416c6578 20416772616e6f76696368308201b83082012c06072a8648ce 3804013082011f02818100fd7f53811d75122952df4a9c2eec e4e7f611b7523cef4400c31e3f80b6512669455d402251fb59 3d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7 6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7 c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae 2b61d72aeff22203199dd14801c70215009760508f15230bcc b292b982a2eb840bf0581cf502818100f7e1a085d69b3ddecb bcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159 578ebad4594fe67107108180b449167123e84c281613b7cf09 328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f 0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15a e59f06928b665e807b552564014c3bfecf492a038185000281 8100ce11f6d402adf4a6aceaf6fe81219ed28299e37ffdca84 6241e7d21e5bf35c8938ee20ce6ade9907c38f12556d574135 ebb36a567c7cb001d75d3952bcca616f4ad232563e407706c9 5bc47f2ed115052d5389eb84799956e5aa4481be2312d347c6 20029b2b8903b5553849111da92372cd50e2f9a7c156d5d10f 3d83bbaf03300b06072a8648ce3804030500032f00302c0214 46d982e8f1ea835d06f44934bf60241e5f8be5c402147d372a f681491f354f34c4ab1a6f30475e69767e
Getting package information
Package name: com.waze
Retrieving current whitelist...
Preparing replacement whitelist
Okay - all set to replace the whitelist. Below are the final steps:
1. Backup existing whitelist to /data/local/tmp/
2. Upload whitelist to head unit
3. Reboot head unit
4. Install APK normally
Please review the below items carefully - if anything doesn't look right, ABORT NOW!\n
Root status: rooted
APK signature obtained
Have package name: com.waze
Original whitelist.xml size seems okay
Package name is present in new whitelist
Would you like to proceed? (y/n):
Backing up whitelist to /data/local/tmp/whitelist-13-12-2016--21-03-02.xml
Uploading whitelist
106 KB/s (35666 bytes in 0.328s)
Rebooting head unit
Press enter when head unit has rebooted and is connected to WiFi
Issuing APK installation command - this may take a while depending on APK size
connected to 192.168.1.208:5555
252 KB/s (49700115 bytes in 191.852s)
pkg: /data/local/tmp/Waze.apk
Success!
All done - hope you enjoy!
<application>
<property>
<name>TestApp</name>
<package>com.purespin.testapp</package>
<versionCode>1-999999999</versionCode>
<keyStoreLists>
<keyStore>308201e53082014ea003020102020454d05fc1300d06092a864886f70d01010505003037310b30090603550406130255533110300e060355040a1307416e64726f6964311630140603550403130d416e64726f6964204465627567301e170d3135303230333035343232355a170d3435303132363035343232355a3037310b30090603550406130255533110300e060355040a1307416e64726f6964311630140603550403130d416e64726f696420446562756730819f300d06092a864886f70d010101050003818d00308189028181009c29ce69a49970e1c26f36c5cbd4051f384b07701e481bcd5563aa5f9952f9ac26aecdee8807de4202ea7cd94a6088d96ef6133d927375759d983777a6f655d08a1e055ce44413dd751a04a407b4773f904abf268faea3ba3de6ae8714c71620dd641d5cbd2deff2e8826aab1f62e3a62e7838a988548d2f76b5e59a35bc9d7d0203010001300d06092a864886f70d0101050500038181004822e80b27a715cd17ee08fa13592e7c18dde93443c1a26d04c80dcbd908e69f2d846a37e397246a64430d858b602a7e7befd77451e7e159de07225d5585e470680acbea0791970bc85f537f7034a5b37ef8fa9f555938d79748fe479c535c9a21cabe3979df15a6ac4428055ae1ad309f5106770223514f2c434447d62c37ca</keyStore>
</keyStoreLists>
</property>
<controlData>
<withAudio>without</withAudio>
<audioStreamType>null</audioStreamType>
<regulation>null</regulation>
<revert>no</revert>
</controlData>
</application>
java -jar GetAndroidSig.jar abc.apk
Wow.... really great news. But seems like really complicated. Hopefully soon there will be a much more simple way to get it done. Fingers crossed